Privacy Policy
We value your privacy
The following terms and conditions (the "Agreement") govern all use of the https://fivesdigital.com website (the "Site") and the products and services available on the Site. The products and service available on the Site is owned and operated by Five Splash Infotech Pvt. Ltd. ("Company"). The Service is offered subject to your (the "User") acceptance without modification of all of the terms and conditions contained herein and all other operating rules, policies and procedures that may be published from time to time on the Site by the Company.
BY USING OR ACCESSING ANY PART OF THE SERVICE, YOU AGREE TO ALL OF THE TERMS AND CONDITIONS CONTAINED HEREIN; IF YOU DON'T AGREE, DO NOT USE OR ACCESS THE SERVICE.
Company reserves the right, at its sole discretion, to modify or replace any of the terms or conditions of this agreement at any time. It is user's responsibility to check this agreement periodically for changes. User's continued use of the service, following the posting of any changes to this agreement constitutes acceptance of those changes. Certain services available at the site may be subject to additional terms and conditions. To the extent such terms and conditions conflict with this agreement, such additional terms and conditions shall control.
• To collect, store and process personal data in a lawful manner;
• Provide consistent treatment of Personal Data throughout Five Splash Infotech Pvt. Ltd. (known as FiveS Digital), its entities and operations
• Transfer Personal Data outside the European Union only to countries that the European Commission has determined provide adequate protection of such data and/or to FiveS Digital entities and other enterprises that use and protect that Personal Data in a manner consistent with the Commissions adequacy determinations.
Policy Statement:
FiveS Digital shall ensure that Personal Data relating to natural persons including employees (current as well as former) suppliers, and customers, are obtained and processed fairly, in accordance with the data subjects’ rights under Data Protection Laws and Regulations. FiveS Digital respects the privacy and is committed to promoting the responsible use of personal information and protecting individual’s privacy rights.
This policy applies to all FiveS Digital operations and business units and supersedes any other policy relating to personal data protection. This means that all Employees, Contractors, Working Partners and businesses carried on by FiveS Digital and its subsidiaries and any other company or organization that is managed by the FiveS Digital, must comply with it.
a. FiveS Digital as a data controller or processor, shall establish the specific purposes for which Personal Data is being collected and that its processing is done in a manner consistent with those purposes;
b. FiveS Digital shall collect and process only such Personal Data as is adequate, relevant and limited in scope and for a length of time to what is necessary for the stated purposes of its use;
c. Utilize IT systems and applications that have the ability to comply with Data Protection Laws and Regulations including providing appropriate security for storage and transmission of Personal Data;
d. Where required by the GDPR perform Data Protection Impact Assessments;
e. Report breaches promptly and in line with the personal data breach notification process;
f. Record, investigate, analyze and report data protection-related complaints; and Provide that data protection training is undertaken by all appropriate employees.
g. Provide that data protection training is undertaken by all appropriate employees.
FiveS Digital may collect, store, use and disclose information about individuals which may constitute personal data (including sensitive personal data) under various Government Laws (for e.g. Indian IT Act Privacy rules, GDPR, etc.), lawful, explicit and legitimate purposes and for further processing of personal data consistent with those purposes. The personal data may be processed for purposes including, without limitation,
1. Administering relationships services.
2. Operational purposes.
3. Conducting market or customer satisfaction research.
4. Providing individuals with information concerning products and services which FiveS Digital believes to be of interest.
5. Compliance with any requirement of law, regulation, associations, codes that FiveS Digital decides to adopt.
6. For the detection, investigation, monitoring and prevention of fraud and other crimes or malpractice.
7. For the purpose of, or in connection with, any legal proceedings (including prospective legal proceedings), for obtaining legal advice or for establishing, exercising or defending legal rights or Any other purpose connected to or incidental to the purposes as stated above.
8. Privacy data collected at website – cookies may be used in website to track user behavior, etc., and/or user name, address, email, phone number is collected for marketing or research purposes. FiveS Digital shall obtain consent from the data subject in free manner prior to collecting, storing and processing of personal data.
