This Privacy Statement applies to personal information collected by Tsaaro in its capacity as a controller. The aim of this Privacy Statement is to inform you on how we collect, use, disclose, and store information or data that may identify you as an individual (“Personal Information”) when you:

  • Interact or use our website, including downloading materials from our resources page or request for contact, register and/or attend any of our LinkedIn events, webinars, or podcasts we organise or attend (collectively “Events”), and
  • Apply for job with Tsaaro. It is important to note that this website is not intended for children under the age of 16 years and we do not knowingly collect data relating to minors.

This Statement explains our policies around:

Tsaaro Solutions Pvt. Ltd. (“Tsaaro”, “we” or “us”) provides services related to Data Protection and associated Regulatory Services, Industry Standard Services (such as ISO/IEC), Information Security Services, Penetration Testing Services, and Security Operation Centre Services to a wide range of organisations. Additionally, we provide Subscription related to EU Representative as Service, Data Protection Compliance as Service, and Privacy Compliance as Service. Tsaaro collects and processes personal data for providing efficient services to its customers. We at Tsaaro understand the importance of your (“visitors” or “You” or “data subject”) privacy and are dedicated to securing your personal data.

Effective Date: 15th July 2022.

Link to previous Privacy Statements: Privacy Statement

1. Collection

Information you provide to us:
We may collect identifiers that you choose to send to us or provide to use through website or events for example, you ask us to contact you in relation to services we provide or register for the courses or webinars or interact with us on social media platforms (LinkedIn) or apply for jobs online with Tsaaro. We will maintain a record of our correspondence. The Categories of personal data that we may process about you are as follows:

  • Name
  • Email address
  • Contact number
  • Job Title
  • Company name
  • Postal Code and Country
  • For Placement – Resume,
  • Job Experience and Last Drawn CTC
  • Marketing communication preferences and other information shared by you at your willingness.

Information we automatically collect:
When you visit the website, we collect internet activity information, such as your device’s IP address, what pages your device visited, and at what time your device visited our website. We may also rely on analytics, as further specified in our “Cookie Policy”.

2. Use

Website or Events:

We will use the information we collect through our website

  • To administer our website, our events and for internal operation, including troubleshooting, data analysis and testing purposes.
  • To improve our website to ensure that content is presented in the most effective manner for you and for your computing device.
  • For trend monitoring, marketing and advertising.
  • As part of our effort to keep the website secure.

 

Job Applications:

We will use this information provided by you while applying for a job:

  • To analyse your candidature for the job profile.
  • To communicate with you regarding the decision. Our use of your personal information may be based on our legitimate interest to ensure network, information security and business performance improvement. Our direct marketing purposes are based on user consent (for instance, when you share your information in “contact us” section, agree to receive communications after an event and so on). We may also rely on a legitimate interest to improve
    business and marketing practices, or contact you to offer similar services that you might have bought from us or negotiated for with us.

3. Third Party Disclosure
We share and disclose information (including personal information) about our customers in the following limited circumstances:

  • Vendors, consultants, and other service providers:
    We may share your information with third party vendors, consultants and other service providers who we entrust to perform tasks on behalf of Tsaaro including website analytics companies). Third party data may also be shared, insofar as reasonably necessary, with any other service used by our marketing and sales teams. Transaction data is shared with our payment service providers, only to the extent necessary for the purposes of facilitating your payments, processing your refunds, and dealing with complaints/queries regarding such payments and/or refunds. If Tsaaro receives your personal information in the European Union and subsequently transfers that information to a third-party agent or service provider, it ensures that the third party processes your personal information to the standard required by the applicable privacy laws, including the GDPR. These transfers will be typically based on our legitimate interest or agreed upon in the contract.
  • Disclosures for national security and law enforcement:
    Under certain circumstances, we may be required to disclose your personal information in response to valid requests by public authorities, based on our legitimate interest or legal obligation.
  • Transfer of Business:
    If we (or our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, personal information could be one of the assets transferred to or acquired by a third party. We will ensure through a contract that the third party ensures the security of the data involved.

4. Safeguarding Information For how long do we store your personal information?
Tsaaro will process and store your personal data only as long as necessary to fulfil the purposes that the data was collected for.

  • How do we secure your data?
    We use appropriate technical, organisational and administrative security measures to protect any information we hold in our records from loss, misuse and unauthorised access, disclosure, alteration and destruction.

5. International Data Transfers
Personal information shared by you with us on the website or social media may be sent to India and processed by us there or in other countries, on our service provider’s cloud servers (AWS). We will always take appropriate safeguards and protect your information in accordance with this Privacy Statement wherever it is processed. The organization will inform third parties with whom personal data has been shared of any modification, withdrawal or objections pertaining to the personal data, and implement appropriate policies, procedures and/or mechanisms to do so.

6. Information for Visitor based on Jurisdiction

i) For EEA (“European Economic Area”) Users:
Your Rights under General Data Protection Regulation (GDPR) are:
1. Right to obtain information
2. Right to request personal data transfer
3. Right to correction and erasure
4. Right to restriction of processing
5. Right to stop processing
6. The right not to be subject to automated decision-making, including profiling

ii) For U.A.E (“United Arab Emirates”) Users:
Your Rights under Protection of Personal Data Protection (PDPL) are:
1. Right to access to information
2. Right to request personal data portability
3. Right to rectification or erasure
4. Right to restriction of processing
5. Right to stop processing
6. The right not to be subject to automated decision-making, including profiling

iii) For Saudi Arabia Users:
Your Rights under Personal Data Protection Law (PDPL) and Personal Data
Protection Interim Regulations (“PDPIR”) are:
1. Right to Know/Information
2. Right to Access or Copy
3. Right to Request Correction
4. Right to Request Destruction
5. Right to Limit/Restriction of Processing

iv) For Malaysia Users:
Your Rights under Personal Data Protection Act (PDPA) are:
1. Right to access
2. Right to correct personal data
3. Right to Withdrawal of consent to process personal data
4. Right to prevent processing likely to cause damage or distress
5. Right to prevent processing for purposes of direct marketing

7. Use of Services by Minors
As mentioned above, we do not knowingly collect or solicit personal information from anyone under the age of 16. If you are under 16, please do not attempt to register for the Services or send any Personal Information about yourself to us. If we learn that we have collected Personal Information from a child under the age of 16, we will delete that information as quickly as possible. If you believe that a child under the age of 16 may have provided us with Personal Information, please contact us at dpo@tsaaro.com

8. Updates to Privacy Statement
We’re constantly trying to improve our Websites and Services, so we may need to change this Privacy Statement from time to time as well. We will inform you regarding material changes, for example, placing a notice on our Websites when we are required to do so by applicable law. You can see when this Privacy Statement was last updated by checking the date at the top of this page. You are responsible for periodically reviewing this Privacy Statement.

9. Redressal and Contact Information
In the event that you wish to make a complaint about how your personal data is processed by Tsaaro, email us at dpo@tsaaro.com We at Tsaaro respect the personal data and privacy of every user equally, irrespective of their jurisdiction. We promise to abide by this Privacy Statement and secure your privacy. For us, you all are equally valuable, and your trust is our asset. If you are unhappy about how a complaint has been handled by Tsaaro, you have a right to lodge a complaint directly with your local supervisory authority.