Adappt is committed to ensure that processes are in place to safeguard and implement controls over the data and information of its clients that Adappt has in its custody or has access to as part of its service delivery and businesses and the data of Adappt employees held as part of doing business.Privacy relates to the protection of personal information and compliance with varying global laws around the permitted use of personal information.Data privacy principles define the relationship between the collection and dissemination of Personally Identifiable Information (PII), the expectation of protection of personal information against unauthorized access, and the associated technical, legal, and regulatory issues surrounding the protection of personal information from unauthorized access, use, dissemination and leakage.
Adappt will identify the purposes for which information is collected at or before the time the information is collected. Where customer information is collected, Adappt will ensure that they stringently follow the directions given by their customers regarding the use of such information for the designated purpose.
Adappt collects Employee Personal Information for the following purposes:
Meet legal and regulatory requirements.
Adappt collects Customer Data only for the purposes defined by its customers. For the purpose of illustration, Customer Data may be collected for the following purposes, as required by the customers towards managing its processes:
Meet legal and regulatory requirements.
Adappt might have in its possession, from its customers, their information such as name email, contact number, premises floor plan, in order to perform Adappt services as per its contract with its customers.
The following practices are followed if Adappt collects Personally Identifiable Information, as governed by Adappt contract with their customer:
Adappt does not use, disclose, or transfer across borders Personal Data except to the extent it is necessary to perform under each of its agreement with its customers.
Adappt must ensure that
When seeking the Consent of an Employee or customer, Adappt will ensure that consents are obtained in an appropriate manner taking into consideration the circumstances, type and sensitivity of the information to be Collected, Used or Disclosed when determining the form of Consent.
Adappt will ensure that consent is not obtained through deceptive means.
For all customer programs where Adappt employee is required to collect customer details for the purpose of the service, Adappt will ensure that it strictly follows the contractual terms and consent note agreed with the client for this purpose. In Adappt ISMF team will monitor compliance to the agreed process for all customer programs. In cases where an employee is unsure as to whether or not there is a requirement to obtain consent prior to the collection of employee personal information, the employee will seek guidance from the CISO.
If at any time Adappt receives notification of intent to withdraw consent to share personal information from an employee or customer, such request will be forwarded to the CISO.
Adappt may disclose Employee or Customer Personal Information without the Employee / Customer knowledge or consent in certain circumstances where seeking consent may be impractical or where the information is required to be disclosed for any legal or regulatory demands.
Employee Personal Information will not be Used or Disclosed for purposes other than those for which the Personal Information was collected, except with the Consent of the Employee or the Customer. Adappt reserves the right to disclose customer personally identifiable information only if required by law, and when that disclosure is necessary to protect Adappt rights and/or to comply with a judicial proceeding, court order, or legal process served on Adappt. However, Adappt notifies its customers prior to such disclosure of information.
Adappt will only retain Employee Personal Information in accordance with the period of time specified in Adappt document with respect to the PO of that customer. Adappt will retain customer identifiable information only as long as their account with their customers is active or as needed to provide the services. Adappt will also retain and use such information as is necessary to comply with Adappt legal obligations, resolve disputes, and enforce its agreements.
The ISMF Committee will ensure that Adappt privacy practices are monitored and reviewed on an annual basis and also on need basis if required.
Any employee, subcontractor found to have breached this policy will be subjected to disciplinary actions up to and including dismissal. Adappt will promptly notify any affected users and appropriate supervisory authorities of a data breach within data structures directly controlled by us or, as appropriate, as any such material data breach is reported to us by any of our third-party data processors, as specified by Articles 33 and 34 of the GDPR.
The ISMF will decide exceptions to this policy on a case basis.