Rubix Data Sciences Pvt. Ltd.   

Privacy Statement, effective as of September 1, 2021

Rubix Data Sciences Private Limited (‘Rubix) has defined and established an organization level privacy statement to demonstrate our commitment towards a user’s right to privacy.

A reference to “Rubix,” “we,” “us” or the “Company” is a reference to <www.rubixdatasciences.com, www.rubixds.com> and its relevant affiliate involved in the collection, use, sharing, or other processing of Personal Data.

 

1. Responsible Entity

Rubix is the processor of your Personal Data as described in this Privacy Statement, unless specified otherwise.

This Privacy Statement does not apply to the extent we process Personal Data in the role of a processor or service provider on behalf of our customers, including where we offer to our customers various products and services through which our customers (or their affiliates):

• create their own websites and applications running on our platforms.
• sell or offer their own products and services.
• send electronic communications to others.
• Or otherwise collect, use, share or process Personal Data via our products and services.

For detailed privacy information related to a Rubix customer or a customer affiliate who uses the Rubix products and services as the controller, please contact our customer directly.

We are not responsible for the privacy or data security practices of our customers, which may differ from those explained in this Privacy Statement.

2. Processing activities covered

This Privacy Statement applies to the processing of Personal Data collected by us when you:

• Visit our websites that display or link to this Privacy Statement
• Visit our branded social media page
• Visit our physical office
• Receive communications from us, including emails, phone calls, texts or fax
• Use our products, Rubix Automated Risk Management & Monitoring System (ARMS) Platform and services as an authorized user (for example, as an employee of one of our customers who provided you with access to our services) where we act as a controller of your Personal data
• Register for, attend or take part in our events, webinars, or contests

Processing of Personal Data is required for receiving certain products or services.

Our websites, platforms and services may contain links to other websites, applications, and services maintained by third parties. The information practices of other services, or of social media platforms that host our branded social media pages, are governed by their privacy statements, which you should review to better understand their privacy practices.

 

3. What Personal Data do we collect?

3.1 Personal Data we collect directly from you

The Personal Data we collect directly from you may include identifiers, professional or employment-related information, financial account information, commercial information, visual information, and internet activity information. We collect such information in the following situations:

• If you express an interest in obtaining additional information about our product & services – request customer support
• Use our “Contact Us” or similar features
• Register to use our websites
• Sign up for an event, webinar or contest
• Download certain content
• We may require that you provide to us your contact information, such as your name, job title, company name, address, phone number, email address or username.
• If you make purchases via our websites or register for an event or webinar, we may require that you provide to us your financial and billing information, such as billing name and address, credit card number or bank account information.
• If you attend an event, we may, with your further consent, scan your attendee badge, which will provide to us your information, such as name, title, company name, address, country, phone number and email address
• If you register for an online community that we host, we may ask you to provide a username, photo or other biographical information, such as your occupation, location, social media profiles, company name, areas of expertise and interests.
• If you interact with our websites or emails, we automatically collect information about your device and your usage of our websites or emails (such as Internet Protocol (IP) addresses or other identifiers, which may qualify as Personal Data (please see the “What device and usage data we process” section, below) using cookies, web beacons, or similar technologies.
• If you use and interact with our platform and services, we automatically collect information about your device and your usage of our services through log files and other technologies, some of which may qualify as personal data.
• If you communicate with us via a phone call from us, we may record that call.
• If you voluntarily submit certain information to our services, such as filling out a survey about your user experience, we collect the information you have provided as part of that request
• If you visit our offices, you may be required to register as a visitor and to provide your name, email address, phone number, company name and time and date of arrival.
• Additionally, due to the COVID-19 pandemic, you may be required to provide information regarding your health status, including your temperature, COVID-19-related symptoms, exposure to COVID-19 positive individuals, and recent travel history.

If you provide us or our service providers with any Personal Data relating to other individuals, you represent that you have the authority to do so, and where required, have obtained the necessary consent, and acknowledge that it may be used in accordance with this Privacy Statement.

If you believe that your Personal Data has been provided to us in an incorrect manner, and want to exercise your rights relating to your Personal Data, please contact us by using the information in the “Contact Us” section.

