Privacy Policy
Home / Privacy Policy
Privacy at Pricoris
Pricoris LLP is responsible for the data we collect and process for our own purposes. We’re committed to maintaining the security and privacy of the personal data we process, whether through our website or through our interactions with clients, prospects or industry partners.
Whether we are supporting our clients or managing our own data, privacy and security are at the heart of our operations. Whilst we take appropriate measures in our own practices, security and privacy is at the core of our business operations, so it is imperative we operate in accordance and where possible above industry and regulatory requirements including the Digital Personal Data Protection Act (DPDP Act), 2023.
What personal data we collect and why we collect it Security and Privacy Consulting Services
Although our core services do not revolve around collecting and processing personal data, we often process personal data as part of delivering our Cyber Security and Data Privacy services to clients. This can range from our client’s data or our client’s, client data.
We do not collect personal data as a matter of course in these interactions, except for pre-contractual material and communications relating to individual pieces of work. There are instances where our Penetration Testing services process data but this is covered directly with the client and not collected by us. This work and subsequent processing of data is all done performed under a contract or with a view of entering into one, which Pricoris LLP and our clients are subject to.
We retain the data as per contractual terms and if no such terms are agreed upon, for a period of 2 years after the sign off from both parties.
Data Types – Name, email addresses, address, telephone details, signatures, business contact details.
Website Enquiries
We have a Contact Us page on this website, which allows individuals to ask questions about our services, including exercising your rights under Data Protection Law. The Contact Us page, and sending an email into info@pricoris.com is monitored by our internal team, to ensure we identify and handle your request effectively. The Contact Us form contains basic contact information and free text fields, allowing you to provide details of your enquiry. We request that you do not include sensitive information in this form, as we have other secure ways in which you can send us information, should we require any. This data is processed under our legitimate Interests and only used to facilitate your enquiry.
We retain the data securely for a period of 2 years and seek your consent to retain it further. You always have the right to unsubscribe.
Data Types – Name, email addresses, subject field and free text field (which should not include personal data)
Employee administration
We process personal data to facilitate contracts of employment and provide our employees with employee benefits that are associated with working at Pricoris LLP. Employees are provided with internal privacy information on how their data is processed but if you have previously worked with Pricoris LLP, you are able to make a request through our Contact Us form.
We retain your data securely for a period defined as per the law of land.
Data Types – Provided via internal privacy policy to employees.
Prospective clients
We process basic business contact information of prospective clients and opportunities, which may initially be collected via sales meetings, business cards, verbally, events we may host, speak at or attend. This includes the prospective client’s business contact information, which includes their personal information and details about each opportunity. We use a secure server to store your information, so that we can keep track of our interactions with you and manage the relationship effectively. This processing is in Pricoris’ Legitimate Interests or fulfilling our requirements when entering into or in the Performance of a Contract with a client.
We retain the data securely for a period of 2 years and seek your consent to retain it further. You always have the right to unsubscribe.
Data Types – Name, email addresses, address, telephone details, signatures, business contact details, email conversations.
Financial management, accounting and administration
Our financial management and accounting services process basic client contact information in order to fulfil our accounting requirements. This ranges from invoices, account details, timesheet approvals, statement of works, terms and conditions and bank details. This processing is primarily to enable us to perform our side of the contract with our client and meet our legal obligations for financial reporting.
We retain the data during the contract tenure and for a period of 8 years as required by the law.
Data Types – Name, email addresses, address, telephone details, client and supplier bank account details, signatures, business contact details.
Customer satisfaction surveys
When we have delivered a piece of work to our clients, we like to make sure they have received a great service. We use the client contact information in order to send a survey asking some basic questions on how we performed when deliver our services. This is performed under our legitimate interests and purely used to ensure we have delivered to our expectations. This processing and the responses from clients are not used for spamming you with marketing communications. We may ask for a reference but that’s about it.
Your survey comments may be used on our website with your consent.
Associates/Contractors
We process basic contact and work information in relation to associates and contractors who would like to work with us or one of our clients. This information could be collected through our website, email, Linkedin, recruitment agencies or job advertising boards. Contractors who are working with us or who could potentially be working with us in the future will have their details stored in a secure server, so that we can keep track of their skills, contact details and availability. This processing is undertaken under Pricoris’ legitimate interests and in the performance of a contract or with a view to entering into one.
We retain the data for 2 years and would contact you thereafter seeking consent to retain it further.
Data Types – Name, email addresses, address, telephone details, skills, job history, bank account details, company insurance details, passport, driving licence, references and email conversations.
