Privacy Policy Statement

Last Updated: 8th Dec 2023

CitiusTech Inc., all its affiliated companies including its parent company CitiusTech Healthcare Technology Private Limited (collectively known as “CitiusTech”) understand and recognize the importance of individual and personal data privacy. This Privacy Policy covers how we collect, use, disclose, transfer, and store personal data shared with us.

CitiusTech Inc. along with its affiliated companies namely FluidEdge Consulting LLC, SDLC Management Inc., SDLC Partners LP, Cylumena LLC and Wilco Source LLC complies with the EU-U.S.DPF (Data Privacy Framework), UK Extension to the EU-U.S. DPF (Data Privacy Framework), and Swiss-U.S. DPF (Data Privacy Framework) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, the United Kingdom and Switzerland to the United States, respectively. CitiusTech has certified to the Department of Commerce that it adheres to the Data Privacy Framework program. CitiusTech adheres to the data protection principles of: notice, choice and consent, onward transfer, security, data integrity, access, and enforcement. If there is any conflict between the terms in this privacy policy and the Data Privacy Framework Program, the Data Privacy Framework Program shall govern.

Note: This privacy policy is also applicable for all other CitiusTech entities/affiliates, besides those listed above, as applicable irrespective of their geographic locations.

For more information about the EU-U.S.DPF (Data Privacy Framework), UK Extension to the EU-U.S. DPF (Data Privacy Framework), and Swiss-U.S. DPF (Data Privacy Framework) or to access CitiusTech certification statement, please visit Home (dataprivacyframework.gov).

 

  1. Scope of the Privacy Policy Statement

 

This Privacy Policy applies to information we collect when you use our website and other products and services, or when you otherwise interact with us, including when you attend events hosted or attended by CitiusTech and when you contact us for customer support.

This Privacy Policy also applies to the personal information that is collected in connection with a job application / enquiry; from existing / potential employees; contractors and suppliers to carry out CitiusTech’s obligations in the field of employment laws; ensuring the safety, security, and protection of its employees/ contractors, other workers and visitors, and CitiusTech resources and assets; crime/fraud detection and prevention, security, auditing, data analysis and data storage; protecting CitiusTech’s legal rights, and compliance with governmental, legislative, and regulatory requirements; internal business processes and management or to process the services received or purchased.

CitiusTech may act as a processor of personal data on behalf of its customers while providing software development and application implementation services to them. In providing these services to its business customers, CitiusTech may receive personal information from India, USA, Canada, EU, UK, EEA, Switzerland and other geographies. CitiusTech does not own or have independent rights to control the use of the personal data it processes on behalf of its customers; it acts solely on the instructions of its customers.

We do not sell your personal information to third parties; however, we may share your personal information with approved third parties as described in this privacy policy. If you have any questions about our privacy practices, please refer to ’Contact Us‘ section for information about how to contact us.

This Policy does not cover data of individuals through which individuals are no longer identifiable, or are identifiable only with a disproportionately large expense in time, cost or labor, or data combined with pseudonyms rather than actual names or other identifiable information.

By visiting the CitiusTech website or submitting your personal information, you accept the terms described in this Privacy Policy.

 

  1. Collection of Personal and Other Information

 

CitiusTech collects “Personal Information” for specific and limited purposes.  When we, our clients or our suppliers collect Personal Information, the individuals will be informed of these purposes, and they will be offered choices and means, if any, to limit the use and disclosure of that Personal Information.  We, our clients or our suppliers will endeavor to provide such notice in clear and conspicuous language when individuals are first asked to provide Personal Information or as soon as practicable thereafter.

The Company may also collect “Other information” relating to your use of our website through the use of various technologies including cookies, and web analytics tools.  For more details on this please refer to our Cookie policy below.

From time to time, we may also collect information that pertains to you indirectly, through other sources such as list vendors or customers. When we do so, we ask the vendors to confirm that the information was legally acquired, that we have the right to use it and our permitted uses.

 

  1. Retention, Use and Sharing of Personal Information

 

We will retain your personal information for the period necessary to fulfil the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law.