3.2 Personal Data we collect from other sources

We may also collect information about you from other sources including third parties from whom we purchase Personal Data and from publicly available information.  We may combine this information with Personal Data provided by you. This helps us update, expand, and analyze our records, identify new customers, and create more tailored advertising to provide services that may be of interest to you.

The Personal Data we collect from other sources includes identifiers, professional or employment-related information, education information, commercial information, visual information, internet activity information, and inferences about preferences and behaviors.

 In particular, we may collect such Personal Data from the following sources or equivalent.

• Third party providers of business and financial information, including but not limited to, mailing addresses, job titles, email addresses, phone numbers, IP addresses, social media profiles, LinkedIn URLs and custom profiles, for purposes of targeted advertising, delivering relevant email content, event promotion and profiling, determining eligibility and verifying contact information; and
• Another individual at your organization who may provide us with your business contact information for the purposes of obtaining services.

4. What device and usage data do we process?

We use common information-gathering tools, such as tools for collecting usage data, cookies, web beacons, pixels, and similar technologies to automatically collect information that may contain Personal Data as you navigate our websites, our platform services, or interact with emails we have sent to you.

4.1 Device and usage data

We gather certain information automatically when individual users visit our websites and platforms. This information may include identifiers, commercial information, and internet activity information such as IP address (or proxy server information), device and application information, identification numbers and features, location, browser type, plug-ins, integrations, Internet service provider, mobile carrier, the pages and files viewed, searches, referring website, app or ad, operating system, system configuration information, advertising and language preferences, date and time stamps associated with your usage, and frequency of visits to the websites. This information is used to analyze overall trends, help us provide and improve our websites, offer a tailored experience for website users, and secure and maintain our websites.

In addition, we gather certain information automatically as part of your use of our cloud products and services. This information may include identifiers, commercial information, and internet activity information such as IP address (or proxy server), mobile device number, device and application identification numbers, location, browser type, Internet service provider or mobile carrier, the pages and files viewed, website and webpage interactions including searches and other actions you take, operating system and system configuration information and date and time stamps associated with your usage. This information is used to maintain the security of the services, to provide necessary functionality, to improve performance of the services, to assess and improve customer and user experience of the services, to review compliance with applicable usage terms, to identify future opportunities for development of the services, to assess capacity requirements, to identify customer opportunities, and for the security of Rubix generally (in addition to the security of our products, platform and services).

Some of the device and usage data collected by the services, whether alone or in conjunction with other data, could be personally identifying to you. Please note that this device and usage data is primarily used to identify the uniqueness of each user logging on (as opposed to specific individuals), apart from where it is strictly required to identify an individual for security purposes or as required as part of our provision of the services to our customers.

It is ensured that all of the above mentioned personal data shall be protected at all time by suitable controls as deemed appropriate by Rubix.

4.2 Cookies, web beacons and other tracking technologies on our website and in email communications

We may use technologies such as web beacons, pixels, tags, and JavaScript, alone or in conjunction with cookies, to gather information about the use of our websites and how people interact with our emails.

When you visit our websites and platforms, we, or an authorized third party, may place a cookie on your device that collects information, including Personal Data, about your online activities over time and across different sites.

Cookies allow us to track use, browsing preferences, and improve and customize your browsing experience. We may use both session-based and persistent cookies on our websites. Session-based cookies exist only during a single session and disappear from your device when you close your browser or turn off the device. Persistent cookies remain on your device after you close your browser or turn your device off. To change your cookie settings and preferences for one of our websites, click the Cookie Preferences setting on your respective machine.

You can also control the use of cookies on your device, but choosing to disable cookies on your device may limit your ability to use some features on our websites and services.