Marketing and Events
We want to ensure that our customers and businesses with an interest in Cyber Security, Data Privacy, Information security, Business Continuity, Organizational Resilience, Business Risk are able to receive the latest insights, news and information regarding our services. We only send communications to individuals within organisations where we believe we have a legitimate interest to do so. Where an individual uses our contact page we also ask for consent to send communications, as a simple enquiry does not satisfy grounds to send communications of this nature after dealing with your request.
Our main form of providing information on our products, services, events and industry research and insight are via;
Industry Events – This is where Pricoris are either showcasing our services, whereby we produce information about our services and capabilities. We may also run competitions but will only communicate with you for the purposes of that competition, so entering a competition doesn’t mean you get bombarded with marketing material. We may also exchange business cards at events and we will email you to follow up on our interaction with you. This does not mean we will send you marketing material, but we will enter any information about opportunities into our sales system to ensure we have provided you with the information you require.
Social Media – Pricoris make use of social media platforms such as Linkedin, Facebook and Twitter. We as a business sign up to the terms and conditions of the provider and use the platforms to provide insight into the latest cyber security and data privacy activities taking place across the world, to promote Pricoris’ employees, services and provide you with our latest thought leadership content on different subject matter.
Webinars – We conduct webinars on topics which are relevant to our services and industries we operate within. In order to deliver the webinar we require your personal data to provide you with the webinar details and how you can access the services. Our webinars are publicised through our website, social media platforms and email. Anyone wishing to attend would be required to register via our website. We collect first name, surname, email addresses and company name of the person wishing to attend. When collecting this information, we will also ask for your permission to contact you for future marketing purposes. You may also have the opportunity to provide questions prior to the webinar and this may involve an optional request for your email address beforehand in order to facilitate answering the question during the webinar. We process your data only for delivering the webinar and this is processed under Pricoris’ Legitimate Interests.
We retain the data for 2 years and would contact you thereafter seeking consent to retain it further.
If you do not wish to receive any form of communication from Pricoris then simply inform us through our contact page, email info@pricoris.com or unsubscribe from any communication.
Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
How long we retain your data
Pricoris only processes personal data for as long as necessary to meet our legal obligations or where we have a legitimate business reason for keeping it. Retention policies for different data have been mentioned individually for each category of data.
What rights you have over your data
Under Data Protection Law you have a number of Rights that are focussed on placing you in control of how your data is processed.
You can exercise these Rights by emailing us at privacy@pricoris.com or by writing to Pricoris LLP, 1002, Corporate Park, Sector 142, NOIDA – 201305.
We may ask you for identification prior to disclosing any data, as we need to ensure we only disclose information to the person entitled to it.
You have the following Rights in relation to the processing of your personal data;
Right to be Informed – You have the right to be provided information on how your personal data is processed
Right to Access – You have the right to have access to the personal information we hold about you.
Right to Rectification – This relates to the right to rectify any inaccurate personal information we hold about you.
Right to Erasure – The right to request that we delete your data, or stop processing it or collecting it, in some circumstances
The Right to Object – You have the right to object to the processing of your data, such as requesting us to stop sending you marketing communications.
Right to Data Portability – You can request your personal data to be sent to another service provider.
Right to Nominate: You have the right to nominate another individual who can act on your behalf in exercising your data protection rights in the event of your incapacity or death.
Right to Grievance Redressal: If you believe your rights under the DPDP Act have been violated, you may file a grievance (details below).
Ultimately, we want you to be in control of your personal detail so feel free to get in touch and ask any questions.
Grievance Redressal Mechanism
If you have any concerns or complaints regarding the processing of your personal data, you can report them to:
Sandhya Khamesra
Email: sandhya.khamesra@pricoris.com
We will handle all grievances in accordance with the DPDP Act and aim to provide a response within 30 days.
Where we send your data
Primarily our systems and services are all located within India. There may also be rare occasions where our employees work outside of India and access systems from outside India.
Pricoris have implemented appropriate measures to ensure an adequate level of protection of your Personal Data at all times, when processed to countries outside of India. If you have any questions or would like to obtain copies of safeguards in for a specific set of processing then please contact us with the specific request.
Our contact information
Should you wish to contact us in order to find out more about how we process personal data, exercise your rights, make a complaint to us or just discuss some of our practices then please contact us using the following details:
Email: Privacy@pricoris.com
Post: Privacy Officer, Pricoris LLP, 1002, Corporate Park, sector 142, NOIDA
Telephone No. – 91 (0) 120 4323179
Additional information
How we protect your data
At Pricoris we take the security of personal data extremely seriously. We have implemented a mixture of cyber security controls, encryption.
We assess security for Confidentiality, Integrity and Availability to ensure that data remains protected, accurate and available for its intended purposes and we employ state of the art security controls like secure transmission, multi factor authentication, controlled access etc.