Privacy Policy

Introduction

1.1 Definition

A privacy policy is a statement or a legal document (within privacy law) that discloses some or all of the ways an organization uses, discloses, and manages a customer or client’s data. It fulfills a legal requirement to protect a customer or client’s privacy.

Personal information can be anything that can be used to identify an individual, not limited to the person’s name, address, date of birth, marital status, contact information, ID issue and expiry date, financial records, credit information, medical history, where one travels, and intentions to acquire goods and services.

In the case of Abacus’s business, this is a statement that declares our policy on how we collect, store, and release personal information which we collect. It informs the client what specific information is collected, and whether it is kept confidential, shared with partners, whereas we don’t sell this information to other firms or enterprises at all; information is collected for business purposes only.

Abacus collects data following the ISO standard privacy policy, consisting of the following information in accordance with the rules:

1. Clear and easily accessible statements of its practices and policies

2. Type of personal or sensitive personal data/information collected

3. Purpose of collection and usage of such information

4. Disclosure of information, including sensitive personal data/information

1.2 Abacus Privacy Policy Statement

Abacus is committed to protecting the personal information that we collect, use, and disclose. This policy supports the company’s need to collect information and the right of the individual to privacy. It ensures that the company can collect personal information necessary for its services and business functions, background verifications, etc., while recognizing the right of individuals to have their information handled in ways they would reasonably expect and ways that protect their personal information.

‘Abacus considers all user/employee personal information as private. Abacus does not share any personal information of its employees, contractors with any third parties except: Vendors who provide services like background verification per standard procedures and policies, where respective vendors have signed an NDA with Abacus restricting them from providing information further without Abacus’s approval.

1.3 Standard Principles

1.3.1 Information / Data Collection:

Abacus collects user’s personal information necessary for business operations only. Where personal information of an individual is collected, reasonable steps should be taken to ensure that the individual is aware of:

• The identity of the company/Department and how to contact us,

• The fact that the individual is able to gain access to the information,

• Who the Department usually discloses information of that kind to,

• Any law or government authority that requires the particular information to be collected,

• The main consequence (if any) for the individual if all or part of the information is not provided to the Department.

1.3.2 Type of Information Abacus Collects:

Abacus might, but is not obliged to, collect the following information. All personal information below is considered private and is handled according to this privacy statement.

1. User personal information: Upon entering into a new venture, association, employment, job opportunity, or business relation (not limited to business official purposes), the user is required to fill forms or provide/submit: Full Name, email address, contact number, Birth date, Sex, Current Address, Nationality, AADHAR Card, Voter card, Address Proof, Bank Details, PAN Card Number, Previous Employment related documents, Educational Documents, Driving License, Passport Details, Immigration/Visa related documents, Photograph copies, Family members’ related information, Medical Insurance records, Nominee Details, and other personal information. Users can update this information after informing the respective Human Resource representative to form or continue the association with Abacus for business purposes only.

2. Visitor personal information: When third-party representatives, clients, associated members, vendor representatives, etc., enter the premises of the Abacus office, we collect personal information like Name, company name represented, reason for visit, contact details, Business card, etc. for our records and future reference.

Abacus also collects information from users visiting our website www.Abacusservice.com interested in contacting us for various types of inquiries: Alliances & Partners, Investors, Media/Press, Service or solution providers, career seekers, website feedback providers, any other category, etc., where we collect Name, Email, Contact Number, Message, etc.

1.3.3 Information / Data Quality

The Company values information as an important resource and asset. Reasonable steps must be taken to ensure that personal information collected, used, or disclosed is accurate, complete, up to date, and relevant to the company’s functions or activities.

1.3.4 Information / Data Security

Abacus is guided by the principle that all information is well governed and managed. Reasonable steps must be taken to protect personal information from misuse, loss, unauthorized access, modification, or disclosure. This includes destroying or permanently de-identifying personal information if it is no longer needed.

1.3.5 Information / Data Sharing Openness

To enable restricted access to only authorized users handling information per their roles and responsibilities, all users or delegated officers can access information collected. Non-relevant persons, including third-party representatives, cannot access personal information collected by Abacus.

Exceptions: Only after written approval from requesting authority to management/directors will specific information be shared (ex: background verification vendors, government authorities: Police, Cyber Law experts, etc.).

Abacus specifically states in such exceptional cases where personal information needs to be shared with government authorities/departments for legal proceedings, Abacus will fully cooperate and make the data available for investigations, audits, references, as and when requested.

A1.4 Disclosure of Information

A1.4.1 Sharing PROTECT or RESTRICTED Information with other Organizations

Abacus ensures that information records collected, managed, maintained, and retained are treated lawfully. PROTECT or RESTRICTED information must not be disclosed to any other person or organization by insecure methods including:

• Paper based methods

• Telephone

Where information is disclosed/shared, it should only be in accordance with a documented Information Sharing Protocol or agreement signed.

Disclosing PROTECT or RESTRICTED information to any external organization is prohibited unless done via email by an approved representative from HR/IT/Admin/Management with encryption.

Emails within the abacusservice.com domain are secure with current encryption. However, emails to outside domains may be intercepted, and if such data includes RESTRICTED or PROTECT information, risks exist.

1.5 Policy Compliance Principles

If any user is found to have breached this policy, they may be subject to Abacus’s disciplinary procedure. If a criminal offense is considered in relation to removal or disposing of critical and important organizational information intentionally, strictest action will be taken as per company policy including prosecution.

If you do not understand the implications of this policy or how it may apply, seek advice from the ‘Human Resource’ Department.

1.6 Policy Review and Revision Principles

This policy will be reviewed as deemed appropriate, but not less frequently than every 12 months by the Head of Human Resources, Head of Operations, and IT Manager jointly.

1.7 Exception

Any exception to this policy must have prior approval from the Head of Operations / Director or delegated officer, Abacus Service Corporation.

1.8 Reports

Reports are generated on a need basis (only in case of violation) by IT, forwarded to Head – Operations and HR-Manager.

Report security incidents (IT) to Helpdesk:
E-mail: ithelpdesk@abacusservice.com