Sectrio

Privacy POlicy

Privacy Policy

Introduction

This Privacy Policy (the “Policy”) describes how Sectrio collects, uses, and shares both information you provide to us and other information we collect about you in the operation of our business.

In this Policy, when we use the term “Sectrio”, “we”, “us”, “our” or similar terms, we are referring to Sectrio, a division of Subex Digital LLP, a wholly-owned subsidiary of Subex Limited and its affiliate companies including Subex (UK) Limited, Subex Inc., Subex Americas Inc., Subex (Asia Pacific) Pte Ltd, Subex Middle East (FZE), Subex Assurance LLP, Subex Digital LLP and Subex Bangladesh Pvt Ltd.

How to contact us:

We are happy to respond to any inquiries you may have regarding collection, use, disclosure, transfer or processing of your personal data or the exercise of any of your rights. If you have questions or would otherwise like to contact us, please contact the Subex Data Protection Officer whose contact information is provided at the bottom of the last page of this policy.
Our registered office is at Pritech Park, SEZ Block -09, 4th Floor B Wing, Survey No. 51 to 64/4 Outer Ring Road, Bellandur Village Varthur, Hobli, Bengaluru, Karnataka, 560103, INDIA, and our website is at www.sectrio.com. We also maintain offices in Singapore, Dubai, London, and Denver (Broomfield), Colorado in the U.S. You can find full contact information for each of these offices at https://sectrio.com/contact-us/.

Table of Content

Get the latest news and insights beamed directly to you

By clicking Submit, I agree to the use of my personal data in accordance with Sectrio’s privacy policy. Sectrio will not sell, trade, lease, or rent your personal data to third parties.

The information we collect:

It is first important to understand what we mean by “Personal Data”. We are referring to any information that is related to and identifiable with you, personally, that we have in our possession or control. Put more precisely, we mean to use the term Personal Data in the same manner as the GDPR.
Generally, we collect Personal Data about (i) our customers, vendors, business associates and potential customers, vendors and business associates (as well as their employees and representatives), (i) people who have expressed interest in our products and services (such as through visiting our website, visiting us at trade shows and otherwise by contacting us), and (iii) our employees, contractors and people who have expressed interest in becoming our employees and contractors.
The types of Personal Data that we collect will depend on the specific purpose for which we are collecting it. As an example, for a job applicant, we may collect your contact information, information such as job and education history and general background information including opinions from third parties and background screening information. For an employee, we may need to retain the information collected during the job application process (and we may need to periodically update the information) but also we collect additional information such as may be required to provide certain employee benefits or simply to pay salaries. For people expressing an interest in our products such as by visiting our website, we may collect your contact information and other information that allows us to understand your visit to our website better such as IP address, which webpages you have visited, and measurement of site performance. Please also see the information below regarding our use of “cookies” when visiting our website. For customers, vendors and business associates, we may collect your contact information.

How long do we keep Personal Data:

Simply put, it is our policy to retain the information we collect no longer than as reasonably necessary to fulfill the purposes for which we collect the information and to comply with our legal obligations.

How do we use Personal Data:

When we collect Personal Data directly from you, we use the personal data for the purposes that are disclosed to you or for purposes that you would reasonably expect. For example, if you send us your CV in response to a job posting, you would expect we would use that information for purposes of evaluating you as a job candidate. If you give us your contact information on our website as part of requesting more information, you would expect we would use your contact information to communicate information regarding our products and services with you.

More specifically, we may use your personal data as follows:

if you are a customer, vendor or potential customer or vendor (or representative/employee of one of these entities), to contact you regarding products and services and generally for marketing and business development activities;

  • if you are a business associate (such as a company who might act as a local representative for us, a reseller or some other company who might enter into business transactions with us involving an end customer), or representative of a business associate, to contact you regarding our working relationship and generally for marketing and business development activities;
  • if you are an employee or contractor or job applicant in the European Union, in accordance with the Subex Privacy Policy and Notice for EU and UK Employees, Contractors and Applicants;
  • If you are an employee, contractor or applicant outside of the European Union, in accordance with Subex policies;
  • If you have provided personal data in connection with an interest in our products or services, to provide information on our products and services, and to provide an overall pleasant and productive experience on our website;
  • Other reasons:
    To comply with legal and regulatory requirements;
    For legitimate business interests such as undertaking business research and analysis, managing the operation of our website, and managing our business;
    To assist in reviewing and responding to complaints and questions including complaints and questions you may have;
    To exercise and defend our legal rights or to comply with court orders; and
    To prevent and respond to actual or potential illegal activities and fraud.
    We may also use Personal Data we obtain from other sources, as well as data we compile, for the above purposes.

Legal Basis for Processing Personal Data:

When we process the data for the purposes set forth above, it will be based on one or more of the following legal grounds:

  • Because it is necessary for us to do so to perform your instructions or a contract with you or your organization;
  • To comply with our legal obligations as well as to keep records of our compliance processes or tax records;
  • Because of our legitimate interests provided that those interests are not overridden by your interests or fundamental rights;
  • Because you have given us your consent to process your personal data in the way we are processing it.

Sharing of Personal Data with third parties:

We share Personal Data with our affiliate companies, offices and employees internationally. Therefore, your Personal Data may be transferred to locations both inside and outside of the European Union. We may also share your personal information outside of Subex such as with:

  • Affiliated Companies: We may share your personal data among the Subex family of companies (these are companies that are controlled either directly or indirectly by Subex Limited).
  • Third-party vendors and contractors and other service providers: We may share your personal data with these third party vendors in their normal course of their providing services to us. These third parties will be bound by obligations of confidentiality with respect to your personal data.
  • Legal and government processes: We may share your personal data to comply with the law or legal processes or in response to a lawful request by a government agency.
  • Others pursuant to your consent: We may share your personal data with others pursuant to your consent to do so.


