Effective date: November 4, 2022
Who are We?
We are HCL Technologies Ltd., its subsidiaries and affiliated entities (hereinafter “HCLTech”, “We” or “Us”). HCLTech is the Data Controller of your personal data as described in this Privacy Statement, unless otherwise specified. If you are based in the European Economic Area (EEA) our representative office is HCL(Ireland) Information Systems Limited, 3rd Floor, Kilmore House, Park Lane, Spencer Dock, Dublin 1, D01 YE64, Ireland.
HCLTech is committed to protecting your personal data and respecting your privacy and your rights, and this statement is intended to provide you with information on how your personal data is processed.
What does this Privacy Statement cover?
This Privacy Statement applies to any personal data We may process about you that may be collected directly from you when you interact with Us or from third parties, such as when you:
- Visit our public-facing HCLTech branded websites and other online services including social media pages;
- Send or receive communications from/to us, including emails, phone calls, texts or faxes;
- Use our products and services (for example, as an employee of one of our customers who provided you with access to our products or services) to the extent that We are acting as a controller of your personal data. You should be aware that processing of personal data is required for receiving certain products or services;
- Access downloadable applications from mobile devices in line with respective privacy statements.
- Register for, attend, or take part in activities such as events, webinars, training, campaigns, or contests;
- Visit our offices
- Access, use, or download content from us (newsletters, whitepapers, reports etc).
For further information on what cookies We use on our HCLTech branded websites please visit our Cookie Policy.
This Privacy Statement will be available via link on all sites and services which it covers. Other HCLTech websites, apps, or online services may collect and use personal data about you for different purposes and will accordingly publish a separate policy statement/ terms and conditions specific to the processing activity. Our websites and services may contain links to other websites, applications and services not owned by HCLTech and We do not control the content or privacy practices of those sites. The information practices of other services, or of social media platforms that host our branded social media pages, are governed by their privacy statements, which you should review to better understand their privacy practices.
Our websites and offerings are directed to people in their business or professional capacities. They are not intended for children under 16 years of age. We do not knowingly solicit information online from, or market online to, children under 16 years of age. If you are a parent or guardian and believe your child has provided Us with personal data without your consent, please contact Us as indicated below and We will take steps to delete their personal data from our systems.
This Privacy Statement does not apply to the extent We process personal data in the role of a data processor or service provider, including personal data processed on behalf of our customers.
What personal data do We process?
For the purposes of this Statement, ‘Personal Data’ means any information about you from which you can be identified, whether derived from that information on its own or when combined with other information, that We or another party may hold about you.
Types of data: Depending on the nature of your interaction with us, this information may include business contact details (such as name, title, company, email address or telephone number), the content of your communication, information about how you use our website and our products or services, your feedback, interests in our products and services, and any publicly available information relevant from a business-to-business perspective. In addition, this may include information about your computer and about your visits to and usage of this site, such as your Internet Protocol (IP) address, your computer’s operating system and browser type, and information collected via cookies.
This may also include collecting personal data about you from a third party who is authorized to act on your behalf or from third party services that you use to interact with our services. We may also collect your personal data from other sources such as public databases, joint marketing partners, and social media platforms, to the extent permitted by applicable laws.
If you provide Us with any personal data relating to other individuals, you represent that you have the authority to do so and, where required, you have obtained any necessary consent. You acknowledge that this personal data may be used in accordance with this Privacy Statement.
Mobile Apps published by HCLTech are governed by their respective privacy policies which can be accessed upon downloading them. With regards to Mobile Apps, in addition to contact information, We or Our service providers (such as mobile operating system and platform providers) may also collect information relating to your device, including your device model, operating system, browser type, unique device identifier, IP address, mobile phone number, mobile network carrier, location, and the way you are using the Mobile App. The information collected will depend on the functionality of the specific Mobile App you are using. If any other information is collected relating to your use of a Mobile App, such information will be specified in the Mobile App.
Why do We process your personal data?
We process your personal data for specified and lawful purposes only and in accordance with the applicable data protection laws.
Your personal data will be processed by HCLTech for the following purposes:
| Legal basis as applicable per the Privacy & Data Protection Laws |
Why We process your data |
| Legitimate interest |
- Providing, developing, and improving our products, websites and services and assessing and improving user experience
- To prevent fraud or criminal activity and to safeguard the security of our interest including our websites and services
- Identifying and assessing customer interest and opportunities
- Providing reference materials (whitepapers, vision documents etc.) and managing corporate event registration and attendance
- To the extent permitted by applicable laws and regulations, conducting marketing activities, including sending or displaying product and services-related materials, managing user and event registrations
- Recording phone and/or video calls and chats for training, quality assurance and administrative purposes
- Registering office visitors
|
| For taking steps at your request prior to entering into a contract and/or for performance of a contract |
- To provide and deliver our products and services, including managing our licenses, registrations, subscriptions, user access, capacity, billing/payments, support, purchases, etc.
