The purpose of this policy is to highlight various obligations, best practices, and processes that support compliance with data privacy regulations applicable to NIIT in its role as both a data controller and a processor.
This policy applies to all NIIT personnel, operating units, and wholly owned subsidiaries worldwide.
4. Collection and use of information
4.1 What Information We Collect from You
NIIT collects, processes, and retains information about you when you visit our website. You may choose to provide us with the Personally Identifiable Information, or other information, to access protected information on the website or so that we can connect with you after your visit, based on your consent.
When you visit our website, we may track, collect and aggregate information indicating, among other things, which pages of our Site were visited, the order in which they were visited, when they were visited, and which hyperlinks were “clicked.” We also collect information from the URLs from which you linked to our website. Collecting such information may involve logging the IP address, operating system and browser application used. We may be able to determine from an IP address a user’s Internet Service Provider and the geographic location of his or her point of connectivity.
4.2 How NIIT uses your information
The information we collect from you may be used in one of the following ways:
i. To provide course information: We shall use your personal data to respond to your queries, understand training needs and trends and resource planning as relevant to training services.
ii. To communicate regarding training sessions: Your information helps us keep you posted on your training schedules and communicate with you regarding your training requirements, follow-ups, and feedback.
iii. To customize content and improve the quality of service: NIIT may use your personal information to help create and personalize training content. Geographic information may be used to assess the page response time and provide a better user experience.
iv. To obtain third-party services: We also share essential personal information with third parties who provide training services. When NIIT shares personal information with third-party service providers, we require that they use your personal information and other information only for the purpose of providing services to us and subject to terms consistent with this policy. Other than for the purpose of providing services, we will not sell or otherwise disclose your information to any other company.
v. To contact you: Your information may be used to contact you in response to your request or to provide you with information that we think you may be interested in receiving. We will honor your request if you inform us that you do not want to receive any information that you have not specifically requested.
5. Fairness and Purpose
NIIT will collect adequate, relevant, and necessary personal information and will process such information fairly and lawfully for the purpose it is collected. The purpose of collection will be specified not later than at the time of data collection, or on each occasion of the change of purpose.
6. Accuracy of information
The information held by NIIT on this website shall be checked with you from time to time to ensure that it remains up to date. Should your personal circumstances change, you should notify us immediately. Refer to Section “Privacy Contact Information.”
7. Distribution of Information
7.1 Information Disclosure
i. NIIT may disclose your personal information as we believe to be necessary or appropriate:
a) under applicable law, including laws outside your country of residence;
b) to comply with the legal process;
c) to respond to requests from public and government authorities, including public and government authorities outside your country of residence, for national security, and/or law enforcement purposes;
d) to enforce our terms and conditions; and
e) to allow us to pursue available remedies or limit the damages that we may sustain.
ii. Additionally, in the event of a reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings), we may transfer the personal information we have collected to the relevant third party.
iii. We may share information with governmental agencies or other companies assisting us in fraud prevention or investigation. We may do so when:
a) permitted or required by law; or
b) trying to protect against or prevent actual or potential fraud or unauthorized transactions; or
c) Investigating fraud that has already taken place. The information is not provided to these companies for marketing purposes.
If NIIT goes through a business transition, such as a merger, an acquisition by another company, or a sale of all or a portion of its assets, your personal information collected through our website(s) may be among the assets transferred. A prominent notice will appear on our website(s) for 30 days after any such change in ownership or control of your personal information.
7.2 Cross-Border Data Transfers
When conducting business, working on NIIT projects, or implementing new processes or systems, an operation may require the transfer of personal information to other entities or third parties that are located outside of the NIIT operation’s country of business. While permissible data transfer mechanisms are defined by the applicable law or regulation, examples include:
i. a data transfer agreement with the party who will access or obtain the personal information;
ii. notice to and/or approval from a country’s local data protection authority; or
iii. notice to and/or consent from the individual whose data is to be transferred.
8. Consent and Control
Consent is often referred to as an individual’s choice to “opt in” or “opt out” of NIIT’s use of personal information and is usually obtained by a “check box” or signature confirming that the individual understands and agrees to the processing of his or her personal information. At times, express written consent from the individual may be required based on the information-processing activity. NIIT receives consent from individuals before:
i. collecting, using, or processing their personal information, including sensitive personal information, in certain ways or sharing their personal information with any third party;
ii. transferring the individuals’ personal information outside of their country of residence; or
iii. using or placing web cookies on an individual’s computer or other electronic devices.
8.2 Control of your information
NIIT also provides individuals with the right to control their personal information, which includes the right to access, modify, erase, restrict, transmit, or object to certain uses of their information.
You may request to review, correct, update, suppress, or otherwise modify any of your personal information that you have previously provided to us, or object to the use or processing of such personal information by us. Please send your requests to us via email. Refer to Section “Privacy Contact Information.”
In your request, please make clear what personal information you would like to have changed, whether you would like to have your personal information that you have provided to us suppressed from our database, or otherwise what limitations you would like to put on our use of your personal information that you have provided to us. NIIT may conduct an owner verification check to ascertain the identity of the requester.
While the majority of questions and issues related to access can be handled quickly, complex requests may take more effort and time. In such cases, issues will be addressed, or you will be contacted regarding the progress and appropriate next steps, within 30 days.
9. Data Storage
Your personal information is stored on our systems or third-party cloud provider with industry best security certifications and practices.
10. Commitment to data security
Your personally identifiable information is kept secure. Only authorized employees, business partners, clients, vendors, and other third-party providers (who have agreed to keep information secure and confidential) have access to this information. Data access is strictly on a need-to-know, least privilege principle.
NIIT ensures that our supplier employs industry-standard security measures to ensure the security of information through legally binding terms and conditions. However, users of our website are responsible for maintaining the security of any password, user ID, or other form of authentication involved in obtaining access to password-protected or secure areas of the websites. Access to and use of password-protected and/or secure area of this website are restricted to authorized users only. Any unauthorized access to such areas is prohibited and may lead to criminal prosecution.
10.2. EU – U.S. Privacy Shield Statement
NIIT complies with the EU–U.S. Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. NIIT has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Statement and the Privacy Shield Principles, the policy with higher restrictions will apply.
11. Retention and disposal
We keep your Personally Identifiable Information for no longer than necessary for the purposes for which the Personally Identifiable Information is processed. The length of time we retain Personally Identifiable Information for depends on the purposes for which we collect and use it and/or as required to comply with applicable laws and to establish, exercise or defend our legal rights.
12. Supplier Obligations
Our supplier being the cloud service provider for this website and therein being the custodian of information will be liable for the management of the following:
i. security of the personal information
ii. appropriate retention and disposal of personal information
iii. appropriate storage of personal information
13. Your Consent
Please refer to the end of this policy for providing your consent. Your consent to personal data collection and processing may be revoked by notifying us via email (Refer to Section on “Privacy Contact Information.”). For users below the age of 16, the consent should be provided by the holder of parental responsibility of the child.
Please note, in case you choose to not provide us with the consent or withdraw the consent at any given point of time, we shall not be able to provision the services as detailed in Section 4.2 of this policy.
14. Privacy Contact Information
If you have any questions regarding our Privacy Statement or if you need to update, change, or remove information, you can do so by contacting Privacy Office at NIIT by email addressed to: PrivacyOffice@niit.com.
15. Changes to this Policy