Where the GDPR applies and we transfer Personal Data outside the EU/UK, we will ensure it is protected and transferred in a manner consistent with the requirements of the GDPR. This may include: (a) sending the Personal Data to a country approved by the European Commission; (b) ensuring the recipient has signed a contract based on “model contractual clauses” approved by the European Commission; or (c) if the recipient is in the U.S and item b above does not apply, ensuring he recipient is a certified member of the EU-US Privacy Shield system. If you desire further details on any of these manners of sharing your personal data, please contact our Data Protection Officer who contact information is on the last page of this Policy.

How do we store personal data:

Subex takes reasonable steps to protect the security of your Personal Data as customarily done in the industry or as otherwise required by law.

Your Rights:

With respect to any of your personal data governed by the GDPR (or where otherwise required by law), you have certain rights including:

  • Access : With certain exceptions, you have the right to request a copy of personal data we may hold about you. The exceptions include situations where providing your personal data may expose personal data of another person and situations where we are legally prevented from providing the information.

  • Rectification : Our goal is that any data, including personal data, that we keep is accurate. If you are aware that we have inaccurate personal data about you and you notify us, we will take reasonable steps to correct it.

  • Objecting or restricting processing : Under certain situations, you may be entitled to object to our processing of your personal data or to request we restrict the manner in which we process it. If you would like to object or request restriction, please notify us.

  • Portability : Under certain circumstances where you have provided personal data to us, you have the right to request that some of your personal data is provided to you in a structured, commonly used, computer-readable format. Or you may have the right to request we transmit your personal data to a third party in such a format.

  • Withdraw of consent : If our legal basis for processing your personal is based solely on your consent, you have the right to withdraw your consent.

  • Requirement to provide data : To know whether providing the personal data is required by a statute, a contract (or necessary to enter into a contract) and the consequences of failing to provide the personal data.

  • Automated Decision Making : To know whether we use automated decision making with respect to your personal data. We don’t.

If you would like to contact us to notify that you wish to exercise one of these rights, please contact our Data Protection Officer whose contact information is on the last page of this Policy.
Please understand that each of these rights is subject to certain conditions under which we may refuse to grant the right such as, in certain cases, where we are legally required to retain certain personal data. If we have basis to refuse your request, we will explain that basis to you.
You also have the right to lodge a complaint with the relevant supervisory authority. If you would like to exercise this right and require assistance in obtaining contact information for the correct supervisory authority, please contact us.

Cookies:

First, what is a cookie? Unfortunately, it is not a sweet treat that you get for having read this far. A “cookie” is a small data file that is stored on users’ computer, tablet, phone or other device when the user visits a website. Some cookies are deleted when the user close down his/her browser. These are known as session cookies. Others remain on users’ device until they expire or the user deletes them from user’s cache. These are known as persistent cookies. Persistent cookies enable the website to “remember” things about a returning user.
Sectrio’s website uses cookies to collect certain standard information from you. This may include but not limited to your IP address (browser type, language, access times, details of pages visited) and any referring website addresses. The information Sectrio collect from you is for the purposes of:

  • Assessing your requirements to deliver content more relevant to you and your interest and to improve the website;

  • To provide you with a personalized experience when visiting our website;

  • Provide statistics to Sectrio on how Sectrio website and portals are used; etc.

You do not have to accept use of cookies on the Sectrio website; rather, you can set your browser to reject use of cookies . But, if you decline use of cookies, you may have a reduced experience on our website. You can also delete cookies from your device. To set your browser to reject use of cookies or to delete cookies on your device, please find further information in documentation of the browser you use.
More information on cookies can be found at www.allaboutcookies.org and on other websites. Below is a list of the Cookies used in the Sectrio website:
• _utma• _utmb• _utmc• _utmz• _cq
We also may use Google Analytics to help us analyze the use of our website. Google Analytics generates statistical and other information by using cookies. This allows the generation of reports about the use of the website. Google holds this information and provides us access to it. Google’s privacy policy is available at: Google Privacy policy
By using the Sectrio website, you agree to use of cookies for the limited purposes described above.

Changes to this policy:

We may choose to review and change this Policy from time to time and at any time. You should check this page periodically and whenever you have questions about how we manage privacy as changes are binding on you. If we decide to change this Policy in a manner that significantly impacts how we use, share or secure your personal data, if the collection of that data was based on your consent, we will attempt to give you a chance to “opt-out” if doing so is allowed by law and is reasonably practical.
Where does this policy not apply:
While we generally respect your Personal Data, as noted in the Your Rights section, certain rights are presently only applicable when governed by the GDPR or where such rights are otherwise required to be given under applicable law. Also, this Policy also does not apply where we are processing Personal Data as a Processor for another party (such as we may do with respect to Personal Data from our customers). Our processing of Personal Data as a Processor is controlled and governed by our agreements with such third parties.

Objective :

India has enacted the ‘The Rights of Persons with Disabilities Act’, 2016 (“RPWD Act”) under which Sectrio is required to develop and publish a policy, with certain required provisions, related to employment of persons with disabilities (Chapter IV (8)(3)). The objective is to provide the policy required under the RPWD Act.

The RPWD Act also provides that employers must:

  1. manage complaints related to the Act (Chapter II (3));
  2. maintain certain records related to employment of persons with disabilities and provide the records for inspection by Authorities (Chapter IV (9)); and
  3. maintain certain standards related to accessibility (Chapter VI (15)).

