This Personal Data Protection Policy (hereinafter referred to as the “Policy”) document explains our privacy practices regarding the collection, use, disclosure and transfer of your Personal Data by Ezapp Technologies and/or its subsidiary(ies) and/or affiliate(s) (collectively referred to as the "Ezapp" or “we” or “us”, “our”)
Ezapp is a leading Software Automation & Consulting firm focused on the financial services industry and is working to Automate Workflows, Automate App Development, Automate AI/ML Development, AI Decisioning Systems for Financial Institutions like Banks, Hedge Funds, Wealth Management Firms, Asset management, and Broker/Dealers around the world.
To demonstrate a set of privacy and Personal Data protection standards that govern Ezapp Technologies procedures to collect, store and process Personal Data in a lawful manner.
To ensure Personal Data is protected from data security risks.
To ensure Personal Data is transferred or processed in a manner consistent with the applicable data protection laws and regulations.
This policy applies to processing of personal data in electronic form or otherwise and shall apply to Ezapp, its operations and business units and supersedes any other policy relating to Personal Data protection. This means that this Policy shall apply to all employees, contractors, working partners and businesses carried on by Ezapp and any other Affiliates of Ezapp except to the extent, if any, stated under exemptions below, must comply with it.
Ezapp shall establish the specific purposes for which Personal Data is being collected and that its collection and processing of Personal Data is done in a manner consistent with those stated purposes.
Ezapp shall collect and process only such Personal Data as is adequate, relevant and limited in scope to the requirement and for a length of time that is necessary for the stated purposes of its use.
Personal data shall be processed lawfully, fairly, and transparently, regardless of the source of personal data collected.
Ezapp shall utilize IT systems and applications that have the ability to comply with DataProtection Laws and Regulations including providing appropriate security for storage and transmission of Personal Data.
Ezapp shall Perform Data Protection Impact Assessments as per relevant and applicable data privacy requirements.
Ezapp shall report breaches promptly and in line with the Personal Data breach notification process detailed in Data Breach Notification Policy.
Ezapp shall record, investigate, analyze and report data protection-related complaints; and Ezapp shall ensure that data protection training is undertaken by all concerned employees.
Ezapp may collect, store, use and disclose information about individuals which may constitute Personal Data (including Sensitive Personal Data) under various applicable data protection laws (including but not limited to Information Technology Act 2000 (IT Act), Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011 (IT Rules), General Data Protection Regulation (GDPR), UK DPA 2018, Data Protection Act 1998 (USA), California Consumer Protection Act (CCPA), The Personal Information Protection and Electronic Documents Act (PIPEDA) Canada, Personal Data Protection Act 2012 (PDPA) Singapore, Personal Data (Privacy) Ordinance (PDPO) Hong Kong, Act on Protection of Personal Information (APPI) Japan for lawful, explicit and legitimate purposes and for further processing of Personal Data consistent with those purposes.
The Personal Data may be processed for purposes including without limitation:
For the purpose of, or in connection with, any legal proceedings for obtaining legal advice or for establishing, exercising or defending legal rights or any other purpose connected to or incidental to the purposes stated above
Personal Data collected at website - cookies may be used in website to track user behavior, etc., and/or username, address, email, phone number may be collected for marketing or research purposes
Ezapp shall specifically mention the purpose and obtain free consent, if required from the data subject prior to collecting, storing and processing of Personal Data.
Ezapp shall not utilize an individual’s Personal Data in its control, beyond the scope for which it was collected without prior written consent from the individual. Individual’s Personal Data shall not be provided or otherwise disclosed to third parties other than Ezapp, investigators, or law enforcement personnel where consent has been obtained from the concerned individual or when disclosure is legally mandated. Ezapp may record and monitor electronic and voice communications, to the extent permitted by applicable laws, to ensure compliance with the legal and regulatory obligations, internal policies and for the purposes outlined above in this policy.
