PRIVACY AND DATA PROCESSING POLICY

Last updated: December 14, 2022
‍

‍

1. INTRODUCTION

This Privacy and Data Processing Policy ("Policy") governs how RemotePass Inc., a company duly registered under Delaware, with its offices located at 6 Liberty Square 290 Boston, MA 02109 United States, on behalf of itself and each subsidiary of RemotePass Inc. (hereinafter collectively referred to as “RemotePass”, “we”, “us” or our”) collects, protects and you (hereinafter referred to as “User”, “you” or “yours”) may provide on this platform or through any of our products or services (collectively referred to as the “Platform” or “Services”).

This Privacy Policy shall apply to all such Data Subjects as referred to herein below:

(i)Users;‍
(ii)Customers;‍
(iii)Contractors;‍
(iv)Employees; and‍
(v)Visitors of the Platform.‍

Please note that privacy of the Data Subjects is of paramount importance to us. We are subject to various data protection and privacy legislations. Therefore, we ensure that the right measures are taken to ensure that we are in compliance with these legislations.

The terms "Personal Data", "Data Processing", "Data Subject", "Data Controller and "DataProcessor" have the same meaning as under Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the Processing of Personal Data and on the free movement of such data (General Data Protection Regulation) ("GDPR").

‍

2. WHAT DATA DO WE COLLECT?

2.1. We at RemotePass collect different categories of Personal Data. Following is a non-exhaustive list of the types of data which may be collected:

‍

(a)Contact details – this includes, but is not limited to, mailing address, telephone number, and email;
‍
(b) Personal details– this includes, but is not limited to, name, government issued identity document, gender, identification number, identification picture, marital status, number of dependents, date of birth and details of emergency contact;
‍
(c)Financial details – this includes, but is not limited to, details related to bank accounts, social benefits and salary;
‍
(d)Professional details – this includes, but is not limited to, details relating to profession, occupation and education.
‍
(e)Location – this includes, but is not limited to, residential address, business address and IP address;
‍
(f)Correspondence with RemotePass – this includes, but is not limited to, all communications and correspondence that you may have, in any form whatsoever, with RemotePass or its representatives.
‍
(g)Sensitive data – this includes, but is not limited to, biometric data procured for identity verification processes, and health-related data.

‍

2.2. We also obtain data through technological means, such as cookies. This data includes, but is not limited to domain name, IP address, web logs, traffic data and screen content.

3. WHEN IS THE DATA COLLECTED?

3.1. RemotePass may collect your Personal Data during the following instances:

‍

(a)You share your data with us;
‍
(b)You create an account on the Platform;
‍
(c)You avail the Services;
‍
(d)You use the Platform;
‍
(e)You subscribe to our blog;
‍
(f)You participate in our marketing activities of whatsoever nature;
‍
(g)You engage in a conversation with us or our representatives in any form whatsoever; and

‍
(h)You select someone to be hired on your behalf.

‍

4. HOW DO WE USE AND PROCESS YOUR DATA?

4.1. We at all times use and process your data in accordance with the GDPR and other applicable laws.

4.2. We will only use and process Personal Data if such and use and processing falls under one of the purposes stated herein below:

‍

(a)For compliance with all applicable legal or contractual obligations;
‍
(b)By obtaining your consent. If such consent is obtained, we reserve the right to use the Personal Data for such purposes for which we have been authorized. You may withdraw such consent at any time;
‍
(c)For the purposes of securing any legitimate interest of our own or our partners. However, we use reasonable efforts to ensure that such interests have greater weightage than your data protection rights;
‍
(d)If it is necessary for us to use and/or process the Personal Data to sell or market you the Services through the Platform; or
‍
(e)For the purposes of securing any substantial public interest, such as prevention of harm, fraud or any other illegal activity.
‍

4.3. Subject to clause 4.2 of this Privacy Policy, we reserve the right to use and process the Personal Data as follows (this is a non-exhaustive list):

‍

(a)For identity verification of Data Subjects;
‍
(b)Administration, performance and termination of the employment agreement (for example, provision of salaries and benefits);
‍
(c)Administration, performance and termination of contractual relationship between us and the relevant Data Subjects;
‍
(d)For KYB and KYC checks;
‍
(e)Conduct screenings;
‍
(f)Creation of accounts on the Platform;
‍
(g)Hiring of employees;
‍
(h)Management and payment of invoices;
‍
(i)Recording conversations (such as video calls);
‍
(j)Compliance with legal, tax and regulatory obligations (such as retirement administration, monitoring leaves and administration of legal claims arising out of employment);
‍
(k)To ensure that all our obligations and responsibilities are properly complied with;
‍
(l)To ensure that reasonable access of the Platform and Services is provided to the customers;
‍
(m)For the purposes of advertising the Platform and the Services therein;
‍
(n)To apprise you with the details of the Services, and details in relation to advertising and marketing of the Platform (such as sending news-letters and emails);
‍
(o)For analysis and evaluation of the performance of the Platform and Services, understand your requirements and needs and to ensure that better services can be provided from time to time; and
‍
(p)For the purposes of compensation benchmarking;
‍
(q)Sharing Personal Data with relevant individuals;
‍
(r)To ensure that you can use the interactive features of the Platform; and
‍
(s)Disclosure to third parties.
‍

5. YOUR CHOICES AND RIGHTS

5.1. You may choose to restrict our access to Personal Data by:

‍

(a)Disabling the cookies from your browser;
‍
(b)Withhold or not providing us the Personal Data;
‍
(c)Withdrawing your consent, wherever you have provided us the consent to use, access and process the Personal Data;
‍
(d)Requesting us to not use the Personal Data for any purposes of marketing.
‍

5.2. However, please note that restricting such access will negatively impact the experience of your usage of the Platform and the Services, particularly those parts which specifically require us to use, access or process your Personal Data.