More important than complying with the RPWD Act, this policy is intended to state Sectrio’s commitment – even without the RPWD Act — to non-discrimination in the workplace and to clearly state that includes both a commitment to ensuring a workplace free of discrimination based on disabilities and a workplace where Sectrio will make reasonable accommodations to assist persons with disabilities with success in their jobs.

The full policy is stated below but the short form of this policy is:

  1. Sectrio does not allow discrimination against any person based on Sectrio makes employment decisions based on merit and provides and promotes equal opportunity to all regardless of disability;
  2. Sectrio will make reasonable accommodations to persons with disabilities to assist them in succeeding in their jobs; and
  3. Sectrio will comply with applicable law including the RPWD A copy of the RPWD Act is attached for easy reference.

Table of Content

Get the latest news and insights beamed directly to you

By clicking Submit, I agree to the use of my personal data in accordance with Sectrio’s privacy policy. Sectrio will not sell, trade, lease, or rent your personal data to third parties.

When and to whom does this policy apply?

This policy’s specific provisions apply to Sectrio, a division of Subex Limited and its affiliates in India (together, “Subex” or “Company”). However, the fact that this policy’s specific provisions only apply to Subex Limited and affiliates in India is not meant, in any way, to undermine or minimize Subex’s general, global, commitment to compliance with the law and to fair, non-discriminatory treatment.

This policy of equal opportunity is applicable to all the aspects of employment cycle, including the application and hiring process, corrective action, promotion and transfer, selection for training opportunities, compensation, termination and the application of service, retirement and employee benefit plan policies. Consistent with this policy, Sectrio is committed to making employment decisions based on merit, qualifications, business needs and other job-related criteria and as opposed to caste, creed, disabilities, sex, age, religion etc.

This policy covers all person with disabilities at all stages, including job applicants, interns/trainees, contractors, part-time & full-time employees and including those employees who acquire any disability during their work tenure in Sectrio .

Standards related to Employment (RPWD Act, Chapter IV, Clause (8)(3))

Sectrio will make reasonable accommodations for an individual’s disabilities by reasonably providing facilities and amenities to enable such persons to effectively perform their jobs. Exactly what accommodations are made will be decided on a case-by-case basis dependent both on the job function and the particular disability. (Chapter IV (8)(3)(a)).

Sectrio will also provide a list, as appropriate, of jobs that may have been identified as suitable for persons with disabilities. However, generally, it should be assumed that most, if not all jobs at Sectrio can be performed by persons with disabilities with Sectrio making reasonable accommodations. Thus, while the RPWD Act appears to require posting a list of jobs, it should simply be assumed that jobs posted by Sectrio are open for all applicants regardless of disability. (Chapter IV (8)(3)(b)).

Reasonably accommodations will be provided to any person with a disability during the job application and interviewing process, during onboarding with the company and post-recruitment such as with respect to performance review, career advancement and training to provide a non-discriminatory environment for all of these purposes. For example, if accommodations are needed to ensure an employee has wheelchair access to attend an off-site training session, Sectrio will take reasonable efforts to ensure such access is provided or the training is provided at an alternative location. Sectrio will also reasonably accommodate special leaves required as a result of the disability (such as for medical treatments). (Chapter IV (8)(3)(c)).

In general, reasonable accommodations will be made to ensure assistive devices, barrier-free accessibility and other provisions are provided for persons with disabilities. (Chapter IV (8)(3)(d)).

Sectrio has appointed a Liaison Officer who will assist with and review the recruitment process and provision of facilities and amenities for compliance with this policy. The Liaison Officer is also responsible for ensuring Subexians are educated and aware of this policy. If, at any time during the employment relationship with Subex (whether during the recruiting phase or during employment), an employee with a disability requires any accommodation, he/she can immediately bring the issue to the attention of the Liaison Officer. The Liaison Officer can be contacted at: EO-Liaison- Officer@subex.com (Chapter IV (8)(3)(e)).

In no case will a person with a disability be required to pay any part of the costs for providing the reasonable accommodation. (Chapter IV (8)(4)).

Standards related to Accessibility (RPWD Act, Chapter VI, Clause 15)

Sectrio will comply with all Guidelines Standards as mentioned under the RPWD Act and Rules 2017, to the extent as applicable.

Sectrio will comply with standards of accessibility relating to information and communication technology.

Sectrio will comply with transport (bus) requirements to the extent applicable to Sectrio. However, such regulations are generally only applicable to use of cabs with 13 or more seats and, thus, generally not applicable to Sectrio.

Any person facing accessibility issues with facilities should report to the facilities team or to the Liaison Officer. Any person facing accessibility issues with the website should contact the Marketing team or the Liaison Officer.

Records (RPWD Act, Chapter IV, Clause 9)

As required by the RPWD Act, Sectrio shall maintain records with the following information:

  1. The number of persons with disabilities who are employed and their dates of employment;
  2. The name, gender and address of each such person;
  3. The nature of the disability for each such person;
  4. The nature of the work being done by each such person;
  5. The kind of facilities and accommodations made for each such

Maintaining these records shall be the responsibility of the Liaison Officer. The information shall be maintained in a confidential file which shall only be made available to: (a) the HR and Legal teams as necessary for evaluation and analysis of obligations of Sectrio under this policy; (b) supervisors and managers for the purposes of assuring they understand the accommodations that will be made; (c) security personnel to the extent required for evacuation planning for emergencies; and (d) authorities as required under Chapter IV, Clause 9(2). In all cases, the information that is shared will be limited to only information that is required to be shared to accomplish the purposes of this policy.

Questions, compliments and complaints (RPWD Act, Chapter II, Clause 3)

If you have any questions, compliments or complaints regarding this policy, the primary point of contact should be the Liaison Officer who can be reached at EO-Liaison-Officer@subex.com.

