Integrated Learning Management Solution - Privacy Statement

Introduction

PwC is strongly committed to protecting personal data. This privacy statement describes why and how we collect and use personal data and provides information about individual's rights in relation to personal data. It applies to personal data provided to us, both by individuals themselves or by others. We may use personal data provided to us for any of the purposes described in this privacy statement or as otherwise stated at the point of collection

You have been given access to this Solution solely in connection with your employment with our client ('Client'). You may be a partner, member, representative or employee of the Client. Your employment or other agreement with the Client regarding your role applies to your use of this Solution.

By using this Solution and providing personal information to us, you acknowledge you have read this privacy statement.

Definitions

In this privacy statement we use the following terms:

Solution refers to 'Integrated Learning Management Solution' Solution.

Personal data or personal information is how we refer to information about you or information that identifies you as "personal data" or "personal information".

Processing is how we sometimes refer to the handling, collecting, protecting or storing of your personal data. We process personal data in this Solution for numerous purposes, as set out below.

Definition of PwC

As used in this privacy statement, "PwC", "us", and "we" refer to the PwC network and/or one or more of its Member Firms that may process your personal information. Each Member Firm in the PwC network is a separate legal entity. PricewaterhouseCoopers Private Limited is the owner of this tool and any personal data, which is being shared by you with us, is as per the terms of the engagement executed between PwC and our Client, as per the instructions of the Client given to you for the purpose of use of this Solution. For further details, please see www.pwc.com/structure. See https://www.pwc.com/gx/en/about/office-locations.html for a list of countries and regions in which PwC Member Firms operate

Collection of personal data

Our policy is to collect only the personal data that we need be transparent about why and how we process personal data. The categories of personal data processed by us in relation to this Solution are generally:

• name
• email address
• phone number
• Employee Id/ Student Id
• Date of birth
• Emergency Contact Number
• Student Images
• Student Pan No

PwC may also collect information about you when you use this Solution, for example, logs of your activities on the Solution (for example, when you signed in and signed out, when upload or view a document, or when you post comments); logs and text you post in a comment, or logs showing what information you shared information, etc.).

You may choose to provide additional information when you use this Solution, including any content you contribute.

We do not intend to collect special categories of personal information through this Solution and no special categories personal information is required for this Solution to operate. Special categories of personal information include race or ethnic origin; political opinions; religious or philosophical beliefs; trade union membership; physical or mental health; genetic data; biometric data; sexual life or sexual orientation; and criminal records. We ask that you not provide information of this nature about yourself or anyone else via this Solution.

Our legal grounds for processing your personal data

We rely on one or more of the following processing conditions:

• our legitimate interests in the effective delivery of information and services to you and in the effective and lawful operation of our businesses and the legitimate interests of our clients in receiving professional services from us as part of running their organization (provided these do not interfere with your rights);
• our legitimate interests in developing and improving our businesses, services and offerings and in developing new PwC technologies and offerings (provided these do not interfere with your rights);
• our legitimate interests in maintaining the security of our and our client's data, the quality of our services and maintaining our reputation.
• to satisfy any requirement of law, regulation or professional body of which we are a member (for example, for some of our services, we have a legal obligation to provide the service in a certain way);
• to perform our obligations under a contractual arrangement with you; or
• where no other processing condition is available, if you have agreed to us processing your personal information for the relevant purpose.

Use of personal data

We may use your personal information for any of the purposes described in this Privacy Statement, as stated at the point of collection, or as obvious from the context of collection, including:

• Administering, managing and developing our business and services: This includes:
  • analyzing and evaluating the strength of interactions between PwC and a contact;
  • performing analytics, including producing metrics for PwC leadership, such as trends, relationship maps, sales intelligence and progress against account business goals;
  • administering and managing IT systems, websites and applications; and
  • hosting or facilitating the hosting of events.
• If you do not want us to so contact you, then you should not register for the Solution. The Solution does not collect or compile personally identifiable information for dissemination or sale to outside parties for consumer marketing purposes, or host mailings.

