Privacy Policy
We, at ICCS, are committed to protecting the privacy and confidentiality of our clients, customers, and employees. This Privacy Policy explains how we collect, use, share, and safeguard personal information during our business operations.
Connect with Us
Information We Collect
We may collect the following types of personal information:
Client and End-Customer Data: Name, contact information, identification numbers, financial data, transaction history, and other information necessary for us to perform our services.
Employee Information: Name, address, phone number, email, job title, payroll details, employment history, performance reviews, and Education Certificates and performance.
Third-Party Vendor Information: Contact details, contractual agreements, and financial transactions.
Purpose Of Data Collection
Personal information is collected for the following purposes:
To provide BPO services to our clients.
To maintain business relationships with clients and third-party vendors.
To manage and support our internal operations, including human resources and payroll.
For compliance with legal and regulatory requirements.
To improve the quality and efficiency of our services.
Data Usage And Processing
We use personal data to:
Deliver services to our clients according to contract agreements of the desired business.
Respond to client inquiries and fulfil requests.
Conduct internal business processes such as billing, audits, and legal reporting.
Enhance the security and functionality of our systems.
Data Sharing and Disclosure
We do not share personal information with third parties except as necessary to:
Fulfil client contracts.
Comply with legal obligations or regulatory requests.
Provide services through third-party vendors and partners, with appropriate data protection measures in place.
Ensure business continuity in on technology level and manage the DR basis on the client requirement.
Data Security
We implement robust security measures to protect personal data from unauthorized access, alteration, disclosure, or destruction. This includes:
Restrict the public access of entire network
Encryption of sensitive data.
Access control policies to limit who can view or edit personal information.
Regular audits and assessments of our security systems.
Secure storage of physical and electronic records.
Data Retention
Personal information is retained for as long as necessary to:
Provide services to our clients.
Comply with legal obligations.
Resolve disputes and enforce agreements. Once the retention period expires, we securely hand over the data to desired client and delete from ICCS Server’s storage and issue the pursing certificate basis on Infosec agreement or their guidelines.
Rights of Data Subjects
Individuals like employee whose personal information we stored have the following rights:
The right to store their personal data to comply the employment regulation.
Requests regarding data access or modification should be directed to our employee NDA and part of Joining KIT.
Cross-Border Data Transfers
As a global BPM service provider, we may manage the BCP of business and transfer the Process specific data from one location to other ICCS location with specific data protection regulations and agreement with desired client who required the BCP for their business. We ensure that such transfers are made in compliance with applicable laws and over secure network connectivity with adequate safeguards encryption methodology.
Compliance with Data Protection Laws
We comply with relevant data protection laws, including but not limited to:
Information Security ISMS followed to ISO/IEC 27001:2022
Other applicable national and international data protection laws as per business requirement.
Followed to DPDP act to protect the client process data as processor and employee Data as fiduciary.