Flyfish, a subsidiary of Fractal Analytics Inc., One World Trade Center, Suite 76J, New York, NY 10007, USA (collectively “Flyfish”, “we”, “us”, “our”) is committed to protecting your personal information and your right to privacy.
Flyfish considers Privacy as one of the most important aspects in our Products and Services. While carrying out global business operations, we take utmost care and due diligence to ensure Privacy aspects of every individual who interacts with us, as well as our products and services are taken care of, by design and by default, in alignment with all applicable laws and regulations.
• The nature and extent of personal information we collect, how we collect it and why we collect it
• How we use that information
• The options and methods we offer to individuals to fulfil their right towards Privacy, including provisions to access and update information
We’ve tried to keep it as simple and concise as possible. Please review the Policy before you share any personal information with us. By using the website/platform further and providing us with your personal information, you are demonstrating your consent for the same. In accordance with the applicable laws and regulations, we will be seeking your consent on collection and usage of specific personal information in specific context, as required.
Our Commitment to Privacy Acts and Regulations
If you have any questions, contact us at email@example.com.
Our Role as Data Controller:
We collect and process personal information as a Data Controller, in the following contexts:
• As part of our Marketing and Sales process, to market and sell our Solutions and Services in our target Markets
• During your visit to our website, either through designated web-forms or through automated means such as cookies (please refer to the details below)
• As a part of Recruitment Process, in order to engage suitable human resource professionals into our global team
• During the employment with us as part of the HR, Payroll and other related internal Processes
• As a part of the Visitor management processes, in our office facilities.
• When you use our products or services
The details of the policies and controls governing these are given in the below sections.
Our Role as Data Processer
Flyfish provides Artificial Intelligence Solutions to our global customers. Though Flyfish does not engage individuals directly nor collect personal information directly from them in this process, some personal information is collected by our solutions and processed. Such processing is carried out, entirely on behalf of our customers. In this way, Flyfish acts as Data Processor of Personal information, to the extent of, and strictly bound and governed by the Data Processing Agreements (DPA) with our customers.
Flyfish takes utmost care and diligence to ensure: Our solutions are designed, implemented and managed in a manner keeping Data protection and Privacy in mind by Design and Default and that in the collection of processing of personal data in this context are carried out in complete compliance to applicable laws and regulations.
What personal information do we collect?
As a Data Controller, we collect personal information in the following areas and ways: Details collected through specific web-forms on our website/product during your visit to our website/products. The information collected through these web-forms usually includes non-sensitive information such as Name, Business email ids, Company Name and Contact numbers. As is true of most websites, Flyfish collects and/or logs Internet Protocol addresses, Internet domain names, the web browser and operating system used to access the Flyfish web site, the files visited, the time spent in each file, and the time and date of each visit. Flyfish collects these through the use of log files and web beacons.
We may also collect Your Information to track user behavior and preferences for internal analytics and research. We may also use Your information: (i) to perform analytics and conduct customer research, to determine Your interest, for identifying Your preferences in order to enable Us to provide You with services or products of Your preference and to analyze traffic patterns.
If You choose to post messages on Our message boards, chat rooms or other message areas or leave feedback, we will collect that information You provide to Us. We retain this information as necessary to resolve disputes, provide customer support and troubleshoot problems as permitted by law.
Some of Flyfish websites/products allow our users to publish content via discussion forums, blogs, user-editable documents, and commenting systems. Any information that is disclosed in these forums becomes public information which could be read, collected or used by other users to send you unsolicited messages. We are not responsible for the personally identifiable information you choose to submit in these forums. You should exercise caution when deciding to disclose your personal information. Flyfish may, from time to time, send email regarding our products and services to users who have posted to our discussion forums, blogs, user-editable documents, and commenting systems.
We might collect your personal information through various sources such as our marketing platforms, in a fair. Legal manner, subject to consent and complete compliance to applicable laws and regulations. As a part of our recruitment process, we might also collect your personal information from other sources such as LinkedIn and Job Portals. In addition to the personal information mentioned above, specific details such as Education, Qualification, Family, Employment and Salary details might also be sought and collected from you during the process, subject to specific consent from your side for the same.
