PRIVACY POLICY

Latest Update : 10/07/2024

General Information

We, at Griffin Nagda & Company and our subsidiaries (collectively, “we” or the Company” or “Griffin Nagda “), respect the privacy of anyone who chooses to provide us with their individually identifying or identifiable information (“Personal Information”), and we are committed to protect their privacy.
This Privacy Policy (“Privacy Policy” or “Policy”) describes, among other things, the types of information we may collect, how that information may be used, and with whom the information may be shared. This Privacy Policy applies to our Website and Portal whenever you use or interact with our website https://www.griffinnagda.com/ (the “Website”), and to information collected and processed through our SaaS based portal https://ciblogin.com (the “Software”), or the services we provide including any content or material provided thereon (collectively with the Software, the “Services”), as well as contact information we collect from vendors and partners for the purpose of management and execution of the respective engagements.

If you do not agree to this Policy, please avoid using our Website, Software or Services. You are not legally required to provide us with any Personal Data, but without it we will not be able to provide you with the best experience. We encourage you to read this Privacy Policy carefully and use it to make informed decisions.

What Information Do We Process and How We Collect It?

1) Contact Information-

When using the Website https://complianceinbox.com/contact or when we receive the business contact information from ciblogin portal https://ciblogin.com/Login. We may collect Personal Information, such as your name, address, telephone number and email address (“Contact Information”). We do not require that visitors to our Website provide us with Contact Information and you may visit our Website anonymously (by using the ‘Incognito’ status on your browser). In this case, we do not collect Contact Information when you visit our website, unless you choose to provide it to us (however, we do collect certain Online Identifiers, as described below). The decision to provide Contact Information is voluntary and you may withdraw your consent at any time by contacting us in one of the ways described in the ‘How to contact us’ section below. However, if you do not provide the Contact Information requested, you may not be able to proceed with the activity or enjoy the full experience of our Website and portal.

 

2) We collect Contact Information of the relevant personnel of our clients, business partners, service providers and vendors, in the course of our respective engagements and for the purpose of management and execution of such engagements.
How Do We Use the Information We Collect?

The information we collect, which may include Personal Information, is used for legitimate business purposes, only to the extent required or otherwise reasonably necessary for one or more of our functions or activities, and while maintaining the right to privacy. Such legitimate business purposes include:
Conducting our business (such as, reaching out to prospective clients).

  • Setting up our client’s account at ciblogin.com and providing our Services to them.
  • Setting up our client’s account and providing our Services to them via ciblogin.
  • Performing research, technical diagnostics and analytics with regard to the Website and portal.
What Are the Legal Bases for Processing Of Personal Information?

We will process Personal Information based on either of the following legal bases, each of which is prescribed by relevant data protection laws. Performance of a contract, compliance with a legal obligation: We process Personal Information where it is necessary for the performance of our contract with you, or in order for us to comply with our various legal and/or regulatory responsibilities.
Legitimate interests: We also process Personal Information where we deem such processing to be in our (or a third party’s) legitimate interests and provided always that such processing will not prejudice your interests, rights and freedoms. Examples of our processing in accordance with our legitimate interests would include:

  • where we disclose Personal Information to any one or more of our associate companies Like https://www.griffinnagda.com/
  • processing for the purposes of ensuring network and information security, including preventing unauthorized access to our electronic communications network.
  • sharing personal information with our advisers and professional services providers (such as auditors).

Consent

On certain occasions we may ask for your consent to processing Personal Information. In these instances, your Personal Information will be processed in accordance with such consent, and you will be able to withdraw this consent in writing at any time (for further information, see “WHAT ARE YOUR RIGHTS” section below).
n we receive the business contact information from ciblogin portal https://ciblogin.com/Login. We may collect Personal Information, such as your name, address, telephone number and email address (“Contact Information”). We do not require that visitors to our Website provide us with Contact Information and you may visit our Website anonymously (by using the ‘Incognito’ status on your browser). In this case, we do not collect Contact Information when you visit our website, unless you choose to provide it to us (however, we do collect certain Online Identifiers, as described below). The decision to provide Contact Information is voluntary and you may withdraw your consent at any time by contacting us in one of the ways described in the ‘How to contact us’ section below. However, if you do not provide the Contact Information requested, you may not be able to proceed with the activity or enjoy the full experience of our Website and portal.

Cookies And Tracking Technologies

We may use cookies and other tracking technologies to collect and store your information. Specific information about how we use such technologies and how you can refuse certain cookies is set out in our cookie policy griffinnagda.com/cookie-policy

International Data Transfer

Since we operate globally, it may be necessary to transfer, store and process Personal Information in other countries in which we or our affiliates, subsidiaries or service providers (including the sub-processors) maintain facilities, such as the United States, Israel, the European Union and the United Kingdom. The data protection and other laws of these countries may be different than those in your jurisdiction of residence.