The following describes how we use different categories of cookies and similar technologies and your options for managing the data collection settings of these technologies:

Type of Cookies	Description	Purpose
Required cookies	Required cookies are necessary for basic website functionality. Some examples include session cookies needed to transmit the website, authentication cookies, and security cookies. If you have chosen to identify yourself to us, we may place on your browser a cookie that allows us to uniquely identify you when you are logged into the websites and to process your online transactions and requests.	Because required cookies are essential to operate the websites, there is no option to opt out of these cookies.
Functional cookies	Functional cookies enhance functions, performance, and services on the website. Some examples include – cookies used to analyze site traffic, cookies used for market research, and cookies used to display advertising that is not directed to a particular individual. Functional cookies may also be used to improve how our websites function and to help us provide you with more relevant communications, including marketing communications. These cookies collect information about how our websites are used, including which pages are viewed most often. We may use our own technology or third-party technology to track and analyze usage information to provide enhanced interactions and more relevant communications, and to track the performance of our advertisements. For example, we may use Google Analytics (“Google Analytics”), a web analytics service provided by Google, Inc.  You can learn about Google’s privacy practices by going to www.google.com/policies/privacy/‌partners/. Google Analytics uses cookies to help us analyze how our websites are used, including the number of visitors, the websites from which visitors have navigated to our websites, and the pages on our websites to which visitors navigate. This information is used by us to improve our websites. We use Google Analytics with restrictions on how Google can process our data enabled. For information on Google’s Restricted Data Processing go to https://privacy.google.com/businesses/rdp/.	You can choose to opt out of functional cookies. To change your cookie settings and preferences, including those for functional cookies To opt out from data collection by Google Analytics, you can download and install a browser add-on. To learn how to control functional cookies via your individual browser settings. To learn how to manage privacy and storage settings for Flash cookies.
Advertising cookies	Advertising cookies track activity across websites in order to understand a viewer’s interests, and to direct marketing to them. We sometimes use cookies delivered by us or by third parties to show you ads for our products that we think may interest you on devices you use and to track the performance of our advertisements. For example, these cookies collect information such as which browser you used when visiting our websites. Rubix may also enter into a contract agreement with third-party advertising networks that collect IP addresses and other information from web beacons on our websites, from emails and on third-party websites. Advertising networks follow your online activities over time and across different websites or other online services by collecting device and usage data through automated means, including through the use of cookies. These technologies may recognize you across the different devices you use. When we work with third party advertising networks, we require them to restrict their data processing to only what is necessary to provide us with the advertising services we request.	You can choose to opt out of targeting and advertising cookies. To change your cookie settings and preferences, including those for targeting and advertising cookies, you can click on cookie preferences settings on your browser.

 

4.3 Notices on behavioral advertising

As described above, we or one of our authorized partners may place or read cookies on your device when you visit our websites for the purpose of serving you targeted advertising (also referred to as “online behavioral advertising” or “interest-based advertising”).

4.4 Social Media Functionality

Our websites may use social media features, such as the Facebook “like” button, the “Tweet” button, the LinkedIn “like” button and other sharing widgets (“Social Media Features”). Social Media Features may allow you to post information about your activities on our website to outside platforms and social networks. Social Media Features may also allow you to like or highlight information we have posted on our website or our branded social media pages. Social Media Features are either hosted by each respective platform or hosted directly on our website. To the extent the Social Media Features are hosted by the platforms themselves, and you click through to these from our websites, the platform may receive information showing that you have visited our websites. If you are logged in to your social media account, it is possible that the respective social media network can link your visit to our websites with your social media profile.

Your interactions with Social Media Features are governed by the privacy policies of the companies providing them.

4.5 Telephony log information

If you use certain features of our services on a mobile device, we may also collect telephony log information (like phone numbers, time and date of calls, duration of calls, SMS routing information and types of calls), device event information (such as crashes, system activity, hardware settings, browser language), and location information (through IP address, GPS, and other sensors that may, for example, provide us with information on nearby devices, Wi-Fi access points and cell towers).

5. Purposes for which we process Personal Data and the legal basis for the same

We collect and process your Personal Data for the following purposes. Where required by law, we obtain your consent to use and process your Personal Data for these purposes. Otherwise, we rely on another authorized legal basis (including but not limited to the (a) performance of a contract or (b) legitimate interest) to collect and process your Personal Data.