CitiusTech will offer an individual the opportunity to choose (opt-out) whether personally identifying information about them will be disclosed to a third party or used for a purpose incompatible with the purpose for which it was originally collected or subsequently authorized by them, unless such choice is not required by law. For Sensitive Personal Information, CitiusTech will seek affirmative or explicit (opt-in) consent before the Sensitive Personal Information is disclosed to a third party or used for a purpose other than its original purpose or the purpose authorized subsequently by the individual. We use the personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual and the client. CitiusTech will take reasonable steps to ensure that the personal information is relevant to its intended use, accurate, complete, and current.

We may also use and / or share with third & other parties the personal information and other information as described below-

  • We may use the personal information and other information to solicit your feedback and / or to inform you about our products and services. While using this information, we will not be using it for any type of discrimination against your rights.
  • We may employ other companies and individuals to perform functions on our behalf. Examples may include providing technical assistance, customer service, execution of subcontracted work, and assistance in background verification checks, recruitment, travel booking, visa processing, payment processing, employment & employment benefit processing for its employees and contractors, etc. These other companies will have access to the personal information and other information only as necessary to perform their functions and to the extent permitted by law and no other purpose. In addition, we will obtain assurances from our agents that they will safeguard the personal information and other information consistent with this Privacy Policy and applicable law.  If we learn that an agent is using or disclosing personal information or other information in a manner contrary to this Privacy Policy, we will take reasonable steps to prevent or stop such unauthorized use or disclosure.
  • In an ongoing effort to better understand visitors to our website and / or our products and services, we may analyze the other Information in aggregate form in order to operate, maintain, manage, and improve the website and / or our products and services. This aggregate information does not identify individuals personally.  We may share this aggregate data with our affiliates, agents, and business partners. We may also disclose aggregated user statistics in order to describe our products and services to current and prospective business partners and to other third parties for other lawful purposes.
  • To the extent permitted by law, we may also disclose the personal information and other information:
    1. to government and regulatory agencies in connection with our seeking regulatory approval for our products;
    2. in response to lawful requests by public authorities, including to meet national security or law enforcement requirements;
    3. if CitiusTech is acquired by or merged with another company, or
    4. it is necessary or advisable to protect the rights, property, or safety of CitiusTech or others.

 

  1. International Transfers

 

You should note that CitiusTech is a global organization with business processes, management structures and technical systems that cross borders. As such, we may share information about you within our corporate group of companies and transfer it to countries (including USA, Canada, EU, UK, EEA, Switzerland etc.) in the world where we do business in connection with the uses identified above and in accordance with this Privacy Policy. Our Privacy Policy and our practices are designed to provide a globally consistent level of protection for personal information.

By using the website and by providing us personal information in any manner, you consent to this transfer and our use of the information and data provided by you in accordance with this Privacy Policy.

 

  1. Children’s Privacy

 

This website is not directed to children under the age of eighteen and we do not knowingly collect personal information from children under the age of eighteen on the website. If we become aware that we have inadvertently received personal information from a visitor under the age of eighteen on the website, we will delete the information from our records.

 

  1. External Websites

 

To allow you to interact with other websites on which you may have accounts (such as Facebook and other social media sites) or join communities on such sites, we may provide links or embed third-party applications that allow you to login, post content or join communities from our websites. We may also provide you with general links to other external websites.

CitiusTech has no control over the privacy practices or the content of those websites and third-party applications, and is therefore not responsible for their content or their privacy policies. You should check the applicable third-party privacy policy and terms of use when visiting any other websites or links.

 

  1. Anti-Spam Policy

 

CitiusTech recognizes the receipt, transmission or distribution of spam emails (unsolicited bulk emails) as a major concern and has taken reasonable measures, to minimize the transmission and effect of spam emails in its computing environment. CitiusTech reserves the right to reject and/or report any suspicious spam emails, to the authorities concerned, for necessary action, from time to time.