If any aggrieved person raises a complaint related to discrimination based on a disability, Sectrio will conduct an investigation and provide information to the aggrieved person regarding the outcome of the investigation. Any person who has any questions, concerns or complaints about this policy or any issue related to it, the company encourages the employee to talk to the Liaison Officer, his/her Supervisor, Department Head, respective Human Resources Business Partner, the Corporate Human Resources Department or the Legal Team.

Under no circumstance shall any Subexian (including the Liaison officer, a supervisor or manager or a member of HR or legal) take any retaliatory action based on any person raising any good faith complaint (whether to Subex or to any government official) regarding Subex’s actions related to this policy.

Document Version Control

VERSIONDATEAUTHORACTION ON DOCUMENT
Version 1.0September 2018Legal DepartmentDrafted Equal Opportunity Policy

Approved and authorized by:

David Halvorson, General Counsel

Vinod Kumar, Chief Executive Officer

Mohan Sitharam, Chief People Officer

Introduction

Subex, like all employers, must collect, store and process data relating to its employees, contractors and applicants in order to manage the employment relationship or potential employment relationship. Subex is committed to being transparent regarding how it collects and uses that data and is committed to meeting its data protection obligations.

What information does Subex collect?

Subex collects and processes a range of information about you and the list of such data may seem lengthy at first glance. However, you will quickly understand that such data is necessary to properly manage the employment relationship with you and is of the type of data normally processed by employers. The types of data may include:

  • your name, address, and contact details, including email address and telephone number, date of birth, and gender;
  • the terms and conditions of your employment;
  • details of your qualifications, skills, experience, and employment history, including start and end dates, with previous employers and with Subex;
  • information about your remuneration, including entitlement to benefits such as pensions or insurance cover;
  • details of your bank account and national insurance number;
  • information about your marital status, next of kin, dependents, and emergency contacts;
  • information about your nationality and entitlement to work in the UK;
  • information about your criminal record;
  • details of your schedule (days of work and working hours) and attendance at work;
  • details of periods of leave taken by you, including holiday, sickness absence, family leave and sabbaticals, and the reasons for the leave;
  • details of any disciplinary or grievance procedures in which you have been involved, including any warnings issued to you and related correspondence;

assessments of your performance, including appraisals, performance reviews and ratings, training

  • you have participated in, performance improvement plans and related correspondence;
  • information about medical or health conditions, including whether or not you have a disability for which Subex needs to make reasonable adjustments;
  • details of trade union membership; and
  • equal opportunities monitoring information, including information about your ethnic origin, sexual orientation, health and religion or belief.

Subex collects this information in a variety of ways. For example, data is collected through application forms, CVs or resumes; obtained from your passport or other identity documents such as your driving licence; from forms completed by you at the start of or during employment (such as benefit nomination forms); from correspondence with you; or through interviews, meetings or other assessments.

In some cases, Subex collects personal data about you from third parties, such as references supplied by former employers, information from employment background check providers, information from credit reference agencies and information from criminal records checks permitted by law.

Data is stored in a range of different places, including in your personnel file, in Subex’s HR management systems and in other IT systems (including Subex’s email system).

Table of Content

Get the latest news and insights beamed directly to you

By clicking Submit, I agree to the use of my personal data in accordance with Sectrio’s privacy policy. Sectrio will not sell, trade, lease, or rent your personal data to third parties.

Why does Subex process personal data?

Subex needs to process data to enter into an employment contract with you and to meet its obligations under your employment contract. For example, it needs to process your data to provide you with an employment contract, to pay you in accordance with your employment contract and to administer benefit and insurance entitlements.

In some cases, Subex needs to process data to ensure that it is complying with its legal obligations. For example, it is required to check an employee’s entitlement to work in the country of employment, to deduct tax, to comply with health and safety laws and to enable employees to take periods of leave to which they are entitled. For certain positions, it is necessary to carry out criminal records checks to ensure that individuals are permitted to undertake the role in question.

In other cases, Subex has a legitimate interest in processing personal data before, during and after the end of the employment relationship. Processing employee/applicant data allows Subex to:

  • run recruitment and promotion processes;
  • maintain accurate and up-to-date employment records and contact details (including details of who to contact in the event of an emergency), and records of employee contractual and statutory rights;
  • operate and keep a record of disciplinary and grievance processes, to ensure acceptable conduct within the workplace;
  • operate and keep a record of employee performance and related processes, to plan for career development, and for succession planning and workforce management purposes;
  • operate and keep a record of absence and absence management procedures, to allow effective workforce management and ensure that employees are receiving the pay or other benefits to which they are entitled;
  • obtain occupational health advice, to ensure that it complies with duties in relation to individuals with disabilities, meet its obligations under health and safety law, and ensure that employees are receiving the pay or other benefits to which they are entitled;
  • operate and keep a record of other types of leave (including maternity, paternity, adoption, parental and shared parental leave), to allow effective workforce management, to ensure that Subex complies with duties in relation to leave entitlement, and to ensure that employees are receiving the pay or other benefits to which they are entitled;
  • ensure effective general HR and business administration;
  • provide references on request for current or former employees;
  • respond to and defend against legal claims; and
  • maintain and promote equality in the workplace.

Where Subex relies on legitimate interests as a reason for processing data, it has considered whether or not those interests are overridden by the rights and freedoms of employees or workers and has concluded that they are not.

If we keep certain special categories of personal data, such as information about health or medical conditions, it is processed to carry out employment law obligations (such as those in relation to employees with disabilities and for health and safety purposes).

