Privacy Policy
1. Introduction
As a globally integrated company, Concentrix’s business processes increasingly go beyond the borders of one country. This globalization demands not only the availability of communication and information systems across the Concentrix group of companies, but also the world-wide processing, sharing and use of multiple types of information including information about an individual whose identity is apparent (either directly and indirectly), or can be reasonably be ascertained from the information available or likely to be available (Personal Information).
This Policy letter sets forth the general principles which underlie Concentrix’s specific practices for collecting, using, disclosing, storing, retaining, disposing, accessing, transferring or otherwise processing Personal Information.
2. Applicability
This Policy applies to all Concentrix personnel, operating units, and wholly owned subsidiaries worldwide and (as transferred and agreed) with suppliers/business partners who must act consistently with the principles contained in the policy. Country and industry-specific laws and regulations shall take precedence over this policy, to the extent applicable. The application of these principles is more particularly described in the applicable Concentrix Corporate Instructions (and any accompanying implementation Guidelines) relating to processing Personal Information. Please read this policy along with the company guidelines for use and processing of Personal Information to understand how Concentrix plans to achieve the set principles.
3. Privacy Policy Statement
Concentrix remains committed to protecting the privacy and confidentiality of Personal Information of its Employees (including prospects and contractors), Clients, Client Customers, Business Partners and other identifiable individuals that it may receive, use, access, process, transfer or store as part of its business. Uniform practices for collecting, using, disclosing, storing, retaining, disposing, accessing, transferring or otherwise processing such information assists Concentrix to process Personal Information fairly and appropriately.
Concentrix may collect personal information from various persons as part of the services it may render to them, or in the course of its business. Based on the information being collected and nature of services or requirement, Concentrix will apply suitable mechanisms to ensure that Concentrix has a lawful basis for receiving, accessing, using, processing, transferring, storing and/or disposing such personal information.
4. General Privacy Principles
These general principles apply to the processing of Personal Information world-wide by Concentrix.
A. Accountability:
Concentrix understands its accountability and responsibility for any Personal Information that it may receive, use, process, store as part of its business. Accordingly, it will:
I. have appropriate corporate instructions, guidelines and other measures to be able to demonstrate that Personal Information is used/ stored / processed / retained / disposed / transferred in compliance with applicable law and other applicable guidelines;
II. designate an individual or individuals who are accountable for the organization’s compliance with the Privacy principles; and
III. ensure the availability of required policies, procedures and contacts for management of personal information; these being reviewed at a minimum annually or as and when there is a change warranted.
B. Consent, Fairness and Purpose:
Concentrix will only collect adequate, relevant and necessary Personal Information, and will process such Personal Information fairly and lawfully for the purposes for which the Personal Information was collected.
When collecting Personal information, the purposes, legal basis, and where required by applicable law, the consent of the individual, will be specified and / or obtained upon or before its initial collection and / or disclosure as well as before any previously collected Personal Information is Processed for a new or different purpose.
Individuals can withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. Upon receipt, Concentrix will inform individuals of the implications of withdrawal.
C. Accuracy:
Concentrix will keep Personal Information as accurate, complete and up-to- date as is necessary for the purpose for which it is processed; and provide appropriate channels for the same.
D. Disclosure and Data Sharing:
Concentrix will make Personal Information available inside or outside Concentrix under appropriate circumstances for business purpose only or as authorized by law. This may require Concentrix to transfer personal information to countries other than Concentrix operation’s country of business (including transfer to other entities or third parties).
Concentrix will implement privacy principles for the use / processing/ transfer / storing/ disposal of personal information as may be prescribed under applicable laws.
E. Cross-Border Data Flows:
When conducting business, working on Company projects, or implementing new processes or systems, an operation may require the transfer of personal information to other entities or third parties that are located outside of the Concentrix operation’s country of business. While permissible data transfer mechanisms are defined by applicable law or regulation, examples include:
i. a data transfer agreement with the party who will access or obtain the personal information; or
ii. notice to and/or approval from a country’s local data protection authority; or
iii. notice to and/or consent from the individual whose data is to be transferred.
F. Security:
Concentrix will implement reasonable technical and organizational measures to safeguard Personal Information and instruct third parties processing Personal Information on behalf of Concentrix to process and manage it in a manner which is consistent with Concentrix standards (for Concentrix owned information) or Concentrix Client standards (for Client information), as may be applicable.
G. Access:
Upon request, Concentrix will, within a reasonable time, manner, and in a readily intelligible form provide individuals appropriate access to Personal Information retained by Concentrix. Concentrix has the right to deny the request; however, the reasons of denial will be provided. Concentrix will erase, rectify, complete, or amend the data pursuant to a justified request.
H. Retention and Disposal:
Concentrix will retain Personal information in a form that permits identification for no longer than as necessary for the fulfillment of the stated purpose, and should be disposed thereafter.
I. Transparency:
Concentrix will be transparent, and make readily available to individuals, specific information related to management of Personal Information.
J. Custodianship:
Concentrix will follow appropriate policies and practices agreed with its clients for the safe handling of Personal Information that it processes on behalf of its clients.
5. Enforcement and Redressal
Concentrix will provide appropriate robust mechanisms for assuring compliance with the Principles, and address grievance and / or provide recourse for individuals who are affected by non-compliance with the Principles.
6. Contacting Concentrix’s Data Privacy Office
If you have any questions, requests or grievances pertaining to this Privacy Policy or other privacy matters you may contact Concentrix’s Data Privacy Office or Lionel Thibert, Vice President, Regulatory Compliance & Privacy at [email protected] or at Concentrix, 39899 Balentine Dr. Ste 235, Newark, CA 94560.
ENCARREGADO DE PRIVACIDADE DE DADOS NO BRASIL
Em atendimento à LGDP, art. 41, o Diretor de Privacidade de Dados ou DPO da Concentrix no Brasil e na América Latina é Juan Andrés Trujillo Sánchez, cujas informações de contato são as seguintes:
Número de telefone: 57 (310)-280-3099
Endereço físico:
Endereço Eletrônico: [email protected]
O DPO tem as seguintes obrigações para cumprir a LGDP:
- tratar de reclamações e comunicações entre proprietários, prestar esclarecimentos e providenciar;
- Receber comunicações das autoridades nacionais e providenciar e orientar os funcionários e contratados da entidade a respeitarem as práticas a serem tomadas em relação à proteção das pessoas;
- Exercer outras atribuições determinadas pelo controlador ou estabelecidas em normas complementares.
More Information:
- GDPR
- GDPR FAQ
- Privacy Policy – India
- NPC Seal of Registration Concentrix CVG Malaysia (Philippines)
- NPC Seal of Registration Concentrix CVG Philippines, Inc.
- NPC Seal of Registration Concentrix CVG Singapore Holdings Pte Ltd ROHQ
- NPC Seal of Registration Concentrix Daksh Services Philippines Corporation
- NPC Seal of Registration Concentrix Services B.V. Philippine Branch
- NPC Seal of Registration Concentrix Services Philippines, Inc.
- NPC Seal of Registration Concentrix Services Pty Ltd ROHQ
- NPC Seal of Registration Concentrix SREV Philippines, Inc
- NPC Seal of Registration Encore Receivable Management, inc.