Exit Options for John Hancock Bond and Corporate Finance Group: Hanover Communications In... - 28 Strategic Investors

View x

Addendum to Privacy Policy (EU)

B-Bay Technologies, Inc., including its subsidiaries (BankerBay Technologies Pte. Ltd., Singapore, Window West Technologies Private Limited, India and BankerBay Information Technology (Shanghai) Company Limited, China), affiliates and licensors (collectively "BankerBay", "we", "us" or "our") take privacy and data protection seriously. When you use our Website and Services, you (the "subscriber", "Customer", "user", "you" or "your") trust us with your data and information. This addendum to the Privacy Policy (“Addendum”) is meant to help you understand how we Process personal data and information.

1. INTRODUCTION

1.1

This Addendum applies to the transactions or business conducted in the European Union (EU) and doing business or sharing data and information with BankerBay in connection therewith. This Addendum is published in compliance with the provisions of EU Data Protection Directive, EU General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) and the rules framed thereunder.

1.2

The protection of Personal Data is of critical importance to BankerBay and the following terms of this Addendum set out the minimum requirements of BankerBay with respect to all of its Customers.

1.3

This Addendum applies to all of the Services you acquire from us.

1.4

This Addendum is incorporated into and forms part of the Privacy Policy. Capitalized terms used but not defined in this Addendum shall have the meaning attributed to it in our Terms of Service.

2. DEFINITIONS

2.1

In this Agreement, the following words and expressions shall bear the meaning assigned to them below:

2.1.1

"Agreement" means: (i) the Terms of Service; or (ii) such other agreement entered into between BankerBay and the Customer in connection with the provision of the Services;

2.1.2

"Customer Personal Data" means any EU individual Personal Data Processed by BankerBay and/or its Subprocessor, on behalf of and under the instructions of Customer in connection with the provision of the Services under the Agreement;

2.1.3

"Data Subject" has the meaning ascribed to such term under the GDPR;

2.1.4

"Data Protection Laws" means GDPR and to the extent applicable, the data protection or privacy laws of any other country;

2.1.5

"GDPR" means the EU Data Protection Directive, EU General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) and the rules framed thereunder;

2.1.6

"Services" has the meaning ascribed to such term in the Terms of Service or (where applicable) means the services and other activities to be supplied to or carried out by BankerBay on behalf of Customer under the Agreement;

2.1.7

"Subprocessor" means any person (including any third party, but excluding an employee of BankerBay or any of its consultants or sub-contractors);

2.1.8

"Parties" means, collectively, BankerBay and the Customer;

2.1.9

"Personal Data" has the meaning ascribed to such term under the GDPR;

2.1.10

"Personal Data Breach" has the meaning ascribed to such term under the GDPR; and,

2.1.11

"Processing" has the meaning ascribed to such term under the GDPR.

3. YOUR CONSENT

3.1

When you access and/or use the Website and the Services, you specifically accept this Addendum.

3.2

By accessing, browsing and/or using the Website and Services, you are specifically consenting to BankerBay processing the Customer Personal Data in accordance with this Addendum. If you do not agree to the Processing of the Customer Personal Data in this way, please do not use the Website and the Services or otherwise provide us with your Personal Data.

3.3

You acknowledge that this Addendum is a part of the Terms of Service, and you unconditionally agree that becoming a user of the Website and its Services signifies your: (i) assent to this Addendum; and (ii) consent to us Processing the Customer Personal Data in the manner and for the purposes set out in this Addendum. Your visit to the Website and use of the Services is subject to this Addendum and the Terms of Service.

3.4

Collection, use and Processing of Personal Data under the Data Protection Laws require your express consent. By affirming your assent to this Addendum, you provide your express consent to such Processing of the Customer Personal Data as required under the Data Protection Laws.

4. PROCESSING OF CUSTOMER PERSONAL DATA

4.1

BankerBay and the Customer will comply with their respective obligations under Data Protection Laws in the provision and receipt of the Services under the Agreement entered into between the Parties and this Addendum.

4.2

In the provision of the Services, the Customer is the data controller and BankerBay is a data processor (or subprocessor) acting on Customer's behalf. Accordingly, BankerBay will not Process Customer Personal Data other than on Customer's consent and instructions, including as provided under the Agreement and the terms hereof and for such other purposes as the Customer may define in writing, from time to time, unless Processing is required by Data Protection Laws to which BankerBay (or its Sub processor) is subject.