• Security, quality and risk management activities

  We have security measures in place to protect our and our client's information (including personal data), which involve detecting, investigating and resolving security threats. Personal data may be processed as part of the security monitoring that we undertake; for example, automated scans to identify harmful emails.

• Complying with any requirements of law, regulation or a professional body of which we are a member

  As with any provider of professional services, we are subject to legal, regulatory and professional obligations. We need to keep certain records to demonstrate that our services are provided in compliance with those obligations and those records may contain personal data.

Security

We have implemented generally accepted standard of technology and operational security in order to protect personal information from loss, misuse, alteration or destruction. Only authorised persons are provided access to personal information; such individuals have agreed to maintain the confidentiality of this information.

Although we use appropriate security measures once we have received your personal data, the transmission of data over the internet (including by e-mail) is never completely secure. We endeavor to protect personal data, but we cannot guarantee the security of data transmitted to or by us.

Cookies

"Cookies" are small text files placed on your device that assist us in providing a more customized experience. For example, a cookie can be used to store registration information in an area of the Solution so that a user does not need to re-enter it on subsequent visits to that area.

If you are concerned about cookies, most browsers permit individuals to decline cookies. In most cases, a user may refuse a cookie and still use the Solution; however, other functionality may be impaired. After termination of the use, you can always delete the cookie from your system if you wish.

If you are concerned about cookies, most browsers permit individuals to decline cookies. In most cases, a user may refuse a cookie and still use the Solution; however, other functionality may be impaired. After termination of the use, you can always delete the cookie from your system if you wish.

Transfer of personal data Cross-border transfers

If we process your personal information, your personal information may be transferred to and stored outside the country where you are located. This includes countries outside the European Economic Area (EEA) and countries that do not have laws that provide specific protection for personal information.

Where we collect your personal information within the EEA, transfer outside the EEA will be only:

• to a recipient located in a country which provides an adequate level of protection for your personal information; and/or
• under an agreement which satisfies EU requirements for the transfer of personal data to data processors or data controllers outside the EEA, such as standard contractual clauses approved by the European Commission.

The US member firm of PwC, PricewaterhouseCoopers LLP and its affiliated US subsidiaries (together, “PwC US”), adheres to the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal information that is transferred from the European Union and its Member States, and the EEA and Switzerland to the United States. PwC US has certified that it adheres to the Privacy Shield Principles within the scope of PwC US’s Privacy Shield certification. To learn more, see the PwC US Privacy Shield Policy.

Other PwC Member Firms

For details of PwC Member Firm locations, please see http://www.pwc.com/gx/en/about/office-locations.html.

We may share personal data with other PwC Member Firms where necessary in connection with the purposes described in this privacy statement. For example, when providing professional services to a client we may share personal information with PwC Member Firms in different territories that are involved in providing advice to that client.

Third Party Providers

We may transfer or disclose the personal data we collect to third party contractors, subcontractors, and/or their subsidiaries and affiliates. Third parties support the PwC Network in providing its services and help provide, run and manage IT systems. Examples of third-party contractors we use are providers of identity management, website hosting and management, data analysis, data backup, security and cloud storage services. The servers powering and facilitating our IT infrastructure are located in secure data centres around the world, and personal data may be stored in any one of them.

The third-party providers may use their own third-party subcontractors that have access to personal data (sub-processors). It is our policy to use only third-party providers that are bound to maintain appropriate levels of security and confidentiality, to process personal information only as instructed by PwC, and to flow those same obligations down to their sub-processors.

Other disclosures

We may also disclose personal information under the following circumstances:

1. with professional advisers, for example, law firms, as necessary to establish, exercise or defend our legal rights and obtain advice in connection with the running of our business. Personal data may be shared with these advisers as necessary in connection with the services they have been engaged to provide;
2. when explicitly requested by you;
3. when required to deliver publications or reference materials requested by you;
4. when required to facilitate conferences or events hosted by a third party;
5. To law enforcement, regulatory and other government agencies and to professional bodies, as required by and/or in accordance with applicable law or regulation. PwC may also review and use your personal information to determine whether disclosure is required or permitted.

