top of page

1. Introduction

 

Data Privacy is a fundamental principle within a modern society. Data privacy is not – unlike the term may first suggest – all about data, but about the people, of whom information (data) is processed. Data privacy is a fundamental right, which refers to the protection of the personal rights of natural, living people. Every person should have the opportunity to decide, who gets which information about him on which occasion (informational self-determination).

Definitive Detailing has created this Policy to demonstrate its commitment towards the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information), Rules, 2011 (“Rules”).

Definitive Detailing recognizes the importance of “Personal Information” including “Sensitive Personal Information” provided by natural persons, under lawful contract. Definitive Detailing intends to take reasonable measures to keep such information confidential and may share it with its affiliates and third parties under appropriate arrangements and under the applicable laws and policies.

 

 

2. Definition

 

2.1 “Personal Data” means any information concerning the personal or material circumstances of an identified or identifiable individual, e.g. name, address, bank details etc. It can be with reference to employees, customers, suppliers, shareholders, etc.. A person is considered to be identifiable if they can be identified directly or indirectly.

 

2.2 Employees are identified or identifiable persons, who are employed by Definitive Detailing.

 

2.3 “Customers” are identified or identifiable natural persons, who show Definitive Detailing that they have an obvious interest in concluding a contract for the purpose of acquiring a product or a service or, as the case may be, that they are the recipient of a product or service provided by Definitive Detailing.

 

2.4 “Processing” is any operation or set of connected operations performed using the Personal Data, whether with or without the help of automatic means. This includes collection, recording, organisation, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction.

 

2.5 “Rendering Anonymous” means the alteration of Personal Data so that the details about personal or material circumstances can no longer be matched to an identified or identifiable natural person or could be so matched only by expending a disproportionate amount of time, expense and effort.

 

2.6 “Pseudonymising” means replacing identifying features by a code in order to make identification of the Data Subject impossible or considerably more difficult.

 

2.7 “Sensitive Personal Data”, for the purposes of this Policy, refers to such personal information about a natural person, which consists of information relating to:

  1. a) Password;

  2. b) Financial information such as Bank account or credit card or debit card or other payment instrument details;

  3. c) Physical, physiological and mental health condition;

  4. d) Sexual orientation;

  5. e) Medical records and history;

  6. f) Biometric information;

  7. g) Any detail relating to the above clauses as provided to us for providing services; and

  8. h) Any of the information received under any of the above clauses by us for processing, storing or processing under lawful contract or otherwise.

 

Any information that is freely available or accessible in public domain or furnished under the Right to Information Act, 2005 or any other law for the time being in force shall not be regarded as Sensitive Personal Information for the purposes of this Policy. 2.8 “Provider” for the purpose of this Policy, refers to a natural person or individual who, provides Personal Information or Sensitive Personal data or information, directly under lawful contract to Definitive Detailing.

 

 

 

3. Purpose and usage

 

Provider’s Personal Information/ Sensitive Personal Data is collected and used /processed for lawful, legitimate, contractual and administrative purposes of Definitive Detailing.

Generally the Personal Information/Sensitive Personal Data collected pertains to the Provider that may be used for the purposes such as administration and facilitation of relationship with customers, employees, suppliers etc. for internal operational purposes, for marketing surveys and customer research and feedback, warranty services, to update with information about Definitive Detailing and the products and services, to provide information about special offers, from time to time and to satisfy the legal and regulatory obligations.

The Personal Information/Sensitive Personal Data collected pertaining to the staff/employee may be used for human resource management, technology support/updates, management planning, administration and management of the internal processes, services and operations to enable it to perform Definitive Detailing’s proper functions and to satisfy the legal and regulatory obligations.

The Personal Information/Sensitive Personal Data (as per Rules) can be collected /or retained either directly by Definitive Detailing or through an affiliate or third party, as per the procedure prescribed by Rules.

 

 

4. Disclosure to Third Parties

 

The Personal Information/Sensitive Personal Data collected would only be used, processed and/or shared within the affiliates and/or group companies and other authorized business partners.

Definitive Detailing would not disclose any Personal Information/Sensitive Personal Data to any external organization unless it has the consent of the provider, or are required by law or have previously informed the Provider.

Notwithstanding anything in Article 4 to the contrary, if Definitive Detailing is, in the opinion that it is required by applicable law or government authority, to disclose any Personal Information/Sensitive Personal Data to any Person, then it may disclose such information only to the extent so required.

 

 

5. Security practices and procedures

 

Definitive Detailing has in place a security system, to ensure that the personal information is protected from unauthorised access, use, disclosure or alteration by anyone including the employees of Definitive Detailing. Definitive Detailing undertakes a number of security measures to maintain the safety of the Provider’s personal information, which includes the use of: physical secure data centres and premises; internal security policies and procedures; defined internal segregation of duties; and electronic access controls such as passwords and encryption technology. Our Information Security Management System follows international standard ISO 27001.

 

Security Practices:

 

– Data economy – Access to personal data is granted only to personnel on need to know basis. Redundant data may not be stored and personal data from concerned Department shall not be exported to other applications unless absolutely necessary. Where it is not necessary to know the identity of the Data Subject there the personal data shall be processed in pseudonymised form or a form that has been rendered anonymous.

 

– Purpose Limitation – Data collected for a particular purpose shall be used for that purpose only and shall not be used for any other purpose without the consent of the Data Subject or other legal permission.

 

– Deleting/Archiving Data – Once the purpose of the processing of Personal Data is fulfilled then such Data must immediately be deleted or, as the case may be, access thereto blocked in compliance with the obligations to retain records prescribed by law or agreed within Definitive Detailing. This obligation to delete data does not apply to data that has been rendered anonymous. In exceptional cases where required such information shall be dealt with on case to case basis of the concerned Department and as per applicable laws.

 

 

 

6. No Obligation to provide personal information

 

The Provider is under no obligation to provide any personal information requested by Definitive Detailing and a Provider can withhold any personal information as he/she may choose, but in such a case Definitive Detailing may not be able to provide all products and services as this will depend on the kind of information withheld.

The Provider can opt-out at any time online by accessing the unsubscribe form. A minimum period of ten business days is required to process the requests.

The Provider may review the Personal Information/Sensitive Personal Data provided to Definitive Detailing for the purpose of ensuring that the said information is accurate. Definitive Detailing shall not be responsible for the authenticity of the information supplied to Definitive Detailing or to any person acting on behalf of Definitive Detailing.

 

 

7. Contact Us

 

 

Definitive Detailing strives to maintain the Provider’s personal information on the records as accurately and updated as reasonably possible. On request, the details on record, the purpose for which it is used, and to whom has it been disclosed can be provided. Access to personal information in the possession of Definitive Detailing shall be subject to certain exceptions and reasonable costs.

If the personal information that an entity of Definitive Detailing hold about the Provider is incorrect or changed then the Provider can notify the respective entity of Definitive Detailing of such changes. Additionally any discrepancy or grievance of the Provider of information with regard to processing of information can be addressed to the following contact (Grievance Officer) as below:

 

Definitive Detailing

definitivedetailing2024.new@gmail.com

 

Definitive Detailing reserves the right to modify, cancel, add, or amend this Policy.

bottom of page