Biginius Consultancy Pvt. Ltd.

Placement Assistance Privacy policy

Welcome to Biginius.com Pvt. Ltd. This Privacy Policy describes how we collect, use, and disclose information about you when you use our placement services, website, mobile application, and other online products and services (collectively, the “Services”).

By accessing or using our Services, you agree to the terms of this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not use our Services.

1. Information We Collect

We collect information about you in various ways when you use our Services, including information you provide directly, information we collect automatically, and information we receive from third parties.

1.1 Information You Provide Directly:

  • Account Information: When you sign up for an account with us, we may collect your name, email address, phone number, and other contact information.
  • Profile Information: You may choose to provide additional information to complete your profile, such as your education, work experience, skills, and preferences.
  • Application Materials: We may collect information from you when you apply for job placements through our Services, including your resume, cover letter, and other relevant documents.
  • Communications: We collect information when you communicate with us or other users through our platform, such as messages, feedback, and reviews.

1.2 Information We Collect Automatically:

  • Usage Information: We collect information about how you interact with our Services, including your IP address, device information, browser type, pages visited, and other usage data.
  • Log Data: Our servers automatically record certain information when you use our Services, such as your access times, the duration of your visit, and the links you click on.
  • Cookies and Similar Technologies: We use cookies, web beacons, and other tracking technologies to collect information about your browsing activities and preferences.

1.3 Information We Receive from Third Parties:

  • Partners: We may receive information about you from third-party partners, such as employers, recruiters, and educational institutions.
  • Social Media: If you choose to connect your social media accounts to our Services, we may collect information from those accounts under your privacy settings.
2. How We Use Your Information

We use the information we collect for various purposes, including to:

  • Provide and improve our Services;
  • Match candidates with job opportunities;
  • Communicate with you about your account and our Services;
  • Customize your experience and preferences;
  • Analyze trends and user behavior;
  • Detect, prevent, and address technical issues;
  • Comply with legal and regulatory requirements; and
  • Protect the rights, property, and safety of our users and others.
3. How We Share Your Information

We may share your information with third parties for various purposes, including:

  • With employers and recruiters for job placements;
  • With service providers who assist us in operating our Services;
  • With affiliates and business partners for marketing and promotional purposes;
  • With third parties in connection with a merger, acquisition, or sale of assets; and
  • With law enforcement or other government agencies as required by law or to protect our rights.

We may also share aggregated or de-identified information that cannot reasonably be used to identify you.

4. Your Choices

You have certain choices about how we use and disclose your information:

  • Account Settings: You can update your account settings and preferences at any time by logging into your account.
  • Communications: You can opt out of receiving promotional emails from us by following the instructions in those emails. Please note that even if you opt-out, we may still send you non-promotional communications, such as those related to your account or transactions.
  • Cookies: Most web browsers are set to accept cookies by default. If you prefer, you can usually adjust your browser settings to disable or reject cookies. However, please note that some features of our Services may not function properly if cookies are disabled.
5. Data Security

Biginius.com Pvt. Ltd. (“Biginius.com,” “we,” “us,” or “our”) is committed to protecting the security and confidentiality of all data entrusted to us by our clients, users, employees, and other stakeholders. This Data Security Policy outlines the measures we implement to safeguard data against unauthorized access, use, disclosure, alteration, and destruction. Our data security practices are designed to comply with applicable laws and regulations and to maintain the trust and confidence of our stakeholders.

5.1  Scope

This Data Security Policy applies to all data collected, processed, stored, and transmitted by Biginius.com, including but not limited to:

  • Personal information of clients, users, employees, and job applicants;
  • Confidential business information and intellectual property;
  • Financial and payment information; and
  • Any other data that we collect or handle in the course of providing placement services and operating our business.

5.2 Data Security Principles

Biginius.com adheres to the following principles to ensure the security of data:

  • Confidentiality: We maintain the confidentiality of data by limiting access to authorized personnel only and implementing technical and organizational controls to prevent unauthorized disclosure.
  • Integrity: We ensure the integrity of data by implementing measures to prevent unauthorized alteration, modification, or destruction of data.
  • Availability: We ensure the availability of data by implementing measures to prevent unauthorized disruption or denial of access to data.
  • Compliance: We comply with all applicable laws, regulations, and industry standards related to data security and privacy.
  • Accountability: We hold ourselves accountable for the protection of data entrusted to us and regularly review and update our data security practices to address emerging threats and vulnerabilities.

