Atos Syntel Project Delivery Privacy Policy

Digital Services

Effective On: August 20, 2019

Introduction and Scope

Atos Syntel Inc. (“Atos Syntel”, “we”, “us”, “our”) takes the protection of personally identifiable information (“Personal Data”) very seriously. This Project Delivery Privacy Policy (the “Policy”) addresses data subjects whose Personal Data we may receive from our customers in in the course of providing services to them (the “Services”).

Controllership

Atos Syntel acts as an agent, also known as a data processor, for the Personal Data we process for our customers when providing our Services. This means that our customers determine the type of Personal Data they provide for us to process on their behalf. We typically have no direct relationship with the individuals whose Personal Data we receive from our customers.

Basis of Processing

Within the scope of this Policy, we process Personal Data based on the instructions of our customers.

How We Receive Personal Data

We receive your Personal Data from our customers (who are usually the ones who have collected it from you) in the course of providing our Services to them.

Categories of Personal Data

We typically process the following types of Personal Data:

  • biographical information (such as first and last name);
  • contact information (such as email address and phone number);
  • medical and health information;
  • professional information (such as employer details and job title);
  • financial information (such as a credit card number);
  • transactional information (such as records of financial transactions);
  • device identification information (such as IP address and MAC address); and
  • any other type of information our customers may choose to share with us at their own discretion.

Purposes of Processing

We process your Personal Data for the purpose of providing Services to our customers.

Data Retention

We retain Personal Data for as long as instructed by the respective customer (who typically acts as a data controller). We will retain your personal data for as long as necessary to fulfill the purpose(s) for which it was collected or to comply with legal, regulatory or internal policy requirements.

Sharing Personal Data with Third Parties

We may share Personal Data with other entities within the Atos corporate group, as well as Atos Syntel’s affiliates worldwide, who process Personal Data on our behalf, and who agree to use the Personal Data only to assist us in providing our Services or as required by law. Some of these third parties may be located outside of the United States.

However, before transferring your Personal Data to these third parties, we will ensure the transfer is based on a lawful ground, which may include asking for your consent, using the Atos Binding Corporate Rules, or using the European-Commission-approved standard contractual data protection clauses.

We will also require the third party to maintain at least the same level of privacy and security for your Personal Data that we do.

Other Disclosure of Your Personal Data

We may disclose your Personal Data to the extent required by law, or if we have a good-faith belief that we need to disclose it in order to comply with official investigations or legal proceedings (whether initiated by governmental/law enforcement officials, or private parties). We may also disclose your Personal Data if we sell or transfer all or some of our company’s business interests, assets, or both, or in connection with a corporate restructuring. Finally, we may disclose your Personal Data to our subsidiaries and affiliates, but only if necessary for business purposes, as described in the preceding section.

We reserve the right to use aggregated, anonymous data for any legal business purpose. Such data does not include any Personal Data. The purposes may include analyzing usage trends or seeking compatible advertisers, sponsors, and customers.

If we have to disclose your Personal Data to governmental/law enforcement officials, we may not be able to ensure that those officials will maintain the privacy and security of your Personal Data.

Data Integrity & Security

We have implemented and will maintain technical, administrative, and physical measures that are reasonably designed to help protect Personal Data from unauthorized processing. This includes unauthorized access, disclosure, alteration, or destruction.

No method of transmission over the Internet, or method of electronic storage, is 100% secure, however therefore, we cannot guarantee the absolute security of your Personal Data.

Access & Review

If we process your Personal Data, you may have the right to request access to (or to update, correct, or delete) such Personal Data.

Requests should be sent directly to our customer who provided your Personal Data to us. Atos Syntel has limited rights to access the Personal Data that our customers submit to us. Therefore, if you contact us with such a request, please provide the name of our customer who submitted your Personal Data to us. We will forward your request to that customer, and provide any needed assistance as they respond to your request.

VeraSafe Privacy Program

Atos Syntel Inc. is a member of the VeraSafe Privacy Program. This means that VeraSafe has assessed our data governance and data security (regarding Personal Data processed within the scope of this Policy) for compliance with the VeraSafe Privacy Program Certification Criteria. The certification criteria require that participants maintain a high standard for data privacy. Participants must also implement specific best practices regarding notice, onward transfer, choice, access, data security, data quality, recourse, and enforcement.

Changes to this Policy

If we make any material change to this Policy, we will post the revised Policy to this web page. We will also update the “Effective” date. We encourage you to periodically review this page for the latest information on our privacy practices.

Contact Us

If you have any questions about this Policy or our processing of your Personal Data, you can reach Atos Syntel by postal mail, phone, or fax using the contact details below.

Attn: Atos Syntel Legal Department 
Atos Syntel Inc. 
525 E. Big Beaver Road 
Third Floor 
Troy, MI 48083 
United States 
Telephone: +1-248-619-2800 
Fax: +1-248-619-2888

You may also email your privacy concerns to privacy@syntelinc.com and to Mr. Sandeep Godbole at Sandeep_Godbole@syntelinc.com. Your concerns will be addressed as soon as possible, and always within 30 days of when we receive your communication.

European Union Representative

We have appointed VeraSafe as our representative in the European Union for data protection matters. While you may also contact us, VeraSafe can be contacted on matters related to the processing of Personal Data. To contact VeraSafe, please use this contact form: https://www.verasafe.com/privacy-services/contact-article-27-representative/ or via telephone at: +420 228 881 031.

Alternatively, VeraSafe can be contacted at:

VeraSafe Ireland Ltd
Unit 3D North Point House 
North Point Business Park 
New Mallow Road 
Cork T23AT2P 
Ireland 

VeraSafe Czech Republic s.r.o. 
Klimentská 46,  
Prague 1,  
11002,  
Czech Republic 

VeraSafe Netherlands BV 
Keizersgracht 391 A 
1016 EJ Amsterdam 
The Netherlands 

Data Protection Officer

We have appointed Matthew Joseph of VeraSafe as our Data Protection Officer (DPO). While you may also contact us, our DPO can be contacted on matters related to the processing of Personal Data. Our DPO’s contact details are:

Matthew Joseph 
VeraSafe 
22 Essex Way #8203 
Essex, VT 05451 USA 
Phone: +1 (617) 398-7069 
Email: experts@verasafe.com