As a Data Processor, we might receive personal information via our global customers, as a part of, and as required for the fulfilment of our Solution and/or Service commitments to them. The scope of these information will depend on the nature of our customers’ business and the areas where they use our solutions and Services. All the data collection through such processes is strictly governed by the specific Scope of Work and Data Processing Agreement (DPA) with those customers. The collection, storage and processing of these data will be in compliance with the applicable laws and regulations. Cookies:
Flyfish services are not marketed to or intended for use by individuals who cannot legally bind a contract. Accordingly, Flyfish does not intentionally gather any Personal Information about visitors or customers who are under the age of 18. If you are under the age of 18 or otherwise lack the capacity to enter into a binding contract, do not use our website or services yourself. Please ask an adult to establish an account with us instead.
Flyfish does not provide services or sell products/services to, nor engages or recruits/employs children under the age of 18. Hence, as a Data Controller, there are no avenues where Flyfish collects and processes personal data of children below 18. By design and default, even as a Data Processor, we do not receive and/or process any personal data of children below 18 from our customers. If we discover that we have received any information from a child under the age of 18 in violation of this policy, we will notify our Data controllers immediately and delete that information immediately. If you believe we have received any information from or about anyone under the age of 18, please contact us immediately.
How do we use personal information?
Your personal Data collected through our web-forms will be used only for the designated purposes, for which it was collected, and for the purposes for which your consent was taken The technical and related user end data collected will be used for the following purposes:
• Ensuring customized and optimum presentation and performance of our website for you
• Monitoring and improvising to ensure effective and efficient system performance and usage of our website and related services
• Identification and proactive handling of any technical issues
• Troubleshooting and support purposes
• To retain a legal and/or compliance audit trail.
In this process, Flyfish also will be using third-party services and tools, where necessary, such as Google analytics. Personal information collected from other sources for Marketing and Sales purposes will be used only for legitimate business purposes, in compliance with the applicable laws and regulations, subject specific aspects such as:
• Demonstrable relevance, context and value of the communication to you
• Explicit consent sought from you at first contact to continue the conversation
The data collected for Recruitment purpose will only be used for the purposes and processes related to the same, as per the consent received from you, and in accordance with applicable laws and regulations The data in the Senseforth system is also subject to periodic and ongoing Backup. The backup data is further used/processed only for the following purposes:
• Trouble-shooting and data recovery purposes
• Backup and Recovery testing/verifications
We don’t profile the users or monitor the behavior of users using the personal information either manually or in an automatic manner, for any purpose other than legitimately required as a part of delivering and supporting the designated service from us. The Personal information collected and processed through our Solutions and Services on behalf of our customers are processed and used only for the legitimate purposes governed by our Data Processing agreement with our customers. We don’t use the personal data collected/provided to us for any purpose other than:
• Those for which specific consent has been received from you, or
• Those which are explicitly included in our formal Data processing agreement with our Customers as Data controllers
The Flyfish website may provide links to third-party websites for your convenience and information. If you access those links, you will leave the Flyfish website. Flyfish does not control those sites or their privacy practices, which may differ from Flyfish policy.
Data Storage, Protection and Transfer:
Flyfish takes Data Security including that of personal data very seriously. All our systems and processes are planned, designed and managed by keeping Security and Privacy in mind. A robust Information Security Management System (ISMS) is established within that governs the systems and practices. This ISMS is established and managed in alignment with global best practices and certified towards ISO/IEC 27001:2013, SSAE SOC2 and HIPAA standard.
The system is subject to strong controls including ongoing monitoring, periodic security testing, internal/external audits and verifications. We contractually require our agents, service providers, and affiliates who may process data related to the Services to provide the same level of protection for data as required under the principles and applicable laws and regulations. Data Storage and Transfer:
• The Data collected will be stored in the Physical and/or cloud based Servers and Databases owned and managed by Flyfish and/or our customers.
• The data might be stored and/or transferred within or outside the region of collection, to fulfill the agreed and lawful processing. However, any transfer of data outside the region of data subjects will be done in compliance with the applicable Privacy acts and regulations. Data Retention:
• We apply a general rule of keeping personal data only for as long as required to fulfill the purposes for which it was collected
• The retention of Any customer specific data including Personal Data in our systems will be limited to the terms agreed in our contracts/agreements with our customers, as well as the requirements in applicable laws and regulations
• Flyfish doesn’t retain the data beyond the tenure required by the specific purpose for which it was collected, by our Customer and/ or any applicable laws/ regulations. We apply a general rule of keeping personal data only for as long as required to fulfil the purposes for which it was collected.