Where Subex processes other special categories of personal data, such as information about ethnic origin, sexual orientation, health or religion or belief, this is done for the purposes of equal opportunities monitoring.

Who has access to data?

Your information will be shared internally within the Subex companies, including with members of the HR and recruitment team (including payroll), your line manager, managers in the business area in which you work and IT staff if access to the data is necessary for the performance of their roles.

Subex shares your data with third parties in order to obtain pre-employment references from other employers, obtain employment background checks from third-party providers and obtain necessary criminal records checks. Subex may also share your data with third parties, for example, in the context of a sale of some or all of its business. In those circumstances, the data will be subject to confidentiality arrangements.

Subex also shares your data with third parties (including Subex (UK) affiliate companies) that process data on its behalf in connection with payroll, the provision of benefits and the provision of occupational health services and travel advisors and travel agencies in connection with your business travel needs.

Your data may be transferred to countries outside the European Economic Area (EEA) to: (a) Subex (UK) affiliate companies to allow the management, accounting and finance and HR at the affiliates to process the data for purposes as specified above; and (b) to third parties such as travel agencies and travel companies to allow services to be provided to you. Data is transferred outside the EEA on the basis of Data Processing Agreements including Standard Contractual Clauses.

How does Subex protect data?

Subex takes the security of your data seriously. Subex has internal policies and controls in place to mitigate the risk of your data being lost, accidentally destroyed, misused or disclosed, and or accessed except as outlined in this policy/

Where Subex engages third parties to process personal data on its behalf, they do so on the basis of written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and organizational measures to ensure the security of data.

For how long does Subex keep data?

Subex will generally hold your personal data for the duration of your employment and for seven years following the end of your employment.

Your rights

As a data subject, you have a number of rights which may include the right to:

  • access and obtain a copy of your data on request;
  • require Subex to change incorrect or incomplete data;
  • require Subex to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing;
  • object to the processing of your data where Subex is relying on its legitimate interests as the legal ground for processing; and
  • ask Subex to stop processing data for a period if data is inaccurate or there is a dispute about whether or not your interests override Subex’s legitimate grounds for processing data.

If you would like to exercise any of these rights or have concerns on whether Subex has complied with the law, please contact the Subex Data Protection Officer whose contact information is at the end of this policy.

If you believe that Subex has not complied with your data protection rights, you may also contact the Information Commissioner.

What if you do not provide personal data?

You have some obligations under your employment contract to provide Subex with data. In particular, you are required to report absences from work and may be required to provide information about disciplinary or other matters under the implied duty of good faith. You may also have to provide Subex with data in order to exercise your statutory rights, such as in relation to statutory leave entitlements. Failing to provide the data may mean that you are unable to exercise your statutory rights.

Certain information, such as contact details, your right to work in the UK and payment details, have to be provided to enable Subex to enter a contract of employment with you, to process payment of your salary and to administer certain benefits. If you do not provide other information, this will hinder Subex’s ability to administer the rights and obligations arising as a result of the employment relationship efficiently.

Is Automated decision-making employed using your personal data?

No, decisions are not based solely on automated decision-making.

Who can I contact for more information?

Subex (UK) Limited (“Subex”) is the data controller for the data discussed in this policy. Subex’s mailing address is 1st Floor, Rama, 17 St Ann’s Road, Harrow, Middlesex, HA1 1JU UK. You may also contact your HR representative or the Data Protection Officer whose contact details are set out below.

Effective 25 May 2018

Introduction

Subex believes in high principles of integrity in doing its business. This Policy sets forth the respective principles and rules and how anti-bribery practices are implemented. This Policy addresses a variety of contexts in which bribery issues may arise.

Applicability & Purpose

This policy applies to all officers, directors, managers, employees (hereinafter referred as to the “Subexians”) of any Subex group company (“Subex”) (including employees temporarily transferred to affiliates and vendors), agents, representatives or anyone else doing business in the name of or with Subex, including the suppliers, contractors, or subcontractors (collectively referred to herein as “Covered Parties”).

Subex has a zero-tolerance approach to acts of bribery, by Subexians or Covered Parties. Any breach of this policy will be regarded as a serious matter of concern by Subex which is likely to result in disciplinary action.

It is our policy to conduct all our business in an honest and ethical manner. The purpose of this policy is to establish controls, implement and enforce effective systems to ensure compliance with all applicable anti-bribery and corruption regulations. 

Table of Content

Get the latest news and insights beamed directly to you

By clicking Submit, I agree to the use of my personal data in accordance with Sectrio’s privacy policy. Sectrio will not sell, trade, lease, or rent your personal data to third parties.

Definition of Bribery

Bribery means offering, giving or promising (or authorizing someone to offer, give, or promise) an improper benefit, directly or indirectly, with the intention of influencing or rewarding the behavior of someone to obtain or retain a commercial advantage.

For purposes of this Policy, each of the examples below is referred to as a “bribery offense”.

1. Bribes

  • A Bribe is an inducement or reward offered, promised or provided in order to gain any commercial, contractual, regulatory or business or personal advantage.

*An inducement is something that helps to bring about an action or desired result

*A business advantage means that one of the party is placed in a better position (financially, economically, or by way of reputation, or in any other way which is beneficial) either than its competitors or than it would otherwise have been had the bribery or corruption not taken place.

2. Kickbacks

Payments of any portion of a contract made to employees of another contracting party or the utilization of other techniques, such as subcontracts, purchase orders or consulting agreements, to channel payment to public officials, political parties, party officials or political candidates, to employees of another contracting party, or their relatives or business associates.

3. Extortion

Directly or indirectly demand or accept a bribe, facilitation payment or kickback through force or threat.

