PRIVACY STATEMENT

Last updated on October 07, 2022

1. Introduction

Prorigo Software Pvt. Ltd respects the privacy of all its stakeholders, customers, prospects, and providers (“you”), and we are committed to protecting their personal data. We have drafted this privacy notice to enable you to gain a better understanding of who we are and what are our practices with respect to the collection, use, disclosure, and retention of personal data obtained in connection with your relationship with Prorigo.

Please take the time to read this privacy policy as it offers a guide on our practices in relation to data protection. You should be aware that data protection laws can vary in different jurisdictions where Prorigo operates, this policy endeavours to describe the practices implemented to encompass all these different requirements. Depending on the country, there might be situation in which stricter laws are applicable. For these situations, specific privacy practices in those locations have been adopted to satisfy those stricter requirements.

This privacy notice may change over time to comply with legal requirements or to meet our changing needs. In case there is an important change, we will inform you in another appropriate way if it is required by law (for example, via email or a pop-up).

2. Scope

This privacy policy applies to the processing of personal data in the general context of your relationship with Prorigo or as a prospective customer. 

3. Identity of the Data Controllers and the contact details of the Data Protection Officer

“Prorigo entities” mean any company within Prorigo that is controlled directly or indirectly by Prorigo Software Pvt Ltd, having its registered office at: #140/2 Orange Life, 1^st Floor, Pashan Sus Road, Pashan , Pune Maharashtra, 411021 India, a company incorporated in India under the Companies Act.

The designated Information Security Officer can be reached at: privacy@prorigosoftware.com

4. Your personal data processed, legal basis and purpose of processing

4.1 Data processed

When you have a contractual relationship with Prorigo, or in the state of negotiations, Prorigo has obtained your personal information either directly from you or through the supplier, customer, or service provider for whom you are working for. 

When you are a prospect, Prorigo may have obtained your details through various sources, such as your professional social media account, your contact details on professional associations or events, or through external providers

In the context of your relationship with Prorigo, we may collect various types of personal data about you, including:

• Your personal information (e.g., first name, last name, email address, address, phone number);
• Information about your employer and position;
• Any other information necessary for the purposes of managing our business relationship.
• For our suppliers and service providers who are individuals (such as self-employed persons), we may collect financial information (e.g., bank account details).
• For any person from our suppliers and service providers who have access to our computer systems, we may collect the following types of personal data, including IP addresses and other technical identifiers; 
• Work related information (e.g., work order number, identification number, start date and end date, status of any required training, billing rate and amount);
• Finally, compliance checks may require the provision of information related to your ID, date of birth or conviction, in the context of the respect of compliance regulation. 

4.2 Purposes of processing and legal basis

In the context of pre-contractual and/or contractual relationships to which we are subject, we may process your personal data to: 

• Manage our business relationship and related operations necessary for our customers, suppliers and service providers; 
• Organise tenders, deliver our services or to perform existing contracts;
• Monitor our facilities and grant you access;
• Ensure compliance with applicable policies and laws;
• Ensure the management of accounting and other internal operations such as legal management, billing, invoicing and record-keeping;
• Preserve our legal interests (e.g., managing mergers and acquisitions involving our company, enforcing or defending our legal rights);
• Carry out customer satisfaction surveys; 

These purposes are justified by our legitimate interest in ensuring that the business and services continuity is ensured, as well as complying with legal obligation related to compliance, taxes declarations and other regulation applying to our business. 

In the context of communication towards prospects, Prorigo rely on its legitimate interest to provide you with information related to our services and provides, unless your country’s legislation requires your prior consent. In any case, you can withdraw your consent and request that we delete your data at any time. 

Be aware that Prorigo does not sell your personal data. 

4.3 Storage and sharing of your data

Prorigo is an Indian entity that has affiliates, business processes, management structures and technical systems in various countries around the globe. Considering our systems and teams organization, your data may be transferred to countries other than the one where you are located, including some countries outside of the European Economic Area. We use appropriate safeguards, such as the standard contractual clauses provided by the European Commission, for these transfers to protect your data. 

Your data will also be shared with third parties and partners, such as banking institutions, external legal counsels or consulting firms in the context of the services they are delivered to Prorigo.

In the context of pre-contractual and/or contractual relationships to which we are subject, the data retention is the one applicable to business documents and record-keeping related to accounting and tax purposes. 

In the context of communications towards prospects, your data are kept for a maximum of three years, upon which they are automatically deleted. 

5. Your Rights

• Right of access. You have the right to obtain information about your personal data which we process. In particular, you can obtain information on the purposes of the processing, the categories of personal data concerned, the categories of recipients to whom your data has been or will be disclosed, the retention period, the right to rectification, erasure, restriction of processing or opposition, the existence of a right to lodge a complaint, the origin of the data, if the data has not been collected from us, as well as the existence of automated decision-making, including by establishing profiles and, where appropriate, meaningful information about such data.
• Right of rectification. You have the right to request the rectification of inaccurate or incomplete personal data.
• Right to erasure. You have the right to request the erasure of the personal data we retain, unless the processing is necessary for the exercise of the right to freedom of expression and information, for the performance of a legal obligation, for reasons of public interest or to assert, exercise or defend our rights.
• Right to restriction of processing. You have the right to request the restriction of the processing of your personal data, if you contest the accuracy of the data, if the processing is unlawful, if we no longer need the data or if you object to the processing.
• Right to data portability. You have the right to receive personal data you have provided us with in a structured, commonly used and machine-readable format, or to request its transfer to another data controller.
• Right to withdraw consent to data processing. You have the right to withdraw your consent to the processing of your personal data at any time. Consequently, in such a case, we will not be able to continue the processing of data based on this consent. Withdrawal of consent shall not affect the lawfulness of processing based on consent prior to such withdrawal. If you wish to make use of your right of withdrawal, simply inform us by all known means of communication, in particular by e-mail privacy@prorigosoftware.com
• Right to lodge a complaint with a supervisory authority. You have the right to lodge a complaint with a supervisory authority. 
• Right to object. If the processing of your personal data is based on legitimate interests, you have the right to object to the processing of your personal data. If you wish to make use of your right to object, simply send a corresponding notification by e-mail to privacy@prorigosoftware.com
• Right not to be subject to automated decisions taken on an individual basis, including profiling. You have the right not to be subject to a decision based solely on automated processing - including profiling - which will have a legal effect or similarly affect you.

6. Data Security

When you visit our websites and our social media pages, we use the widely used (Secure Socket Layer method (SSL)), in combination with the highest level of encryption supported by your browser. The fact that an individual page of our websites or social media page is transmitted in encrypted form may be recognised by the fact that the browser’s address line switches from “http://” to “https://” and includes the closed lock icon in the browser line.

We also take appropriate technical and organisational security measures such as restricted access to your data, to protect your data against accidental or intentional manipulation, partial or total loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

7. How to contact us

We hope that we can resolve any query or concern you raise about processing of your data. Please email any requests to: privacy@prorigosoftware.com