We at ELGi EQUIPMENTS LTD (“ELGi”/“we”/“us”) respect the privacy of every person and company and we place great importance towards the protection of your data which is collected by us. We want you to feel secure while we have your data with us.
We secure your data with sound technical mechanisms, proper data management policies and applicable laws. We ensure, as far as practicable, that the data is not subject tounauthorised access and unlawful disclosures.
You consent and agree to our terms and conditions described herein by using this site.
This policy will enable you to understand:-
What type of data do we collect?
For what purpose do we collect/process data?
How do ELGi and its subsidiaries secure your data?
Where can your data be processed?
Will your data be disclosed/shared with any third parties?
How long will we preserve your data?
What rights do you have with regard to data processing?
How can you deal with any issues?
How do we manage a data breach?
How are disputes resolved?
What kind of internet privacy do we provide?
How can this policy be changed?
How to contact us?
When was this policy last updated?
The categories of your personal data that ELGi processes for the purposes of operating its business are outlined below:
ELGi generally collects personal data directly from you (electronically, in writing) by way of, among other things, website forms and messages addressed to us. You may also occasionally provide new, or updated or corrected personal data to ELGi from time to time. Personal data we process will include the following:
i. Personal details, such as name, contact details including address, mobile/telephone number, company/employer, e-mail address;
ii. Other customer details, such as username, password, fax number, job title/function, contact person, ELGi account number;
iii. Other supplier or partner details, such as invoice data, including invoice mailing address, contact name, bank account details, description of work or scope of services and associated information made available for the payment of invoices;
iv. Customer preferences, such as product preferences or interest, purchase history, distribution channel used, financial information;
v. Your enquiries and our responses, which may contain personal data;
vi. Transaction data, such as when you purchase a product or service from us; and
vii. Customer service, warranty or other claims.
ELGi collects certain personal data directly from your device, when you visit our website:
i. Device and browser information: We may collect information about your computer and/or device, including device type, IP addresses, Internet Service Provider, device identifier, and operating system.
ii. Location data: If you have enabled access to your location on your mobile device, we may collect location information, including precise and imprecise location derived from your IP address.
i. ELGi collects certain personal data directly from third parties who provide services to ELGi or carry them out on our behalf, such as payment services providers or website management providers.
ii. In certain cases, ELGi receives personal data from third parties who provide services to ELGi for the purposes described below. Such parties include social networks that you use to connect with us, such as LinkedIn. We may also receive data from third party service providers such as recruiters who may send us candidates’ profiles and data, or providers who perform personality tests on candidates.
Providing your personal data is voluntary and while there is no obligation for you to do so, we will be required under law to request certain types of data. If you are not able to provide certain data, then you may not be able to use some systems which require such data. You will remain solely responsible for the content of any submissions made to this site by way of comments/suggestions or otherwise and such submissions will become the exclusive property of Elgi.
In the event you are giving us data of any other person/s as reference, then it is your responsibility to make that person aware of the provision of their information to ELGI and its subsidiaries.
a) ELGi processes your personal data, in accordance with applicable law, for the following purposes:
- i. performing our contract with you, for instance by providing our goods and services to you;
- ii. enabling our distributors, suppliers and service providers to perform certain functions on our behalf, including payment processing, logistical or other functions, as may be necessary to fulfil your orders;
- iii. sending you a newsletter or marketing communications, to inform you of our products and services, which we consider may be of interest to you;
- iv. responding to your questions and communications with you, for example if you have left your contact details on our website, so that we can contact you;
- v. ensuring the security of our website, systems and networks, including by preventing or detecting fraud or abuses, which includes the protection of intellectual property, trade or business secrets;
- vi. improving our goods and services, for example, by reviewing visits to our website and monitoring the demand for specific goods and services;
- vii. carrying out other business operations, including invoicing, accounting, business networking, auditing transactions; and
- viii. complying with applicable laws, for example, in response to a request from a court or regulatory authority, where such request is made in accordance with the law.