Retention of personal data

We retain personal data processed by us for as long as is necessary for the purpose for which it was collected.  Personal data may be held longer periods where extended retention periods are required by law or regulation and in order to establish, exercise or defend our legal rights.

Individuals’ rights and how to exercise them

You may have certain rights under your local law in relation to the personal information we hold about you. In particular, you may have a legal right to:

1. obtain confirmation as to whether we process personal data about you, receive a copy of your personal data and obtain certain other information about how and why we process your personal data
2. the right to request for your personal data to be amended or rectified where it is inaccurate (for example, if you change your address) and to have incomplete personal data completed
3. The right to delete your personal data in the following cases:
   1. the personal data is no longer necessary in relation to the purposes for which they were collected and processed;
   2. our legal ground for processing is consent, you withdraw consent and we have no other lawful basis for the processing;

• our legal ground for processing is that the processing is necessary for legitimate interests pursued by us or a third party, you object to the processing and we do not have overriding legitimate grounds;

1. you object to processing for direct marketing purposes;
2. your personal data has been unlawfully processed; or
3. your personal data must be erased to comply with a legal obligation to which we are subject.

1. The right to restrict personal data processing in the following cases:
   1. for a period enabling us to verify the accuracy of personal data where you contested the accuracy of the personal data;
   2. your personal data have been unlawfully processed and you request restriction of processing instead of deletion;

• your personal data are no longer necessary in relation to the purposes for which they were collected and processed but the personal data is required by you to establish, exercise or defend legal claims; or

1. for a period enabling us to verify whether the legitimate grounds relied on by us override your interests where you have objected to processing based on it being necessary for the pursuit of a legitimate interest identified by us.

1. The right to object to the processing of your personal data in the following cases:
   1. our legal ground for processing is that the processing is necessary for a legitimate interest pursued by us or a third party; or
   2. our processing is for direct marketing purposes.
2. The right to data portability
   1. The right to receive your personal data provided by you to us and the right to send the data to another organization (or ask us to do so if technically feasible) where our lawful basis for processing the personal data is consent or necessity for the performance of our contract with you and the processing is carried out by automated means.
3. The right to withdraw consent
   1. Where we process personal data based on consent, individuals have a right to withdraw consent at any time. We do not generally process personal data based on consent (as we can usually rely on another legal basis).

Unsubscribe & Update of Personal information

When requested and practicable, you may update your personally identifiable information by approaching your employer or educational institute as the case may be. When personally identifiable information is retained by PwC, PwC assumes responsibility for keeping an accurate record of the information once a user has submitted and verified the data. PwC does not assume responsibility for verifying the ongoing accuracy of the content of personally identifiable information. When practically possible, if PwC is informed that any personally identifiable information collected through the Solution is no longer accurate, PwC will make appropriate corrections / deletions based on the updated information provided by the authenticated user. Personally identifiable information including sensitive personal information if any provided to PwC through the Solution is provided voluntarily by you. Should you subsequently choose to withdraw your consent in respect of your personal information then you may do so any time by sending an email to XXX@pwc.com Deleting the Solution from your device will remove your preferences, content saved for off-line reading and any contacts you marked as a favorite.  Deleting the Solution without sending an email to XXX@pwc.com, intimating withdrawal of your consent, will not construe withdrawal of your consent. You may also contact us with any questions about the Solution at XXX@pwc.com.

Complaints

Please to exercise a legal right in relation to your personal data, or an if you have a question or complaint about handling of your personal data

You may also have the right under applicable law to lodge a complaint with your local data protection regulator.

Changes to this privacy statement

We may update this privacy statement at any times by publishing an updated version here. So, you know when we make changes to this privacy statement, we will amend the revision date at the top of this page. The new modified or amended privacy statement will apply from that revision date. Therefore, we encourage you to review this privacy statement periodically to be information about how we are protecting your information.