The Retention of Any Personal Data in our Systems will be limited to the terms agreed in Our contracts/agreements with our customers, as well as the requirements in applicable laws and regulations.
We don’t retain the data beyond the tenure required by our Customer and / or any applicable laws/regulations.
• All the personal Data within the context of Flyfish will be disclosed to and be accessible by only limited, designated personnel within Flyfish, as governed by the Data Processing agreement with our customers as Data Controllers. These personnel could be part of any of the registered companies within the Flyfish corporate and its subsidiary companies.
• Some of the personal data may also be shared with designated Service/Solution providers who act as sub-processors for designated purposes, such as Marketing services, recruitment and Payroll Services, and other technical services such as emails, spam filtering, analytics, monitoring and troubleshooting etc. We contractually require our agents, service providers, and affiliates who may process personal data related to the Services to provide the same level of protection for personal data as required under the principles and applicable laws and regulations. Flyfish currently does not transfer personal data to a third party for the third party’s own use, but only for Flyfish purpose as a part of our legitimate business purposes as a Data Controller and Data Processor.
• In accordance with our legal obligations, we may also transfer Data, subject to lawful requests and requirements, to public authorities for law enforcement or national security purposes, where required and applicable. We may also disclose Customer Data (including any personal data), where otherwise required by law. Disclosure of Personal Information with Third Parties
• We may disclose Personal Information to affiliates and group companies. We may also disclose Your Personal Information with third parties strictly on confidential terms. We may disclose such information to third parties in order to provide You with customer support facilities, to comply with Our legal obligations, or to prevent, detect, mitigate, and investigate fraudulent or illegal activities related to the Website and to avail services from third parties in order to improve and manage Our services and for data analysis and market research.
• In the event of any requirement by court order, government or quasi-government agency to disclose Your Personal Information, We will disclose information as may be legally required. We may also disclose Your Personal Information if We, in the good faith believe that such disclosure is reasonably necessary to respond to subpoenas, court orders, or other legal process.
• In the event the Company is merged with or acquired by another company or in case of reorganization or restructuring of business, We and Our affiliates will share Your Personal Information, wholly or in part, with another business entity.
• Some of the personal data may also be shared with designated Service/solution providers who act as sub-processors for designated purposes, such as Marketing services, recruitment and Payroll Services, and other technical services such as emails, spam filtering, analytics, monitoring and troubleshooting etc. We contractually require our agents, service providers, and affiliates who may process personal data related to the Services to provide the same level of protection for personal data as required under the Principles and applicable laws and regulations. Locus currently does not transfer personal data to a third party for the third party’s own use, but only for Locus purposes as a part of our legitimate business purposes as a Data Controller and Data Processor. Users’ data rights and choices Subject to applicable local laws and regulations, users may have some or all of the following rights with respect to their personal data residing with us:
• To obtain a copy of your personal data together with information about how and on what basis that personal data is processed
• To rectify inaccurate personal data (including the right to have incomplete personal data completed)
• To request for erasing your personal data residing with us, subject to specific context and terms and conditions
• To request for a restriction on processing personal data under certain circumstances
• To port your data in machine-readable format to a third party (or to you)
• To withdraw your consent to us processing your personal data (where that processing is based on your consent)
• To lodge a complaint with the supervisory authority in your region In relation to any such rights related aspects on Privacy, please contact us at firstname.lastname@example.org. Please note that we may request proof of identity, and we reserve the right to charge a fee where permitted by law, especially if your request is manifestly unfounded or excessive. We will endeavour to respond to your request within all applicable timeframes. In the case of Personal Information received from, and processed on behalf of our customers, since we are not the Data Controller, the applicability, details of the methods and terms for requesting and fulfilling these rights will be defined and provided by our customers.
Flyfish is fully committed to enable and support our customers in this aspect, as per the Data processing and service agreement(s) with our customers. If you contact us regarding Data collected by or on behalf of our customers for which we are acting as a data processor, we will attempt to refer your request to the relevant Customer who acts as the data controller for your personal data.
Changes to this Policy
Flyfish will review and update this Policy periodically and will note the date of its most recent revision above. If we make material changes to this Policy, we will notify you either by prominently posting a notice of such changes prior to implementing the changes or by directly sending you a notification.