At Cube Consultancy Services, our subsidiaries and affiliated companies (‘we’ or ‘us’ or ‘our’, "The Company", "CCS", "CCS", "Service", “Site”, “Product”), we collect and process personal information (“Customer Data”). We are committed to protecting your privacy. This Privacy Policy sets forth CCS's policy with respect to the Personal Data and other information that is collected from visitors ("you", "your”, “visitors”) to the Site.
Please note that your use of the Site and any of our Services is subject to our Terms of Service which you may access at the homepage. Our Privacy Policy and Terms of Use are integral to your use of our Site. Your continued use of the Site will constitute your acceptance of the Terms of Service and this Privacy Policy.
Scope of the Privacy Policy
The Privacy Policy applies to CCS’s clients (individuals or entities who have subscribed to our services and have agreed to those applicable Terms of our Service for the subscription) “Customers” and individuals or entities who have gained access to this Service through our Customers.
Information that we collect
Customers use the Service to host data and information about their organization, and among others, its employees or the people they work with ("Customer Data").
From a GDPR (General Data Protection Regulation) perspective, we will be classified as a “Processor” and the Customer would be a “Controller”.
Information that our Customer’s update
In the normal course of operations, Customers use the Service to store and manage Customer Data. This could include —personally identifiable information (“PII”) and non-personally identifiable information (“Non-PII”).
We do not own, control, or direct the use of Customer Data, and in fact, we are mostly unaware of what information is being stored on Service.
As our Customer, in your role as a Controller, you are authorizing, on behalf of you and your authorized agents and End-Users, and representing that you have the authority to provide such authorization to the storage and processing of Customer Data on Service.
As the Controller, it shall be your responsibility to inform the End-Users about the processing, and, where required, obtain necessary consent or authorization for any Data that is collected as part of the Customer Data through your use of the Service.
We may provide you an option to use our referral service to tell a friend about our Service. In such cases, we will ask you for your colleagues’/friends’ names, organizations, email addresses, and telephone numbers.
Information we collect automatically
Cookies - When you visit CCS, we send one or more cookies - a small file containing a string of characters - to your computer / mobile device that uniquely identifies your browser. We use cookies primarily for user authentication but may also use them to improve the quality of our service by storing user preferences and tracking user trends
The data automatically collected from cookies and web beacons may include information from your Web browser (such as browser type and browser language) and details of your visits to our Website, including traffic data, location data and logs, page views, length of visit and website navigation paths as well as information about your computer and internet connection, including your IP address and how you interact with our Product. We collect and store this data in order to help us improve our Website, the Product, and the user experience with our Website and Product.
On most web browsers, you will find a "help" section on the toolbar. Please refer to this section for information on how to receive notifications when you are receiving a new cookie and how to turn cookies off. However, if you disable cookies you may find this affects your ability to use certain parts of our Services.
Log information - In addition to the above, when you access CCS services, our servers automatically record and store information that a browser typically sends whenever you visit a website. These server logs may include information such as your web request, Internet Protocol address, browser type, browser language, browser settings, the date and time of your request, device model, the device identifier (or “UDID”), query logs, product usage logs, usage pattern through cookies and one or more cookies that may uniquely identify your browser.
We also collect clicks, scrolls, conversions, and drop-offs on our Service.
Analytics Information - We and our third-party partners use technologies such as web beacons / clear-gifs in administering the Service, tracking users’ movements around the site, analyzing trends, and gathering demographic information about our visitors. We may receive reports from these Partners on an individual and aggregated basis. For this purpose, we may also share anonymous data about your actions on our Websites with these third-party partners.
Single Sign-on service - You may have the option to access/register for our Services using sign-in services such as Google, LinkedIn, and Facebook Connect. These services will authenticate you and provide you the option to share certain Personal Data with us such as your name and email address. By authorizing us to connect with these sign-in services, you authorize us to access, and we may store your name, email address(es), and other information that they make available to us,
How do we use your information?
