Document ID: TIG_AUG_PRN_BUA
Release Date: 03-01-2022
Version: 1.0
This Privacy Notice describes how Personal Information of clients, prospective clients, visitors, vendors and other third parties, if applicable, that we interact with who are termed as (“External Individuals”) is collected, managed and processed by Total IT Global. We are committed to handling the Personal Information of all External Individuals in an appropriate and lawful manner. This Notice sets out the minimum requirements for ensuring that the Personal Information of External Individuals is collected, used, retained, and disclosed in a secure and compliant manner.
Personal data: Any information which are related to an identified or identifiable natural person. Ex: Name, Age, Contact Number, Email ID, National Identification Number, Location, Bank Account details etc
This Privacy Notice covers clients, prospective clients, visitors, vendors and other third parties if applicable that Total IT Global interact with who are termed as (“External Individuals”) is collected, managed and processed by Total IT Global.
DPO – Data Protection Officer
DPO – To Ensure effective implementation of the policy
Total IT Global collects the Personal Information relating to Individuals to the extent that it is required for a particular purpose or purposes, in the context of its Organisational Services.
We may collect or Process any or all the subsequent types of Personal Information as part of our Organisational activities: (Examples, list not exhaustive):
Identity information: Title, name, gender, an identification number, location data.
Contact details: Employer details, job title, work address, phone number(s) and email address(es).
Marketing information: – Contact history, interactions and communications, events, company information and materials (e.g., Blogs, Whitepapers) provided, contact preferences.
Relationship management information: Communication and meetings, references, professional experience, complaints, and feedback.
Data related to use of and access to facilities and corporate assets: Time and location of entry and exit to premises, access to restricted zones and security camera footage data related to access to and usage of office equipment and corporate assets, computer systems, email and the intranet/internet and contact management.
We receive Personal Information directly obtained from you, via our websites and portals, at events you attend, business networks and agencies, publicly available sources such as LinkedIn, media outlets, referrals etc.
We collect personal data from you for one or more of the following purposes:
In addition, to ensure that each visitor to any of our websites can use and navigate the site effectively, we collect the following:
Total IT Global follow lawful basis for processing under one of the following as applicable
Total IT Global processes Personal Information where it is necessary for the performance or management of a contract, or where it has a legitimate business interest in doing so.
We obtain your consent to process your Personal Information through applicable contracts, processing agreements, where it is required to do so and, for any new or additional purpose. To the extent that Processing is based on consent, they may be entitled to withdraw consent to the Processing of their Personal Information.
Some of our primary legal basis of processing is set out as mentioned below:
Information category
Purpose of Use
Lawful basis for processing
For vendor and client relationship management
Marketing and Communication
Personal contact information as provided through website forms or at the event or via any social media platforms, while accessing information on our blogs, white papers etc.
Legitimate interest – (to run a successful and efficient business)
through Consent as applicable
Monitoring and examining compliance
For organising and maintaining our business structure.
For Security & Business Continuity
Necessary for legitimate interests (to comply with its responsibilities to run a safe, secure and efficient business).
Disclosure to third parties. Total IT Global may also share your Personal Information:
The third parties with whom we share your Personal Information may in some instances independently determine the purposes and uses of your Personal Information (e.g., legal advisers and external auditors). In such cases, the recipient’s own privacy policy will govern their use of your Personal Information.
Disclosure without notification.There may be circumstances where Total IT Global discloses Personal Information to third parties without notifying Individuals. These circumstances could include:
Total IT Global applies appropriate security measures intended to prevent unauthorised Processing of Personal Information and accidental loss of or damage to Personal Information. We maintain and follow security administration policies and procedures designed to prevent, detect, contain, and correct violations of measures taken to protect the confidentiality, integrity, availability, or security of your Personal Information. These policies and procedures allocate specific data security responsibilities and accountabilities to specific individuals, include a risk management program that includes periodic risk assessment and provide an adequate framework of controls that safeguard your Personal Information.
Total IT Global retains Personal Information for as long as necessary for fulfilling the legitimate purpose/ interests for which it was collected. This generally means that Personal Information will be deleted at the latest 6 years after collection, unless longer retention is required for other valid reasons such as compliance with legal obligations, to resolve disputes or enforce contracts.
As a data subject whose personal information we hold, you have certain rights. If you wish to exercise any of these rights, please email to dpo@totalitglobal.com or use the information supplied in the ‘Contact us’ section below. To process your request, we will ask you to provide two valid forms of identification for verification purposes. Your rights are as follows:
As a data controller, we are obliged to provide clear and transparent information about our data processing activities. This is provided by this privacy notice and any related communications we may send you.
As a data controller, we are obliged to provide clear and transparent information about our data processing activities. This is provided by this privacy notice and any related communications we may send you.
You may request a copy of your personal data we hold, free of charge. Once we have verified your identity and, if relevant, the authority of any third-party requestor, we will provide access to your personal data we hold as well as the following information:
When you believe we hold inaccurate or incomplete personal information about you, you may exercise your right to correct or complete this data. This may be used with the right to restrict processing to make sure that incorrect/incomplete information is not processed until it is corrected.
Where no overriding legal basis or legitimate reason continues to exist for processing personal data, you may request that we delete the personal data. This includes personal data that may have been unlawfully processed. We will take all reasonable steps to ensure erasure.
You may ask us to stop processing your personal data. We will still hold the data but will not process it any further. This right is an alternative to the right to erasure. If one of the following conditions applies, you may exercise the right to restrict processing:
You may request your set of personal data be transferred to another controller or processor, provided in a commonly used and machine-readable format. This right is only available if the original processing was on the basis of consent, the processing is by automated means and if the processing is based on the fulfilment of a contractual obligation.
You have the right to object to our processing of your data where:
Any exception in this policy/notice is subject to the approval of DPO under the limitation applicable data protection laws.
DPO shall ensure the effective implementation of the policy/notice by various means such as internal audits.
N/A