1. INTRODUCTION
This privacy policy lets you know what happens to any personal data that you give to us, or any that we may collect from or about you. It applies to all products and services, and instances where we collect your personal data.
This privacy policy applies to personal information processed by or on behalf of SIVA Group.
Changes to this privacy policy
We may change this privacy policy from time to time by updating this page in order to reflect changes in the law and/or our privacy practices. We encourage you to check this privacy policy for changes whenever you visit our website – www.sivagroup.co
SIVA Group and our Data Protection Officer
We, SIVA Inotec Ltd., G-47, 1st floor, Sector 6, Noida, Uttar Pradesh, 201301, India, which provide your product or service are named at the start of these terms and conditions and are a data controller of your personal data.
We have a dedicated data protection officer (“DPO”). You can contact the DPO using the details below or by writing to the above address, marking it for the attention of the DPO or going to Contact us.
2. INFORMATION WE MAY COLLECT ABOUT YOU
Information you give us: We collect any information you provide to us when you complete registration forms, or provide us with your details over the phone, for example when you register an account with us, provide information about yourself and your preferences at a tradeshow or subscribe to our mailing list. This information might include your name, address, email address, phone number, credit card information and other information relevant to the product or service that you’re registering for.
Information we collect about you: We will collect any information contained in any correspondence between you and us via contact forms on websites, emails, telephone calls and from public sources.
We may collect information about you visiting our website and how you use it. This may include your IP address, geographical location, device information, browser type, referral source, length of visit, operating system, number of page views and similar information. This information may be collected by a third-party website analytics service provider on our behalf and/or may be collected using cookies. For more information on cookies please refer to paragraph 6 below.
Information we receive from third parties: We may collect information about you from third parties that we work closely with for the purposes of delivering to you the services that you request from us. For example, we may engage third parties to assist us with our online event registration systems or payment systems; these entities will collect information directly from you on our behalf. We may engage third parties to operate event websites on our behalf; these entities will collect information directly from you about your visits to the website on our behalf.
We may also receive information about you from third parties where you have consented to such third party sharing your information with us.
3. HOW WE USE INFORMATION ABOUT YOU
We use your personal data, including any of the personal data listed in section 1 above, for the following purposes:
- Assessing an application for a product or service, the price, availability of payment method and the terms
- Managing the product or service you have with us
- Updating your records, tracing your whereabouts and recovering debt
- Managing any aspect of the product or service
- To perform and/or test the performance of, our products, services and internal processes
- To improve the operation of our business and that of our business partners
- To follow guidance and best practice under the change to rules of governmental and regulatory bodies
- For management and auditing of our business operations including accounting
- To carry out checks at Credit Reference and Fraud Prevention Agencies pre-application, at application, and periodically after that
- To monitor and to keep records of our communications with you and our staff (see below)
- To administer our good governance requirements such as internal reporting and compliance obligations or administration required for Annual General Meeting (“AGM”) processes
- For market research and analysis and developing statistics
- For direct marketing communications and related profiling to help us to offer you relevant products and service, We send marketing to you by SMS, email, phone, post, social media and digital channels (for example, using Facebook Custom Audiences and Google Custom Match). Offers may relate to any of our products and services as well as to any other offers and advice we think may be of interest
- To develop new products and services and to review and improve current products and services
- To comply with legal and regulatory obligations, requirements and guidance
- To provide insight and analysis of our customers both for ourselves and for the benefit of business partners either as part of providing products or services, helping us improve products or services, or to assess or improve the operating of our businesses
- To share information, as needed, with business partners service providers or as part of providing and administering our products and services or operating our business
- To facilitate the sale of one or more parts of our business
4. LEGAL GROUNDS FOR PROCESSING YOUR INFORMATION
We rely on the following legal bases to use your personal data:
1. Where it is needed to provide you with our products or services, such as:
- Assessing an application for a product or service including the price, the payment methods available and the conditions to attach
- Managing products and services you hold with us, or an application for one
- Updating your records, tracing your whereabouts to contact you about your account and doing this for recovering debt (where appropriate)
- Sharing your personal information with business partners and services providers when you apply for a product to help manage your product
- All stages and activities relevant to managing the product or service including enquiry, application, administration and management of accounts
- For some of our profiling and other automated decision making to decide whether to offer you a product and/or service, particular payment method and the price or terms of this
1. Where it is in our legitimate interests to do so, such as:
- Managing your products and services relating to that, updating your records, tracing your whereabouts to contact you about your account and doing this for recovering debt (where appropriate)
- To perform and/or test the performance of, our products, services and internal processes
