Aizen Algo (“AAPL”, “we”, “us”, “our”) is committed to protecting the privacy and security of
your personal information. This Personal Data Protection Policy (“Policy”) describes how we
and use personal information about you during and after your engagement/relationship with us.
Aizen Algo is a controller of the data it processes, where we decide the purposes and means
of processing your personal data. We process personal data in accordance with applicable data
protection laws and regulations.
SCOPE & APPLICABILITY
The Policy applies to employees, workers, contractors, and any third party which is processing
personal data on behalf of us. It applies to the
processing of personal data collected from
our customers (end users), employees, business partners, and any other third parties. We may
update the Policy at any time. Please read the Policy together with Employee Privacy Statement (EPS) and any other privacy notice we
may provide on specific occasions when we are collecting or processing personal data about you
so that you are aware of how and why we are using such information.
Controller shall mean the party responsible for determining the purposes and means of processing
the personal data;
Data Subject means a natural person whose personal data is processed by a controller or
Personal Data Breach means a breach of security leading to the accidental or unlawful
destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data
transmitted, stored or otherwise processed;
Personal Data shall have the meaning given to it under the GDPR and shall include any
information relating to an identified or identifiable natural person;
Processor shall mean the party who processes Personal Data on behalf of Controller;
Processing includes any operation performed on Personal Data, whether or not by automated means,
including collection, use, recording, etc.
Supervisory Authority shall have the meaning assigned to it under the GDPR;
WHAT PERSONAL DATA DO WE HOLD?
Personal Data, or personal information, means any information about an individual from which
that person can be identified. It does not include data where the identity has been removed
(anonymous data). There are also certain special categories of Personal Data that require a
higher level of protection.
- We will process the following categories of Personal Data about you:
- Personal contact details including name, address, phone number, and personal email
Location of employment or workplace,
- Bank account details, payroll records, and tax status information,
- Marital status and dependents’ information,
- Emergency contact information/next of kin,
- Salary, leave, pension and benefits information,
- Recruitment information,
- Employment records,
- Performance information,
- Disciplinary and grievance information,
- Information about your use of our information and communication systems, and
- We may also collect, store and use the following special categories
of Personal Data:
Information about criminal convictions/offenses,
- Health information including any medical condition,
- Genetic information and biometric data.
HOW DO WE COLLECT YOUR PERSONAL DATA?
You may provide us with Personal Data during your employment with us. We also collect Personal
Data about you through our application and recruitment processes, either directly from you or
sometimes from third parties. The third parties from who we may have collected your Personal
Recruitment or human resource service providers,
- Health professionals,
- Insurers and insurance brokers,
- Nominated referees, and
- Law enforcement agencies.
HOW DO WE USE YOUR PERSONAL DATA?
We will only use your Personal Data where we are allowed to
do so under applicable law.
We will use your Personal Data in the following circumstances:
Where we need to perform the contract formalized with you,
Where we need to comply with a legal obligation,
Where it is necessary for our legitimate interests (or those of a third party) and your
and freedoms do not override such legitimate interests,
Where we need to protect your interests (or another individual’s interests), and
- Where it is needed in the public interest.
We will use special categories of Personal Data for
Performing our contract with you and
- Complying with legal obligations.
If you deny providing Personal Data, we may not be able to
perform the contract we have entered
into with you or we may be prevented from complying with our legal obligations.
CHANGE OF PURPOSE
We will only use your Personal Data for the purposes for which we collected it unless we
reasonably consider that we need to use it for another reason and that reason is compatible with
the original purpose. If we need to use your Personal Data for an unrelated purpose, we will
notify you, and we will explain the legal basis which allows us to do so.
Please note that we may process your Personal Data without your knowledge or consent, in
compliance with the above rules, where this is required or permitted by law.
HOW DO WE USE SPECIAL CATEGORY OF PERSONAL DATA?
Special category of Personal Data requires a high level of protection. We will use a special
category of Personal Data for the following purposes:
Leave management (sickness absence),
- Employment or other legal obligations,
- Workplace assistance and adjustments in relation to disability,
- Benefits administration, and
- Equal opportunity.
Automated decision-making takes place when an electronic system uses Personal Data to make a
decision without human intervention. We are allowed to use automated decision-making in the
If required by applicable law, where we have notified you of the decision and given you notice
to request consideration,
Where it is necessary to perform the contract with you, and appropriate measures are in place to
safeguard your rights,
In limited circumstances, with your explicit consent and where appropriate measures are in place
to safeguard your rights.
We ourselves are responsible for the Processing, and as such, we guarantee that the conditions
which the GDPR imposes on such decision-making have been fulfilled. You will not be subject to
decisions that will have a significant impact on you solely based on automated decision-making
unless we have a lawful basis for doing so and we have notified you about the same.
