In this Policy, when we use the term “Subex”, “we”, “us”, “our” or similar terms, we are referring to Subex Limited and its affiliate companies including Subex (UK) Limited, Subex Inc., Subex Americas Inc., Subex (Asia Pacific) Pte Ltd, Subex Middle East (FZE), Subex Assurance LLP, Subex Digital LLP and Subex Bangladesh Pvt Ltd.
This policy describes:
- How to Contact Us
- The Information We Collect
- How Long Do We Keep Personal Data
- How Do We Use Personal Data
- Legal Basis for Processing Personal Data
- Sharing of Personal Data with Third Parties
- How we store Personal Data
- Your rights
- Changes to this policy
- Where does this policy not apply?
In certain places in this Policy, we may specifically reference the GDPR. By GDPR, we are referring to Regulation (EU) 2016/679 (General Data Protection Regulation).
How to contact us:
We are happy to respond to any inquiries you may have regarding collection, use, disclosure, transfer or processing of your personal data or the exercise of any of your rights. If you have questions or would otherwise like to contact us, please contact the Subex Data Protection Officer whose contact information is provided at the bottom of the last page of this policy.
Our registered office is at RMZ Ecoworld, Devarabisanahalli, Outer Ring Road, Bangalore – 560,103, INDIA and our website is at www.subex.com. We also maintain offices in Singapore, Dubai, London and Denver (Broomfield), Colorado in the U.S. You can find full contact information for each of these offices at www.subex.com/contact-us.
The information we collect:
It is first important to understand what we mean by “Personal Data”. We are referring to any information that is related to and identifiable with you, personally, that we have in our possession or control. Put more precisely, we mean to use the term Personal Data in the same manner as the GDPR.
Generally, we collect Personal Data about (i) our customers, vendors, business associates and potential customers, vendors and business associates (as well as their employees and representatives), (i) people who have expressed interest in our products and services (such as through visiting our website, visiting us at trade shows and otherwise by contacting us), and (iii) our employees, contractors and people who have expressed interest in becoming our employees and contractors.
The types of Personal Data that we collect will depend on the specific purpose for which we are collecting it. As an example, for a job applicant, we may collect your contact information, information such as job and education history and general background information including opinions from third parties and background screening information. For an employee, we may need to retain the information collected during the job application process (and we may need to periodically update the information) but also we collect additional information such as may be required to provide certain employee benefits or simply to pay salaries. For people expressing an interest in our products such as by visiting our website, we may collect your contact information and other information that allows us to understand your visit to our website better such as IP address, which webpages you have visited and measurement of site performance. Please also see information below regarding our use of “cookies” when visiting our website. For customer, vendors and business associates, we may collect your contact information.
How long do we keep Personal Data:
Simply put, it is our policy to retain the information we collect no longer than as reasonably necessary to fulfil the purposes for which we collect the information and to comply with our legal obligations.
How do we use Personal Data:
When we collect Personal Data directly from you, we use the personal data for the purposes that are disclosed to you or for purposes that you would reasonably expect. For example, if you send us your CV in response to a job posting, you would expect we would use that information for purposes of evaluating you as a job candidate. If you give us your contact information on our website as part of requesting more information, you would expect we would use your contact information to communicate information regarding our products and services with you.
More specifically, we may use your personal data as follows:
- if you are a customer, vendor or potential customer or vendor (or representative/employee of one of these entities), to contact you regarding products and services and generally for marketing and business development activities;
- if you are a business associate (such as a company who might act as a local representative for us, a reseller or some other company who might enter into business transactions with us involving an end customer), or representative of a business associate, to contact you regarding our working relationship and generally for marketing and business development activities;
- If you are an employee, contractor or applicant outside of the European Union, in accordance with Subex policies;
- If you have provided personal data in connection with an interest in our products or services, to provide information on our products and services and to provide an overall pleasant and productive experience on our website;
- Other reasons:
- To comply with legal and regulatory requirements;
- For legitimate business interests such as undertaking business research and analysis, managing the operation of our website and managing our business;
- To assist in reviewing and responding to complaints and questions including complaints and questions you may have;
- To exercise and defend our legal rights or to comply with court orders; and
- To prevent and respond to actual or potential illegal activities and fraud.
We may also use Personal Data we obtain from other sources, as well as data we compile, for the above purposes.
Legal Basis for Processing Personal Data:
When we process the data for the purposes set forth above, it will be based on one or more of the following legal grounds:
- Because it is necessary for us to do so to perform your instructions or a contract with you or your organization;
- To comply with our legal obligations as well as to keep records of our compliance processes or tax records;
- Because of our legitimate interests provided that those interests are not overridden by your interests or fundamental rights;
- Because you have given us your consent to process your personal data in the way we are processing it.