Ezapp may transfer personal data internally or to third party recipients. In order for Ezapp to carry out its operations across its various entities, there may be occasions when it is necessary to transfer personal data from one entity to another, or to allow access to the personal data from an overseas location.Any transfer of Personal Data to a third party shall take place only if, adequate levels of protection of Personal Data in accordance with applicable data protection laws is guaranteed by such third party. Data shall be encrypted and anonymized wherever necessary.
Ezapp shall take prudent steps to safeguard the confidentiality and security of all Personal Data including taking procedural and organizational steps to protect Personal Data from accidental or unlawful destruction and disclosure. These steps include entering into written agreements to protect Personal Data with all its vendors, subcontractors who process Personal Data. In addition, Ezapp strives to protect personally identifiable information that it maintains or disseminates so that it is not accessed or obtained by unauthorized individuals or used in unauthorized ways.
Ezapp recognizes that data subjects have a right to request a copy of the Personal Data held by Ezapp. If any Personal Data is found to be incorrect, the individual concerned has the right to file a request to amend, update or delete it, as appropriate. Individuals also have a right to object or restrict to the processing of their Personal Data as per the prevailing laws. The right to data portability gives data subjects the right to receive personal data they have provided to Ezapp in a structured, commonly used and machine-readable format.
If Ezapp undertakes transactions or other services that involves the processing or disclosure of Personal Data on behalf of any of our client or counterparty, it shall be the responsibility of such client or counterparty to ensure that it has all necessary authority to permit Ezapp to process and disclose the Personal Data accordingly. Privacy consent can be withdrawn by the data subject by informing the appropriate authority within Ezapp as mentioned in the access revocation process document.
Please note that we may ask you to verify your identity before responding to such requests.
The personal data shall be deleted from the system on request or when it has served its purpose, only after a complete evaluation of compliance with any applicable legal obligations or business processes.
Data subject concerns shall be addressed and their rights related to information access; objection to processing, automated decision-making and profiling; restriction of processing; data portability; data rectification; and data erasure shall be upheld through an internal data protection office. If an individual makes a request relating to any of the rights above, Ezapp shall consider each such request in accordance with all applicable data protection laws and regulations. No administration fee will be charged for considering and / or complying with such a request unless the request is deemed to be unnecessary or excessive in nature. This demonstrates our commitment to data protection, and it shall enhance the effectiveness of our compliance efforts
All employees shall have their data protection responsibilities outlined to them as part of the induction training. A culture of data protection and privacy shall be inculcated among the employees by providing regular training in order to sustain awareness
Privacy controls shall be considered while designing and implementing new or existing systems or processes, based on the technologies available, cost of implementation, scope, context and purposes of collecting, storing and processing Personal Data.
Ezapp shall implement appropriate data-protection principles, technical and organizational measures to ensure that Personal Data is secure.
Ezapp shall conduct periodical Data Protection Impact Assessment that shall include:
A systematic description of the system or purpose.
Assessment of the risks to the rights and freedoms of data subjects.
The measures to address the risks, including safeguards, security measures and mechanisms to ensure the protection of Personal Data and to demonstrate.
All Ezapp personnel handling Personal Data have a responsibility to report any data privacy breach related incidents and any violations of this policy; such incidents shall be reported immediately to Support by sending an email to firstname.lastname@example.org
All Ezapp personnel handling Personal Data shall take reasonable measures for protection of Personal Data. The Data Privacy Officer (DPO) is responsible for administration of this policy and monitoring its compliance.
Enforcement of this Policy is mandatory and the steps to be taken in case of any violation by Ezapp and its Affiliates personnel:
All violations shall be reported immediately by sending an email to Ezapp.
Any Ezapp personnel found violating this policy will face strict action taking into account factors such as nature of violation, degree of damage caused etc. and which may include termination or any other legal action.
of a team senior
and middle engineers
© 2023 Copyright. All rights reserved.