Last Updated On December 08, 2023

Introduction

Mphasis Datalytyx is committed to protecting your privacy. This Privacy Notice explains the use and protection of personal information collected by Mphasis Datalytyx. It applies to any personal information you provide to Mphasis Datalytyx and, subject to local law, any personal information we collect from other sources.

Mphasis Datalytyx protects your personal information in accordance with applicable laws and our data privacy policies. In addition, Mphasis Datalytyx maintains the appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing and/or against accidental loss, alteration, disclosure, or access thereto.

Throughout this privacy notice, “(Mphasis Datalytyx)” refers to Mphasis Datalytyx, including its affiliates and subsidiaries (also referred to as “we”, “us”, or “our”).

Data Collection

We may collect personal information such as your personal details and contact details. Mphasis Datalytyx may also collect “sensitive” personal information about you when you voluntarily provide this information or where such information is required for us to respond to your request for products or services or permitted to be collected by law or professional standards. Sensitive Personal Information (SPI) includes personal information regarding a person’s physical or mental health, genetic data, biometric data. Individuals should use their discretion when providing sensitive information to Mphasis Datalytyx. When you provide information that enables us to respond to your request for products or services, we will, wherever permissible by relevant laws, collect, use, and disclose this information to third parties including clients both prospective and existing ensuring strict confidentiality and adhering to appropriate security standards for the purposes described in this Notice. This includes collecting information when you:

Visit Mphasis Datalytyx Websites

In some instances, Mphasis Datalytyx automatically collects personal information pertaining to you when you visit our websites and through e-mails that we may exchange with you. We may use automated technologies including the use of web server logs to collect IP addresses, “cookies” and web beacons. The collection of this information will allow us to improve the effectiveness of Mphasis Datalytyx websites and our marketing activities.

Mphasis Datalytyx also collects information provided by you from our contact us form (e.g., name, email address, mobile number) and our careers portal (e.g., resume) on our website.
By using Mphasis Datalytyx websites, associated microsites, and mobile applications, you agree to the processing of your information as explained in this Notice.
Mphasis Datalytyx websites may contain links to other sites which are outside our control and are not covered by this Notice. We encourage you to review the privacy statement/notice of each website you visit provided on Mphasis Datalytyx Websites and satisfy the need for providing personal information of any kind.

Engage with Mphasis Datalytyx through social media

You can engage with us through social media websites or through features on Mphasis Datalytyx websites that integrate with social media sites. When you engage with us through social media sites, you may allow us to have access to certain information from your social media profile based upon your privacy preference settings on such platform.

Access our Websites through Mobile Devices

If you access our websites on your mobile device, we may also collect your personal information, device information, contact information, network information and other details.
When you provide us with your mobile phone number, you consent to the use of your mobile phone number for the purposes identified in this Notice. If you choose to refrain from receiving any text notifications from us on your mobile, we will not be using your mobile number for such purposes unless required to meet legal requirements or for legitimate business purposes.
We do not collect more information from you than is required for us to fulfil our stated purposes and will not retain your information for longer than is necessary.

Purposes of collection and use of collected Data

The personal information we collect for the purpose of and that may be used to: 

  • Provide information and services as requested by you
  • Assess queries, requirements, and process requests for products and services
  • Perform client communication, service, billing, and administration
  • Conduct data analysis
  • Execute monitoring
  • Share it with affiliated entities/subsidiaries/branch offices for legitimate business purposes
  • Share it with statutory authorities, government institutions or other bodies for compliance with legal requirements
  • Market products and services based on legitimate business interest under the applicable law or
  • Conduct processing necessary to fulfill other contractual obligations for the individual
  • To conduct background verifications for employee onboarding.
  • Job Application processing.
  • Address Data Subject Rights Requests.

With your consent, we may also use your personal information for additional purposes. Instances where sensitive personal information is collected will warrant explicit consent. Unless it is necessary for our legitimate business purposes, should you choose not to provide any personal information during certain activity, you will be able to continue with such activity wherever possible.

We do not seek to collect personal information of children under the age defined in respective and applicable jurisdiction(s). If ever such children data is collected for the purpose of the services or products requested by you, we will secure explicit consent from the parent or legal guardian for the legitimate process.