 

  1. Accessing and Modifying Information and Communication Preferences

 

We acknowledge the individual’s right to access their Personal Data. We shall allow an individual access to their Personal Data and allow the individual to correct, amend or delete their information, except where the burden or expense of providing access would be disproportionate to the risks to the privacy of the individual in the case in question or where the rights of persons other than the individual would be violated or it violates rights of CitiusTech w.r.t. meeting its contractual or legal obligations.

Upon request, CitiusTech will grant individuals reasonable access to personal information that we and our agents hold about them. In certain cases, you may have the ability to view or edit your personal information online. In the event your information is not accessible online, and you wish to obtain a copy of particular information you provided to CitiusTech, or if you become aware the information is incorrect and you would like us to correct it, contact us.

To submit the request to know, correct, amend, delete your information or to opt-out, you can contact our DPO by emailing us at grc@citiustech.com with “PRIVACY POLICY” in the subject line.

We will reply to your access request within 30 days of receiving the request. In order to provide you with any information or correct any inaccuracies, we may ask you to verify your identity.

We may need additional response time of maximum 30 days, if:

  1. responding to the request within the original 30 days would unreasonably interfere with our internal activities;
  2. CitiusTech needs additional time to conduct consultations / seek vendor support; or
  3. to convert personal information to requested format.

If CitiusTech extends this response time, we will notify you within 30 days of receiving the request, and advise you about your rights to complain to the regional government privacy authority of your country.

The Company will abide by any request from an individual not to use his/her personal data for direct marketing purposes and shall do so free of charge to the individual. If you no longer wish to receive marketing or subscription e-mails from CitiusTech, follow the unsubscribe instructions included at the bottom in each marketing email.

 

  1. Information Security and Accuracy

 

We take commercially reasonable steps to protect the personal information and other information from loss, misuse, unauthorized access, disclosure, alteration, or destruction. CitiusTech has implemented physical, technical and administrative procedures which are designed to safeguard and secure such data from loss, misuse, unauthorized access or disclosure, alteration or destruction. We also require that our suppliers protect such information from unauthorized access, use and disclosure.

Please understand, however, that no security system is impenetrable.  We cannot guarantee that the information that you supply will not be intercepted while being transmitted to and from us over the Internet.  In particular, e-mail sent to or from the website may not be secure and you should therefore take special care in deciding what information you send to us via e-mail.

When acting as an agent processing personal data under the direction of its customers, CitiusTech adheres to the EU-U.S.DPF (Data Privacy Framework), UK Extension to the EU-U.S. DPF (Data Privacy Framework), and Swiss-U.S. DPF (Data Privacy Framework) for processing personal data received from the EEA, UK, EU and Switzerland and keeping it secure. Likewise, CitiusTech ensures that its sub-processors also adhere to the EU-U.S.DPF (Data Privacy Framework), UK Extension to the EU-U.S. DPF (Data Privacy Framework), and Swiss-U.S. DPF (Data Privacy Framework) while processing personal data received from CitiusTech.

 

  1. CitiusTech Cookie Policy

 

Following is the information about how CitiusTech Inc., all its affiliated companies including its parent company CitiusTech Healthcare Technology Private Limited (collectively known as “CitiusTech” or “We”) use cookies and other similar technology on this website (“our website”).

By continuing to use our website, you agree that we can place cookies and other similar technology like web analytics on your devices, including mobile and other devices. By continuing to access this website, you agree that the following information may be collected: your unique device identifier, device IP address, browser type, information about your device’s operating system, mobile carrier, access time and / or viewed pages within our website and your location information (to the extent permissible under applicable law).

 

10.1 What are cookies and similar technologies?

 

A cookie is a piece of data that a web site can send to your browser, which may then be stored on your computer as a tag that identifies your computer / device. Cookies can measure web site usage, allow for ease of navigation for the user, personalize a known visitor’s experience to a web site by being associated with profile information or user preferences. A web analytic tool allows a web site to collect or transfer information such as whether or not a link has been accessed and what pages within the website have been visited.

