Policies, Terms and Conditions

Heuristix Digital Technologies Private Limited and its subsidiaries (collectively referred to as, “Heuristix” or “We” or “us” or “our”) operate the www.disprz.com website, to provide various products and services directly or through their affiliates and/or group companies, partners, reseller, etc, towards enabling organization-wide skilling (the “Services”) under the brand name “Disprz.”

If you choose to use our Services, then you consent to the collection and use of your personal data in accordance with this privacy statement. Personal data handling refers to any activity that involves the use of your personal information, such as its collection, storage, retrieval, use, disclosure, and destruction. This includes, but is not limited to, the processing of your name, email address, phone number, job title, and any other personal information that you may provide to us. The consent for your personal data handling is received through the contractual agreement, established with your employer (directly and/or indirectly) for the Services to you as end-user or through your log-in to our services. If you wish to revoke your consent, you may contact your employer, who will in-turn work with us to process your request for consent revocation.

This privacy statement is used to inform our website visitors and subscribers to our services regarding our policies with respect to the collection, storage, use, and disclosure of personal data if anyone decides to use our Services, whether through the Disprz application, hosted on any disprz.com sub-domain (e.g., abc.disprz.com) or your white labelled domain (e.g., academy.yourdomain.com) or any other services that we offer (collectively “the Platform”).

We collect the following personal data from you (“collective data list”):

• Personal identification information, including, name, email address, phone number, picture, designation within your organisation, location, employee code, reporting manager, and public profile (whether by linking to a social media profile or any other document);
• Other information including leadership role, cadre within the organization, industry persona, department, internal teams, and private documents such as psychometric assessments;
• Log data, which includes your computer’s Internet Protocol address, browser version, pages of our Services that you visit, the time and date of your visit, the time spent on those pages, and
• Biometric data if your organization has opted for fingerprint, facial and iris recognition as an authentication requirement to access our Services.

You directly provide us with most of your personal data from the collectible data list. We collect and process personal data when you: 

• Register online for our Services;
• Use or view our website (www.disprz.com), any disprz.com sub-domain (e.g., abc.disprz.com) or your white labelled domain (e.g., academy.yourdomain.com), via your browser’s cookies; and

We may also receive your personal data indirectly from your employer to render the Services to your employer as per the contractual arrangement we have, either directly or indirectly. 

We collect your personal data so that we can: 

• contact or identify you; and
• generate notifications through email / SMS to share with you about Platform and Services

We may also employ third-party companies and individuals for the following:

• To facilitate the Services;
• To provide the Services on our behalf;
• To perform subcontracted support services to facilitate our Services; or
• To assist us in analysing how our Services are used. 

We use cloud services providers and ticketing helpdesk providers to enable a seamless Services available to you. However, please note that we do not share your personal data with any third parties except to the extent required for them to perform the subcontracted services and they do not have access to your personal data, unless required under any contractual or legal requirement to enable the Services available to you. If your personal data is shared with third party due to legal or contractual requirement, this activity would be covered in the agreement established with your employer. 

We securely store your personal data in our servers located at respective regions of cloud service providers (AWS, Azure and Google Cloud Platform). To render the Services as agreed under the contractual arrangement we may agree to transfer your personal data as per contractual terms and conditions. We have implemented industry standard information security mechanisms to protect your personal data as per the contractual terms and conditions with your employer. We adopt the following security precautions to ensure the safety of your personal data: 

• Industry standard security protocols for data communication
• Data storage encryption standards
• End to end data encryption in transit
• Identity, Authentication, Authorization, Accounting and Auditing standards
• Infrastructure and physical security standards in order to ensure the physical security of our servers and the facilities that house them. This includes implementing access control, surveillance, and environmental controls to prevent unauthorized access, damage, or interference. We also work with our cloud service providers to ensure that their facilities meet industry standard physical security requirements.

We will store your personal data for the contractual period with your employer, unless mandated by your employer to be kept for back-up purposes. Once this time period has expired, we will delete and/or purge your data within three (3) months after the contract expiry date or within three (3) months after your account is unregistered from Disprz platform.

We do not use your personal data for any marketing purposes, unless otherwise stated for limited communication related to our upgrades related to our Services that you or your employer has already subscribed to.

We would like to ensure that you are fully aware of your data protection rights, which are as follows:

• Right to be informed: You have the right to request us to inform you of what personal data of yours is being collected, how such personal data is being used, how long it will be kept, and whether it will be shared with any third parties or not.
• Right to access: You have the right to request us for copies of your personal data. We may charge you a small fee for this service.
• Right to rectification: You have the right to request us to correct any information pertaining to your personal data, you believe is inaccurate. You also have the right to request us to complete the information you believe is incomplete.
• Right to erasure: You have the right to request us to erase your personal data, under certain conditions.
• Right to restrict processing: You have the right to request us to restrict the processing of your personal data, under certain conditions.
• Right to object to processing: You have the right to object from us processing your personal data, under certain conditions.
• Right to data portability: You have the right to request us from transferring your personal data that we have collected from you to another organization, or directly to you, under certain conditions.
• Right related to automated decision making, including profiling: You have the right to ask us to provide a copy of our automated processing activities if you believe your personal data is being processed unlawfully.
• Right to opt-out of data sharing or sales: You have the right to opt out of the sale or sharing of your personal data with third parties. This ensures that your personal data is not shared or sold without your explicit consent, particularly for targeted advertising or other commercial purposes.
• Right to nominate a data fiduciary: This right allows you to nominate another person (like a legal heir or trustee) to exercise certain data rights on your behalf, such as accessing or managing your personal data, especially in circumstances where you might not be able to do so yourself.