If we make an automated decision solely on the grounds listed above in this section, you will
have the right to request human intervention with regard to that automated decision and to
contest such decision in accordance with the Policy.
We may have to transfer your Personal Data, including sharing it with third parties. We require
third parties and data recipients to agree to standard obligations for the protection of your
Personal Data in accordance with applicable laws and regulations. We also require third parties
to respect the security of your data and provide a similar degree of protection to it as we do.
- We will share your Personal Data with third parties where required
by law, where it is
to administer the working relationship with you, or where we have another legitimate interest in
doing so. The following activities are carried out by third-party service providers:
- Information Technology (IT) support services
- Payroll management
- Background checks
- Mobility services
- Talent management
- Immigration, visa, and permits.
- Transferring Personal Data outside the European Union (EU)
We may transfer your Personal Data to countries outside the EU in order to process your Personal
Data on one of the grounds listed in the Policy. It is possible that the European Commission
(EC) has deemed such a country adequate for data protection. However, not all countries have not
been deemed adequate by the EC. To ensure that your rights are
enforceable pursuant to such data transfer(s), we have put in place data processing agreements
along with standard contractual clauses published on 4 June 2021 pursuant to EC’s decision on
the transfer of Personal Data to third countries. This ensures that your Personal Data is
treated in a way that is consistent with GDPR.
HOW DO WE PROTECT YOUR PERSONAL DATA?
We have implemented appropriate information security measures to secure your Personal Data.
Third parties will only process your Personal Data on our documented instructions and where they
have agreed to treat the data confidentiality and to keep it secure.
We have put in place security measures to prevent your Personal Data from being accidentally
lost, used, or accessed in an unauthorized way, altered, or deleted. In addition, we limit
access to your Personal Data to those employees, agents, contractors, and other third parties
who have a business need to know.
They will only process your Personal Data on our instructions, and they are subject to a duty of
confidentiality. We have implemented measures to deal with any suspected Personal Data Breach
and will notify you and any applicable regulator of such a breach incident where we are legally
required to do so.
HOW LONG DO WE RETAIN YOUR DATA?
We will only retain your Personal Data for as long as necessary to fulfill the purposes we
collected it for, including for the purposes of satisfying any legal, accounting, or reporting
requirements. To determine the appropriate retention period for Personal Data, we consider the
amount, nature and sensitivity of the Personal Data, the potential risk of harm from
unauthorized use or disclosure of your Personal Data, the purposes for which we process your
Personal Data and whether we can achieve those purposes through other means, and the applicable
legal requirements. We may anonymize your Personal Data so that it can no longer be associated
with you, in which case we may use such data without further notice to you.
Once you are no longer an employee, worker, or contractor ofAizen Algo, we will retain
and securely destroy your Personal Data in accordance with this policy along with our Data
Retention and Disposal Policy. However, if your Personal Data is subject to legal hold
because of our ongoing legal obligations in connection with investigations, third party
demands, or possible litigation, we may preserve your data for so long as it is subject to
such legal hold.
WHAT RIGHTS DO YOU HAVE IN RELATION TO YOUR PERSONAL DATA?
Request access to your Personal Data: This enables you to receive a copy of the personal
data we hold about you and to check that we are processing it in a lawful and fair manner.
Request correction of the personal data: This enables you to have any incomplete or
inaccurate data we hold about you corrected.
Request erasure of your personal data: This enables you to ask to delete or remove personal
data where there is no lawful ground for us to continue processing it. You also have a right
to ask us to delete/remove your personal data where you have exercised your right to object
to Processing (refer to 13.4 below).
Object to Processing of your personal data: Where we are relying on a legitimate interest
(or those of a third party), and you have a ground to object to such Processing. You also
have a right to object where we process your data for direct marketing purposes.
Request the restriction of Processing: This enables you to ask us to suspend the Processing
of personal data about you e.g., if you want us to establish its accuracy or the reason for
Request to transfer: Enables you to request the transfer of your personal data to another
Right to withdraw consent: In circumstances where you may have provided your consent to the
Processing of your personal data for a specific purpose, you have the right to withdraw
consent for Processing at any time. To withdraw your consent, please write to us at
Right to complain: you have a right to make a complaint at any time with a relevant
For exercising these rights, you will not have to pay a fee. However, we may charge
reasonable fee if your request for access is clearly unfounded or excessive.
Alternatively, we may refuse to comply with the request in such circumstances.
In compliance with data protection regulation and commitment to data protection, Aizen Algo Pvt. Ltd. designates Data Protection Officer (DPO) and Chief Information Security Officer (CISO) who can be reached at:
We do not employ any cookie policies on our website.
UPDATE AND REVIEW
Aizen Algo reserves the right to update this Policy at any time, and we will
provide you with a new policy when we make any substantial updates. We may also
notify you in other ways from time to time about the Processing of your Personal
Revision version: 01 Revision date: 09-01-2024 Next Revision date: 08-01-2025