Mu Sigma takes Privacy with utmost seriousness and care. While carrying out global business operations, we take utmost care and due diligence to ensure Privacy aspects of every individual who interacts with us is taken care of, by design and by default, in alignment with all applicable laws and regulations.
There are a few different avenues and ways where personal information is collected and used by Mu Sigma for fair and legal business purposes.
- The nature and extent of personal information we collect, how we collect it and why we collect it
- How we use that information
- The options and methods we offer to individuals to fulfil their right towards Privacy, including provisions to access and update information
We’ve tried to keep it as simple and concise as possible. Please review the Policy before you share any personal information with us. By using the website further and providing us with your personal information, you are demonstrating your consent for the same. In accordance with the applicable laws and regulations, we will be seeking your consent on collection and usage of specific personal information in specific context, as required.
OUR COMMITMENT TO PRIVACY ACTS AND REGULATIONS:
We are committed to highest levels of compliance towards the applicable Privacy acts and regulations where we offer our Services to, including the EU regulation GDPR. We have also established strong Information Security and Data Protection frameworks within our business operations including a strong Information Security Management System certified towards ISO/IEC 27001:2013 and SOC 2 Type II compliant which ensures the Security, Availability, Processing Integrity, Confidentiality and Privacy of data.
Please be aware that these could be reviewed and updated to make our practices towards Privacy better and stronger.
If you have any questions contact us at firstname.lastname@example.org.
We collect and process personal information as a Data Controller, in the following areas:
- As part of our Marketing and Sales process, to market and sell our Solutions and Services
- During your visit to our website, either through designated web-forms or through automated means such as cookies
- As a part of Recruitment Process, in order to engage suitable human resource professionals into our global team
The details of the policies and controls governing these are given in the below sections.
We also collect and process personal information as a part of our internal processes such as HR and Payroll, and the policies and controls governing the same are established internally within the organization.
Mu Sigma Provides Data Analytics and Decision Science Solutions and Services to our global customers. Though Mu Sigma does not engage individuals directly nor collect personal information directly from them in this process, the personal information collected by our customers might be processed by Mu Sigma, directly or indirectly, as a part of the fulfillment of the Solutions and Service Delivery. Such processing is carried out, on behalf of our customers. In this way, Mu Sigma acts as Data Processor of Personal information, to the extent of, and strictly bound and governed by the Data Processing Agreements (DPA) with our customers.
Most browsers are set up to accept cookies, but you can change your settings to have your browser notify you when you receive a new cookie or you can change your settings to refuse to accept cookies.
Children: Mu Sigma does not provide services or sell products/services to, nor engages or recruits/employs children under the age of 18. Hence, as a Data Controller, there are no avenues where Mu Sigma collects and processes personal data of children below 18.
By default, even as a Data Processor, we do not receive and/or process any personal data of children below 18 from our customers. If we discover that we have received any information from a child under the age of 18 in violation of this policy, we will delete that information immediately. If you believe we have received any information from or about anyone under the age of 18, please contact us immediately.
Information that we collect:
As a Data Controller, we collect personal information in the following areas and ways:
- Details collected through specific web-forms on our website during your visit to our website. The information collected through these web-forms usually includes non-sensitive information such as Name, Country, Industry, Organization, Job Title, Department, Business and/or personal email ids, Contact numbers and Resumes.
- Technical and other details are automatically collected during your visit to our website. This information is generally limited to information in Cookies, IP address, Web browser details. Please refer to the section on Cookies below for specific information on the same. Any additional information collected in specific cases will be bound by specific notification and consent from user(s) as well as the processing agreement with the customer.
- We might collect your personal information through various sources such as our marketing platforms like Hubspot and Instapage as well as external sources such as LinkedIn and Marketing Service providers/partners, as a part of our Marketing and Sales process.
- As a part of our recruitment process, we might also collect your personal information from other sources such as LinkedIn and Job Portals. In addition to the personal information mentioned above, specific details such as Education, Qualification, Family, Employment and Salary details might also be sought and collected from you during the process, subject to specific consent from your side for the same.
As a Data Processor, we might receive personal information via our global customers, as a part of, and as required for the fulfillment of our Solution and/or Service commitments to them. All the data collection through such processes is strictly governed by the specific Scope of Work and Data Processing Agreement with those customers.
Use of the information collected:
- Your personal Data collected through our web-forms will be used only for the designated purposes, for which it was collected, and for purposes for which your consent was taken
- The technical and related user end data collected will be used for the following purposes:
Ensuring customized and optimum presentation and performance of our website for you
Monitoring and analyzing to ensure effective and efficient system performance and usage of our website and related services
Identification and proactive handling of any technical issues
Troubleshooting and support purposes
In this process, Mu Sigma also will be using third-party services and tools, where necessary, such as Google analytics, Google Search Console and so on.