If you make a request, we have 1 (one) month to respond to you. If you wish to exercise any of these rights, please contact us at our email: privacy@disprz.com with a copy to dpo@disprz.com

We use cookies and similar tracking technologies on our website to collect and analyse information about your use of our website and to personalize your experience. Cookies are small data files that are placed on your device when you visit a website. They allow us to recognize your device and remember your preferences and actions, such as your login information, language preference, and other settings.

We may use the following types of cookies on our website:

• Essential cookies: These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you, such as setting your privacy preferences, logging in, or filling in forms.
• Performance cookies: These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our website. They help us to know which pages are the most and least popular and see how visitors move around the site.
• Functionality cookies: These cookies enable the website to provide enhanced functionality and personalization. They may be set by us or by third-party providers whose services we have added to our pages.
• Targeting cookies: These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant ads on other sites.

We may also use other tracking technologies, such as web beacons and pixel tags, which are small graphic images that allow us to monitor the use of our website and collect information about your browsing behaviour.

You can control your preferences for cookies and tracking technologies on our website by adjusting your browser settings. However, please note that disabling certain cookies may limit your ability to use certain features of the website.

By using our website, you consent to the use of cookies and tracking technologies as described in this policy. If you do not agree to the use of these technologies, you should not use our website. For further information, you may refer to our Cookie Policy

Our Services do not address anyone under the age of 16. We do not knowingly collect personal data from children under the age of 16 years. In case we discover that a child under the age of 16 years has provided us with personal data, we immediately delete this from our servers. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us so that we will be able to undertake necessary action.

Security
We value your trust in providing us your Personal Information, thus we are striving to use commercially acceptable means of protecting it. But remember that no method of transmission over the internet, or method of electronic storage is 100% secure and reliable, and we cannot guarantee its absolute security.

This website contains links to other websites. Our privacy notice applies only to our website (www.disprz.com), any disprz.com sub-domain (e.g., abc.disprz.com) or your white-labelled domain (e.g., academy.yourdomain.com), or the Platform and our Services, so if you click on a link to another website, please consider it as a must to read their privacy notice.

If you wish to raise a complaint on how we have handled your personal data, you can contact our Data Protection Officer who will investigate this further. Please contact us using the following email dpo@disprz.com 

If you are dissatisfied with this policy or you have any further queries about our data protection procedures or wish to lodge a complaint, please contact us in the first instance. Thereafter you have the right to submit a complaint to the Supervisory Authority within your respective geographies, as applicable, some of the supervisory authority details are detailed below:

• UK: Information Commissioner’s Office (ICO) at https://ico.org.uk/global/contact-us/. Alternatively, you may also approach the regulatory authority with jurisdiction at your location. More information about your legal rights can be found on the Information Commissioner’s website at https://ico.org.uk/for-the-public/
• Singapore: Personal Data Protection Commission (PDPC) at https://www.pdpc.gov.sg/Complaints-and-Reviews . Alternatively, you may also approach the regulatory authority with jurisdiction at your location. More information about your legal rights can be found on the PDPC’s website at https://www.pdpc.gov.sg/
• Malaysia: Personal Data Protection Commissioner (PDPC)
• UAE: National Electronic Security Authority (NESA)
• KSA: Saudi Data and Artificial Intelligence Authority (SDAIA)
• Oman: Information Technology Authority (ITA)
• Australia: Office of the Australian Information Commissioner (OAIC). If you are a resident of Australia and you have a complaint, you may refer it to the office of the Australian Information Commissioner (“OAIC”). You can contact OAIC by visiting www.oaic.gov.au, through an email to enquiries@oaic.gov.au, by calling 1300 363 992, or writing to OAIC at GPO Box 5218, Sydney NSW 2001.
• EU: European Data Protection Board (EDPB) at https://edpb.europa.eu/about-edpb/about-edpb/members_en, If you are in the European Economic Area you may contact your local data protection authority. You can find details for your local data protection authority by visiting https://edpb.europa.eu/about-edpb/board/members_en, calling +32 2 299 11 11, or writing to Directorate-General for Justice and Consumers | European Commission at 1049 Bruxelles/Brussel, Belgium.
• USA: Federal Trade Commission (FTC)
• California: California Attorney General's Office
• Indonesia: Ministry of Communication and Information Technology (MCIT)
• Myanmar: Personal Data Protection Law (PDPL) Enforcement Commission
• Philippines: National Privacy Commission (NPC)
• South Africa: Information Regulator
• Egypt: National Telecommunications Regulatory Authority (NTRA)
• India: Indian Computer Emergency Response Team (CERT-In) under the Ministry of Electronics and Information Technology

We keep our privacy notice under regular review and place any updates on this web page. Thus, we advise you to review this page periodically for any changes. We will notify you of any changes by posting the new privacy notice on this page. These changes are effective immediately, after they are posted on this page. This privacy notice was last updated on 15th October 2024.

If you have any questions about this privacy policy or any questions, complaints or claims, please contact us at:

Email: privacy@disprz.com
Address: 
HEURISTIX DIGITAL TECHNOLOGIES PRIVATE LIMITED, 
Corporate & Technology Office 
6th Floor, Olympia Pinnacle, 
#1, S.No. 69/2A1,
S.No. 67/1-2A, New S.No. 67/4, 
Old Mahabalipuram Road
Okkiam Thuraipakkam Village
Thuraipakkam, Chennai 600097, Tamilnadu - India

You can contact our Data Protection Officer, Shajahan L, at dpo@disprz.com.