• Providing our websites, platforms and services (including necessary functionality for both): We process your Personal Data to perform our contract with you for the use of our websites and services and to fulfill our obligations under the applicable terms of use and service
• If we have not entered into a contract with you, we base the processing of your Personal Data on our legitimate interest to operate and administer our websites and platforms and to provide you with content you access and request (e.g., to download content from our websites)
• Promoting the security of our websites, platforms and services: We process your Personal Data by tracking use of our websites, platforms and services, creating aggregated non-personal data, verifying accounts and activity, investigating suspicious activity, and enforcing our terms and policies to the extent it is necessary for our legitimate interest in promoting the safety and security of the services, systems and applications and in protecting our rights and the rights of others
• Handling contact and user support requests: If you fill out a “Contact Form” web form or request user support, or if you contact us by other means including via a phone call, we process your Personal Data to perform our contract with you and to the extent it is necessary for our legitimate interest in fulfilling your requests and communicating with you.
• Managing contests, webinars or promotions: If you register for a contest, webinar or promotion, we process your Personal Data to perform our contract with you. Some contests or promotions have additional rules containing information about how we will process your Personal Data.
• Managing payments: If you have provided financial information to us, we process your Personal Data to verify that information and to collect payments to the extent that doing so is necessary to complete a transaction and perform our contract with you.
• Developing and improving our websites and services: We process your Personal Data to analyze trends and to track your usage of and interactions with our websites, platforms and services to the extent it is necessary for our legitimate interest in developing and improving our websites, platforms and services and providing our users with more relevant content and service offerings, or where we seek your valid consent.
• Assessing and improving user experience: We process device and usage data as described in Section 4.1 above, which in some cases may be associated with your Personal Data, to analyze trends and assess and improve the overall user experience to the extent it is necessary for our legitimate interest in developing and improving the service offering, or where we seek your valid consent.
• Reviewing compliance with applicable usage terms: We process your Personal Data to review compliance with the applicable usage terms in our customer’s contract to the extent that it is in our legitimate interest to ensure adherence to the relevant terms.
• Assessing capacity requirements: We process your Personal Data to assess the capacity requirements of our services the extent that it is in our legitimate interest to ensure that we are meeting the necessary capacity requirements of our service offering.
• Identifying customer opportunities: We process your Personal Data to assess new potential customer opportunities to the extent that it is in our legitimate interest to ensure that we are meeting the demands of our customers and their users’ experiences.
• Registering office visitors: We process your Personal Data for security, health, and safety reasons, to register visitors to our offices and to manage non-disclosure agreements that visitors may be required to sign, to the extent such processing is necessary for our legitimate interest in protecting our offices, staff and visitors and our confidential information against unauthorized access.
• Recording phone calls: We may record phone calls for training, quality assurance, and administration purposes. If required under applicable law, we will obtain your prior consent or give you the option to object to a call being recorded.
• Displaying personalized advertisements and content: We process your Personal Data to conduct marketing research, advertise to you, provide personalized information about us on and off our websites and to provide other personalized content based upon your activities and interests to the extent it is necessary for our legitimate interest in advertising our websites and platforms or, where necessary, to the extent you have provided your prior consent (please see the “Your rights relating to your Personal Data” section, below, to learn how you can control how the processing of your Personal Data by Rubix  for personalized advertising purposes).
• Sending marketing communications: We will process your Personal Data or device and usage data, which in some cases may be associated with your Personal Data, to send you marketing information, product recommendations and other non-transactional communications (e.g., marketing newsletters, telemarketing calls, SMS, WhatsApp messages or push notifications) about us and our affiliates and partners, including information about our products, platforms, services, promotions or events as necessary for our legitimate interest in conducting direct marketing or to the extent you have provided your prior consent (please see the “Your rights relating to your Personal Data” section, below, to learn how you can control the processing of your Personal Data by Rubix  for marketing purposes).
• Complying with legal obligations: We process your Personal Data when cooperating with public and government authorities, courts or regulators in accordance with our legal obligations under applicable laws to the extent this requires the processing or disclosure of Personal Data to protect our rights or is necessary for our legitimate interest in protecting against misuse or abuse of our websites, protecting personal property or safety, pursuing remedies available to us and limiting our damages, complying with judicial proceedings, court orders or legal processes, respond to lawful requests, or for auditing purposes.

If we need to collect and process Personal Data by law, or under a contract we have entered into with you, and you fail to provide the required Personal Data when requested, we may not be able to perform our contract with you.