Sharing of Personal Data with third parties:
We share Personal Data with our affiliate companies, offices and employees internationally. Therefore, your Personal Data may be transferred to locations both inside and outside of the European Union. We may also share your personal information outside of Subex such as with:
- Affiliated Companies: We may share your personal data among the Subex family of companies (these are companies which are controlled either directly or indirectly by Subex Limited).
- Third party vendors and contractors and other service providers: We may share your personal data with these third party vendors in their normal course of their providing services to us. These third parties will be bound by obligations of confidentiality with respect to your personal data.
- Legal and government processes : We may share your personal data to comply with the law or legal processes or in response to a lawful request by a government agency.
- Others pursuant to your consent : We may share your personal data with others pursuant to your consent to do so.
Where the GDPR applies and we transfer Personal Data outside the EU/UK, we will ensure it is protected and transferred in a manner consistent with the requirements of the GDPR. This may include: (a) sending the Personal Data to a country approved by the European Commission; (b) ensuring the recipient has signed a contract based on “model contractual clauses” approved by the European Commission; or (c) if the recipient is in the U.S and item b above does not apply, ensuring he recipient is a certified member of the EU-US Privacy Shield system. If you desire further details on any of these manners of sharing your personal data, please contact our Data Protection Office who contact information is on the last page of this Policy.
How do we store personal data:
Subex takes reasonable steps to protect the security of your Personal Data as customarily done in the industry or as otherwise required by law.
With respect to any of your personal data governed by the GDPR (or where otherwise required by law), you have certain rights including:
- Access : With certain exceptions, you have the right to request a copy of personal data we may hold about you. The exceptions include situations where providing your personal data may expose personal data of another person and situations where we are legally prevented from providing the information.
- Rectification : Our goal is that any data, including personal data, that we keep is accurate. If you are aware that we have inaccurate personal data about you and you notify us, we will take reasonable steps to correct it.
- Objecting or restricting processing : Under certain situations, you may be entitled to object to our processing of your personal data or to request we restrict the manner in which we process it. If you would like to object or request restriction, please notify us.
- Portability : Under certain circumstances where you have provided personal data to us, you have the right to request that some of your personal data is provided to you in a structured, commonly used, computer-readable format. Or you may have the right to request we transmit your personal data to a third party in such a format.
- Withdraw of consent : If our legal basis for processing your personal is based solely on your consent, you have the right to withdraw your consent.
- Requirement to provide data : To know whether providing the personal data is required by a statute, a contract (or necessary to enter into a contract) and the consequences of failing to provide the personal data.
- Automated Decision Making : To know whether we use automated decision making with respect to your personal data. We don’t.
If you would like to contact us to notify that you wish to exercise one of these rights, please contact our Data Protection Officer whose contact information is on the last page of this Policy.
Please understand that each of these rights is subject to certain conditions under which we may refuse to grant the right such as, in certain cases, where we are legally required to retain certain personal data. If we have basis to refuse your request, we will explain that basis to you.
You also have the right to lodge a complaint with the relevant supervisory authority. If you would like to exercise this right and require assistance in obtaining contact information for the correct supervisory authority, please contact us.
First, what is a cookie? Unfortunately, it is not a sweet treat that you get for having read this far. A “cookie” is a small data file that is stored on users’ computer, tablet, phone or other device when the user visits a website. Some cookies are deleted when the user close down his/her browser. These are known as session cookies. Others remain on users’ device until they expire or the user deletes them from user’s cache. These are known as persistent cookies. Persistent cookies enable the website to “remember” things about a returning user.
- Assessing your requirements to deliver content more relevant to you and your interest and to improve the website;
- To provide you with a personalized experience when visiting our website;
- Provide statistics to Subex on how Subex website and portals are used; etc.
More information on cookies can be found at www.allaboutcookies.org and on other websites. Below is a list of the Cookies used in Subex website:
Changes to this policy:
We may choose to review and change this Policy from time-to-time and at any time. You should check this page periodically and whenever you have questions about how we manage privacy as changes are binding on you. If we decide to change this Policy in a manner which significantly impacts how we use, share or secure your personal data, if collection of that data was based on your consent, we will attempt to give you a chance to “opt-out” if doing so is allowed by law and is reasonably practical.
Where does this policy not apply:
While we generally respect your Personal Data, as noted in the Your Rights section, certain rights are presently only applicable when governed by the GDPR or where such rights are otherwise required to be given under applicable law. Also, this Policy also does not apply where we are processing Personal Data as a Processor for another party (such as we may do with respect to Personal Data from our customers). Our processing of Personal Data as a Processor is controlled and governed by our agreements with such third parties.