We're here to help and answer any question you might have. We look forward to hearing from you.
Darwinbox customers are organizations such as businesses, who use our services to help them manage personnel and applicants. Darwinbox processes personal data in these services only according to our customers’ instructions. If you have questions about personal data, you have entered an Darwinbox service used by one of our customers or want to exercise any of your rights regarding your personal data, our customer contract requires that we redirect your inquiry back to that Darwinbox customer.
Personal Data We Collect Directly from You Website As a visitor to the Website, you may choose to provide us with your personal data such as:
- First name
- Last name
- Business email
- Phone number
- Company name
- Job level
- Functional role
- Street address
To access some areas of the Website, you will need to have account authentication credentials. As part of your account, you may choose to provide us with additional data, such as:
- A photo
- Social media profiles
- Areas of expertis
We collect business contact information for account management purposes related to the use of Darwinbox software-as-a-service applications or professional services. Cookies, Web Beacons, and Other Similar Technologies Darwinbox may use website tracking technologies to observe your activities, interactions, preferences, transactional information, and other computer and connection information (such as an IP (Internet Protocol) address) relating to your use of our websites and services. We may also use log files, cookies, and similar technologies to collect information about the pages you view, links you click, and other actions you take when accessing our website or emails. If Darwinbox collects any other personal data from you, we will explain the purposes at the time we collect it.
If you use certain systems provided by Darwinbox, we will collect data from you to enable multifactor authentication. Users will be able to choose an offered multifactor method, which may require additional information, such as mobile number, email address, or unique verification identifier.
If Darwinbox collects any other personal data from you, we will explain the purposes at the time we collect it
Darwinbox may also collect business contact information about you from other sources including third parties from whom we have purchased business contact information and from publicly accessible websites, such as your company’s website, professional network services, or press releases. Business contact information may include:
- First name
- Last name
- Business email
- Phone number
- Company name
- Job level
- Functional role
- Business street address
- Online identifier
- Employment history
In some instances, Darwinbox may combine personal data you have provided to us with personal data collected from other sources as described above. We process this data to update, expand, and analyse our existing marketing records; identify new customers; create more tailored advertising or website experiences; and send marketing emails.
To Contact you Darwinbox uses the data we collect about you to provide Darwinbox websites, services, and support. For example, if you provide data to us in a “Contact Us” form, we will use your data to respond to the request.
Darwinbox uses your personal data and information about your activity on our websites to contact you for marketing purposes in accordance with your marketing preferences, including telemarketing calls, and to send marketing emails that we believe may be of interest to you, such as product announcements, newsletters, educational materials, and details on upcoming events. We also use it to send administrative information, such as notices related to products, services, or policy changes.
Darwinbox uses your data for event planning and management, including registration, billing, and connecting with other event attendees, or to contact you further about relevant products and services. Any information you provide about emergency contacts or dietary preferences would be used for your safety and health purposes.
Darwinbox uses the data we collect to understand how our websites and services are being used and to make improvements. For example, we may solicit your feedback about your experience using our services, and ways that we can improve those services.
Darwinbox may use your information to diagnose website technical problems, as well as to prevent, detect, mitigate, and investigate potential security issues, as well as fraudulent or illegal activity.
Organization may share information with its affiliates and third-party service providers or vendors that have been contracted to offer services on behalf of the Organization. These service providers or vendors are only permitted to use the disclosed data in accordance with the instructions provided by the Organization.
Darwinbox will not disclose customer data unless we are required to do so to comply with the statutory law or a binding order of a governmental body or a judicial authority. If a governmental body issue notice or a directive to Darwinbox to share the customer data, Darwinbox will attempt to redirect the same to the Customer which shall be at the sole discretion of such authority. Governmental and regulatory bodies need to follow the stipulated procedure to obtain valid and binding orders that shall be undisputed. We review all orders and object to overbroad or otherwise inappropriate ones. If compelled to disclose customer data to a government body, we will give customers reasonable notice of the demand to allow the customer to seek a protective order or other appropriate remedy unless Darwinbox is legally prohibited from doing so. Darwinbox does not sell personal data that we collect or process under this Privacy Statement.
Darwinbox operates as a global business and may transfer, store, or process your personal data in a country outside your authority, including countries outside the European Economic Area (“EEA”). However, we have taken appropriate safeguards with respect to the protection of your privacy, fundamental rights and freedoms, and the exercise of your rights. For example, if we transfer personal data from the EEA to a country outside it, such as the United States, we will implement an appropriate data transfer solution such as entering EU standard contractual clauses with the data importer or taking other measures to provide an adequate level of data protection under EU law.
Darwinbox will retain your personal data at least if necessary to fulfil the service that you have requested, comply with any laws or regulations, resolve disputes, and enforce our agreements. Darwinbox may retain your data longer for a legitimate business interest where business benefit is not outweighed by your personal rights and freedoms. Data entered an Darwinbox enterprise service is retained in accordance with any applicable agreement between Darwinbox and its customer.
Depending on where you are located, you may have certain legal rights over the personal data we hold about you, subject to local privacy laws. These may include the right to:
- Access the personal data we hold about you.
- Have incorrect personal data updated or deleted
- Have your personal data deleted.
- Restrict the processing of your personal data.
- Object to the processing of your personal data carried out based on our legitimate interests or
- for direct marketing purposes
- Receive a copy of your personal data in an electronic and machine-readable format.
