Privacy Policy

1.     PURPOSE

Apex Instruments Company Private Limited (Apex) understands that in this tech-driven world, the data that its members share with it is crucial to them. The policy aims at providing a transparent system enumerating the process of storage, usage and disclosure of information including personal and sensitive information collected by Apex for reasons relating to the running and operation of business, including such information which has been provided by members in their resume.

2.     SCOPE

This policy has been created to throw light and make the members of Apex aware on the various procedures regulating the collection, protection and disclosure of information including personal data.

The Privacy Policy of Apex is governed by the Information Technology Act, 2000 read with Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011.

The main objective of the policy is to maintain clarity on issues regarding the collection, processing and usage of information, including personal data relating to its members, by Apex for the purposes of employment and/or for its business and operations.

For the purpose of this policy, the term personal data would include financial information which includes information relating to bank account, date of birth, city, state, sex, government IDs and communication data which includes telephone number, E-mail Address and residential address (temporary and/or permanent). Furthermore, sensitive personal data would include sexual orientation (including intersex or transgender status), health data (includes physical, physiological and mental health condition), Biometric information, religious beliefs, ethnic origins, political views, membership of any political/ religious/ cultural association.

3.     APPLICABILITY

This policy is applicable to all employees, directors, officers or other people working with and associated with Apex, either temporarily or permanently, working in all branches throughout the Indian territory, including vendors, visitors, clients, and other individuals who provide their personal data to the Apex (collectively referred to as ‘members’).

4.     PURPOSES FOR WHICH PERSONAL DATA MAY BE COLLECTED

4.1. Apex collects the personal data of its members and potential members, when they submit their resume for the purpose of getting a position in Apex, and while processing their payroll and onboarding process.

4.2. Apex collects the personal data, of its clients, potential clients, vendors and other people with whom they make business transactions with, for the purpose of performance and execution of a contract including making and/or receiving payments.

4.3. Apex may collect the personal data of the members or clients or vendors with their consent for any purpose, relating to the operations of Apex which would be made known to the members, whose such data may be collected by Apex.

4.4. Personal data collected by Apex shall be used by Apex only for the purpose for which it was collected. The individual shall be notified through e-mail and/or telephonic communication, when there has been a difference in the purpose for which the data was originally collected.

5.     PRINCIPLES TO PROCESS AND TRANSFER PERSONAL DATA

5.1. Apex shall assume that a potential member and/or a member has given his consent to Apex for processing (includes storage for records and usage when necessary) his personal data when he submits his resume at Apex for the purpose of getting employment in Apex.

5.2. Apex collects, processes, and use personal data only when there is either a statutory legal basis to do so or when a potential member and/or member has given their consent to the processing or use of personal data concerning this matter by submitting his resume for the purpose of getting a position in Apex.

5.3. Apex might transfer the personal data of a potential member and/or member and/or client and/or vendor to a third party only when required for the fulfilment of a contractual obligation, or if we ourselves, or a third party, have a legitimate interest in the data transfer, or if the individual has given his consent.

5.4. Personal data collected by Apex may be processed for the purpose of the recruitment or termination of the employment, or for providing any service, or verification of attendance or any other activity in relation to assessment of performance of the member and/or potential member.

5.5. Personal data collected by Apex may additionally be processed for the performance of any function of the State authorized by law.

6. DISCLOSURE OF DATA

6.1. Personal data collected by Apex may be disclosed without taking prior consent from the provider of the data when is in the interests of prevention, detection, investigation and prosecution of any offence including a cyber offence or any other contravention of any law for the time being in force.

6.2. Sensitive Personal data collected by Apex shall never be disclosed to anyone without the explicit consent of the provider of such data. However, such information shall be shared, without obtaining prior consent from provider of information, with Government agencies mandated under the law to obtain information including sensitive personal data or information for the purpose of verification of identity, or for prevention, detection, investigation including cyber incidents, prosecution, and punishment of offences.

7. DATA BELONGING TO MINORS

Apex does not collect and/or store and/or process personal data and/or sensitive personal data relating to an individual under the age of 18.

8. RETENTION OF DATA

Apex shall retain the data provided to them by its members, vendors and clients as long as necessary to give effect to the purpose for which the data was originally collected. Post the retention period, the data shall be destroyed in a manner which will not compromise the integrity of Apex or the data provider.

9. GRIEVANCE REDRESSAL

9.1. Unless otherwise covered under any policy of the company, Apex shall designate a Grievance Redressal Officer (GRO) for looking into any complaints and/or grievance of any member pertaining to the processing of any personal data provided by him.

9.2. An employee facing any issue and/or has any compliant and/or grievance concerning the handling of the personal data and/or personal sensitive data, can file a complaint in writing before the GRO at Kolkata Main Office or contact the said GRO at _________.

9.3. Apex shall further ensure that the complaint filed is dealt with in utmost confidentiality and that the details of the complainant are made available only on a ‘need-to-know’ basis and not otherwise.

9.4. The complaint shall be dealt with strictly by the GRO and the matter shall be thoroughly inquired upon within 15 days of receipt of such complaint.

9.5. The final decision in respect of the complaint and/or grievance filed shall be taken by the HR Department in confirmation with the management of Apex.

9.6. In case the HR Department is apprised of any event and/or action depicting violation or breach of the policies and rules of Apex, or any complaint is made against a fellow member and upon enquiry in the matter, the accusations are proved to be true and correct, the HR Department shall have the right to take disciplinary action against such member. Such disciplinary action may include i) warning; ii) Written apology from offender; iii) Costs; iv) Transfer; iv) Debarring from supervisory duties; iv) Denial of employee benefits like increments/promotion/salary correction; v) Cancellation of specific work assignment; suspension and/or vi) Dismissal, as may be decided by the HR Department depending on the nature and gravity of violation.

10. DATA SAFEGUARDS

10.1. Apex in accordance with the International Standard IS/ISO/IEC 27001 on "Information Technology - Security Techniques - Information Security Management System - Requirements" protects the data shared with it in a manner that is recognized by the Central Government.

10.2. Apex may engage any other technology for ensuring protection of the data shared with it that is in consistence which the recommendations of Central Government.

10.3. Among other methods, Apex may use procedures like encryption of data and de-identification of data to make sure that the data remains safe and secure.

11. REGULATION OF NON-PERSONAL DATA

With consonance with the rules made under Information Technology Act, 2000, non-personal data would include any information that is freely available or accessible in public domain or furnished under the Right to Information Act, 2005 or any other law for the time being in force. Apex shall, subject to requirement, retain or dispose off the non-personal data relating to a member post-employment. Apex might, upon enquiry from another corporate body, share information, non-personal in nature relating to a member.

Apex shall also disclose such information for cooperating with Government agencies mandated under the law to obtain information including sensitive personal data or information for the purpose of verification of identity, or for prevention, detection, investigation including cyber incidents, prosecution, and punishment of offences.

12. DISPLAY OF THIS POLICY

12.1. Apex shall display this Policy on the Apex website as well as display the same conspicuously on the notice boards of each of its offices in English.

12.2. Each employee shall view and confirm to these policies upon joining and/or upon the same being enforced by Apex