5.3 Data Collection and Minimization

We collect and process data only for specified, explicit, and legitimate purposes, and we minimize the collection and retention of data to the extent necessary to fulfill those purposes. We do not collect or retain more data than is necessary for the provision of our placement services and the operation of our business.

5.4 Data Access Controls

Access to data is restricted to authorized personnel who have a legitimate need to access the data for business purposes. We implement access controls, such as user authentication, role-based access control (RBAC), and least privilege principles, to ensure that only authorized individuals can access specific data based on their roles and responsibilities.

5.5 Data Transmission and Encryption

We encrypt data in transit and implement secure communication protocols, such as Transport Layer Security (TLS) or Secure Sockets Layer (SSL), to protect data transmitted over networks. This applies to data transmitted between users and our servers, as well as data transmitted between our servers and third-party service providers.

5.6 Data Storage and Encryption

We encrypt data at rest to protect it from unauthorized access in storage. We use strong encryption algorithms and encryption keys to secure data stored on servers, databases, and other storage devices. Additionally, we implement access controls and monitoring mechanisms to detect and prevent unauthorized access to stored data.

5.7 Data Retention and Disposal

We retain data only for as long as necessary to fulfill the purposes for which it was collected or as required by law. Once data reaches the end of its retention period, we securely dispose of it using industry-standard methods, such as data deletion, shredding, or permanent erasure. We also implement data retention policies and procedures to ensure that data is retained and disposed of in compliance with applicable legal and regulatory requirements.

5.8 Data Breach Response

In the event of a data breach or unauthorized access to data, we have established procedures to respond promptly and effectively to mitigate the impact and prevent further unauthorized access. Our data breach response plan includes steps such as identifying the cause and extent of the breach, containing the breach to prevent further exposure, notifying affected individuals and authorities as required by law, and implementing remediation measures to prevent similar incidents in the future.

5.9 Employee Training and Awareness

We provide regular training and awareness programs to educate our employees about data security best practices, policies, and procedures. All employees are required to complete data security training upon hire and undergo refresher training periodically to stay informed about emerging threats and vulnerabilities. We also maintain records of employee training and compliance to ensure that all employees understand their responsibilities for protecting data.

5.10 Third-Party Security

We assess the security practices of third-party service providers that have access to data on our behalf and ensure that they implement appropriate safeguards to protect the confidentiality, integrity, and availability of data. We enter into data processing agreements or other contractual arrangements with third-party service providers to establish data security requirements and obligations.

5.11 Compliance Monitoring and Auditing

We conduct regular audits and assessments of our data security practices to ensure compliance with this Data Security Policy, applicable laws, regulations, and industry standards. Our audits may include technical assessments, vulnerability scans, penetration testing, and reviews of access logs and controls. We also cooperate with external auditors and regulatory authorities as needed to verify our compliance with data security requirements.

5.12 Continuous Improvement

We continuously monitor and evaluate our data security practices to identify areas for improvement and enhance our overall security posture. We review emerging threats, vulnerabilities, and best practices in data security and incorporate lessons learned from security incidents and breaches into our policies, procedures, and controls.

5.13 Reporting Security Incidents

We encourage all stakeholders, including clients, users, employees, and third-party partners, to report any suspected security incidents, data breaches, or vulnerabilities to us promptly. We have established channels for reporting security incidents, including email, phone, and online reporting forms, and we investigate and respond to all reports under our incident response procedures.

6. International Transfers

Biginius.com Pvt. Ltd. (“Biginius.com,” “we,” “us,” or “our”) operates as a placement service provider, assisting individuals in finding job placements with employers worldwide. As part of our operations, we may transfer personal data across international borders to facilitate the matching of candidates with job opportunities in different countries. This International Transfers Policy outlines our practices for transferring personal data internationally in compliance with applicable data protection laws and regulations.

6.1 Scope

This International Transfers Policy applies to all personal data that we collect, process, store, and transfer as part of our placement services, including but not limited to:

  • Personal information of job applicants, including resumes, cover letters, and contact details;
  • Personal information of clients and employers, including job requirements, preferences, and contact details;
  • Personal information of employees and contractors, including payroll data, performance reviews, and contact details; and
  • Any other personal data that we collect or handle in the course of our business operations.