Gifts & Hospitality

The policy does not prohibit normal and appropriate hospitality to or from third parties.

The practice of giving gifts and hospitality is recognized as an established and important part of doing business. However, it is prohibited when they are used as bribes. Subexians must consider that practice of gifts and hospitality varies between countries and sectors and what may be normal and acceptable in one country may not be so in another. To avoid committing a bribery offense, the gift or hospitality must be:

  1. Reasonable and justifiable in all the circumstances
  2. Intended to improve the image of Subex, better present its products and services or establish cordial relations. The giving or receiving gifts or hospitality is acceptable under this Policy if all the following requirements are met:

a. It is not made with the intention of influencing a third party to obtain/ retain business or a business advantage or to reward the provision or retention of business or a business advantage or in explicit or implicit exchange for favors/ benefits or for any other corrupt purpose

b. It complies with local laws and customs

c. It does not include cash or a cash equivalent (such as gift certificates or vouchers)

d. It is appropriate in the circumstances. For example, in U.S. it is customary for small gifts to be given at Christmas time or a gift during Diwali in India

e. Considering the reason for the gift or hospitality, it is of an appropriate type and value and given at an appropriate time. It is given openly, not secretly and in a manner that avoids the appearance of impropriety

ANY GIFT, OFFERING OR FAVOR TO ANY GOVERNMENT OFFICIAL WITH WHOM SUBEX MAY OR MAY NOT HAVE ANY BUSINESS RELATIONSHIP OR PROSPECTIVE BUSINESS RELATIONSHIP MUST BE APPROVED BY THE ANTI-BRIBERY COMMITTEE, IN ALL CASES.

Anti-Bribery Committee shall be reachable at antibribery@Subex.com

What is unacceptable (Red Flags)

The following is a list of things that may indicate the possible existence of corrupt practices and should be kept in mind:

  1. Accept an offer of a gift of any size from any Third Party which is in negotiation with, or is submitting a proposal with Subex
  2. Give, promise to give or offer, any payment, gift, hospitality or advantage with the expectation or hope that a business advantage will be given or received or to reward a business advantage already given
  3. Give, promise to give or offer, any payment, gift or hospitality to a government official, agent or representative to “facilitate” or expedite a routine procedure
  4. Accept or solicit any payment, advantage, gift or hospitality from a Third Party that you know or suspect is being offered with the expectation that it will obtain a business advantage for them
  5. Threaten or retaliate against, another employee who has refused to commit a bribery offense or who has raised concerns under this Policy
  6. Engage in any activity that might lead to a breach of this Policy
  7. Anti Bribery Compliance, Awareness and Training
  8. Anti-bribery awareness is a mandatory requirement. Dissemination of this policy for new joinees shall be carried out at the time of induction and this policy shall be shared with all existing Subexians.  At a minimum, all Subexians in a position to give or receive bribes, or to detect such activity, should receive anti-corruption compliance training.
  9. Training should highlight:
  10.  
  • Company’s commitment towards Anti-bribery
  • Anti-Bribery policies and procedures
  • Details of Anti-bribery Committee
  • Potential “red flags”
  • How to report and escalate violations or potential violations
  1. Along with employees in Procurement, facilities and administration, sales, finance, and partner management teams, and any other team which deals with external parties shall be provided training, on an annual basis. All Subexians shall be provided with a copy of this policy. Every Subexian shall read, understand and comply with this Policy. If any Subexians has doubts or concerns, he / she should contact Legal team or the Anti bribery Committee.
  2. Adopting policies for third parties
  3. Subex expects all Covered Parties doing business with Subex to approach issues of bribery and corruption in a manner that is consistent with the principles set out in this Policy. Subex requires all Covered Parties to cooperate and ensure compliance with these standards, to continue the business relationship.
  4. In order to maintain the highest standards of integrity, with respect to any dealings with a Covered Party, the following must be ensured by Procurement and Partner Management team (as the case may be):
  5. For every substantial value deal (as decided by the Anti-bribery Committee) conduct due diligence enquiries to review the integrity records of any Covered Party before entering a commercial relationship with them
  6. Fully document the engagement process and the final approval of the selection of any Covered Party
  7. Implement a program to provide appropriate information on this Policy to all Covered Parties engaged in a business relationship with Subex
  8. Make a formal commitment in writing by Covered Parties, to abide by Anti-bribery provisions of Subex. Contractual agreements will include appropriate wording making it possible to withdraw from the relationship if any of the Covered Parties fail to abide by this Policy
  9. Fees and commissions agreed shall be appropriate and justifiable remuneration for legitimate services rendered
  10. In the event of any doubt on the integrity of a Covered Party, it is the employee’s responsibility to contact the Anti-Bribery Committee via e-mail or in person as soon as possible.
  11. Communication & Training
  12. HR team shall ensure that all Subexians are aware of the Policy, the Policy shall be uploaded on the Subex NET.
  13. HR team shall ensure that training on this Policy will form part of the induction process for all Subexians
  14. Subexians will also be communicated in case of any changes or updates in the Anti-Bribery Policy
  15. Legal team shall be responsible for governance of this policy by tracking the actions of stakeholders on compliance tool. Legal team shall generate a report of compliance which shall be presented to Board of Directors.
  16. Subex’s zero-tolerance approach to bribery and corruption must be communicated to all Covered Parties at the outset of our business relationship with them and as appropriate thereafter.
  17. For any concerns or queries, Subexians can reach out at Legal Team or Anti-bribery Committee. For any complaints Subexians can reach out to Anti Bribery Committee.
  18. Management shall provide annual compliance report in relation to this Policy to the Board of Directors
  19. Responsibilities
  20. ResponsibilityDescription
    ManagementOverall responsibility for ensuring that this Policy complies with Subex’s legal and ethical obligations and that all those under Subexians and Suppliers/Contractors of Subex control comply with it
    LegalGovernance and update to the policy
    HREmployee Communication & training
    Procurement and Partner Management– Ensuring appropriate communication and training to covered parties – Commitment from Covered Parties about abiding by the policy – Demonstrating higher standards of integrity
    EmployeesReport concerns and instances of breach of the policy to Reporting Managers or Anti-Bribery committee
    Anti-Bribery Committee– To resolve the concerns and Queries – To investigate the instances and take appropriate actions. Also, provide a report to management – To review the policy periodically

Introduction

This Privacy Policy (the “Policy”) describes how Sectrio collects, uses, and shares both information you provide to us and other information we collect about you in the operation of our business.