Change of purpose

We will only use your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

Please note that we may process your Personal Data without your knowledge or consent, where it is required or permitted by law.

Except for certain information that is required by law or by Mphasis Datalytyx policies (including management of an employment relationship with Mphasis Datalytyx), your decision to provide any personal data to us is voluntary. You will therefore not be subject to adverse consequences if you do not wish to provide us with your personal data. However, please note that if you do not provide certain information, we may not be able to accomplish some or all the purposes outlined in this privacy statement, and you may not be able to use certain tools and systems which require the use of such personal data.

Lawful Grounds for Processing of Personal Information 

To perform a Contract:

  • To fulfil and meet the business requirements and contractual obligations for which you have provided the Personal Data (including during the performance of your employment relationship with us).
  • To provide information, services, or support.
  • To plan, perform, and manage our relationship with and to carry out any related administration.

To carry out our Legitimate Interests:

  • To identify you for the purpose of ensuring compliance with the terms of our agreements.
  • To communicate related to the Services, including using email, SMS, and social media platforms.
  • For fraud detection and information security purposes.
  • To market products and services based on legitimate business interest under the applicable law.
  • To help maintain the safety, security, and integrity of our Sites, Services, databases, technology assets, and business.
  • To improve our Services and to tailor and personalize our Sites.
  • For accuracy and to verify information with third parties as needed.
  • To enforce this Notice, and our policies, terms of use, agreements and other provisions related to the Services.
  • To carry out research, including market research, statistical research on site traffic, sales, and other commercial information to assist us in improving the Services.

With your Consent:

  • We will process your personal data for the purposes mentioned above based on your prior consent, to the extent such consent is mandatory under applicable laws.
  • To the extent you are asked to click on/check “I accept”, “I agree” or similar buttons/checkboxes/functionalities in relation to a privacy statement, doing so will be considered as providing your consent to process your personal data, only in the countries where such consent is required by mandatory law. In all other countries, such action will be considered as a mere acknowledgement and the legal basis of the processing of your personal data will not be your consent but any other applicable legal basis.

To fulfill a Legal Obligation:

  • To identify you for compliance purposes.
  • To detect, investigate and prevent activity we think may be potentially illegal, unlawful, or harmful.
  • Torespond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims.

Disclosure to Third Parties

Mphasis Datalytyx does not share personal information about you with non-affiliated companies except:

(a) to provide products or services you have requested,

(b) when we have your permission.

We provide the information to trusted entities who work on behalf of or with Mphasis Datalytyx under strict confidentiality agreements. These entities may use your personal information to help Mphasis Datalytyx communicate with you about offers from Mphasis Datalytyx and for other legitimate business purposes. However, these companies do not have any independent right to further share or disseminate this information.

We may share your information in the following circumstances:

Service Providers Processing Data on Our Behalf

  • We may use contractors and service providers to process your information on our behalf for the purposes described in this Privacy Statement.
  • We contractually enforce that contractors and service providers keep information secure and confidential. We do not allow them to share or use your information without our prior authorization. Where you have an independent relationship with these service providers their privacy statements will apply.
  • We share information with our clients both prospective and existing under strict confidentiality agreements and ensure adherence to appropriate security standards and safeguards.

Law Enforcement

In certain instances, and under applicable law, it may be necessary for us to disclose your information to government officials or other third parties in response to the following:

  • A subpoena, warrant or other process issued by a court of competent jurisdiction.
  • A legal process having the same consequence as a court-issued request for information, in that if we were to refuse to provide such information, it would be in breach of local law, and it or its officers, executives or employees would be subject to liability for failing to honor such legal process.
  • Where such disclosure is necessary for us to enforce our legal rights pursuant to the laws of the jurisdiction from which such information was gathered, or where we reasonably consider that this is necessary for it to protect our legal rights or to allow a third party to do so.
  • A request for information with the purpose of identifying and/or preventing financial fraud.
  • Where such disclosure is necessary to prevent or lessen a serious and imminent threat of bodily harm to an individual.

Data Transfer

Mphasis Datalytyx may transfer certain personal information across geographical borders to service providers in other countries working on our behalf in accordance with applicable law. Mphasis Datalytyx may transfer your personal information to any other body corporate or a person in any country that ensures the “same level of data protection” as applicable data protection laws and regulations.