6.2 Legal Basis for International Transfers

We transfer personal data internationally based on one or more legal mechanisms recognized under applicable data protection laws and regulations, including:

  • Adequacy Decisions: We transfer personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission or other relevant authorities.
  • Standard Contractual Clauses (SCCs): We enter into SCCs approved by the European Commission or other relevant authorities with recipients of personal data in countries that do not have adequacy decisions.
  • Binding Corporate Rules (BCRs): We implement BCRs approved by relevant data protection authorities to govern the transfer of personal data within our organization or among our affiliates.
  • Consent: We obtain explicit consent from data subjects before transferring their data internationally, where required by applicable laws and regulations.
  • Other Legal Basis: We may rely on other legal bases for international transfers as permitted by applicable laws and regulations, such as the necessity of the transfer for the performance of a contract or the implementation of pre-contractual measures requested by the data subject.

6.3 Data Transfers to Third Countries

When transferring personal data to countries outside the European Economic Area (EEA), United Kingdom (UK), or other jurisdictions with adequate data protection laws, we take appropriate safeguards to ensure the protection of personal data under applicable laws and regulations. These safeguards may include the use of SCCs, BCRs, or other legal mechanisms recognized under applicable laws.

6.4 Transfers to Service Providers and Third Parties

We may transfer personal data to third-party service providers, partners, and other recipients located in different countries to provide our placement services, conduct background checks, process payments, and perform other business functions. Before transferring personal data to third parties, we assess their data protection practices and ensure that appropriate safeguards are in place to protect personal data under applicable laws and regulations.

6.5 Data Subject Rights

Data subjects whose personal data is transferred internationally have rights under applicable data protection laws and regulations, including the right to:

  • Access their personal data and obtain information about the international transfers of their data;
  • Rectify inaccuracies or incomplete information in their personal data;
  • Object to the international transfers of their personal data in certain circumstances;
  • Restrict the processing of their personal data pending the resolution of disputes or concerns about international transfers; and
  • Exercise other rights provided by applicable data protection laws and regulations.

We respect data subjects’ rights and provide mechanisms for them to exercise their rights regarding the international transfers of their personal data.

6.6 Accountability and Compliance

We are committed to ensuring compliance with applicable data protection laws and regulations regarding international transfers of personal data. We maintain records of international transfers, including the legal basis for the transfers, the safeguards implemented, and other relevant information required by applicable laws and regulations. We cooperate with data protection authorities and other regulatory bodies to demonstrate our compliance with data protection requirements related to international transfers.

6.7 Data Breach Notification

In the event of a data breach affecting personal data that has been transferred internationally, we adhere to applicable data breach notification requirements under applicable laws and regulations. We notify affected data subjects, relevant data protection authorities, and other stakeholders about the breach in accordance with legal obligations and best practices.

6.8 Training and Awareness

We provide training and awareness programs to our employees and contractors to ensure that they understand their responsibilities regarding the international transfers of personal data. Our training programs cover topics such as data protection laws and regulations, international data transfers, and best practices for safeguarding personal data during transfers.

6.9 Review and Updates

We regularly review and update this International Transfers Policy to reflect changes in applicable data protection laws and regulations, as well as changes in our business operations and practices. We communicate updates to this policy to our employees, contractors, clients, and other stakeholders as appropriate.

7. Children’s Privacy

At Biginius.com Pvt. Ltd., we are committed to protecting the privacy of all individuals who use our placement services, including children. This Children’s Privacy Policy outlines our practices for collecting, using, and disclosing personal information from children under the age of 13 in compliance with applicable laws, including the Children’s Online Privacy Protection Act (COPPA) in the United States and similar laws in other jurisdictions.

7.1 Collection of Children’s Information

We do not knowingly collect personal information from children under the age of 13 without verifiable parental consent. If we learn that we have inadvertently collected personal information from a child under 13 without parental consent, we will promptly take steps to delete such information from our records.

7.2 Types of Information We Collect

If a child under the age of 13 provides us with personal information with verifiable parental consent, we may collect the following types of information:

  • Contact Information: Such as the child’s name, email address, phone number, and home address, as well as the parent’s or guardian’s contact information.
  • Profile Information: Such as the child’s educational background, skills, and preferences related to job placements.
  • Application Materials: Such as the child’s resume, cover letter, and other relevant documents submitted as part of the job application process.
  • Usage Information: Information about how the child interacts with our Services, including log data, device information, and browsing activity.