In this Policy, when we use the term “Sectrio”, “we”, “us”, “our” or similar terms, we are referring to Sectrio, a division of Subex Digital LLP, a wholly-owned subsidiary of Subex Limited and its affiliate companies including Subex (UK) Limited, Subex Inc., Subex Americas Inc., Subex (Asia Pacific) Pte Ltd, Subex Middle East (FZE), Subex Assurance LLP, Subex Digital LLP and Subex Bangladesh Pvt Ltd.

Table of Content

Get the latest news and insights beamed directly to you

By clicking Submit, I agree to the use of my personal data in accordance with Sectrio’s privacy policy. Sectrio will not sell, trade, lease, or rent your personal data to third parties.

How to contact us:

We are happy to respond to any inquiries you may have regarding collection, use, disclosure, transfer or processing of your personal data or the exercise of any of your rights. If you have questions or would otherwise like to contact us, please contact the Subex Data Protection Officer whose contact information is provided at the bottom of the last page of this policy.
Our registered office is at Pritech Park, SEZ Block -09, 4th Floor B Wing, Survey No. 51 to 64/4 Outer Ring Road, Bellandur Village Varthur, Hobli, Bengaluru, Karnataka, 560103, INDIA, and our website is at www.sectrio.com. We also maintain offices in Singapore, Dubai, London, and Denver (Broomfield), Colorado in the U.S. You can find full contact information for each of these offices at https://sectrio.com/contact-us/.

The information we collect:

It is first important to understand what we mean by “Personal Data”. We are referring to any information that is related to and identifiable with you, personally, that we have in our possession or control. Put more precisely, we mean to use the term Personal Data in the same manner as the GDPR.
Generally, we collect Personal Data about (i) our customers, vendors, business associates and potential customers, vendors and business associates (as well as their employees and representatives), (i) people who have expressed interest in our products and services (such as through visiting our website, visiting us at trade shows and otherwise by contacting us), and (iii) our employees, contractors and people who have expressed interest in becoming our employees and contractors.
The types of Personal Data that we collect will depend on the specific purpose for which we are collecting it. As an example, for a job applicant, we may collect your contact information, information such as job and education history and general background information including opinions from third parties and background screening information. For an employee, we may need to retain the information collected during the job application process (and we may need to periodically update the information) but also we collect additional information such as may be required to provide certain employee benefits or simply to pay salaries. For people expressing an interest in our products such as by visiting our website, we may collect your contact information and other information that allows us to understand your visit to our website better such as IP address, which webpages you have visited, and measurement of site performance. Please also see the information below regarding our use of “cookies” when visiting our website. For customers, vendors and business associates, we may collect your contact information.

How long do we keep Personal Data:

Simply put, it is our policy to retain the information we collect no longer than as reasonably necessary to fulfill the purposes for which we collect the information and to comply with our legal obligations.

How do we use Personal Data:

When we collect Personal Data directly from you, we use the personal data for the purposes that are disclosed to you or for purposes that you would reasonably expect. For example, if you send us your CV in response to a job posting, you would expect we would use that information for purposes of evaluating you as a job candidate. If you give us your contact information on our website as part of requesting more information, you would expect we would use your contact information to communicate information regarding our products and services with you.

More specifically, we may use your personal data as follows:

if you are a customer, vendor or potential customer or vendor (or representative/employee of one of these entities), to contact you regarding products and services and generally for marketing and business development activities;

  • if you are a business associate (such as a company who might act as a local representative for us, a reseller or some other company who might enter into business transactions with us involving an end customer), or representative of a business associate, to contact you regarding our working relationship and generally for marketing and business development activities;
  • if you are an employee or contractor or job applicant in the European Union, in accordance with the Subex Privacy Policy and Notice for EU and UK Employees, Contractors and Applicants;
  • If you are an employee, contractor or applicant outside of the European Union, in accordance with Subex policies;
  • If you have provided personal data in connection with an interest in our products or services, to provide information on our products and services, and to provide an overall pleasant and productive experience on our website;
  • Other reasons:
    To comply with legal and regulatory requirements;
    For legitimate business interests such as undertaking business research and analysis, managing the operation of our website, and managing our business;
    To assist in reviewing and responding to complaints and questions including complaints and questions you may have;
    To exercise and defend our legal rights or to comply with court orders; and
    To prevent and respond to actual or potential illegal activities and fraud.
    We may also use Personal Data we obtain from other sources, as well as data we compile, for the above purposes.

Legal Basis for Processing Personal Data:

When we process the data for the purposes set forth above, it will be based on one or more of the following legal grounds:

  • Because it is necessary for us to do so to perform your instructions or a contract with you or your organization;
  • To comply with our legal obligations as well as to keep records of our compliance processes or tax records;
  • Because of our legitimate interests provided that those interests are not overridden by your interests or fundamental rights;
  • Because you have given us your consent to process your personal data in the way we are processing it.