- Personal information collected from other sources for Marketing and Sales purposes will be used only for legitimate purposes, in compliance with the applicable laws and regulations, subject specific aspects such as:
Demonstrable relevance, context and value of the communication to you
Explicit consent sought from you at first contact to continue the conversation
- The data collected for Recruitment purpose will only be used for the purposes and processes related to the same, as per the consent received from you, and in accordance with applicable laws and regulations
- The data in the Mu Sigma system is also subject to periodic and ongoing Backup. The backup data is further used/processed only for the following purposes:
Trouble-shooting and data recovery purposes
Backup and Recovery testing/verifications
- We don’t profile the users or monitor the behavior of users using the personal information either manually or in an automatic manner, for any purpose other than legitimately required as a part of delivering and supporting the designated service from us
- We don’t use the personal data collected/provided to us for any purpose other than:
Those for which specific consent has been received from you, and
Those which are explicitly included in our formal Data processing agreement with our Customers as Data controllers
To whom would we disclose this Personal Data?
- All the personal Data within the context of Mu Sigma will be disclosed to and be accessible by only limited, designated personnel within Mu Sigma, as governed by the Data Processing agreement with our customers as Data Controllers. These personnel could be part of any of the registered companies within the Mu Sigma corporate and its subsidiary companies.
- Some of the personal data may also be shared with designated Service/Solution providers who act as sub-processors for designated purposes, such as Marketing services, recruitment and Payroll Services, and other technical services such as emails, spam filtering, analytics, monitoring and troubleshooting etc. We contractually require our agents, service providers, and affiliates who may process personal data related to the Services to provide the same level of protection for personal data as required under the Principles and applicable laws and regulations. Mu Sigma currently does not transfer personal data to a third party for the third party’s own use, but only for Mu Sigma’s purpose as a part of our legitimate business purpose as a Data Controller and Data Processor.
- In accordance with our legal obligations, we may also transfer Data, subject to lawful requests and requirements, to public authorities for law enforcement or national security purposes, where required and applicable. We may also disclose Customer Data (including any personal data), where otherwise required by law.
Data Storage and Transfer:
- The Data collected will be stored in the Physical and/or cloud based Servers and Databases owned and managed by Mu Sigma and/or our designated partners
- The data might be stored and/or transferred within or outside the region of collection, to fulfill the agreed and lawful processing. However, any transfer of data outside the region of data subjects will be done in compliance with the applicable Privacy acts and regulations.
- We apply a general rule of keeping personal data only for as long as required to fulfill the purposes for which it was collected
- The retention of Any customer specific data including Personal Data in our systems will be limited to the terms agreed in our contracts/agreements with our customers, as well as the requirements in applicable laws and regulations
- Mu Sigma doesn’t retain the data beyond the tenure required by the specific purpose for which it was collected, by our Customer and/ or any applicable laws/ regulations
Data Protection and Security:
Mu Sigma takes Data Security including that of personal data very seriously. All our systems and processes are planned, designed and managed by keeping Security and Privacy in mind.
A robust information Security Management System (ISMS) is established within Mu Sigma that governs the systems and practices. This ISMS is established and managed in alignment with global best practices and certified towards ISO/IEC 27001:2013 standard. The system is subject to strong controls including ongoing monitoring, periodic security testing, internal/external audits and verifications.
We contractually require our agents, service providers, and affiliates who may process data related to the Services to provide the same level of protection for data as required under the Principles and applicable laws and regulations.
Your Rights as a Data Subject:
Subject to applicable law(s) and regulations, you may have some or all the following rights available to you in respect of your personal data that is residing with us:
- To obtain a copy of your personal data together with information about how and on what basis that personal data is processed
- To rectify inaccurate personal data (including the right to have incomplete personal data completed)
- To request for erasing your personal data residing with us, subject to specific context and terms and conditions
- To request for a restriction on processing personal data under certain circumstances
- To port your data in machine-readable format to a third party (or to you)
- To withdraw your consent to us processing your personal data (where that processing is based on your consent)
- To lodge a complaint with the supervisory authority in your region
In relation to any such rights related aspects on Privacy, please contact us at email@example.com.
Please note that we may request proof of identity, and we reserve the right to charge a fee where permitted by law, especially if your request is manifestly unfounded or excessive. We will endeavor to respond to your request within all applicable timeframes.
In the case of Personal Information received from, and processed on behalf of our customers, since we are not the Data Controller, the applicability, details of methods and terms for requesting and fulfilling these rights will be defined and provided by our customers. Mu Sigma is fully committed to enable and support our customers in this aspect, as per the Data processing and service agreement(s) with our customers.
If you contact us regarding Data collected by or on behalf of our customers for which we are acting as a data processor, we will attempt to refer your request to the relevant Customer who acts as the data controller for your personal data.
If you have any questions or need further information regarding this policy, you may contact us via the means provided on this site.
Last updated on 25 June 2018.