Effective date: November 4, 2022
Who are We?
We are HCL Technologies Ltd., its subsidiaries and affiliated entities (hereinafter
“HCLTech”, "We" or "Us"). HCLTech is the Data Controller of your personal data as described
in this Privacy Statement, unless otherwise specified. If you are based in the European
Economic Area (EEA) our representative office is HCL(Ireland) Information Systems Limited,
3rd Floor, Kilmore House, Park Lane, Spencer Dock, Dublin 1, D01 YE64, Ireland.
HCLTech is committed to protecting your personal data and respecting your privacy and your
rights, and this statement is intended to provide you with information on how your personal
data is processed.
What does this Privacy Statement cover?
This Privacy Statement applies to any personal data We may process about you that may be
collected directly from you when you interact with Us or from third parties, such as when
you:
- Visit our public-facing HCLTech branded websites and other online services including
social media pages;
- Send or receive communications from/to us, including emails, phone calls, texts or
faxes;
- Use our products and services (for example, as an employee of one of our customers
who provided you with access to our products or services) to the extent that We are
acting as a controller of your personal data. You should be aware that processing of
personal data is required for receiving certain products or services;
- Access downloadable applications from mobile devices in line with respective privacy
statements.
- Register for, attend, or take part in activities such as events, webinars, training,
campaigns, or contests;
- Visit our offices
- Access, use, or download content from us (newsletters, whitepapers, reports etc).
For further information on what cookies We use on our HCLTech branded websites please visit
our
Cookie Policy.
This Privacy Statement will be available via link on all sites and services which it covers.
Other HCLTech websites, apps, or online services may collect and use personal data about you
for different purposes and will accordingly publish a separate policy statement/ terms and
conditions specific to the processing activity. Our websites and services may contain links
to other websites, applications and services not owned by HCLTech and We do not control the
content or privacy practices of those sites. The information practices of other services, or
of social media platforms that host our branded social media pages, are governed by their
privacy statements, which you should review to better understand their privacy practices.
Our websites and offerings are directed to people in their business or professional
capacities. They are not intended for children under 16 years of age. We do not knowingly
solicit information online from, or market online to, children under 16 years of age. If you
are a parent or guardian and believe your child has provided Us with personal data without
your consent, please contact Us as indicated below and We will take steps to delete their
personal data from our systems.
This Privacy Statement does not apply to the extent We process personal data in the role of
a data processor or service provider, including personal data processed on behalf of our
customers.
What personal data do We process?
For the purposes of this Statement, ‘Personal Data’ means any information about you from
which you can be identified, whether derived from that information on its own or when
combined with other information, that We or another party may hold about you.
Types of data: Depending on the nature of your interaction with us, this information may
include business contact details (such as name, title, company, email address or telephone
number), the content of your communication, information about how you use our website and
our products or services, your feedback, interests in our products and services, and any
publicly available information relevant from a business-to-business perspective. In
addition, this may include information about your computer and about your visits to and
usage of this site, such as your Internet Protocol (IP) address, your computer’s operating
system and browser type, and information collected via cookies.
This may also include collecting personal data about you from a third party who is
authorized to act on your behalf or from third party services that you use to interact with
our services. We may also collect your personal data from other sources such as public
databases, joint marketing partners, and social media platforms, to the extent permitted by
applicable laws.
If you provide Us with any personal data relating to other individuals, you represent that
you have the authority to do so and, where required, you have obtained any necessary
consent. You acknowledge that this personal data may be used in accordance with this Privacy
Statement.
Mobile Apps published by HCLTech are governed by their respective privacy policies which can
be accessed upon downloading them. With regards to Mobile Apps, in addition to contact
information, We or Our service providers (such as mobile operating system and platform
providers) may also collect information relating to your device, including your device
model, operating system, browser type, unique device identifier, IP address, mobile phone
number, mobile network carrier, location, and the way you are using the Mobile App. The
information collected will depend on the functionality of the specific Mobile App you are
using. If any other information is collected relating to your use of a Mobile App, such
information will be specified in the Mobile App.
Why do We process your personal data?
We process your personal data for specified and lawful purposes only and in accordance with
the applicable data protection laws.
Your personal data will be processed by HCLTech for the following purposes:
| Legal basis as applicable per the Privacy & Data Protection Laws
|
Why We process your data |
| Legitimate interest |
- Providing, developing, and improving our products, websites
and services and assessing and improving user experience
- To prevent fraud or criminal activity and to safeguard the
security of our interest including our websites and services
- Identifying and assessing customer interest and
opportunities
- Providing reference materials (whitepapers, vision documents
etc.) and managing corporate event registration and
attendance
- To the extent permitted by applicable laws and regulations,
conducting marketing activities, including sending or
displaying product and services-related materials, managing
user and event registrations
- Recording phone and/or video calls and chats for training,
quality assurance and administrative purposes
- Registering office visitors
|
| For taking steps at your request prior to entering into a contract
and/or for performance of a contract |
- To provide and deliver our products and services, including
managing our licenses, registrations, subscriptions, user
access, capacity, billing/payments, support, purchases, etc.