Sharing of Personal Data with third parties:

We share Personal Data with our affiliate companies, offices and employees internationally. Therefore, your Personal Data may be transferred to locations both inside and outside of the European Union. We may also share your personal information outside of Subex such as with:

  • Affiliated Companies: We may share your personal data among the Subex family of companies (these are companies that are controlled either directly or indirectly by Subex Limited).
  • Third-party vendors and contractors and other service providers: We may share your personal data with these third party vendors in their normal course of their providing services to us. These third parties will be bound by obligations of confidentiality with respect to your personal data.
  • Legal and government processes: We may share your personal data to comply with the law or legal processes or in response to a lawful request by a government agency.
  • Others pursuant to your consent: We may share your personal data with others pursuant to your consent to do so.


Where the GDPR applies and we transfer Personal Data outside the EU/UK, we will ensure it is protected and transferred in a manner consistent with the requirements of the GDPR. This may include: (a) sending the Personal Data to a country approved by the European Commission; (b) ensuring the recipient has signed a contract based on “model contractual clauses” approved by the European Commission; or (c) if the recipient is in the U.S and item b above does not apply, ensuring he recipient is a certified member of the EU-US Privacy Shield system. If you desire further details on any of these manners of sharing your personal data, please contact our Data Protection Officer who contact information is on the last page of this Policy.

How do we store personal data:

Subex takes reasonable steps to protect the security of your Personal Data as customarily done in the industry or as otherwise required by law.

Your Rights:

With respect to any of your personal data governed by the GDPR (or where otherwise required by law), you have certain rights including:

  • Access : With certain exceptions, you have the right to request a copy of personal data we may hold about you. The exceptions include situations where providing your personal data may expose personal data of another person and situations where we are legally prevented from providing the information.

  • Rectification : Our goal is that any data, including personal data, that we keep is accurate. If you are aware that we have inaccurate personal data about you and you notify us, we will take reasonable steps to correct it.

  • Objecting or restricting processing : Under certain situations, you may be entitled to object to our processing of your personal data or to request we restrict the manner in which we process it. If you would like to object or request restriction, please notify us.

  • Portability : Under certain circumstances where you have provided personal data to us, you have the right to request that some of your personal data is provided to you in a structured, commonly used, computer-readable format. Or you may have the right to request we transmit your personal data to a third party in such a format.

  • Withdraw of consent : If our legal basis for processing your personal is based solely on your consent, you have the right to withdraw your consent.

  • Requirement to provide data : To know whether providing the personal data is required by a statute, a contract (or necessary to enter into a contract) and the consequences of failing to provide the personal data.

  • Automated Decision Making : To know whether we use automated decision making with respect to your personal data. We don’t.

If you would like to contact us to notify that you wish to exercise one of these rights, please contact our Data Protection Officer whose contact information is on the last page of this Policy.
Please understand that each of these rights is subject to certain conditions under which we may refuse to grant the right such as, in certain cases, where we are legally required to retain certain personal data. If we have basis to refuse your request, we will explain that basis to you.
You also have the right to lodge a complaint with the relevant supervisory authority. If you would like to exercise this right and require assistance in obtaining contact information for the correct supervisory authority, please contact us.

Cookies:

First, what is a cookie? Unfortunately, it is not a sweet treat that you get for having read this far. A “cookie” is a small data file that is stored on users’ computer, tablet, phone or other device when the user visits a website. Some cookies are deleted when the user close down his/her browser. These are known as session cookies. Others remain on users’ device until they expire or the user deletes them from user’s cache. These are known as persistent cookies. Persistent cookies enable the website to “remember” things about a returning user.
Sectrio’s website uses cookies to collect certain standard information from you. This may include but not limited to your IP address (browser type, language, access times, details of pages visited) and any referring website addresses. The information Sectrio collect from you is for the purposes of:

  • Assessing your requirements to deliver content more relevant to you and your interest and to improve the website;

  • To provide you with a personalized experience when visiting our website;

  • Provide statistics to Sectrio on how Sectrio website and portals are used; etc.

You do not have to accept use of cookies on the Sectrio website; rather, you can set your browser to reject use of cookies . But, if you decline use of cookies, you may have a reduced experience on our website. You can also delete cookies from your device. To set your browser to reject use of cookies or to delete cookies on your device, please find further information in documentation of the browser you use.
More information on cookies can be found at www.allaboutcookies.org and on other websites. Below is a list of the Cookies used in the Sectrio website:
• _utma• _utmb• _utmc• _utmz• _cq
We also may use Google Analytics to help us analyze the use of our website. Google Analytics generates statistical and other information by using cookies. This allows the generation of reports about the use of the website. Google holds this information and provides us access to it. Google’s privacy policy is available at: Google Privacy policy
By using the Sectrio website, you agree to use of cookies for the limited purposes described above.

Changes to this policy:

We may choose to review and change this Policy from time to time and at any time. You should check this page periodically and whenever you have questions about how we manage privacy as changes are binding on you. If we decide to change this Policy in a manner that significantly impacts how we use, share or secure your personal data, if the collection of that data was based on your consent, we will attempt to give you a chance to “opt-out” if doing so is allowed by law and is reasonably practical.
Where does this policy not apply:
While we generally respect your Personal Data, as noted in the Your Rights section, certain rights are presently only applicable when governed by the GDPR or where such rights are otherwise required to be given under applicable law. Also, this Policy also does not apply where we are processing Personal Data as a Processor for another party (such as we may do with respect to Personal Data from our customers). Our processing of Personal Data as a Processor is controlled and governed by our agreements with such third parties.

Scroll to Top