 

6. Who do we share Personal Data with?

We may share your Personal Data as follows:

• Service Providers: With our contracted service providers, who provide services such as IT and system administration and hosting, credit card processing, research and analytics, marketing, customer support and data enrichment for the purposes and pursuant to the legal bases described above.
• Affiliates: If you use our websites to register for an event or webinar organized by one of our affiliates, we may share your Personal Data with the affiliate to the extent this is required on the basis of the affiliate’s contract with you to process your registration and ensure your participation in the event; in such instances, our affiliate will process the relevant Personal Data as a separate controller and will provide you with further information on the processing of your Personal Data, where required.
• Event Sponsors: If you attend an event or webinar organized by us, or download or access an asset on our website, we may share your Personal Data with sponsors of the event. If required by applicable law, you may consent to such sharing via the registration form or by allowing your attendee badge to be scanned at a sponsor booth. In these circumstances, your information will be subject to the sponsors’ privacy statements. If you do not wish for your information to be shared, you may choose to not opt-in via event/webinar registration or elect to not have your badge scanned, or you can opt-out in accordance with Section 10 below.
• Contest and Promotion Sponsors: With sponsors of contests or promotions for which you register
• Third party networks and websites: With third-party social media networks, advertising networks and websites, so that Rubix can market and advertise on third party platforms and websites.
• Professional Advisers: In individual instances, we may share your Personal Data with professional advisers acting as service providers, processors, or joint controllers – including lawyers, bankers, auditors, and insurers based in countries in which we operate

We may also share anonymous or de-identified usage data with Rubix service providers for the purpose of helping Rubix in such analysis and improvements.

Additionally, Rubix may share such anonymous or de-identified usage data on an aggregate basis in the normal course of operating our business; for example, we may share information publicly to show trends about the general use of our services.

 

7. International transfer of Personal Data

Your Personal Data may be collected, transferred to and stored by us in India or by our affiliates and third-parties disclosed in Section 6, above, that are based in other countries.

 

8. How long do we keep your Personal Data?

We may retain your Personal Data for a period of time consistent with the original purpose of collection (see the “Purposes for which we process Personal Data and the legal basis for the same” section, above) or as long as required to fulfill our legal obligations.

We determine the appropriate retention period for Personal Data on the basis of the amount, nature, and sensitivity of the Personal Data being processed, the potential risk of harm from unauthorized use or disclosure of the Personal Data, whether we can achieve the purposes of the processing through other means, and on the basis of applicable legal requirements (such as applicable statutes of limitation).

After expiry of the applicable retention periods, your Personal Data will be deleted. If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will implement appropriate measures to prevent any further use of such data.

 

9.Your rights relating to your Personal Data

9.1 Your rights

You may have certain rights relating to your Personal Data, subject to local data protection laws. Depending on the applicable laws these rights may include the right to:

• Access your Personal Data held by us
• Know more about how we processed your Personal Data
• Rectify inaccurate Personal Data and, taking into account the purpose of processing the Personal Data, ensure it is complete
• Erase or delete your Personal Data (also referred to as the right to be forgotten), to the extent permitted by applicable data protection laws
• Restrict our processing of your Personal Data, to the extent permitted by law
• Transfer your Personal Data to another controller, to the extent possible (right to data portability)
• Object to any processing of your Personal Data. Where we process your Personal Data for direct marketing purposes or share it with third parties for their own direct marketing purposes, you can exercise your right to object at any time to such processing without having to provide any specific reason for such objection
• Opt out of certain disclosures of your Personal Data to third parties
• Not be discriminated against for exercising your rights described above
• Withdraw your consent at any time (to the extent we base processing on consent), without affecting the lawfulness of the processing based on such consent before its withdrawal.

9.2 How to exercise your rights

To exercise your rights, please contact us by using the information in the “Contact us” section, on our website.

Your personal data may be processed in responding to these rights. We try to respond to all legitimate requests within one month unless otherwise required by law, and will contact you if we need additional information from you in order to honor your request or verify your identity. Occasionally it may take us longer than a month, taking into account the complexity and number of requests we receive. If you are an employee of a Rubix customer, we recommend you contact your employer’s system administrator for assistance in correcting or updating your information.