5.3. You may further exercise the following rights related to the Personal Data we use, collect and process:

‍

(a)Rights to access: All Personal Data retained by us can be accessed by you.
‍
(b)Rights to rectify: You can update all Personal Data through your account on the Platform. However, there may be certain data which may be restricted for rectification. Please contact us if you wish to rectify such data.
‍
(c)Rights to receive: You can request us to send you Personal Data that have been provided to us. Such data can be provided in a machine-readable format.
‍
(d)Right to object: In the event you do not wish for us to process your Personal Data, you have the right to object by providing specific reason as to why such data shall not be processed. We will entertain the objections unless we can substantiate that the use of Personal Data is necessary or falls within one of the grounds specified in clause 4 of the Privacy Policy
‍
(e)Right to erasure: You may request us to completely erase your Personal Data from our records if you have reasonable grounds to believe that such data has been used in non-compliance of this Privacy Policy or GDPR. However, please note that you cannot exercise this right when we are under a legal obligation to retain the data.
‍
(f)Right to complaint: If you have reasonable grounds to believe that your Personal Data is being used in non-compliance of this Privacy Policy or GDPR, you may lodge a complaint with the competent authority.
‍

6. SECURITY OF DATA

6.1. During the collection and retention of Personal Data, we will protect it within commercially acceptable means to prevent loss and theft, as well as unauthorized access and disclosure. Following is a non-exhaustive list of measures that we adopt:

‍

(a)Data encryption;
‍
(b)System’s protection through firewall;
‍
(c)Implementation of threat detection and prevention mechanisms;
‍
(d)Internal security;
‍
(e)Privacy training for our employees, agents and contractors;
‍
(f)Continuous monitoring of all systems infrastructure;
‍
(g)Regular data back-ups;
‍

6.2. Notwithstanding the above, please note that no method of electronic transmission or storage is 100% secure. Therefore, no Data Controller or Data Processor can guarantee absolute security. We disclaim liability for data breaches which are beyond our reasonable control.

7. DATA RETENTION

Your Personal Data is only retained by us as long as we are required to do so. Such duration may depend on the nature of the Personal Data and the purpose for which it is retained. If the Personal Data is no longer required, it will be deleted. However, if necessary, we may retain your Personal Data for compliance with legal, accounting or reporting obligations.

8. THIRD PARTY DISCLOSURES

8.1. RemotePass needs to disclose Personal Data to various third parties in order to provide, improve and promote the Platform and the Services. Such third parties may include, but is not limited to our suppliers (such as web-hosting companies, social media companies, search engines, financial institutions, auditors, lawyers etc.), agents, contractors, employees, customers, law enforcement agencies and other relevant regulatory authorities.

8.2. Third party disclosures apply to all Data Subjects. These disclosures will be necessary for one of the purposes stated in clause 4 of this Privacy Policy. However, we ensure that such third parties implement all data protection measures specified herein.

8.3. In the event our business is sold to another individual or entity, or we undergo a reorganization which includes but is not limited to any legal merger, acquisition and scheme of amalgamation, you agree that your Personal Data may be transferred to any such reorganized entity.

8.4. Your Personal Data may need to be transferred to countries outside if required. We ensure that such transfer complies with all applicable laws of such jurisdictions.

9. PERSONAL DATA BREACHES

9.1. If RemotePass becomes aware of any Personal Data Breach affecting your Personal Data, RemotePass will notify you without undue delay after having become aware of it and:

(a)provide you with a detailed description of the Personal Data Breach;
‍
(b)the type of data that was the subject of the Personal Data Breach;
‍
(c)the identity of each affected person, as soon as such information can be collected or otherwise becomes available (as well as periodic updates to this information and any other information that you may reasonably request relating to the Personal Data Breach);
‍
(d)take reasonable commercial steps immediately, at RemotePass' own expense, to investigate the Personal Data Breach and to identify, prevent and mitigate the effects of the Personal Data Breach and to carry out any recovery or other action necessary to remedy the Personal Data Breach; and
‍
(e)not release or publish any filing, communication, notice, press release, or report concerning the Personal Data Breach without your prior written approval except where RemotePass is required by the applicable laws to make such disclosure prior to obtaining your written consent.
‍

9.2. RemotePass’ notification of or response to a Personal Data Breach under this clause will not be construed as an acknowledgement by RemotePass of any fault or liability with respect to the Personal Data Breach.

10. GOVERNING LAW AND DATA PROTECTION LAWS

10.1. This Privacy Policy shall be governed by the local laws of the country where RemotePass is located, unless otherwise expressly mandated by the Data Protection Laws.

10.2. We ensure that we comply with all obligations which are applicable to us under the applicable Data Protection Laws. For the purposes of clause 10, the term “Data Protection Laws” shall mean all data protection laws and regulations applicable to Data Processing of the Personal Data. This includes the GDPR as applicable to the territory of European Union and United Kingdom, California Consumer Privacy Act 2018, California Privacy Acts 2022, Canadian Personal Information Protection and Electronic Documents Act and the Brazilian General Data Protection Law.

11. AMENDMENTS AND SUPPLEMENTS

11.1. We reserve the right to change or modify this Privacy Policy at any time without prior notice. The updated version will be posted on the Platform. Please make sure to familiarize yourself with the latest version.

11.2. This Privacy Policy may be supplemented by additional policies if needed. Each supplemental policy may specifically apply to one or more Data Subjects.

12. FURTHER INFORMATION

If you have any queries regarding this Privacy Policy and the contents therein, we would be happy to address those. Please contact us using the contact details

13. CONTACT US

If you have any queries or concerns, you can reach out to us through the following details: privacy@remotepass.com