Who are we?
We are Umenit Solutions LLP. based in Two Horizon Centre, Golf Course Road, 5th Floor, DLF Phase 5, Gurugram, Haryana 122002 (INDIA).
- What personal data do we collect?
- How do we use and share your personal information?
- How long is your information kept for?
- Where is your data processed?
- What are your rights?
- Do we profile you?
- Is your data secured?
- Information security policy
- Legal Disclaimer
- Further Questions
What personal data do we collect?
We only gather that information that is necessary for us to allow you to use the website or to contact us. The information collected is only used in accordance with this Policy.
Information we obtain from you:
When you get in touch via the contact us form or the email, you provide us with your name, phone number, email address, company information, communication content and data associated with the communication. For instance when you apply for a vacancy, you share with us your name, email, contact number, location and any other information listed on your CV. You may also choose to provide similar details about an individual you want to refer. UmenitX also occasionally receives information from third parties like LinkedIn if you have given them the consent to use and transmit your information. We therefore recommend reviewing the privacy policies of such third-party websites as well before making your information public on their platform.
Information obtained from your use of our website:
The following information may be gathered when you visit our website:
- Information about your visits to and use of this Website, including your IP address, geographical location, browser type and version, referral source, page views and Website navigation paths.
- Information about your device(s), in particular, hardware model, version of the operating system.
- Cookies: For more information on the type of cookies and how to opt out, please continue reading.
Simply put, we may be interested in the following information:
- Your full name
- Your email
- Your phone number
- Your geographical location
- Your designation
- Your Company
- Company Location
- Your LinkedIn profile
- The fact that you have visited our website
- What website referred you to ours
- Whether you have downloaded any marketing materials from our website
How do we use and share your personal information?
We process your information by way of obtaining, collecting, organizing, using, retrieving, consulting, aligning or erasing. We may disclose your information to our subsidiaries or affiliates.
We may also share it with third party service providers, vendors and agents who facilitate us with website management, technical support, data analysis and hosting. We make sure that they also abide by data protection policies like we do.
We may also disclose your personal data:
- As required by and to the extent of the law
- In connection with any ongoing or prospective legal proceedings
- To establish, exercise or defend our legal rights, including providing information to others with the aim of fraud prevention and reducing credit risk
How long is your information kept for?
We will delete your personal data as soon as we no longer have a need or a legal basis to process it. What does this mean?
- We’ll always delete your data when we receive a request from you to do so (see below). In the unlikely event that we are still obliged under the law to keep your data, we’ll inform you about that.
- We will not store or otherwise process your data for “unlimited period” in other cases. If we rely on legitimate interest for processing, your data will be kept as long as we are in a business relationship with you. If we don’t start a business relationship with you, your data will be stored in our systems for some limited time for our analytics to be done. In no case we will keep it for more than 1 year, the period which is necessary for communicating with your company as our potential client and after which we treat old analytics outdated, so your personal data is not needed anymore.
When you visit our website, Umenit may place cookies and similar analytical codes (collectively, “Cookies”) on your device, browser or the webpage you are viewing, in order to personalize your experience, understand usage patterns and provide, improve, and secure our website. Cookies are small pieces of text that are stored on your device when you visit a website. This allows the website to tailor its content to suit your needs whenever you visit it next. Cookies do not typically contain any information that personally identifies someone, but personal data that we store about you may be linked to the information obtained from cookies.
This may be done for a few reasons
- Functional: when cookies are used to tailor your experience. These Cookies make sure you can view the websites and use them in a proper way. Examples of functional cookies: SID, PHPSESSID, wp-settings-X, wp-settings-time-X, etc. For instance, cookies permit:
- Our website to remember the details you’ve provided when filling in forms – so that you don’t have to enter the same information multiple times.
- You to share website pages on social networks like Facebook, Twitter and LinkedIn.
How to reject and delete cookies?
Where is your data processed?