4.3

The Customer:

4.3.1

instructs BankerBay (and authorises BankerBay to instruct each Sub-processor) to: (a) Process Customer Personal Data; and (b) in particular, transfer Customer Personal Data to any country or territory, as reasonably necessary for the provision of the Services and consistent with your Agreement; and

4.3.2

warrants and represents that it is and will at all relevant times remain duly and effectively authorised to give the instruction set out in Section 4.3.1, including on behalf of any Customer affiliate.

4.4

The type of Customer Personal Data which will be processed by BankerBay is set out in Annexure 1 to this Addendum.

4.5

The purpose for which BankerBay processes Customer Personal Data and matters related thereto are set out in Annexure 2 to this Addendum.

5. BANKERBAY’S PERSONNEL

5.1

BankerBay will take reasonable steps to ensure that any of its (or its Sub-Processor's) employees, consultants, agents or contractors who have access to Customer Personal Data are subject to confidentiality undertakings or professional or statutory obligations of confidentiality.

6. SECURITY

6.1

Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, BankerBay will in relation to the Customer Personal Data, use best endeavours to implement appropriate technical and organizational measures to ensure a level of security appropriate to that risk, including, as appropriate, the measures as prescribed under the GDPR. The security measures adopted by BankerBay are set out in Annexure 3 of this Addendum.

6.2

In assessing the appropriate level of security, BankerBay will take account in particular of the risks that are presented by Processing, in particular from a Personal Data Breach.

6.3

BankerBay will implement and maintain (and will ensure that each Sub-processor) implements and maintains the technical and organisational measures as prescribed under the GDPR.

6.4

Customer represents, undertakes and warrants that all Customer Personal Data Processed by BankerBay (and its Sub-processors) has been and will be collected and processed by the Customer in accordance with all Data Protection Laws and, without limitation to the foregoing, Customer will take all steps necessary, including without limitation providing appropriate fair collection notices and ensuring that there is a lawful basis for BankerBay (and its Sub-processors) to process Customer Personal Data, to ensure that the processing of Customer Personal Data by BankerBay (and its Sub-processors) in accordance with your Agreement is compliant with, and in accordance with, all Data Protection Laws .

7. SUB-PROCESSING

7.1

Customer authorises BankerBay to appoint (and permit each Sub-processor appointed in accordance with this Section 7 to appoint) Subprocessors in accordance with this Section 7.

7.2

BankerBay may continue to use those Sub-processors already engaged by BankerBay as at the date of this Policy.

7.3

BankerBay will provide to the Customer prior written notice of the appointment of any new Subprocessor, including known details of the processing to be undertaken by the Subprocessor. If, within thirty (30) calendar days of receipt of that notice, Customer notifies BankerBay in writing of any objections (on reasonable grounds) to the proposed appointment, BankerBay will not appoint (or disclose any Customer Personal Data to) that proposed Subprocessor until it has taken reasonable steps to address the objections raised by Customer and provided Customer with a written explanation of the steps. Where the Customer is not satisfied with the remediation supplied, the Customer may terminate Agreement without penalty upon providing BankerBay with written notice. BankerBay will not appoint (nor disclose any Customer Personal Data to) the proposed Subprocessor except with the prior written consent of Customer.

7.4

With respect to each Subprocessor, BankerBay will:

7.4.1

before the Subprocessor first processes Customer Personal Data (or, where relevant, in accordance with Section 7.3 above), carry out adequate due diligence to ensure that the Subprocessor is capable of providing the level of protection for Customer Personal Data required by your Agreement;

7.4.2

ensure that the arrangement between, on the one hand (a) BankerBay, or (b) the relevant intermediate Subprocessor; and on the other hand the Subprocessor, is governed by a written contract including terms which are not less protective of Customer Personal Data than those set out in this Policy.

8. PERSONAL DATA BREACH

8.1

BankerBay will, as soon as practical, upon becoming aware of a Personal Data Breach affecting Customer Personal Data, provide Customer with information (as and when available) to assist Customer in the Customer's endeavours to meet any obligations to report or inform Data Subjects of the Personal Data Breach under the Data Protection Laws.

8.2

BankerBay will co-operate with Customer and take such reasonable commercial and practicable steps as are directed by Customer to assist in the investigation, prevention (as applicable), mitigation and remediation of each Personal Data Breach.