When you provide us with your information or use our websites, we may collect, transfer, store, and process your information. These transfers are governed by the UK International Data Transfer Agreements (IDTA)or equivalent thereof to protect the security and confidentiality of personal information.

How we protect your information

We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Site. Mphasis Datalytyx will ensure through formally executed contracts that the service providers are committed to “same level of data protection” as applicable data protection laws and regulations.

Mphasis Datalytyx has implemented reasonable physical, technical, and administrative security measures to protect personal information from loss, misuse, alteration or destruction.

Our service providers and agents are bound to maintain the confidentiality of personal information and may not use the information for any unauthorized purpose. Mphasis Datalytyx will ensure through formally executed contracts that the service providers are committed to “same level of data protection” as required under applicable data protection laws and regulations.

Preferences

Mphasis Datalytyx takes reasonable steps to keep your personal information accurate and complete. You can access or update your personal information in the following ways.

Profile

If you have created a profile or account on one of our websites, you can update your contact information after you log into your account.

Mobile Devices

If you previously chose to receive push notifications on your mobile device from us but no longer wish to receive them, you can manage your preferences either through your device or the application settings. If you no longer wish to have any information collected by the mobile application, you may uninstall the application by using the uninstall process available on your mobile device.

Information from Children

We do not seek to collect personal information of children under the age defined in respective and applicable jurisdiction(s). If ever such children data is collected for the purpose of the services or products requested by you, we will secure explicit consent from the parent or legal guardian for the legitimate process.

Cookies

A “cookie” is a small piece of text that a website places in the cookie file of your browser and that allows the site to remember who you are. Cookies cannot be used to run programs or deliver viruses to your computer. Mphasis Datalytyx only uses cookies in accordance with applicable laws. Cookies by themselves do not provide email address or otherwise identify an individual browsing through the website. Mphasis Datalytyx uses cookies to compile aggregate statistics to help us determine areas of preference of a visitor.

If an individual subsequently registers with Mphasis Datalytyx website, the information may be linked to a cookie to enhance and personalize the online experience (e.g., by welcoming an individual when he or she returns to the website). The choice of deciding whether to accept or refuse cookies will be the responsibility of the individual. The browser can be set to reject cookies or notify the presence of cookies.

To learn more about disabling cookie policies please visit our cookie policy.

Note: Mphasis Datalytyx website may not function at desired efficiency levels, or you may not experience some of the website features fully if the cookie is disabled or refused.

Email

Contact us at the e-mail listed in the “Contact Us” section at the bottom of this Notice. Please include your current contact information, the information you are interested in accessing and your requested changes. We will provide you with access to the personal information requested, subject to reasonable limitations provided by law, unless it infringes on the privacy of other individuals.

If we do not provide you with access, we will provide you with the reason for refusal and inform you of any exceptions relied upon.

Data Protection

Mphasis Datalytyx has implemented reasonable physical, technical, and administrative security measures to protect personal information from loss, misuse, alteration, or destruction.

Our service providers and agents are bound to maintain the confidentiality of personal information and may not use the information for any unauthorized purpose. Mphasis Datalytyx will ensure through formally executed contracts that the service providers are committed to “same level of data protection” as required under applicable data protection laws and regulations.

Data Retention 

We retain your personal information for as long as necessary to provide the services you have requested, or for other essential purposes such as complying with our legal obligations, resolving disputes, and enforcing our policies.

Exercise your rights

Unless subject to an exemption under the UK GDPR, you have the following rights with respect to your personal data.

  • Access: You have the right to ask us to access the personal data we hold about you and be provided with certain information about how we use your personal data and who we share it with.
  • Correction: You also have the right to ask us to correct your personal data where it is inaccurate or incomplete.
  • Erasure: In certain circumstances, you have the right to ask us to delete the personal data we hold about you.
  • Restriction: In certain circumstances, you have the right to ask us to restrict (stop any active) processing of your personal data, save for storage.
  • Objection: In certain circumstances, the right to restrict or object to our processing of your personal information (e.g., where you request correction or erasure, you also have a right to restrict processing of your applicable data while your request is considered). You can object to our processing of your personal data based on our legitimate interests and we will no longer process your personal data unless we can demonstrate an overriding legitimate ground.
  • The right to lodge a complaint with the Information Commissioners Office.
  • The right to withdraw your consent at any time, where consent is relied upon as the lawful basis of processing.
  • Right to data portability: You have the right to receive any data concerning you supplied directly to the Data Controller, to be provided in a structured, commonly used, and machine-readable format.
  • Right in relation to automated decision including profiling.