- To provide you with requested materials, information, when
you interact with Us, answer your queries
- Managing contests or promotions
- Managing billing and payments
- Managing the relationship established with you
|
| Compliance with Legal Obligations |
To comply with legal obligations to which We are subject, such as
keeping records for tax, employment, social security and immigration
law purposes, or providing information to a public body or law
enforcement or government agencies |
| Consent |
Subject to local data protection regulations, where consent is
required to:
- Send you marketing communications (unless you have objected
to or opted out of such communications)
- Call or send you communications to discuss your products or
services or provide you with offers and trials
- To customise individuals’ online experience and improve the
performance, usability and effectiveness of HCLTech’s online
presence
- Collecting and processing information from your mobile
device
|
How long do We retain your personal data?
We retain your personal data for as long as it is necessary to fulfil the purposes for which
it was collected, or longer if required to fulfil our legal and contractual obligations.
After expiration of the retention period, your personal data will be deleted. If We are
unable to completely delete the personal data from our systems, We will ensure that there
are appropriate measures in place to secure the information and protect it from further use.
What are your rights and how can you exercise them?
Depending on your relationship with HCLTech and in line with local data protection laws, you
may have several rights in relation to your Personal Data such as access, rectification,
erasure, restriction of processing, objection, withdrawal of consent, not to be subject to
decisions based on automated processing, opt out of marketing communications, etc. Please
note, these rights are subject to exemptions and may not apply in all circumstances. If you
wish to exercise these rights, HCLTech will provide you with the requested information or
will action your request within stipulated timelines as per applicable privacy and data
protection laws, after receipt of your verified request, subject to any extensions that may
be required and communicated to you.
You can use the following channels to exercise your rights or request more information about
your rights:
- Submit your requests on the Data Subject Request Portal which can be accessed here :
Data Subject Request.
- If you have any comments or inquiries, you may contact HCLTech’s Privacy Office via
privacy@hcl.com
- If you are a California resident, please visit the following link for more details about
your rights.
- You may opt out of marketing communications by clicking on the “unsubscribe” link
located at the bottom of all HCLTech marketing emails, or by replying ‘STOP’ if you
receive any HCLTech SMS communications. Please note that you may continue to receive
transactional or other business communications that are associated with our business
relationship with you.
With whom do We share your personal data?
HCLTech is a truly global organisation so your Personal data may be transferred for any of
the above stated purposes to different global locations. These transfers will be undertaken
in compliance with applicable law(s) and regulation(s).
If it is necessary to transfer your Personal Data from your habitual place of residence to
countries that do not offer adequate protections, then we will ensure that appropriate
safeguards as required by applicable laws are put in place prior to the transfer of the
data. For example by incorporating standard contractual clauses (more information about such
clauses is available
here ) or Binding Corporate Rules (BCRs)
into contract(s) / data transfer agreement(s) established between the parties transferring
the Personal Data and a copy of which can be requested by registering your request at Data
Subject Request Portal.
We may transfer or share your Personal Data with third parties such as our service providers
and vendors, business partners, professional and corporate advisors, public or government
authorities including law enforcement, network providers, third party websites, and our
affiliates or subsidiaries.
When required, HCLTech may disclose your Personal Data to external law enforcement bodies or
regulatory authorities, in order to comply with legal obligations. We may also disclose your
personal data where mandated by law and as further required when We believe in good faith
that disclosure is necessary to protect our rights, protect your safety or the safety of
others, investigate fraud, or respond to a government request.
If We are involved in a merger, reorganization, dissolution or other fundamental corporate
change, We may need to share your information with a third party, in compliance with
applicable laws.
If you are a California resident and have opted out of the sharing of your data in line with
the
CCPA/CPRA Statement, HCLTech will
handle your personal data in accordance with the preferences registered there.
How do We safeguard your personal data?
We use a range of security measures to protect your personal data from unauthorized or
unlawful access, loss, disclosure, or alteration, including technical, organizational and
physical measures. We have sufficient controls, policies, procedures and guidance in line
with industry best practices and information security standards such as ISO27001 etc. to
ensure security of personal data is maintained at all stages of its lifecycle
How can you contact Us if you have any questions?
If you have any questions or concerns about this Privacy Statement or how your Personal Data
is processed then you can contact the Global Privacy Office at
privacy@HCL.com or alternatively you can contact
HCLTech’s Data Protection Officer at
HCLdpo@HCL.com,
Heward Mills Limited, Fitzwilliam Hall, Fitzwilliam Place, Dublin 2, DO2 T292
If you are based in India and you have any grievance or complaint about how your personal
data is processed you can contact the Grievance Officer for India - Prashant Yadav via
e-mail address -
grievance-india@HCL.com
If you have an unresolved privacy or data use concern that We have not addressed
satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free
of charge) at
https://feedback-form.truste.com/watchdog/request
How will We update this Privacy Statement?
We may amend this Privacy Statement from time to time. If We materially change our Privacy
Statement, We will update the “Effective Date” at the top of the Privacy Statement and We
may provide notice prior to the update taking effect by posting a notice on our website or,
where required by law, by providing you with notice of such updates.