CCS will not review, share, distribute, or reference any such Customer Data except as provided in the Terms of Service, this Privacy Policy, or as may be required by law.
Individual records of Customer Data may be viewed or accessed only for the purpose of resolving a problem, support issues, responding to Customer instructions, or suspected violation of the Terms of Service, or as may be required by law.
We may use your email address or other information to contact you for service-related announcements.
We may also use Customer Data to contact you and to tell you about services, updates, promotions, and events which we believe will be of interest to you. For example, we may use the information to contact you to further discuss your interest in CCS, the Service, and to send you information regarding the Company and its partners, such as information about promotions or events.
If you have shared information with us through our Referral service, then, subject to this Privacy Policy, we will use this Information, including without limitation, too (i) assess the needs of the Referral’s business to determine or suggest suitable Service (ii) send them promotional and marketing communications and (iii) respond to their questions and concerns. In case we send them a communication, we will also send them instructions enabling them to "opt out" of receiving future communications. In addition, if at any time they wish not to receive any calls, or future communications or you wish to have their name deleted from our mailing lists, they can contact us as indicated below and indicate to us to stop the communication. We will stop communicating with them.
We may also use your anonymized Data and other personally non-identifiable information collected through the Services to help us improve the content and functionality of the Services, to better understand our users, to improve our Services and develop new products, services, features, functionality, and recommend how our product and services could serve you better.
We may obtain and aggregate technical and other data that is non-personally identifiable (“Aggregate Anonymous Data”), and we may use the Aggregate Anonymous Data to improve, support, and operate the Service or to produce aggregate insights. For clarity, You or the Customer are not identified as the source of any Aggregate Anonymous Data. We may also disclose aggregated user insights in order to describe our services to current and prospective business partners, clients, and other third parties for other lawful purposes.
Legal Basis for Processing Personal Information
If you are a visitor from the European Economic Area (EEA) and from a GDPR Compliance perspective, we are processing this information on behalf of the Customer (“Controller”) who has a legitimate interest in maintaining his employee information for the purpose of managing his business and adhering to his statutory compliance requirements.
Data Security
We take privacy seriously and take robust and reasonable security assures to protect Personal data from unauthorized access, maintain data accuracy, prevent alteration, and disclosure and help ensure the appropriate use of the data. The measures we take include:
When the service is accessed using modern web browsers, Transport Layer Security ("TLS") technology protects customer data using both server authentication and data encryption. These technologies help ensure that the data is safe, secure, and only available to the Users to whom the information belongs and those to whom the User has granted access
We follow security best practices (OWASP) for developing our applications and in our deployment/system administration
We host our websites in a secure server environment that uses firewalls and other advanced technology to prevent interference or access from intruders.
We encrypt the data at rest
We restrict access to only authorized personnel through a password and two-factor authentication processes
We offer enhanced security features within the service that permits customers to configure security settings to the level they deem necessary.
We do periodic third-party vulnerability assessments for our applications
If we learn of a security systems breach, then we may attempt to notify you electronically through our Site or by email so that you can take appropriate protective steps.
Information Sharing
CCS only shares Customer Data with other companies or individuals outside of CCS in the following limited circumstances:
Related Entities: We may provide such information to our subsidiaries, and affiliated companies for purposes consistent with this Privacy Policy.
Third Parties (Sub-Processors): We may provide this information to other trusted businesses for the purpose of processing Client Data on our behalf. Examples of these are functions including mailing information, maintaining databases, hosting, analyzing data, maintenance, and other services for us. When we employ such companies, we only provide them either anonymized information or information that they need for their specific function and we require that these parties agree to process such information based on our instructions and in compliance with this Privacy Policy
Legal Requirements: We may provide this information when we have a good faith belief that access, use, preservation, or disclosure of such information is reasonably necessary to (a) satisfy any applicable law, regulation, legal process, or enforceable governmental request, (b) enforce applicable Terms of Service, including investigation of potential violations thereof, (c) detect, prevent, or otherwise address fraud, security or technical issues, or (d) protect against imminent harm to the rights, property or safety of CCS, its users or the public as required or permitted by law.
