Privacy Policy

Preface

Adappt is committed to ensure that processes are in place to safeguard and implement controls over the data and information of its clients that Adappt has in its custody or has access to as part of its service delivery and businesses and the data of Adappt employees held as part of doing business.Privacy relates to the protection of personal information and compliance with varying global laws around the permitted use of personal information.Data privacy principles define the relationship between the collection and dissemination of Personally Identifiable Information (PII), the expectation of protection of personal information against unauthorized access, and the associated technical, legal, and regulatory issues surrounding the protection of personal information from unauthorized access, use, dissemination and leakage.

Purpose

The purpose of this Privacy Policy is to establish Adappt principles for the management of Personal Information as it relates to the Collection, Use and Disclosure of Personal Information for business purposes that recognizes:

  • Employee, and Clients rights of privacy and
  • Adappt business needs to Collect, Use or Disclose Personal Information for reasonable purposes.This policy encompasses privacy requirements for individuals (Adappt employees) as well as Adappt clients /partners/ customers.

Policy Principles

Identifying Purposes 

Adappt will identify the purposes for which information is collected at or before the time the information is collected.  Where customer information is collected, Adappt will ensure that they stringently follow the directions given by their customers regarding the use of such information for the designated purpose.

Employee Personal Information

Adappt collects Employee Personal Information for the following purposes:

  • Establish and maintain employee records.
  • Manage and develop personnel and employment matters.
  • Meet legal and regulatory requirements. 

Customer Data

Adappt collects Customer Data only for the purposes defined by its customers. For the purpose of illustration, Customer Data may be collected for the following purposes, as required by the customers towards managing its processes:

  • Understand customer needs and preferences to provide timely, reliable and value-added services.
  • Establish and maintain customer relationships.
  • Meet legal and regulatory requirements.

Adappt might have in its possession, from its customers, their information such as name email, contact number, premises floor plan, in order to perform Adappt services as per its contract with its customers.

The following practices are followed if Adappt collects Personally Identifiable Information, as governed by Adappt contract with their customer:

  • Collection.
  • Customer PII is collected only to the extent necessary for the provision of the process or service, per the requirements set contractually with clients.
  • Adappt does not use, disclose, or transfer across borders Personal Data except to the extent it is necessary to perform under each of its agreement with its customers.

Consent

Obtaining Consent

Adappt must ensure that 

  • Consent is sought from an Employee or Customer, where contractually required, for the Collection, Use or Disclosure of all Personal Data.
  • Employee or Customer whose consent is to be sought has full understanding of why the consent is being sought.

Seeking Employee and Customer Consent

When seeking the Consent of an Employee or customer, Adappt will ensure that consents are obtained in an appropriate manner taking into consideration the circumstances, type and sensitivity of the information to be Collected, Used or Disclosed when determining the form of Consent.

Deceptive Means

Adappt will ensure that consent is not obtained through deceptive means.

Questions Regarding Consent

For all customer programs where Adappt employee is required to collect customer details for the purpose of the service, Adappt will ensure that it strictly follows the contractual terms and consent note agreed with the client for this purpose. In Adappt ISMF team will monitor compliance to the agreed process for all customer programs. In cases where an employee is unsure as to whether or not there is a requirement to obtain consent prior to the collection of employee personal information, the employee will seek guidance from the CISO.

Notification to Withdraw Consent

If at any time Adappt receives notification of intent to withdraw consent to share personal information from an employee or customer, such request will be forwarded to the CISO.

Exceptions

Adappt may disclose Employee or Customer Personal Information without the Employee / Customer knowledge or consent in certain circumstances where seeking consent may be impractical or where the information is required to be disclosed for any legal or regulatory demands.

Disclosure

Employee Personal Information will not be Used or Disclosed for purposes other than those for which the Personal Information was collected, except with the Consent of the Employee or the Customer. Adappt reserves the right to disclose customer personally identifiable information only if required by law, and when that disclosure is necessary to protect Adappt rights and/or to comply with a judicial proceeding, court order, or legal process served on Adappt. However, Adappt notifies its customers prior to such disclosure of information.

Retention

Adappt will only retain Employee Personal Information in accordance with the period of time specified in Adappt document with respect to the PO of that customer. Adappt will retain customer identifiable information only as long as their account with their customers is active or as needed to provide the services. Adappt will also retain and use such information as is necessary to comply with Adappt legal obligations, resolve disputes, and enforce its agreements.

Audit

The ISMF Committee will ensure that Adappt privacy practices are monitored and reviewed on an annual basis and also on need basis if required.

Data breach

Any employee, subcontractor found to have breached this policy will be subjected to disciplinary actions up to and including dismissal. Adappt will promptly notify any affected users and appropriate supervisory authorities of a data breach within data structures directly controlled by us or, as appropriate, as any such material data breach is reported to us by any of our third-party data processors, as specified by Articles 33 and 34 of the GDPR.

Exceptions

The ISMF will decide exceptions to this policy on a case basis.

Have any questions for us? We’d love to hear from you!
Enter the Captcha