How Long Do We Retain the Information We Collect?

Unless you instruct us otherwise for justified reasons, we retain the Personal Information we collect for as long as needed to manage our business and provide our services (including marketing communications, as described herein) and to comply with our legal obligations, resolve disputes and enforce our agreements (including exercising any of our rights under our agreements, such as audit and record-keeping). Our default retention policy is an 8-year as per Laws.

How Do We Safeguard Your Information?

We are committed to making reasonable efforts, in accordance with market best practices and legal requirements, to ensure the Security, Confidentially and Integrity of the Personal Information. We take great care in implementing and maintaining the security of our website, software and anywhere the Personal Information is stored. Access to the Personal Information is based on the ‘least to know’ concept together with role-based access control systems, ensuring only authorized access to the Personal Information. We employ market best practice security measures to ensure the safety of the Personal Information and prevent unauthorized use of any such information. Although we take steps to safeguard such information, we cannot be responsible for the acts of those who gain unauthorized access or abuse our software, and we make no warranty, express, implied or otherwise, that we will prevent such access. If a password is used to help protect your accounts and Personal Information, it is your responsibility to keep your password confidential. For further information about our privacy and security practices.

What are your rights?

We acknowledge that different people have different privacy concerns and preferences. Our goal is to be clear about what information we collect so that you can make meaningful choices about how it is used. We allow you to exercise certain choices, rights, and controls in connection with your Personal Information. Depending on your relationship with us, your jurisdiction and the applicable data protection laws that apply to you, you have the right to control and request certain limitations or rights to be executed.

California Residents

California Civil Code Section 1798.83, also known as the “Shine the Lights” law permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information if we disclosed to third parties for direct marketing purpose. If you are a California resident and would like to make such a request, please submit your request in writing to us using the contact information provided below.

CCPA Privacy Notice

his section applies only to California Residents, Under the California Consumer Privacy Act(CCPA), You have the rights listed below.
The California code of regulations defines a “residents” as

Every residents who is in the State of California for other than a temporary or transitory purpose.
Every individuals who is domiciled in the State of California who is outside the State of California for a temporary or transitory purpose.
All other individuals are defined as “Non-residents”

Rights Under CCPA

The right to know and access what Personal Information the business has collected-

The right to know and access what Personal Information we collected, including the categories of Personal Information, the sources from which the Personal Information is collected, the business or commercial purpose for collecting, selling, or sharing Personal Information, the categories of third parties to whom we disclose Personal Information, and the specific pieces of Personal Information we collected about you.

Deletion Rights-

The right to delete Personal Information that we collected from you, subject to certain exceptions.

Correct Inaccurate Data-

The right to correct inaccurate Personal Information that we maintain about you.

Opt-Out of Sharing for Cross-Contextual Behavioral Advertising-

You have the right to opt-out of the “sharing” of your Personal Information for “cross- contextual behavioral advertising” (all as defined under the CCPA), often referred to as “interest-based advertising” or “targeted advertising”.

Opt-out from selling-


The right to opt-out of the “sale” or “sharing” (as defined under the CCPA) of Personal Information.

Limit the Use or Disclosure of Sensitive Personal Information (SPI)-

You have the right to request to limit the collection of your SPI to that use which is necessary to maintain our Service.

Non-Discrimination-

The right not to receive discriminatory treatment by us for exercising your privacy rights, including denying goods or services, charging different prices or rates for goods or services, providing a different level or quality of goods or services, etc.

We may, however, charge different prices or rates, or provide a different level or quality of goods or services, if that difference is reasonably related to the value provided to us by your Personal Information.

Data Portability-

You may request to receive a copy of your Personal Information, including specific pieces of Personal Information, including, where applicable, to obtain a copy of the Personal Information you provided to us in a portable format.

Minors


Our website, products and services are all directed and designated to people who are above the age of majority (as determined under the applicable laws where the individual resides). If you have any reason to believe that a minor has shared any Personal Information with us, please contact us as set forth below.

Update or Amendments to the Privacy Policy

We may revise this Privacy Policy from time to time, in our sole discretion, and the most current version will always be posted on our website. We encourage you to review this Privacy Policy regularly for any changes. In the event of material changes to this Privacy Policy, that affect the use of our SaaS based software, we will inform of such change in the CibPortal for customers. The continued use of our SaaS software, following the notification of such amendments, constitutes acknowledgement and consent of such amendments to the Privacy Policy.
e of majority (as determined under the applicable laws where the individual resides). If you have any reason to believe that a minor has shared any Personal Information with us, please contact us as set forth below.

How to contact Us

If there are any questions regarding this Privacy Policy or the information that we collect about you, or if you feel that your privacy was not treated in accordance with this Privacy Policy,
you may contact our Data Protection Officer at:privacy@griffinnagda.com
or at

Address:

P.O. Box 1400 Dubai – U.A.E.