OUR COMMITMENT TO PRIVACY

At Conwerse Consultancy, we treat Privacy with the highest level of seriousness and responsibility. In conducting our global business operations, we exercise utmost diligence to ensure that the privacy of every individual engaging with us is protected. Our commitment is rooted in “privacy by design and by default,” and aligned with all applicable laws and regulations.

There are several avenues through which personal information may be collected and used by ConwerseConsultancy for fair and legitimate business purposes.

Our Privacy Notice explains what data we collect, how we use it, and the measures we take to ensure that the rights of every individual whose personal information we process are protected and respected.

Our Privacy Policy explains:

• The nature and extent of personal information we collect – including what data we collect, how we collect it, and the reasons for doing so.
• How we use personal information – the ways in which we process and apply the data to support fair and legitimate business purposes.
• Your rights and choices – the options and methods available for individuals to exercise their privacy rights, including provisions to access, review, and update their personal information.

We have kept this Policy simple and easy to understand. We request you to review it carefully before sharing any personal information with us. By continuing to use this website and providing your personal information, you are deemed to have given your consent to the practices described herein. Further, in compliance with applicable laws and regulations, Conwerse Consultancy will seek your explicit consent wherever the collection or use of specific personal information is required in a particular context.

ALIGNMENT WITH GLOBAL PRIVACY REGULATIONS

We are fully committed to maintaining the highest standards of compliance with all applicable Privacy Acts and Data Protection regulations in the regions where we operate, including the EU General Data Protection Regulation (GDPR). To further strengthen our commitment, we have implemented robust Information Security and Data Protection frameworks across our business processes. Our Information Security Management System is certified to ISO/IEC 27001:2013 standards and we are SOC 2 Type II compliant, ensuring Security, Availability, Processing Integrity, Confidentiality, and Privacy of data at every stage of our operations.

Please note that our Privacy practices may be reviewed and updated periodically to strengthen our commitment towards data protection.

For any queries, you may reach us at privacy@conwerseconsultancy.com

Privacy Notice

We act as a Data Controller when collecting and processing personal information in the following areas:

• Marketing and Sales Activities – to promote and offer our Solutions and Services.
• Website Interactions – during visits to our website, either through designated web-forms or by automated means such as cookies.
• Recruitment Process – to identify, evaluate, and engage suitable professionals as part of our global team.

The details of the policies and controls governing these activities are outlined in the sections below.

In addition, we collect and process personal information as part of our internal operations, such as Human Resources and Payroll management. The policies and controls governing these internal processes are established and maintained within the organization to ensure compliance and protection of personal information.

Conwerse Consultancy provides Business Advisory and Technology Consulting Services to its global clients. In the course of delivering these services, we do not engage directly with individuals to collect their personal information. However, in certain cases, as part of executing our services, we may process personal information that has been collected by our clients. Such processing is carried out solely on behalf of our clients, with Conwerse Consultancy acting in the role of a Data Processor. All data processing activities remain limited to the scope defined within the respective Data Processing Agreements (DPA) and are executed in accordance with applicable contractual and regulatory data protection requirements.

Cookies:

We use cookies to improve the functionality of our website and provide a better user experience. These small files help us remember visitor preferences, track session details, and understand which pages are accessed or visited. Cookies also allow us to highlight new sections of the site that may be of interest, analyze past activity to enhance future visits, avoid showing the same advertisements repeatedly, and tailor content according to your browser type or other technical information your browser provides.

By default, most web browsers accept cookies. However, you can modify your browser settings to be notified whenever a cookie is placed, or choose to decline cookies if you prefer

Children:

Conwerse Consultancy does not provide services, offer products, or engage in recruitment or employment of individuals under the age of 18. As such, in our role as a Data Controller, we do not collect or process any personal information relating to children below this age.

Similarly, even when acting as a Data Processor on behalf of our clients, we do not intentionally receive or handle personal data of children under 18. In the event that we become aware of having received such information inadvertently, we will promptly delete it from our systems. If you suspect or believe that we may have unintentionally collected information from or about a child under 18, we request that you contact us without delay.

Information We Collect

As a Data Controller, Conwerse Consultancy may collect personal information in the following ways:

• Information you provide through web forms – When you visit our website and fill out specific forms, we may collect details such as your name, country, industry, organization, job title, department, business or personal email address, contact number, and resumes. These are typically non-sensitive details provided voluntarily.
• Automatically collected technical data – During your visit to our website, certain information is captured automatically, including cookies, IP addresses, and browser-related details. For more on this, please see the Cookies section. If any additional data is collected, it will be subject to clear notification, user consent, and the relevant processing agreement with the client.
• Marketing and sales activities – As part of our business outreach, we may collect personal information from publicly available or licensed sources such as job portals, professional networking platforms, or trusted marketing partners.
• Recruitment process – When considering candidates for employment, we may gather details from sources like job portals and professional social networks. In addition to the general information listed above, we may also request specific details such as education, qualifications, employment history, salary information, and family details — always subject to your explicit consent.

Conwerse Consultancy may receive personal information from its global clients solely for the purpose of delivering agreed Solutions and Services. Any such data handling is carried out strictly within the boundaries defined by the respective Scope of Work and Data Processing Agreement (DPA) with each client. All processing activities remain fully aligned with contractual obligations and applicable data protection regulations.

Use of Information Collected

Web-form submissions

Any personal data you provide through our website forms will be used strictly for the purposes stated at the time of collection and for any additional purposes for which your consent has been obtained.

Technical and system data

Information such as cookies, IP addresses, and browser details may be used for:

• Delivering a customized and seamless website experience.
• Monitoring and analyzing system performance to ensure efficiency.
• Identifying, preventing, and addressing technical issues.
• Troubleshooting and support. To achieve these objectives, we may also rely on third-party tools and analytics platforms where appropriate.