Business Transfers: If CCS becomes involved in a merger, acquisition, or any form of sale of some or all of its assets, then the Client Data may become part of that transferred asset.,
Unrestricted information: Any information that you voluntarily choose to include in a Public Area of the Service or share with us through any other means, will be considered "Unsolicited Information". This information will be available to any User or Visitor who has access to that content and shall be deemed to be non-confidential and we shall be free to reproduce, use, disclose, and distribute such Unsolicited Information to others without limitation or attribution.
Links to Third Party site
CCS’s Services may contain hyperlinks to websites owned and operated by third parties. These third-party websites have their own privacy policies and we encourage you to review them. We do not accept any responsibility or liability for the privacy practices of such third-party websites and your use of such websites is at your own risk.
Age Restriction and Children’s Privacy Protection
Any visitor who provides information through the Site represents that they are 18 years of age or older. We do not knowingly collect information from anyone under the age of 18. Our Site and Service are not designed for users under 18. If you are under 18 years, please do not access or use this Site.
If you have reason to believe that a child under the age of 18 has provided Personal Data to CCS through the Service, please contact us, and we will take appropriate steps to delete that information from our Service.
Your Rights—accessing & updating your Information
We only process Customer Data under the instruction of the Customer
From the perspective of GDPR, we are the Processor and not the Controller of the Customer Data. The customer is responsible for complying with any applicable regulations or laws prior to or during the period of storing Customer Data in the Service.
As the Processor of Client Data on behalf of our Customers, we follow the Customer’s instructions with respect to the Customer Data to the extent consistent with the functionality of our Service.
We may work with our customers to help them provide notice to their employees concerning the purpose for which Personal Data is processed by CCS. We provide Customers with an extensive range of capabilities including – role-based access control, extensive audit logs, data encryption, and from tools to communicate corporate policies, These capabilities enable Customers to access, rectify and restrict the processing of Customer Data.
Any request directed to us, regarding - access to, wishing to correct, update, modify, or delete Customer Data or wanting us to stop contacting you, will be directed to the customer and we will assist the customer in fulfilling any obligation to respond to these requests. As indicated above, our Customers have extensive capabilities built into the Service to complete these activities on their own. Beyond this, If the customer requests CCS assistance to comply with data protection regulations, CCS will respond to their request within 30 business days.
Retention of Data
Customer data will be retained as long as Customer has a valid subscription agreement with CCS. After the expiry of the Subscription Agreement, unless otherwise agreed upon with Customer, the data will be retained on our Servers for a period of 3 months after the expiry/termination of the Subscription Agreement, post which it will be deleted.
Data from the Backups will be removed within 30 days from the date the Customer Data is deleted from our Servers.
In case Customer has not fulfilled their obligations under the Terms of Service or in case of any disputes, we will retain Customer Data as necessary to comply with our legal obligations, for litigation/defense purposes, maintain accurate financial and other records, resolve disputes, and enforce our agreements.
Changes to this Policy
CCS regularly reviews its compliance with this Privacy Policy. We reserve the right to change or update the Privacy Policy at any time and will notify users of the Service by posting such changed or updated Privacy Policy on this page prior to the change becoming effective. Under certain circumstances, we may also elect to notify you of changes or updates to the Privacy Policy by additional means, such as by posting a notice on the homepage of the Service or by sending you an email.
Any changes or updates will be effective from the time of posting to the Site and will be reflected by the Effective Date. Continued use of the Site following any changes shall indicate your acknowledgment of such changes and agreement to the Privacy Policy and any future revisions. We encourage you to periodically review this page for the latest information on our Privacy Policy.
How to Contact Us
If you have any questions or complaints about this Privacy Policy or how we collect or process your personal information or would like us to modify, correct, or erase any Personal Data or would like us to stop communicating with you, please contact us at hrservices@cubeconsultants.co.in