Some registered users may update their user settings, profiles, organization settings and event registrations by logging into their accounts and editing their settings or profiles.

To update your billing information, discontinue your account or request return or deletion of your Personal Data and other information associated with your account, please contact us by using the information in the “Contact Us” section.

9.3 Your rights relating to customer data

• As described above, we may also process Personal Data submitted by or for a customer to our products and services. To this end, if not stated otherwise in this Privacy Statement or in a separate disclosure, we process such Personal Data as a processor on behalf of our customer (and its affiliates) who is the controller of the Personal Data (see the “Responsible Entity” section above).
• We are not responsible for and have no control over the privacy and data security practices of our customers, which may differ from those explained in this Privacy Statement.
• If your data has been submitted to us by or on behalf of a Rubix customer and you wish to exercise any rights you may have under applicable data protection laws, please inquire with them directly.
• Because we may only access a customer’s data upon their instructions, if you wish to make your request directly to us, please provide us the name of the Rubix customer who submitted your data to us.

We will refer your request to that customer, and will support them as needed in responding to your request within a reasonable timeframe.

10.4 Your preferences for email and SMS marketing communications

If we process your Personal Data for the purpose of sending you marketing communications, you may manage your receipt of marketing and non-transactional communications from Rubix by clicking on the “unsubscribe” link located on the bottom of Rubix marketing emails, by replying or texting ‘STOP’ if you receive Rubix SMS or WhatsApp communications.

Please note that opting out of marketing communications does not opt you out of receiving important business communications related to your current relationship with us, such as communications about your subscriptions or event registrations, service announcements or security information.

9.4 Your preferences for telemarketing communications

If you want your phone number to be added to our internal Do-Not-Call telemarketing register, please contact us by using the information in the “Contact us” section, below. Please include your first name, last name, company and the phone number you wish to add to our Do-Not-Call register.

Alternatively, you can always let us know during a telemarketing call that you do not want to be called again for marketing purposes.

 

10. How we secure your Personal Data

We take appropriate precautions including organizational, technical, and physical measures to help safeguard against accidental or unlawful destruction, loss, alteration, and unauthorized disclosure of, or access to, the Personal Data we process or use.

This includes personal data used in –

1. Our B2B product platforms
2. Communication
3. Emails
4. Visuals
5. Documents
6. Contact forms
7. Events
8. Conferences
9. Any other source as relevant.

While we follow generally accepted standards to protect Personal Data, no method of storage or transmission is 100% secure.

You are solely responsible for protecting your password, limiting access to your devices and signing out of websites after your sessions. If you have any questions about the security of our websites, please connect with us formally with your query related to your personal data.

 

11. Changes to this Privacy Statement

We will update this Privacy Statement from time to time to reflect changes in our practices, technologies, legal requirements, and other factors. If we do, we will update the “effective date” at the top.

If we make a material update, we may provide you with notice prior to the update taking effect, such as by posting a conspicuous notice on our website or by contacting you directly, or where required under applicable law and feasible, seek your consent to these changes.

We encourage you to periodically review this Privacy Statement to stay informed about our collection, processing and sharing of your Personal Data.

 

12. Contacting us

To exercise your rights regarding your Personal Data, or if you have questions regarding this Privacy please email us at data.privacy@rubixds.com or send correspondence to:

Rubix Data Sciences Private Limited

D-424, Neelkanth Business Park,

Vidyavihar (West), Mumbai 400086 India

Company website: www.RubixDataSciences.com; www.rubixds.com

Contact No: +91-22-49744274

 

13. Grievance Officer

In accordance with the Information Technology Act, 2000 and the rules made thereunder, the name and contact details of the Grievance Officer are provided below. You may contact the Grievance Officer to address any discrepancies and grievances you may have with respect to your Information with Rubix Data Sciences Pvt Ltd. The Grievance Officer will redress your grievances expeditiously.

Name – Mr. Rahul Chopadekar
Designation: AVP – Digital
Contact Number: +91-22-49744274
Email ID: rahul.chopadekar@rubixds.com

 

We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, you have the right to lodge a complaint with the competent supervisory authority.