Marketing and sales data

Personal information obtained from external sources (e.g., job portals, professional networks, or marketing partners) will only be used for legitimate business purposes in line with applicable laws. This includes:

• Ensuring that communication is contextually relevant and meaningful to you.
• Seeking your explicit consent at the first point of contact before continuing further engagement.

Recruitment data

Information collected for recruitment will be used exclusively for hiring-related processes, as per the consent you provide and in compliance with relevant legal requirements.

Backups and recovery

Data stored within our systems is periodically backed up. Backup data is accessed and processed only for:

• Troubleshooting and recovery.
• Verification and testing of backup and recovery systems.

What we do not do

We do not profile individuals or track user behavior, either manually or automatically, except where strictly necessary to provide or support designated services. Furthermore, we do not use personal data for any purpose other than:

• Those explicitly outlined in this Privacy Policy.
• Those for which your specific consent has been granted.
• Those covered under a formal Data Processing Agreement with our clients (in cases where we act as a Data Processor).

To whom may we disclose this Personal Data?

• Personal data within the scope of Conwerse Consultancy will only be accessible to specifically authorized personnel, in accordance with the Data Processing Agreement (DPA) established with our clients as Data Controllers. These authorized individuals may belong to Conwerse Consultancy or its affiliated/associated entities.
• Certain personal data may also be shared with approved third-party service providers, acting as sub-processors, for designated purposes such as marketing support, recruitment and payroll, IT and communication services, analytics, system monitoring, troubleshooting, and related functions. All such parties are contractually obligated to follow the same standards of data protection as required under applicable laws and data protection principles. Conwerse Consultancy does not transfer personal data for independent use by third parties, but only for fulfilling legitimate business purposes in its role as Data Controller or Data Processor.
• In compliance with legal and regulatory requirements, personal data may be disclosed to government authorities or law enforcement agencies, where such disclosure is legally mandated. This may include circumstances relating to regulatory compliance, national security, or other lawful obligations.

Data Storage and Transfer

• All personal data collected will be stored securely on physical or cloud-based servers and databases, either managed directly by Conwerse Consultancy or by our authorized service partners.
• Data may be stored or transferred both within and outside the country/region where it was originally collected, whenever required for legitimate processing and service delivery.
• Any cross-border transfer of personal data will strictly comply with applicable data protection laws, privacy regulations, and contractual obligations, ensuring appropriate safeguards are in place to protect the rights of data subjects.

Data Retention

• Personal data is retained only for as long as necessary to serve the purposes for which it was originally collected.
• Any customer-specific data, including personal information, is retained strictly in line with the terms outlined in our contracts or agreements with customers, as well as applicable legal and regulatory requirements.
• Conwerse Consultancy does not store or retain personal data beyond the duration required to meet the agreed purpose, the customer’s instructions, or the retention periods mandated by law or regulation.

Data Retention

Conwerse Consultancy gives utmost importance to the protection of personal data. Every system, process, and practice we implement is carefully designed with security and privacy as a core principle to ensure the highest level of safeguarding.

To support this, we have in place a robust Information Security Management System (ISMS) that governs how data is handled across our organization. This framework is built in line with globally recognized best practices and is certified to the ISO/IEC 27001:2013 standard. It includes strong security measures such as continuous monitoring, regular security testing, and both internal and external audits to ensure compliance and resilience.

Additionally, all our partners, affiliates, and service providers who may process data on our behalf are contractually required to uphold the same level of protection. They are obligated to follow the principles of data protection and comply fully with all relevant laws and regulations.

Your Rights as a Data Subject

Subject to applicable laws and regulations, you may exercise some or all of the following rights regarding your personal data held by Conwerse Consultancy:

• Access Rights – You can request a copy of the personal data we hold about you, along with details of how and why it is being processed.
• Correction Rights – You have the right to ask us to update or correct inaccurate or incomplete personal data.
• Right to Erasure – In certain circumstances, you may request that your personal data be deleted from our systems.
• Restriction of Processing – You can ask us to limit the processing of your personal data under specific conditions.
• Data Portability – You are entitled to receive your personal data in a structured, commonly used, and machine-readable format, and request that it be transferred to another party.
• Withdrawal of Consent – Where processing is based on your consent, you may withdraw it at any time, without affecting the lawfulness of processing already carried out.
• Right to Complain – You may file a complaint with the relevant data protection authority in your region if you believe your rights have been violated.

If you wish to exercise any of these rights or have concerns related to your personal data, please reach out to us at privacy@conwerseconsultancy.com.

Please be aware that in order to safeguard privacy, we may request valid proof of identity before processing any such request. Where the law permits, we also reserve the right to levy a fee in cases where the request is clearly repetitive, unfounded, or excessive. Every effort will be made to address your request within the timelines prescribed by the applicable regulations.

In situations where the personal information has been received from our customers and is being processed strictly on their behalf, Conwerse consultancy does not act as the Data Controller. In such cases, the process, conditions, and methods for exercising these rights will be governed and defined by our customers. Conwerse consultancy remains fully committed to supporting and enabling our customers in fulfilling these obligations, in accordance with the data processing and service agreements in place.

If you approach us directly in relation to data collected by or for our customers, and where we act purely as a Data Processor, we will make reasonable efforts to redirect your request to the relevant customer, who is the rightful Data Controller of your personal data.

Further Questions / Information

If you have any queries or require additional clarification about this policy, you may reach out to us through the contact options mentioned on this website.

The terms and conditions outlined here will be interpreted and enforced in accordance with the laws of India. For any concerns or disputes, you may write to us at privacy@conwerseconsultancy.com or legal@conwerseconsultancy.com