  • Cookies & Analytics – Following cookies are being used on pages of CitiusTech website & other apps for tracking page visits and visitors. Also, we use their analytics feature to measure conversion and for tracking campaign effectiveness.
    1. HubSpot
    2. Google
    3. LinkedIn
    4. Twitter
    5. Facebook
    6. Instagram

 

10.2 How and why does our website use cookies?

 

When you use and access our website, we may place cookie files in your web browser.

We use cookies and similar technologies for the following purposes: to enable certain functions of our website, to provide analytics, to store your preferences and to enable advertisements delivery, including behavioral advertising.

 

10.3 Combining and analyzing personal data

 

The cookies we use don’t collect information that personally identifies a visitor. However, we may combine data from publicly available sources, and from our different e-mail, website, and personal interactions with you (this includes information collected across our different websites such as our careers and corporate sites and information collected when you sign-up or log on to our sites or connect to our sites using your social media credentials (such as LinkedIn). We combine this data to better assess your experience with our website and to perform the other activities described throughout our privacy policy.

We may use essential cookies to authenticate users and prevent fraudulent use of user accounts, if any.

 

10.4 Third party cookies

 

In addition to our own cookies, we may also use various third-parties’ cookies to report usage statistics of our website, deliver advertisements on and through our website, and so on.

 

10.5 How can you turn off cookies?

 

You can set your browser to notify you before you receive a cookie, giving you the chance to decide whether to accept it or not. You can also generally set your browser to turn off cookies. Please note, however, that if you delete cookies or refuse to accept them, it will have an impact on your user experience, as parts of our website may no longer work and / or you might not be able to use all of the features that we offer on our website. You can know more about managing cookies through by visiting the following websites:

All About Cookies: http://www.allaboutcookies.org/

Network Advertising Initiative: http://www.networkadvertising.org/

 

  1. Enforcement and Dispute Resolution

 

We use a self-assessment approach to assure compliance with this Privacy Policy and periodically verify that the policy is accurate, prominently displayed, completely implemented and accessible.

In compliance with the Data Privacy Framework Program, CitiusTech commits to resolve complaints about our collection or use of your personal information.  European Union, UK and Swiss individuals with inquiries or complaints regarding our Data Privacy Framework Program should first contact CitiusTech by emailing us at grc@citiustech.com with “PRIVACY POLICY” in the subject line.

CitiusTech has further committed to cooperate with the panel established by the EU Data Protection Authorities (DPAs) (Our Members | European Data Protection Board (europa.eu)), UK Information Commissioner’s Office (ICO) (UK Extension to the EU-US Data Privacy Framework complaints tool | ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) (Homepage (admin.ch)) with regard to unresolved Data Privacy Framework Program both non-human and human resources data transferred from the EU, UK Extension and Switzerland in the context of the employment relationship. These services are provided at no cost to you.

CitiusTech commit to cooperate with EU DPAs for EU-U.S.DPF (Data Privacy Framework), UK ICOs for UK Extension to the EU-U.S. DPF (Data Privacy Framework) and with the FDPIC for Swiss-U.S. DPF (Data Privacy Framework) and comply with the advice given by EU DPA, UK ICO and FDPIC with regard to onward transfers of personal data from the UK, EU and Switzerland, including onward transfer liability provisions, relating to transfers of data to a third party acting as an agent on its behalf. We also commit to binding arbitration at the request of the individual to address any complaint that has not been resolved by other recourse and enforcement mechanisms.

Refer these links on Data Privacy Framework Program website for additional information on this:

Home (dataprivacyframework.gov)

The Federal Trade Commission (Federal Trade Commission | Protecting America’s Consumers (ftc.gov)) has jurisdiction over CitiusTech’s compliance with the Data Privacy Framework.

 

  1. Updates to the Privacy Policy Statement and Notification of Changes

 

We may change this Privacy Policy from time to time, and we will notify you by revising the last updated date at the top of the policy. If we are going to use your personal information in a manner different from that stated at the time of collection, we will notify you, and you will have a choice as to whether or not we can use your personal information in such a way.

 

  1. Contact Us

 

If you have any questions or comments about this Privacy Policy Statement or about handling of your information, you can contact our DPO by emailing us at grc@citiustech.com with “PRIVACY POLICY” in the subject line.