Close image

HandyTrain Privacy Statement

Effective Date: May 24, 2018

In this Privacy Statement (“Statement”), Handy Training Technologies Pvt Ltd (“HandyTrain”) explains how it collects, uses, maintains, discloses, and transfers personal information, and the choices you have in relation to the processing of your personal information by HandyTrain. We are committed to protecting your privacy in accordance with this Statement.

References in this Statement to “it”, “we,” “us” or “our” are references to the HandyTrain that is operating the relevant Platform, or providing the applicable Services. Statements referring to “you” or “your” are references to the company or individual we are collecting personal information about. Our use of the term Services in this Statement has the same definition as in customer's applicable Services agreement (Master Subscription Agreement) (“Services”).

HandyTrain is a "Data Controller". This means that we are responsible for deciding how we hold and use personal information about you.

We are required under data protection legislation to notify you of the information contained in this privacy statement.

This statement applies to data subjects. This statement does not form part of any contract to provide services. We may update this statement at any time.

It is important that you read this statement, together with any other privacy statement we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using such information.

If you have any questions regarding this Statement, please email us at privacy (at) handytrain (dot) com.

Data Protection Principles

We will comply with data protection law. This says that the personal information we hold about you must be:

  1. Used lawfully, fairly and in a transparent way.
  2. Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
  3. Relevant to the purposes we have told you about and limited only to those purposes.
  4. Accurate and kept up to date.
  5. Kept only as long as necessary for the purposes we have told you about.
  6. Kept securely.

SCOPE

This Statement applies to the following:

OUTSIDE OF SCOPE

As a data processor, we will process all end-user Data strictly on behalf of our customers in accordance with our contractual agreements with them and/or as required or permitted by law. For purposes of clarity, this Statement does not apply to end-user Data.

TYPES OF DATA AND COLLECTION METHODS

Information you provide to us through our Platforms: Through your use of our Platforms, you may choose to provide us with certain personal information. For example, when you request information, a free product trial or demo, schedule a demo, use our chat function, subscribe to a mailing list, subscribe to Services, respond to an online survey or otherwise contact us, we usually collect personal information such as your name, e- mail address(es), postal address(es), telephone numbers and any other information you choose to provide.

If information is required in order to allow us to respond to your inquiry, you will receive a notice advising you of this. If you do not provide us with some or all of the requested information we may not be able to provide the requested information or Services to you.

Information we collect automatically through our Platforms: We also collect certain information by automated means through our Platforms. For example, when you visit a Website, we track certain information about your computer and Internet connection, such as the IP address of your computer and/or Internet Service Provider, the date and time you access the site, the Internet address of websites from which you link to our Websites, the computer technology you are using and your movements and preferences on our site.

We use technology that many other websites or other platforms employ, including, without limitation, “cookies” or small data files stored on your computer's hard drive, to collect such information. There are persistent cookies and session cookies. In some instances, we use cookies to collect information in connection with future visits from that platform, to recognize you as a previous visitor, or to track your activity on our Platforms. If you follow a link to the Platform from an affiliate or promotion, we store information about your arrival from that affiliate or promotion in a session cookie. A persistent cookie consists of a text file sent by a web server to web browser, which will be stored by the browser and will remain valid until its set expiry date.

We do not deliver third party online advertisements on our Platforms , but we may use third-party advertising companies to serve ads for our Services when you access and use other platforms, based on the information relating to your access to and use of our Platforms, as well as information received from third parties. To do so, these companies may place or recognize a unique cookie on your browser (including through use of pixel tags). If you would like more information about this practice and to learn how to opt out in desktop and mobile browsers on the particular device on which you are accessing this Privacy Statement, please email privacy (at) handytrain (dot) com. We do not currently respond to browser do-not- track signals.

In general, you do not need to have cookies turned on to visit our Platforms. You can refuse cookies by setting your browser to decline them automatically or to give you the choice of declining or accepting the placement of cookies. That said, some of our webpages, may require you to accept a mandatory session cookie, which you can delete after you leave the Platform.