We respond to requests in accordance with applicable data protection laws. We may refuse requests that are unreasonably repetitive, require disproportionate technical effort, risk the privacy of others, may compromise an ongoing investigation, or are impractical. It is our policy to never discriminate against you for exercising any of these rights.

To exercise your rights under this section, you can fill out the Information Requests form here.

Revision to the Privacy Notice 

This Privacy Notice may be updated annually or as required from time to time as per the applicable laws, changes in regulations, precedents, or any communication from Supervisory or regulatory authorities. If any changes to the Privacy Notice have a material impact on your rights, we will notify you appropriately. Such changes to the privacy notice will apply from the effective date specified in the notice or the website. We encourage you to annually review the notice for the latest information on our privacy practices.

Your acceptance of these terms

By using this Site, you signify your acceptance of this policy. Your continued use of the Site following the posting of changes to this policy will be deemed your acceptance of those changes.

California Consumer Privacy Act – Specific notice for California residents

If you are a resident of California State, references to the CCPA and CPRA will be applicable to you. This notice in its entirety complies with the CCPA and CPRA notices requirement.

Mphasis may collect your personal information as is necessary when you visit our website or social media sites to obtain information about our products or services for personal and professional use. The collected information about yourself will be used, disclosed, and retained by Mphasis as detailed in this privacy notice.

Please note -We do not sell your personal information that is collected in this website for direct marketing purposes or for any commercial purpose.

However, if you have any question or concern about our compliance with CCPA and CPRA, please contact us as mentioned below.

For residents (data subjects) of the European Economic Area (EEA) and United Kingdom (UK), when we collect and use personal data (information) about you, we may be subject to the

  • European Union General Data Protection Regulation (‘EU GDPR’);
  • United Kingdom General Data Protection Regulation (UK GDPR) and
  • United Kingdom Data Protection Act 2018 (UK DPA 2018) when acting as a ‘data controller’ for such personal data.

Below you will find the rights applicable to you as a resident within the EEA and UK, including your rights to your data as it may be processed by Mphasis.

  • Right to access your personal information. This enables you to receive a copy of the personal data we hold about you
  • Right to correction of the personal data that we hold about you. This enables you to ask us to have any incomplete or inaccurate information we hold about you corrected.
  • Right to erasure of your personal data. This enables you to ask us, in certain situations, to delete or remove personal data where there is no good reason for us to continue to process it.
  • The right to object to the processing of your data, where we are processing it to meet our public tasks or legitimate interests (or the legitimate interests of a third party) and there is something about your situation which makes you want to object to processing on this ground.
  • The right to request that the processing of your data is restricted. This enables you to ask us to suspend the processing of your data.
  • Request the transfer of your data to another party.
  • Rights in relation to automated decision making and profiling.

If you are a UK or EU resident, you may also reach out to our EU and UK representatives through:

EU General Data Protection Regulation (GDPR) – EU Representative

Pursuant to Article 27 of the General Data Protection Regulation (GDPR), Datalytyx has appointed European Data Protection Office (EDPO) as its GDPR representative in the EU. You can contact EDPO regarding matters pertaining to the GDPR by:

UK General Data Protection Regulation (GDPR) – UK Representative

Pursuant to Article 27 of the UK GDPR, Datalytyx has appointed EDPO UK Ltd as its UK GDPR representative in the UK. You can contact EDPO UK regarding matters pertaining to the UK GDPR by:

Contact us   

If you have any questions or complaints about this Notice, our privacy and information handling practices, you can contact our Data Protection Officer through the following details: –

Name of the Data Protection Officer: Richa Gupta

Email ID: Privacy@mphasis.com

If you are in United Kingdom and is unhappy with how we have used your data you can also complain to the ICO:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF

Email: casework@ico.org.uk
Telephone: 0303 123 1113