- Not be subject to a decision based solely on automated processing, including profiling, which
- produces legal effects or otherwise significantly affects you (“Automated Decision-Making”).
- Darwinbox does not perform Automated Decision-Making as part of the processing activities
- covered by this Privacy Statement.
- Receive the categories of sources from whom we collected your personal data.
- opt out of marketing communications at any time by clicking on the “Unsubscribe” or “opt out”
- link in marketing emails we send you or by contacting us
- Complain to a regulator or data protection authority about our collection and use of your
- personal data. For more information, please contact your local data protection authority.
Darwinbox will not discriminate against you for exercising your rights. You, or an authorized individual that we can verify is acting on your behalf, can exercise the applicable rights by contacting us using the contact details at the bottom of this Privacy Statement or by submitting your request through email@example.com
If your personal data has been submitted to us by or on behalf of an Darwinbox customer and you wish to exercise any rights you may have under applicable data protection laws, please inquire with the applicable customer directly.
Our legal grounds for collecting and using your personal data as described in this Privacy Statement fall into the following four categories.
- Consent : In some cases, we ask you for your consent to process your personal data, such as when we need your consent for marketing purposes. You can withdraw your consent at any time, which will not affect the lawfulness of the processing before your consent is withdrawn. If you would like to withdraw your consent, you can do so by contacting us as provided in the How to Contact Us section below.
- Legitimate Interest : We process certain data for the legitimate interests of Darwinbox, our affiliates, our partners, or our customers. These legitimate interests include, for example, contacting you to provide support or sending you marketing information (subject to applicable law); detecting, preventing, and investigating illegal activities and potential security issues; and maintaining and improving the Website and mobile applications. We will rely on our legitimate interests for processing personal data only after balancing our interests and rights against the impact of the processing on individuals.
- Performance of a Contract : Sometimes we process personal data to perform our obligations under an agreement with you. For example, we use payment information you provide when you register for an event to process your payment.
- Other Legal Bases : In some cases, we may have a legal obligation to process your personal data, such as in response to a court or regulator order. We also may need to process your personal data to protect vital interests, or to exercise, establish, or defend legal claims.
We use technical and organizational measures that provide a level of security appropriate to the risk of processing your personal data. However, the security of information transmitted through the internet can never be guaranteed. You are responsible for maintaining the security of your password or other form of authentication involved in accessing password-protected or secured resources.
The California Consumer Privacy Act (CCPA) provides certain rights to California residents with respect to their personal information. California residents have the right to request that we disclose what personal information we collect about them, and the right to request that we delete their personal information.
If you are a California resident and would like to make a CCPA request, please send an email to firstname.lastname@example.org. We will respond to your request within 45 days.
The General Data Protection Regulation (GDPR) is a privacy law in the European Union (EU) that applies to organizations that process personal information of individuals in the EU.
Under GDPR, individuals have the right to access, rectify, and erase their personal information, and to restrict or object to the processing of their personal information.
If you are an individual in the EU and would like to exercise your rights under GDPR, please send an email to email@example.com. We will respond to your request within 30 days.
- Responsibility: The customer is responsible for defining the data retention period for their data, taking into consideration relevant laws and regulations such as the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR).
- Retention Period: The customer shall define the data retention period for their data, taking into account the purpose for which the data was collected and processed, the applicable legal requirements, and the company’s own data retention policies. The data retention period should not exceed the time necessary to fulfil the purpose for which the data was collected or to comply with legal requirements.
The handling of Customer Data Subject Requests (DSRs) is a critical aspect of our organization’s data protection policy. As per the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR), individuals have the right to access their personal information collected, utilized, and stored by our organization.
In accordance with these regulations, our organization will take the following steps to handle Customer Data Subject Requests, which will vary based on the type of data involved:
- Website and Marketing Data: Our organization will handle DSRs for website and marketing data that we collect, use, and store. We will use reasonable means to verify the identity of the requester and process the request in accordance with the instructions provided by the customer.
- Customer Data: For customer data, the customer will be responsible for raising DSRs to our organization. The customer will act as the data controller and provide us with the necessary information to identify the requester and the personal information requested. Our organization will then act as the data processor and process the request in accordance with the customer’s instructions.
- Timeframe for Response: Our organization will respond to DSRs within 45 days from the date of receipt of the request, unless an extension is necessary and permissible under the applicable regulations.
- Documentation: Our organization will maintain records of all DSRs and the actions taken in response to each request. This documentation will be kept for a period of time specified by the applicable regulations.
Our organization is committed to protecting the privacy rights of individuals and will take all necessary steps to ensure that Customer Data Subject Requests are handled in a timely and effective manner, regardless of the type of data involved.
This Privacy Statement may be amended or revised from time to time at the discretion of Darwinbox. Changes to this Privacy Statement will be posted on the Website and links to the Privacy Statement will indicate that the statement has been changed or updated. If we propose to make any material changes, we will provide notice on this page prior to the change becoming effective. We encourage you to periodically review this Privacy Statement for the latest information on our privacy practices.
You may also contact us at our mailing address below:
Darwinbox Digital Solutions Private Limited
Skootr Managed Office, Block C, RMZ Futura,
3rd Floor, Plot No. 14 and 15, Survey No. 64 (P), Road No. 2,
Hitech City Layout, Madhapur, Serilingampally Mandal,
Ranga Reddy District – 500081, Telangana