FiveS Digital shall not utilize an individual’s personal data beyond this scope without prior consent from the individual and shall take measures to ensure that this principle is observed. An individual’s personal data shall not be provided or otherwise disclosed to third parties other than FiveS Digital affiliates, investigators, or law enforcement personnel when consent has been obtained from the individual in question or when disclosure is legally mandated. To the extent permitted by applicable law, FiveS Digital may record and monitor electronic and voice communications to ensure compliance with the legal and regulatory obligations and internal policies and for the purposes outlined above. Any transfer of personal data to a third party shall take place only if, all provisions of Data protection are applied by the third party in order to ensure that the level of protection of personal data is guaranteed.
Data shall be encrypted and anonymized wherever necessary.
FiveS Digital takes prudent steps to safeguard the confidentiality and security of all personal data including taking procedural and organizational steps to protect personal data from accidental or unlawful destruction. These steps include entering into written agreements with all its vendors, subcontractors who process personal data.
In addition, FiveS Digital strives to protect personally identifiable information that it maintains or disseminate so it is not obtained by unauthorized individuals or used in unauthorized ways, including through the use of appropriate administrative, physical, and technical safeguards.
FiveS Digital recognizes the right of data subjects at reasonable intervals to seek / request a copy of the personal data held in relation to them by FiveS Digital. If any personal data is found to be wrong, the individual concerned has the right to ask us to amend, update or delete it, as appropriate. In some circumstances individuals also have a right to object to the processing of their personal data as per the prevailing laws.
If FiveS Digital undertake transactions or other services that involve the disclosure of personal data on behalf of any of our client or counterparty, it shall be the responsibility of such client or counterparty to ensure that it has all necessary authority to permit us to process and disclose the personal data accordingly.
Privacy consent can be withdrawn easily and at any time by the data subject by informing to appropriate authority within FiveS Digital as mentioned in Access revocation process.
The privacy data shall be deleted from the system based on evaluation of compliance with a legal obligation or business process and technologies available to erasure individual data.
Privacy controls shall be considered while designing and implementing new or existing systems or processes, based on the technologies available, cost of implementation, scope, context and purposes of collecting, storing and processing. FiveS Digital shall implement appropriate data-protection principles, technical and organizational measures, such as pseudonymization, data minimization, data encryption, etc.
FiveS Digital shall conduct Data Protection Impact Assessment that shall include: a. A systematic description of the system or purpose. b. Assessment of the risks to the rights and freedoms of data. c. The measures to address the risks, including safeguards, security measures and mechanisms to ensure the protection of personal data and to demonstrate
All personnel of FiveS Digital handling personal data have a responsibility to report any data privacy breach related incidents in case of violation of the data protection policy to SIRT@fivesdigital.com
Data Privacy Officer (DPO), HR & Legal department are responsible for administration of this policy and monitoring its compliance. All personnel of FiveS Digital handling personal data shall take reasonable measures for protection of personal data.
Personal Data means any information relating to a living individual who can be identified directly or indirectly by an identifier such as:
• a name, identification number, image, location data, an online identifier, or
• one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
• employee personal details like birth date, address, personal phone number
• personal email address, race, nationality, ethnicity, origin, color, religious or political beliefs or associations, age, sex, sexual orientation, marital status, family status, identifying number, code, finger prints, blood type, inherited, characteristics, health care history including information on physical/mental
• disability, educational, financial, criminal, history. Photographs of employee and internal gatherings
Lawful processing means that the activity is conducted in accordance with applicable national or international laws.
Specified purpose means being clear from the outset about why we are collecting personal data and are transparent about our purposes with the individuals concerned. Accurate means that the data collected and stored are correct and their integrity is protected.
Adequate, relevant and not excessive means that data should be sufficient for the intended purpose and that we should not hold more data than necessary for that purpose.
Data Protection Laws and Regulations means, in the European Union, the Data Protection Directive 95/46/EC and the national statutory legislation passed in each Member State implementing this Directive, the General Data Protection Regulation (GDPR) 2016 / 679, as well as national law that exists outside the EU in each country.
European Union – means the current EU Member State countries of: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, and the United Kingdom.
Enforcement of this policy is mandatory & violations of this policy will be reported through the Breach Notification Policy and Security Incident Response Team (SIRT) procedure.
The action taken after a violation is encountered is as follows:
a. All violations will be reported to DPO/Steering Committee.
b. Person will be issued a warning or will face stricter action depending upon nature of incidence for first time of violation.
c. Any further violation on part of the same person would result in strict disciplinary action up to termination of employment.