9. DATA SUBJECT RIGHTS

9.1

BankerBay will:

9.1.1

promptly (and in any event within 14 (fourteen) days notify Customer if it or any Sub- processor receives a request from a Data Subject under any Data Protection Law in respect of Customer Personal Data;

9.1.2

not (and use best endeavours to procure its Sub-Processor will not) respond to that request except on the documented instructions of Customer or as required by Data Protection Laws, in which case BankerBay will to the extent permitted by Data Protection Laws inform Customer of that legal requirement before responding to the request; and

9.1.3

not be responsible for non-delivery of notification, if the Customer has not kept their email contact details up to date.

10. ACCESS, RECTIFICATION, DELETION OR RETURN OF CUSTOMER PERSONAL DATA

10.1

You may, under the Data Protection Laws, have the right to access, correct, update or delete the personal information BankerBay holds about you. In order to exercise your rights, to the extent permitted and required of BankerBay under applicable law, please contact us at privacy@bankerbay.com.

10.2

If you wish to cancel your account or request that we no longer use your information to provide you Services, contact us at privacy@bankerbay.com. BankerBay may retain Customer Personal Data to the extent that the obligations of the Customer, including the payment obligations of the Customer, under the Agreement are outstanding. Further, BankerBay may retain your information for as long as your account with the Services is active and as needed to provide you the Services and for such other purposes as set out herein. We will not retain such information for longer than is required for the purposes for which the information may lawfully be used or is otherwise required under any other law for the time being in force. BankerBay will ensure the confidentiality of all such Customer Personal Data and will ensure that such Customer Personal Data is only processed as necessary for the purpose(s) specified in the Data Protection Laws requiring its storage and for no other purpose.

11. AUDIT RIGHTS

11.1

BankerBay will make available to Customer, on request, all information necessary to demonstrate compliance with this Addendum, in relation to the processing of the Customer Personal Data by the BankerBay and/or its Subprocessors.

12. CHANGES IN DATA PROTECTION LAWS

12.1

This Addendum may be varied and updated from time to time by BankerBay as a result of a change in Data Protection Laws.

13. SEVERANCE

13.1

Should any provision of this Addendum be invalid or unenforceable, then the remainder of this Addendum will remain valid and in force. The invalid or unenforceable provision will be either: (i) amended as necessary to ensure its validity and enforceability, while preserving the parties' intentions as closely as possible or, if this is not possible, (ii) construed in a manner, as if, the invalid or unenforceable part had never been contained in this Addendum.

14. DATA PRIVACY OFFICER

14.1

Should you have questions about this Addendum, please reach out to the Data Privacy Officer designated by BankerBay to hear any complaints relating to your personal data and information. The details of the Data Privacy Officer are as under:

Name: Puneet Maheshwari

Registered Address: 216, Alfa Center, 2nd floor, Double Road, Binnamangala 2nd Stage,

Indiranagar, Bengaluru, Karnataka 560038

Email: privacy@bankerbay.com

Contact Number: +91 9739901373

15. Miscellaneous

15.1

The general provisions as outlined in the Terms of Service shall be applicable to this Addendum as well.

ANNEXURE 1

THE TYPES OF CUSTOMER PERSONAL DATA TO BE PROCESSED

Data relevant to the client relationship with an individual, including without limitation:

1.

Full name (first and last name, where applicable);

2.

Personal contact information (for example, phone number, email address);

3.

Business contact information (for example, phone number, email address, billing address);

4.

Technical ID data (such as IP addresses, type of device, location and movements);

5.

Financial/billing data (including bank account numbers);

6.

Usage data;

7.

LinkedIn public profile (if Signed in via LinkedIn.com); and

8.

Skype ID (if shared by the user).

The categories of Data Subject to whom the Customer Personal Data relates are as under:

1.

Individual users; and

2.

Users belonging to a corporation or organization or who are affiliated together in some way.

ANNEXURE 2

PURPOSE OF PROCESSING CUSTOMER PERSONAL DATA

1.