b) The basis for processing your personal data for the purposes described above will include:
- i. to perform a contract that we have in place with you or the company you represent;
- ii. to protect and promote ELGi’s legitimate business interests, as outlined above;
- iii. because you provided us with your consent;
- iv. for the establishment, exercise or defence of a legal claim; or
- v. for compliance with a legal or statutory obligation to which ELGi is subject.
c) In the event that we use your personal data for other purposes, not specified for the purposes above, we will, to the extent required by law, request your consent, inform you about its use, and, if required, of our basis for doing so, at the time we collect the personal data from you.
d) Means of collection
- i. ELGi will collect personal information only by lawful and fair means.
- ii. ELGi will collect personal information about an individual only from the individual unless:
- A. the individual consents to the collection of the information from someone other than the individual; or
- B. ELGi is required by or under a law, or court/tribunal order, to collect the information from someone other than the individual; or
- C. it is unreasonable or impractical to do so.
e) Dealing with unsolicited personal information
If ELGi receives personal information and it determines in accordance with applicable laws, that the information was not solicited correctly, it will destroy the information or ensure that the information is de-identified, if reasonable to do so.
a) ELGI and its subsidiaries aim to provide strong security mechanisms to protect your personal data. We have implemented various security measures that protect your data from loss, misuse, unauthorised access/alteration and unlawful disclosure.
b) We regularly conduct internal audits on our data protection systems and also conduct external audits through audit agencies.
c) ELGI and its subsidiaries have a dedicated technical team to maintain the security of data, and we regularly update our security systems.
e) ELGi will take reasonable steps (if any) to ensure that personal information it collects is accurate, up to date and complete. It will also ensure that the data used or disclosed for the purposes it was collected for, is accurate, up to date, complete and relevant.
ELGI is a global company with operations spread across the globe. Processing of data is always done in a systematic manner.
- a) Mostly, processing happens in the respective country or city itself, but some circumstances or legal provisions require transfer of your personal data to a third party in countries outside the country in which it was originally collected for further processing.
- b) In particular, only when required, your personal data may be transferred throughout the ELGi group of companies located abroad. You can find locations of all of our global affiliates here. Intra-group transfers of personal data to recipients in non-EEA countries which do not have the same level of protection as the EEA, take place based on standard clauses approved by the European Commission.
- c) In rare circumstances where your personal data is transferred to our outsourced service providers located abroad, we will, where required by applicable law, ensure that your privacy rights are adequately protected by appropriate technical, organization, contractual or other lawful means. In particular, we take measures to help protect your personal data when it is transferred from the EEA to third countries. We rely on European Commission adequacy decisions about certain countries, as applicable (see here).Other measures include having standard clauses approved by the European Commission (see here) in our contracts with third parties that receive information outside the EEA or using other acceptable data transfer mechanisms, such as the EU-U.S. Privacy Shield framework for transfers to self-certified U.S. organizations (see here), Binding Corporate Rules (see here), approved Codes of Conduct and Certifications or, in exceptional circumstances, based on permissible statutory derogations.
- d) Please contact ELGi at [email protected] for a copy of the safeguards which we have put in place to protect your personal data and privacy rights in these circumstances.
- a) to our affiliates or associated offices (for more information about ELGi’s affiliates and subsidiaries, please contact us at the address provided in Section 13 below);
- b) to our outsourced service providers or suppliers to facilitate the provision of our goods or services, such as hosting service providers, IT system administrators and support services, online payment services and customer services providers;
- c) to third party service providers and consultants, in particular providers of IT and server security services, in order to protect the security or integrity of our business, including our databases and systems and for business continuity reasons;
- d) to another legal entity, on a temporary or permanent basis, for the purposes of a joint venture, collaboration, financing, sale, merger, reorganisation, change of legal form, dissolution or similar event. In the case of a merger or sale, your personal data will be permanently transferred to a successor company;
- e) to public authorities where we are required by law to do so and to defend or enforce our rights, protect our property, assets or safety of others.