Your data is processed in the US and may be transferred to the EU or PK – all entities abiding by the GDPR policies. Nevertheless, your data will always be safe and under GDPR protection, despite where it is processed. Such transfer and processing are possible only as reasonably necessary for the purposes set out in this Policy and within the scope of legitimate interest of UmenitX, abiding by contractual clauses so that your data does not fall outside the scope of the GDPR.
What are your rights?
As a data subject, you have the right to:
- Request information about whether we hold personal information about you, and, if so, what that information is and why we are holding or using it.
- Request access to your personal information. This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing.
- Object to the processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
- Object to automated decision-making, including profiling, that is not to be subject of any automated decision-making by us using your personal information or profiling of you.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request transfer of your personal information in an electronic and structured form to you or to another party. This enables you to take your data from us in an electronically useable format and to be able to transfer your data to another party in an electronically useable format.
- Withdraw consent.You have the right to withdraw your consent to the collection, processing and transfer of your personal information for a specific purpose at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
Should you want to exercise any of the above mentioned rights, please contact us at [email protected]. Before proceeding with your request, we may need to request specific information from you to confirm your identity and to ensure your right to access the information. Abuse of rights may hold you liable.
Do we profile you?
We will only undertake profiling to the extent if you have given your consent to receive marketing materials from us. We will use your personal information as described in this Policy.
Is your data secured?
Umenit is ISO-27001 certified. Therefore we don’t allow any unreliable practices regarding the security of the information we deal with. Consequently, we take all appropriate technical and organisational measures to keep your data safe, as required by the GDPR. We do this through:
- All our employees, affiliates, consultants or any recipients of your data are bound by confidentiality (non-disclosure agreement) and are not authorised to process your data for purposes other than described in this Policy. We take full responsibility for that.
- We follow the Information Security Policy, which is mandatory and applies to all our consultants, contractors, and all other individuals who have authorised access to information resources.
- All our security practices and documents are reviewed on a yearly basis, approved by the executive management and are implemented throughout the group as well as are communicated to all our employees and consultants.
- Our Information Security Policy applies to all the information stored on physical or electronic data carriers, as well as any software and hardware that we possess or use temporarily.
- We conduct mandatory training for all our employees and consultants on privacy and security.
- Our servers, workstations and internet gateway devices are updated periodically with the latest antivirus definitions that include zero-day anti-malware protection.
- We ensure authentication and authorisation controls are robust and properly treated.
- We continuously gather and analyse data regarding all the new and existing threats and vulnerabilities, actual attacks on other organisation, as well as the information about the effectiveness of the existing security controls.
- We conduct risk assessment on a yearly basis.
Information Security Policy
At Umenit, we constantly strive to align our customer needs and requirements with our core business values and industry best practices advocating highest service and product quality and maintain confidentiality, integrity and availability of information based on risk-based approach. We produce quality and security as functions in the products and services that we deliver that is defined customer requirements and designed, and developed accordingly.
Umenit has developed a service strategy and delivery mechanism for internal and external IT infrastructure support. We create this through our effective leadership that is passionate about creating best value for its external and internal stakeholders.
At Umenit all employees are encouraged to get involved in achieving overall customer satisfaction, quality of service and information security in following the processes and delivering the products and services. We can only do this by ensuring periodic and on need-based training at organization level and individual level. This is also to ensure that the teams stay abreast with evolving market trends and technologies.
We continually improve our systems following a Deming cycle using process approach in our QMS, ISMS and ITSM. Our processes support our system approach to management through factual decision making based on defined criteria that also encourages the involvement of all affected groups in the organization for the respective decision. Umenit abides by all local, national and international legal requirements and regulations that we operate in.
In certain situations, Umenit may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security requirements as well as instances requiring cooperation with law enforcement agencies where mandated by law.
As further required by Law (including mergers, acquisitions, divestitures, or asset sales, but only if the acquiring organization agrees to this Policy’s protections ), we may also disclose your personal information as required by law, such as to comply with a subpoena or other legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.