We also may collect information related to your company, approximate geographic location, or other demographic information that does not personally identify you.

To the extent permitted by applicable law, we reserve the right to combine other information as defined above with personal information that you submit.

Information customers and potential customers provide to us: You may choose to provide personal information when engaging in or conducting business with us. The types of information we may collect include names, email addresses, postal addresses, contact details, job titles, transactional information, financial/billing information, account information, correspondence and any other information you may choose to provide.

You may also choose to provide personal information, such as contact details and job titles, when you attend sales and marketing events, product demos, take part in surveys, or through other sales and marketing interactions we may have with you.

Other information we collect in the course of operating our business: We also collect information from our vendors, suppliers, service providers, agents, consultants, business partners, professional advisors and other third parties for the purposes of managing and operating our business. For example, we will collect business contact information, financial information and other information necessary to engage third parties and to evaluate their performance.

Information we collect automatically through the Services: Our systems may also collect certain information automatically when you use the Services, for example, usage information (such as user activity, configuration of the device, performance metrics data) and log information (such as IP addresses, ISP, browser type, clickstream data, security information, errors and crashes).

COLLECTION PURPOSES AND USE OF BUSINESS DATA

We will use your personal information for a range of different purposes, including:

We maintain reasonable procedures to help ensure that personal information we collect and use is reliable for its intended use, accurate, complete, and current.

Additionally, we may collect personal information for marketing purposes such as contacting you to further discuss your interest in our company, the Services we provide and ways we can improve them and to provide information on Services, promotions, and events.

DATA TRANSFERS TO THIRD PARTIES

We do not sell your personal information to any third parties; however, we may share your personal information with third parties as follows:

OTHER DISCLOSURES

Under certain circumstances, we may be required to disclose your personal information in response to valid requests by public authorities, including to meet national security or law enforcement requirements.

We may disclose your personal information if required to do so by law in order to (for example) respond to a subpoena or request from law enforcement, a court or a government agency, or in the good faith belief that such action is necessary (a) to comply with a legal obligation, (b) to protect or defend our rights, interests or property or that of third parties, (c) to prevent or investigate possible wrongdoing in connection with the site or our Services, (d) to act in urgent circumstances to protect the personal safety of users of the site, our Services or the public; or (e) to protect against legal liability.

Our blog (https://handytrain.com/blog/) has a social media integration plugin, allowing users to share the posts on Social Media and Professional Networking sites.

DISCLOSURE FOR PROSPECTIVE SALE, MERGER, ACQUISITION OR REORGANISATION

We may share or transfer your information in connection with a prospective or actual sale, merger, transfer or other reorganization of all or parts of our business. Also, we reserve the right to fully use and share any information that is not in personally identifiable form (such as statistics and survey results that do not identify you individually by name).

PRINCIPLES OF GDPR

We will use your personal data only in-line with the following principles:

  1. Lawfulness, fairness and transparency
  2. Purpose limitation
  3. Data minimization
  4. Accuracy
  5. Storage limitation
  6. Integrity and confidentiality

This is the only principle that deals explicitly with security. The GDPR states that personal data must be “processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures”.

The GDPR is deliberately vague about what measures organizations should take, because technological and organizational best practices are constantly changing. Currently, organizations should encrypt and/or pseudonyms personal data wherever possible, but they should also consider whatever other options are suitable.

YOUR CHOICES

If we intend to use your information for a purpose that is materially different from the purposes identified above or if we intend to disclose it to a third party (a non-agent) not previously identified, we will notify you and offer you the opportunity to opt out of such uses and/or disclosures where it involves non-sensitive information or opt-in where sensitive information is involved.

You may choose to change your marketing choices at any time by contacting us at: privacy (at) handytrain (dot) com.