- To follow guidance and recommended best practice of government and regulatory bodies
- For management and audit of our business operations including accounting
- To carry out searches at Credit Reference Agencies pre-application, at the application stage, and periodically after that
- To carry out monitoring and to keep records of our communications with you and our staff (see below)
- To administer our good governance requirements and those of other members of our Group, such as internal reporting and compliance obligations or administration required for AGM processes
- For market research and analysis and developing statistics
- For direct marketing communications and related profiling to help us to offer you relevant products and services, including deciding whether or not to offer you certain products and service. We will send marketing to you by SMS, email, phone, post and social media and digital channels (for example, using Facebook Custom Audiences and Google Custom Match
- Subject to the appropriate controls, to provide insight and analysis of our customers to business partners either as part of providing products or services, helping us improve products or services, or to assess or to improve the operating of our businesses
- For some of our profiling and other automated decision making
- Where we need to share your personal information with people or organisations in order to run our business or comply with any legal and/or regulatory obligations
2. To comply with our legal obligations
3. With your consent or explicit consent:
- For some direct marketing communications
- For some of our profiling and other automated decision making
- For some of our processing of special categories of personal data
5. WHO WE MIGHT SHARE YOUR INFORMATION WITH
We may share information with the following third parties for the purposes listed above:
- SIVA Inotec Ltd. group companies (companies having over 50% common shareholding) and service providers
- Business partners, account beneficiaries, or others who are a part of providing your products and services or operating our business
- Governmental and regulatory bodies such as HMRC, the Financial Conduct Authority, the Prudential Regulation Authority, the Ombudsman, the Information Commissioner’s Office and under the Financial Services Compensation Scheme
- Other organisations and businesses who provide services to us such as debt recovery agencies, back up and server hosting providers, IT software and maintenance providers, document storage providers and suppliers of other back office functions
- Credit Reference and Fraud Prevention Agencies (see below)
- Market research organisations who help us to develop and improve our products and services
6. YOUR RIGHT TO WITHDRAW YOUR CONSENT
Where we’re relying upon your consent to process personal data, you can withdraw this at any time by contacting us using the details below.
7. PERSONAL INFORMATION MAY BE TRANSFERRED OUTSIDE EEA
We’re based in India and operate in the UK but sometimes your personal information may be transferred outside the European Economic Area. If we do so we’ll make sure that suitable safeguards are in place, for example by using approved contractual agreements, unless certain exceptions apply.
8. CHANGES TO YOUR PERSONAL INFORMATION
Inform us of any changes to your personal information so that we can update our records.
9. MONITORING PERSONAL INFORMATION
In this section monitoring means any: listening to, recording of, viewing of, intercepting of, or taking and keeping records (as the case may be) of calls, email, text messages, social media messages, in person (face to face) meetings and other communications.
We may monitor where permitted by law and we’ll do this where the law requires it, or to comply with regulatory rules, to prevent or detect crime, in the interests of protecting the security of our communications systems and procedures and for quality control and staff training purposes. This information may be shared for the purposes described above.
10. HOW LONG WE KEEP THE PERSONAL INFORMATION
Unless we explain otherwise to you, we hold your personal information based on the following criteria:
- For as long as we have reasonable business needs, such as managing our relationship with you and managing our operations
- For as long as we provide goods and/or services to you and then for as long as someone could bring a claim against us; and/or
- Retention periods in line with legal and regulatory requirements or guidance.
11. YOUR RIGHTS UNDER DATA PROTECTION LAWS
Following is a list of rights that all individuals have under data protection laws. They don’t apply in all circumstances. If you wish to use any of them, we will explain at that time if they are engaged or not. The right of data portability is only relevant from May 2018.
- The right to be informed about the processing of your personal information
- The right to have your personal information corrected if it is inaccurate and to have incomplete personal information completed
- The right to object to processing of your personal information
- The right to restrict processing of your personal information
- The right to have your personal information erased (the “right to be forgotten”)
- The right to request access to your personal information and to obtain information about how we process it
- The right to move, copy or transfer your personal information (“data portability”)
- Rights in relation to automated decision making which has a legal effect or otherwise significantly affects you
You have the right to complain to the Information Commissioner’s Office which enforces data protection laws: https://ico.org.uk/. You can contact us using the details below. You can contact us by going to the Contact Us section of our website to exercise these rights.
13. YOUR MARKETING PREFERENCES
We may use your office address, phone numbers, email address and social media or digital channels (for example, Facebook, Google and message facilities in other platforms) to contact you according to your marketing preferences. You can stop our marketing at any time by contacting us using the details below or by following the instructions in the communication.
14. CONTACT US
If you have any questions about this privacy policy, or if you wish to exercise your rights or contact the DPO, you can contact us by going to the Contact Us section of our website. Alternatively, you can write to SIVA Inotec Ltd., G-47, 1st floor, Sector 6, Noida, Uttar Pradesh, 201301, India, marking it for the attention of the DPO.