BankerBay will only use the Customer Personal Data when the law allows it to do so. BankerBay uses the Customer Personal Data for the following purposes:

1.1

for the provision of Services to the Customer, including customised Services in accordance with the Customer’s preference, i.e. for performing BankerBay’s obligations towards the Customer;

1.2

verify the Customer’s identity;

1.3

enable the Customer to access and use the Services;

1.4

to provide the Customer with necessary details pertaining to the Customer’s Account and the Customer’s license to use the Services, including for sending notifications for termination of contract;

1.5

process and complete transactions, and send the Customer related information, including purchase confirmations and invoices;

1.6

send messages, including responses to the Customer’s comments, questions, and requests to BankerBay or other users;

1.7

contact the Customer at any telephone number, by placing a voice call or through text (SMS) or email messaging, as authorized by the Customer under the Terms of Service;

1.8

bill for the Services and to collect fees or monies owed;

1.9

sending the Customer business messages such as those related to payments;

1.10

to do such activities for which the Customer have explicitly given us consent;

1.11

to comply with applicable laws, rules and regulations, as updated from time to time;

1.12

to inform the Customer about BankerBay’s new products and/or services;

1.13

manage and protect BankerBay’s information technology infrastructure;

1.14

manage risk, or to detect, prevent, and/or remediate fraud or other potentially prohibited or illegal activities and crimes;

1.15

detect, prevent or remediate violations of the Terms of Service and BankerBay’s other policies;

1.16

provide customer service and support;

1.17

respond to the Customer’s customer support inquiries and to facilitate resolution of any customer support problems that may arise;

1.18

send the Customer technical notices, updates, security alerts, and support and administrative messages;

1.19

advertise, promote and market BankerBay’s products and services and undertake all other types of business development activities;

1.20

send promotional communications, such as providing the Customer with information about products and services and other events;

1.21

perform analysis, research, business and operational analysis;

1.22

to determine the behaviour of users, including how users use the Website, including google analytics;

1.23

to determine user interaction/messages with counterparties or other clients on the Website to ensure that users are getting responses from counterparties;

1.24

to track user activity on the Website;

1.25

provide, maintain and improve BankerBay’s products and services;

1.26

measure the performance of the Services and improve their content and layout;

1.27

generate reports about BankerBay’s user base and service usage patterns, analyze the accuracy, effectiveness, and popularity of the Services;

1.28

to conduct data analytics studies to review and better understand customer satisfaction and needs;

1.29

to protect the Customer’s (or someone else’s) interest;

1.30

to deal with legal disputes, if any;

1.31

to protect the public interest or for official purposes, if formally requested by any investigative or other governmental authority; and/or

1.32

sending the Customer information about BankerBay.

2.

BankerBay shares Customer Personal Data with BankerBay’s employees, agents, representatives, sub-contractors, service providers and business partners to enable them undertake, perform and deliver the Services.

3.

BankerBay shares Customer Personal Data with BankerBay’s third-party service providers that BankerBay uses to provide hosting for and maintenance of the Websites, application development, backup, storage, payment processing, analytics, market BankerBay’s services, comply with audits, perform web analysis and other services for us. These third-party service providers may have access to or process Customer Personal Data for the purpose of providing these services for us. BankerBay do not permit its third-party service providers to use the Customer Personal Data that BankerBay shares with them for their marketing purposes or for any other purpose than in connection with the services they provide to us. Please note that third party service providers have their own privacy policies, and BankerBay is not responsible for their actions, including their information protection practices.

4.

BankerBay will only use the Customer Personal Data for the purposes for which BankerBay collected it, unless BankerBay reasonably considers that BankerBay needs to use it for another reason and that reason is compatible with the original purpose. In the event BankerBay needs to use the Customer Personal Data for an unrelated purpose, BankerBay will notify the Customer and BankerBay will explain the legal basis which allows BankerBay to do so.

ANNEXURE 3

SECURITY MEASURES ADOPTED BY BANKERBAY

1.

Access to infrastructure is restricted using two-way authentication and multiple access control levels. BankerBay uses virtual private network to restrict access to infrastructure components, with the exception of public-facing applications

2.

The flow of data between application components is restricted using separate virtual private networks and firewalls

3.

The flow of data between components occurs over private network endpoints

4.

BankerBay’s public-facing applications are fully encrypted with SSL certificates

5.

A strictly restricted application portal administration is implemented to only allow access to the BankerBay Network via authentication

6.

BankerBay has a strict backup policy to handle any data loss incidents

Addendum To Privacy Policy - (IND)

B-Bay Technologies, Inc., including its subsidiaries (BankerBay Technologies Pte. Ltd., Singapore, Window West Technologies Private Limited, India and BankerBay Information Technology (Shanghai) Company Limited, China), affiliates and licensors (collectively "BankerBay", "we", "us" or "our") take privacy and data protection seriously. When you use our Website and Services, you (the "subscriber", "Customer", "user", "you" or "your") trust us with your data and information. This addendum to the privacy policy (“Addendum”) is meant to help you understand what data and information we collect, why we collect it, and what we do with it.

