Privacy Policy

Effective Date: 01 January 2024

Introduction

Peoplescient Consulting LLP (hereinafter referred to as “the Firm”) is committed to protecting the privacy and security of data/ information collected from individuals/ companies/ clients who interact with our website, products, and services. This Data Privacy Policy outlines how we collect, use, disclose, and protect any data related to the client or the firm.

Scope

This policy applies to all employees/ associates/ retainers/ interns (part-time or full-time) (hereinafter referred to as “Users”) of Peoplescient Consulting LLP, including but not limited to executives, managers, and staff members, regardless of their position within the organization.

Policy Guidelines

System Accounts- 

1. Users are responsible for the security of data, accounts, and systems under their control. You are requested to exercise due diligence to protect sensitive information from unauthorized access or disclosure.
2. Users should keep passwords secure and should not share account or password information with anyone, including other personnel, family, or friends.

Prohibition of Storing Proprietary Information in Non-Company Environments-

1. Conducting company business that results in the storage of proprietary information in personal or non-company controlled environments is strictly prohibited.
2. This includes devices maintained by a third party with whom the company does not have a contractual agreement.
3. The use of an email account not provided by the company for business purposes is also prohibited.
4. You are prohibited from downloading any client-related file/ information or Peoplescient’s intellectual property from the drive until the same has been specifically asked to do so by the respective Client/ Reporting Manager. 
5. If you are required to download any file/ information to your desktop, the same has to be done only on the office laptop provided by Peoplescient and the download folder should be your Peoplescient shared OneDrive. Please note that upon completion of the work, any downloaded file has to be discarded from your desktop after uploading the final version in Google Drive.
6. You are not allowed to download/ store any client-related data or Peoplescient’s intellectual property in your personal e-mail account or personal desktops/laptops/PCs.

Company Assets- 

1. You are responsible for ensuring the protection of assigned company assets.
2. Laptops left at the company overnight must be properly secured or placed in a locked drawer or cabinet.
3. Promptly report any theft of company assets to your respective Reporting Manager.
4. All laptops must be secured with a password-protected screensaver. Set the automatic activation feature to 10 minutes or less. Lock the screen or log off and switch off the monitor when the device is unattended to prevent unauthorized access.
5. Avoid connecting to any third-party local networks or wifis from your official laptop which contains business information/ any information related to Peoplescient or its clients.
6. Restrain from discussing Client information and any data received from the client with any of your friends, relatives, or family members.
7. You are not allowed to use your personal accounts (e-mail IDs, social media accounts, etc.) on the laptop provided by Peoplescient.

Network Usage-

1. Introducing malicious code, including but not limited to viruses, worms, Trojan horses, e-mail bombs, spyware, adware, and key loggers, is strictly prohibited. Employees must exercise caution to prevent the unintentional spread of such code.
2. Unauthorized scanning activities are prohibited. They may lead to unintended disruptions and compromise the security of the network.
3. Violation of copyright laws is strictly prohibited. Illegally downloading, duplicating, or transmitting copyrighted pictures, music, video, or software is expressly forbidden.
4. Causing a disruption of service to either the company or other network resources is prohibited. Any intentional actions that lead to the impairment of network functionality, availability, or performance are strictly prohibited.

Electronic Communications/ Email-

1. The following activities are strictly prohibited:
   1. Sending spam emails or other forms of unsolicited electronic communication.
   2. Forging, misrepresenting, obscuring, suppressing, or replacing a user identity on any electronic communication to mislead the recipient about the sender.
   3. Using company email or IP address to engage in conduct that violates company policies or guidelines.
   4. Posting to a public newsgroup, bulletin board, or listserv with a company email or IP address represents the company to the public; therefore, users must exercise good judgment to avoid misrepresenting or exceeding their authority in representing the opinion of the company.
2. You should promptly report all suspected security vulnerabilities or problems noticed with the email system to your respective reporting manager.
3. The company reserves the authority to intercept, disclose, or assist in intercepting or disclosing email communications when deemed necessary for security, legal, or regulatory reasons.
4. Users will not use any email account other than the one provided by the company for transacting official information unless such an exception has been specifically approved.
5. Confidential information will be secured before sending through email by way of compression, password protection, or other advanced cryptographic means.
6. All emails will adhere to the standard email signature policy as defined earlier.
7. The language used in emails should be consistent with other forms of business communications to maintain professionalism and clarity.

Internet Usage-

Users should not use Internet facilities to:

1. Download or distribute malicious software or tools or deliberately propagate any virus.
2. Violate any copyright or license agreement by downloading or distributing protected material.
3. Upload files, software, or data belonging to the company to any Internet site without authorization from the owner.
4. Share any confidential or sensitive information of the company with any Internet site unless authorized in writing by a Senior Associate/ Engagement Manager.
5. Post any company proprietary information or customer’s proprietary information on Internet share drives/Briefcase, public forums, newsrooms, or bulletin boards. Any violation will be subject to a disciplinary process that includes legal consequences.
6. Post remarks that are defamatory, obscene, or against the company. Users should not share company internal information on the internet.
7. Conduct illegal or unethical activities, including gambling, accessing obscene material, or misrepresenting the organization.
8. In case such misuse of Internet access is detected, the company can terminate the user’s account and take other disciplinary action.

Prohibited Activities- 

The following activities are strictly prohibited:

1. Access online media streaming sites (e.g., radio, music, and video broadcasts), other websites, and social networking sites unless they are work-related.
2. Create and post to personal blogs/ vlogs.
3. Create personal web pages.
4. Conduct a private online business, including dealing on eBay or similar sites, or share trading.
5. Accessing or installing unauthorized software.

Consequences of Non-Compliance:

Violation of this data privacy policy may result in disciplinary action, up to and including termination of employment. Additionally, if you are found guilty, you may face legal consequences, including fines and imprisonment under the Information Technology Act, 2000.

Review and Amendments:

This policy will be reviewed periodically to ensure its relevance and effectiveness. Amendments may be made as necessary, and users will be notified of any changes.

By adhering to this Information Technology Policy, you contribute to maintaining the integrity and reputation of Peoplescient Consulting LLP while upholding the highest level of ethical standards.