Additional privacy terms if you are located in India
Last Updated December 5, 2023
If you are located in India, you have certain rights with respect to your personal information. The following is a summary of those rights and additional information applicable to our collection and use of your personal information. For clarity, these Additional Privacy Terms if You are Located in India are in addition to, and not in lieu of, the information provided in our Privacy Policy.
India's information technology rules
We have adopted India's Information Technology (Reasonable Security Practices and procedures and sensitive personal data or information) Rules, 2011 contained in the Information Technology Act, 2000 as amended by Information Technology (Amendment) Act of 2008 (the "IT Act"). These Information Technology Rules govern the way in which we collect, use, disclose, secure and dispose of personal information subject to the IT Act.
Sensitive personal information
Under the IT Act, sensitive information includes information about such things as an individual's sexual orientation, health condition, medical records and medical history, password information, biometric information, and financial information associated with bank accounts or other payment methods. We only use sensitive information:
- For the primary purpose for which it was obtained;
- For a secondary purpose that is directly related to the primary purpose;
- With your consent; or
- Where required or authorized by law.
Summary of uses and disclosures of personal information
The following is a summary of the categories of personal information we collect, whether we collect the information about Visitors, Employees and Contractors, and/or Client, the purposes for which we collect the information, and the categories of third parties with whom we share personal information.
This is a summary of the categories of personal information we have collected and shared in the preceding 12 months.
Rights under the Privacy Act
If you wish to access a copy of your personal information we hold about you, please submit your request by completing the Individual Data Request Form. We will use reasonable efforts to respond to an inquiry without excessive delay (and in any event within any applicable time periods required by the Privacy Act). Where we hold personal information about you that you are entitled to access, we will provide you with a suitable means of accessing such personal information, which may include, without limitation, emailing or mailing a copy of such personal information to you.
In order to respond to your request, we may request you to provide:
- Sufficient information to allow us to confirm your identity;
- Your reasons for making the request to allow us to locate responsive information; and
- Information about the employees or services you interacted with and the nature of the personal information you were requested to provide.
If you believe that the personal information we have about you is incorrect, incomplete or inaccurate, you may request that we correct this information by submitting your request to us by completing the Individual Data Request Form. Upon our receipt of your correction request, we will evaluate your request. If we determine that the personal information should not be corrected, we will let you know and you can request that we add a note to the applicable personal information that you dispute the accuracy of such personal information.
Transfers of personal information
We may disclose your personal information to our affiliates, third party suppliers and service providers, and other third parties as described in our Privacy Policy. Some of these entities may be located outside Australia, including in the United States, New Zealand, Singapore, Germany, Ireland, and the United Kingdom. We take reasonable steps to ensure that any entities located outside Australia that receive your personal information from us do not breach applicable privacy obligations.
| Category of information | Information is collected about | Sources from whom information was collected | Purpose | Categories of third parties with whom we share personal information |
|---|---|---|---|---|
| A. Identifying information |
|
You |
|
|
| Employees and Contractors | You | Identify you, or validate or verify your identity | Companies with employment or engagement opportunities | |
| Employees and Contractors | You | Comply with legal requirements | Government agencies | |
| Employees and Contractors | Consumer Reporting Agencies | - Pre-engagement screenings
- Obtain a consumer report |
Companies with engagement or employment opportunities for you | |
| Employees and Contractors | You | Make payments to you | Banks and other financial institutions | |
| B. Categories of personal information described in India's IT Act, Information Technology Rule 3 Protected by Law
Note: (some information may overlap other categories)
|
|
You |
|
|
| Employees and Contractors | Consumer Reporting Agencies | Pre-engagement screenings Obtain a consumer report | Companies with engagement or employment opportunities for you | |
| Employees and Contractors | You | Make payments to you | Banks and other financial institutions | |
| Employees and Contractors | You | Provide demographic information to your Client | Your Client | |
| Employees and Contractors | You | Comply with legal requirements | Government agencies | |
| C. Characteristics and similar Information Protected by Law | Employees and Contractors | You |
|
|
| D. Commercial information |
|
You, Cookies |
|
Service Providers |
| E. Biometric information | Fingerprints | You | As required for federal security clearance | Government agencies as required |
| F. Activity on our websites |
|
You, Cookies |
|
Service providers |
| G. Geolocation data |
|
You, Cookies |
|
|
| H. Sensory data including audio, electronic, visual, thermal, olfactory or similar information |
|
You | Telephone calls to customer support staff may be recorded for training and quality control | None |
| Individuals who visit our offices | You | Audio/video monitoring of individuals who enter our offices | None | |
| I. Professional or employment related information | Employees and Contractors | You |
|
|
| Employees and Contractors | Consumer Reporting Agencies | - Pre-engagement screening
- Obtain a consumer report |
Companies with engagement or employment opportunities for you | |
| J. Education information | Employees and Contractors | You |
|
|
The following is a summary of the categories of personal information we collect, whether we collect the information about Visitors, Employees and Contractors, and/or Client, the purposes for which we collect the information, and the categories of third parties with whom we share personal information.
This is a summary of the categories of personal information we have collected and shared in the preceding 12 months.
Reasonable security practices and procedures
Pursuant to India's IT Act, Information Technology Rule 8, India has determined that the International Organization for Standardization (ISO) demonstrates compliance with India's reasonable security practices and procedures.
MBO Partners received the ISO 9001:2015 certification after demonstrated ability to meet customer, statutory, and regulatory standards. Therefore, our security practices and procedures are in full compliance with India's laws.
Contact details and complaints
For any questions, concerns or complaints regarding a possible breach of your privacy by us, please contact our Data Protection Officer as follows:
- By completing the Individual Data Request Form
- By phone at 0011+1+703 793 6000
- By mail to MBO Partners, Inc, Attention Data Protection Officer, 20370 Exchange Street, Suite 250, Ashburn VA 20147
We will treat each complaint confidentially. We will investigate each complaint and will contact the individual that submitted the complaint within a reasonable time period once the complaint is resolved (and in any event within any applicable time periods required by law).
Transfers of personal information
We may disclose your personal information to our affiliates, third party suppliers and service providers, and other third parties as described in our Privacy Policy and as authorized by India's IT Act. Some of these entities may be located outside India, including in the United States, New Zealand, Singapore, Germany, Ireland, Australia, and the United Kingdom. We take reasonable steps to ensure that any entities located inside or outside India that receive your personal information from us ensure the same level of data protection that is adhered to by us and that such entities do not breach applicable privacy obligations.
Changes to these additional privacy terms if you are located in India
We may update these Additional Privacy Terms if You are Located in India from time to time. When we do update them, we will post a notice on our Websites, make the updated version of these Additional Privacy Terms if You are Located in India available on this page, and indicate the date it was last updated above. For clarity, any updates will apply from the date they are posted. Please check back periodically to see if these Additional Privacy Terms if You are Located in India have been updated.