- To provide you with requested materials, information, when you interact with Us, answer your queries
- Managing contests or promotions
- Managing billing and payments
- Managing the relationship established with you
|
| Compliance with Legal Obligations |
To comply with legal obligations to which We are subject, such as keeping records for tax, employment, social security and immigration law purposes, or providing information to a public body or law enforcement or government agencies |
| Consent |
Subject to local data protection regulations, where consent is required to:
- Send you marketing communications (unless you have objected to or opted out of such communications)
- Call or send you communications to discuss your products or services or provide you with offers and trials
- To customise individuals’ online experience and improve the performance, usability and effectiveness of HCLTech’s online presence
- Collecting and processing information from your mobile device
|
How long do We retain your personal data?
We retain your personal data for as long as it is necessary to fulfil the purposes for which it was collected, or longer if required to fulfil our legal and contractual obligations. After expiration of the retention period, your personal data will be deleted. If We are unable to completely delete the personal data from our systems, We will ensure that there are appropriate measures in place to secure the information and protect it from further use.
What are your rights and how can you exercise them?
Depending on your relationship with HCLTech and in line with local data protection laws, you may have several rights in relation to your Personal Data such as access, rectification, erasure, restriction of processing, objection, withdrawal of consent, not to be subject to decisions based on automated processing, opt out of marketing communications, etc. Please note, these rights are subject to exemptions and may not apply in all circumstances. If you wish to exercise these rights, HCLTech will provide you with the requested information or will action your request within stipulated timelines as per applicable privacy and data protection laws, after receipt of your verified request, subject to any extensions that may be required and communicated to you.
You can use the following channels to exercise your rights or request more information about your rights:
- Submit your requests on the Data Subject Request Portal which can be accessed here : Data Subject Request.
- If you have any comments or inquiries, you may contact HCLTech’s Privacy Office via privacy@hcl.com
- If you are a California resident, please visit the following link for more details about your rights.
- You may opt out of marketing communications by clicking on the “unsubscribe” link located at the bottom of all HCLTech marketing emails, or by replying ‘STOP’ if you receive any HCLTech SMS communications. Please note that you may continue to receive transactional or other business communications that are associated with our business relationship with you.
With whom do We share your personal data?
HCLTech is a truly global organisation so your Personal data may be transferred for any of the above stated purposes to different global locations. These transfers will be undertaken in compliance with applicable law(s) and regulation(s).
If it is necessary to transfer your Personal Data from your habitual place of residence to countries that do not offer adequate protections, then we will ensure that appropriate safeguards as required by applicable laws are put in place prior to the transfer of the data. For example by incorporating standard contractual clauses (more information about such clauses is available here ) or Binding Corporate Rules (BCRs) into contract(s) / data transfer agreement(s) established between the parties transferring the Personal Data and a copy of which can be requested by registering your request at Data Subject Request Portal.
We may transfer or share your Personal Data with third parties such as our service providers and vendors, business partners, professional and corporate advisors, public or government authorities including law enforcement, network providers, third party websites, and our affiliates or subsidiaries.
When required, HCLTech may disclose your Personal Data to external law enforcement bodies or regulatory authorities, in order to comply with legal obligations. We may also disclose your personal data where mandated by law and as further required when We believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
If We are involved in a merger, reorganization, dissolution or other fundamental corporate change, We may need to share your information with a third party, in compliance with applicable laws.
If you are a California resident and have opted out of the sharing of your data in line with the CCPA/CPRA Statement, HCLTech will handle your personal data in accordance with the preferences registered there.
How do We safeguard your personal data?
We use a range of security measures to protect your personal data from unauthorized or unlawful access, loss, disclosure, or alteration, including technical, organizational and physical measures. We have sufficient controls, policies, procedures and guidance in line with industry best practices and information security standards such as ISO27001 etc. to ensure security of personal data is maintained at all stages of its lifecycle
How can you contact Us if you have any questions?
If you have any questions or concerns about this Privacy Statement or how your Personal Data is processed then you can contact the Global Privacy Office at privacy@HCL.com or alternatively you can contact HCLTech’s Data Protection Officer at HCLdpo@HCL.com, Heward Mills Limited, Fitzwilliam Hall, Fitzwilliam Place, Dublin 2, DO2 T292
If you are based in India and you have any grievance or complaint about how your personal data is processed you can contact the Grievance Officer for India – Prashant Yadav via e-mail address – grievance-india@HCL.com
If you have an unresolved privacy or data use concern that We have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request
How will We update this Privacy Statement?
We may amend this Privacy Statement from time to time. If We materially change our Privacy Statement, We will update the “Effective Date” at the top of the Privacy Statement and We may provide notice prior to the update taking effect by posting a notice on our website or, where required by law, by providing you with notice of such updates.