You can also unsubscribe from our marketing communications by following the instructions or unsubscribe mechanism in the e-mail message. To opt out of receiving marketing related communications from us, please click on the “opt-out” or “unsubscribe” link in the communication or please contact us at privacy (at) handytrain (dot) com. Please note that if you do opt-out of receiving marketing- related emails from us, we may still send you important administrative messages, and you cannot opt-out from receiving account-related or other administrative messages.

THIRD-PARTY SITES

This Statement does not apply to, nor are we responsible for, the privacy, information or other practices of any third parties, including any third party operating any site or service to which the site links. The inclusion of a link on the site does not imply our endorsement of the linked site or service.

SECURITY

We maintain reasonable and appropriate security measures to protect your personal information from loss, misuse, and unauthorized access, disclosure, alteration, and destruction.

DISPUTE RESOLUTION

If you have any complaints regarding our compliance with this Statement, you should first contact us by sending an email to privacy (at) handytrain (dot) com. We will investigate and attempt to resolve queries and disputes regarding use and disclosure of personal information in accordance with this Statement.

RETENTION PERIOD

We will retain your personal information for the period necessary to fulfil the purposes outlined in this Statement unless a longer retention period is required or permitted by law, for legal, tax or regulatory reasons, or other legitimate and lawful business purposes.

GENERAL DATA REQUESTS

If personal information you have submitted to us is no longer accurate, current, or complete, and you wish to update it, please send an e-mail to: privacy (at) handytrain (dot) com. Upon appropriate request we will update or amend your information, but we reserve the right to use information obtained previously to verify your identity or take other actions that we believe are appropriate.

DO WE NEED YOUR CONSENT?

We do not need your consent if we use special categories of your personal information in accordance with our written policy to carry out our legal obligations or exercise specific rights. In limited circumstances, we may approach you for your written consent to allow us to process certain particularly sensitive data. If we do so, we will provide you with full details of the information that we would like and the reason we need it, so that you can carefully consider whether you wish to consent. You should be aware that it is not a condition of your contract with us that you agree to any request for consent from us.

AUTOMATED DECISION-MAKING

Automated decision-making takes place when an electronic system uses personal information to make a decision without human intervention. We do not envisage that any decisions will be taken about you using automated means, however we will notify you in writing if this position changes.

TRANSFERRING INFORMATION OUTSIDE THE EU

We will transfer the personal information we collect about you to our global headquarters in India in order to perform our contract with you, or with your explicit consent. There is no an adequacy decision by the European Commission in respect of that country. This means that the country to which we transfer your data is not deemed to provide an adequate level of protection for your personal information. To ensure that your personal information does receive an adequate level of protection we have put in place the strong inter country security measures to ensure that your personal information is treated by those third parties in a way that is consistent with and which respects the EU and UK laws on data protection: Pursuant to GDPR article 3(2) and article 27.

DATA SECURITY

We have put in place measures to protect the security of your information. Third parties will only process your personal information on our instructions and where they have agreed to treat the information confidentially, legally and securely. We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

DATA RETENTION

How long will you use my information for?

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further statement to you.

RIGHTS OF ACCESS, CORRECTION, ERASURE, AND RESTRICTION

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us.

Your rights in connection with personal information
Under certain circumstances, by law you have the right to:

What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

Right to withdraw consent

In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact privacy (at) handytrain (dot) com. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.

Data Protection Officer

We have appointed a Data Protection Officer to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal information, please contact us on privacy (at) handytrain (dot) com.

Changes to this privacy statement

We reserve the right to update this privacy statement at any time, and we will provide you with a new privacy statement when we make anysubstantial updates. We may also notify you in other ways from time to time about the processing of your personal information.

How to Contact Us

If you have any questions regarding this Statement or if you need to request access to or update, change or remove personal information that we control, you can do so by contacting: privacy (at) handytrain (dot) com.

AMENDMENTS

We reserve the right to change, modify, add or remove portions of this Statement from time to time and in our sole discretion, but will alert you that changes have been made by indicating on this Statement the date it was last updated. When you visit this site, you are accepting the current version of this Statement as posted on the site at that time. We recommend that users revisit this Statement on occasion to learn of any changes.