1. INTRODUCTION

1.1

This Addendum applies to users, the transactions or business conducted in India and doing business or sharing data and information with BankerBay.

1.2

This Addendum is published in compliance with, inter alia: (i) the Information Technology Act, 2000; (ii) Regulation 4 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011 (“Data Security Rules”); and (iii) Regulation 3(1) of the Information Technology (Intermediaries Guidelines) Rules, 2011.

1.3

This Addendum describes your privacy rights regarding our collection, use, storage, sharing and protection of your personal information. This Privacy Policy applies to personal information collected by us in connection with the Services.

1.4

This Addendum is incorporated into and forms part of the Privacy Policy. Capitalized terms used but not defined in this Addendum shall have the meaning attributed to it in our Terms of Service.

1.5

This Addendum states the following: (i) the type of information collected from the Users, including Personal Information (as defined below) and Sensitive Personal Data or Information (as defined below); (ii) the purpose, means and modes of collection, usage, processing, retention and destruction of such information; and (iii) how and to whom we will disclose such information.

1.6

The information collected from you by BankerBay may constitute ‘personal information’ or ‘sensitive personal data or information’ as defined under the Data Security Rules. “Personal Information” is defined under the Data Security Rules to mean any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available to a body corporate, is capable of identifying such person. The Data Security Rules further define “Sensitive Personal Data or Information” of a person to mean such personal information about that person which consists of information relating to: (i) passwords; (ii) financial information such as bank accounts, credit and debit card details or other payment instrument details; (iii) physical, physiological and mental health condition; (iv) sexual orientation; (v) medical records and history; (vi) biometric information; (vii) any detail relating to the above clauses as provided to body corporates for providing services; and (viii) any of the information received under the above clauses by body corporates for processing, stored or processed under lawful contract or otherwise.

2. YOUR CONSENT

2.1

You specifically accept this Addendum when you access and/or use the Website or the Services.

2.2

By accessing, browsing and/or using the Website or the Services, you are specifically consenting to BankerBay collecting, using and disclosing your Personal Information and Sensitive Personal Data or Information in accordance with this Addendum. If you do not agree to the collection, use and disclosure of your Personal Information and Sensitive Personal Data or Information in this way, please do not use the Website, the Services or otherwise provide us with your Personal Information and Sensitive Personal Data or Information.

2.3

You acknowledge that this Addendum is a part of the Terms of Service and you unconditionally agree that becoming a user of the Website and its Services signifies your: (i) assent to this Addendum, and (ii) consent to us collecting, processing and/or disclosing your Personal Information and Sensitive Personal Data or Information in the manner and for the purposes set out in this Addendum. Your visit to the Website and use of the Services is subject to this Addendum and the Terms of Service.

2.4

Collection, use and disclosure of information which has been designated as Personal Information or Sensitive Personal Data or Information under the Data Security Rules require your express consent. By affirming your assent to this Addendum, you provide your consent to such use, collection and disclosure as required under applicable law.

3. MISCELLANEOUS

3.1

The provisions of Sections 3 (Collection and Use of Data), 4 (Protection of Your Data), 5 (Data Retention), 6 (Accessing and Deleting Your Information and Opting Out), 7 (Links to Third Party Sites and Services), 8 (Disclaimer), 9 (Children's and Minor's Privacy) and 10 (Changes to Privacy Policy) shall mutatis mutandis apply to this Addendum.

3.2

The general provisions as outlined in the Terms of Service shall be applicable to this Privacy Policy as well.

4. ADDRESS FOR PRIVACY QUESTIONS

4.1

Should you have questions about our Privacy Policy or this Addendum or our information collection, use and disclosure practices, you may contact the Grievance Officer appointed by BankerBay in accordance with the provisions of the Data Security Rules. We will use reasonable efforts to respond promptly to any requests, questions or concerns, which you may have regarding our use of your personal information. If you have any grievance with respect to our use of your information, you may communicate such grievance to the Grievance Officer mentioned below:

Name: Puneet Maheshwari

Registered Address: 216, Alfa Center, 2nd floor, Double Road, Binnamangala 2nd Stage,

Indiranagar, Bengaluru, Karnataka 560038

Email: privacy@bankerbay.com

Contact Number: +91 9739901373

Go to Top