We will preserve your data for as long as necessary. We have management procedures in place for the maintenance of data, and after a reasonable period of time the data will be deleted.
- a) We will delete your data once the business relationship has ended; and
- b) We will retain the data if required to do so in accordance with our contractual or legal obligations.
a) The right to access personal information: you can access your personal information and understand the reason for processing data, as well as the recipient who will be getting this information. You can also request basic information about the recipient from [email protected]
b) The right to data accuracy: you can review whether your data is updated, and if it is not, you can request that we update it.
c) The right to rectification: you can verify the correctness of the information and in the event of an error, you can report it to us and get it corrected.
d) The right to object to processing of personal data: You can request that ELGI and its subsidiaries will not process any of your personal information.
e) The right to request erasure of personal data: You can request for the erasure of personal data that is no longer necessary to achieve any objectives.
f) The right to withdraw consent: You can withdraw any consent you had earlier given.
g) The right to data portability: You can receive a copy of your data in a structured and machine readable format, or request for the transfer of your data to another data controller.
h) The right to restriction of data processing: You can request that ELGI and its subsidiaries process data under limited circumstances with your consent.
In the event you have any issues, we encourage you to approach us so that we can solve the issue, or you can file a complaint with us at [email protected]
We are responsible for protecting the data we hold, and we employee adequate data protection systems, surveillance, and audit of the protection system. All individuals in the company who use the data, process data and transfer data will take responsibility to secure the data.
- i. Hard copy files or records are left unattended, lost or stolen;
- ii. Laptops, tablets, phones, data sticks or any other removable portable device holding personal or sensitive data are lost or stolen;
- iii. Databases or case file management systems are accessed by unauthorised users – either accidentally due to inadequate system access controls or intentionally by hackers;
- iv. Equipment fails;
- v. Sensitive information is posted, faxed or emailed to the wrong recipient;
- vi. Unforeseen circumstances such as a fire or flood damage to storage facilities or buildings; and
- vii. Information is obtained by unauthorised access to phone calls, and PC screens in unprotected public spaces.
- i. The data engineer who identifies the breach will inform the Head of Information Technology and also the relevant department about the breach;
- ii. The Head of Information Technology will then inform the executive director in charge of the concerned department about the breach, who will in turn, inform the data owner and any relevant government authority required to be notified under law or otherwise in accordance with the relevant jurisdiction;
- iii. We will also notify you of the breach as soon as possible;
- iv. Determine the risk that breach involves and make a report on that breach about the data lost, what and whose data was lost, whether it was partial loss or complete loss;
- v. Try to retrieve the data in stolen hardware if it is remotely possible and make a plan to prevent such a data breach in future;
- vi. In the event of critical loss, make a press announcement; and
- vii. take any other appropriate remediation and other steps to reduce the risk of you suffering serious harm as a consequence of such a breach.
If there are any unresolved disputes/concerns that have not been addressed satisfactorily, Elgi agrees to participate in the dispute resolution procedures in the relevant jurisdiction in which the dispute takes place, or otherwise in accordance with the panel established by the EU data protection authorities. We will also cooperate and comply with the appropriate authority/authorities of the relevant territory to resolve disputes pursuant to the relevant privacy principles. Binding arbitration may be invoked when other dispute resolution procedures have been exhausted. Any such dispute resolution mechanism sought would be free of charge to you.
Elgi reserves the right to change, modify and update this policy at any time without notice in accordance with the requirements of applicable law. Please check our website periodically on the updated policy.
In accordance with applicable laws, individuals will have the option of not identifying themselves, or using a pseudonym where possible when interacting with ELGi in relation to a particular privacy related matter. If required and in most cases, your true name may be required in order for Elgi to fairly and efficiently handle your inquiry, request, complaint or application, or to act on your request.