7.3 Use of Children’s Information

We may use the personal information we collect from children under 13 for the following purposes:

  • To provide and improve our placement services;
  • To match child users with job opportunities that align with their skills and preferences;
  • To communicate with child users and their parents or guardians about their accounts and our Services;
  • To customize the child user’s experience and preferences on our platform;
  • To analyze trends and user behavior related to children’s use of our Services; and
  • To comply with legal and regulatory requirements.

7.4 Disclosure of Children’s Information

We may disclose personal information collected from children under 13 in the following circumstances:

  • With service providers who assist us in operating our Services;
  • With employers and recruiters for the purpose of job placements;
  • With affiliates and business partners for marketing and promotional purposes, provided that such disclosure is consistent with applicable laws and regulations;
  • In connection with a merger, acquisition, or sale of assets; and
  • When required by law or to protect our rights, property, or safety, or the rights, property, or safety of others.

We do not sell personal information collected from children under 13 to third parties.

7.5 Verifiable Parental Consent

Before collecting personal information from a child under the age of 13, we will obtain verifiable parental consent in accordance with COPPA and other applicable laws. Verifiable parental consent may be obtained through various methods, including:

  • Obtaining a signed consent form from the parent or guardian;
  • Requiring the parent or guardian to provide a credit card or other payment method;
  • Requiring the parent or guardian to call a toll-free number or send a reply email;
  • Requesting a photocopy of a government-issued identification card from the parent or guardian; or
  • Any other method that is reasonably designed to ensure that the person providing consent is the child’s parent or guardian.

7.6 Parental Rights and Choices

Parents or guardians of children under 13 who have provided personal information to us have certain rights and choices, including:

  • Reviewing, updating, or deleting their child’s personal information;
  • Refusing to allow further collection or use of their child’s personal information;
  • Revoking their consent to the collection, use, or disclosure of their child’s personal information; and
  • Requesting that we delete their child’s account and personal information.

Parents or guardians can exercise these rights and choices by contacting us using the contact information provided in this Children’s Privacy Policy.

7.7 Data Security

We take reasonable measures to protect the security of children’s personal information, including encryption, access controls, and other security measures. However, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee the absolute security of children’s personal information.

7.8 Retention of Children’s Information

We retain personal information collected from children under 13 only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. We will promptly delete such information once it is no longer needed for these purposes.

7.9 Changes to This Children’s Privacy Policy

We may update this Children’s Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify parents or guardians of material changes to this Children’s Privacy Policy by email or by posting a prominent notice on our website.

8. Changes to This Privacy Policy

At Biginius.com Pvt. Ltd. (“Biginius.com,” “we,” “us,” or “our”), we are committed to protecting the privacy and confidentiality of personal information entrusted to us by our clients, users, employees, and other stakeholders. This “Changes to This Privacy Policy” document outlines our practices for updating and modifying our Privacy Policy to reflect changes in our data processing practices, legal and regulatory requirements, and business operations. We strive to maintain transparency and provide notice to our stakeholders about any material changes to our Privacy Policy.

8.1 Purpose of This Document

This document serves as a supplementary notice to inform our stakeholders about how we may revise, update, or modify our Privacy Policy from time to time. It explains the reasons for changes to our Privacy Policy, the process for notifying stakeholders about changes, and how stakeholders can access the most current version of our Privacy Policy.

8.2 Reasons for Changes

We may make changes to our Privacy Policy for various reasons, including but not limited to:

  • Compliance with Applicable Laws and Regulations: We may update our Privacy Policy to ensure compliance with changes in data protection laws, regulations, and industry standards.
  • Business Operations: We may modify our Privacy Policy to reflect changes in our business operations, services, or organizational structure.
  • Feedback and Suggestions: We may incorporate feedback and suggestions from stakeholders to improve the clarity, transparency, and effectiveness of our Privacy Policy.
  • Security Enhancements: We may make changes to our Privacy Policy to implement enhancements to data security practices, measures, and controls.
  • Mergers and Acquisitions: In the event of a merger, acquisition, or sale of assets, we may update our Privacy Policy to reflect changes in ownership, control, or governance.

8.3 Process for Changes

When making changes to our Privacy Policy, we follow the following process:

  • Assessment: We assess the need for changes to our Privacy Policy based on factors such as changes in data processing practices, legal requirements, and stakeholder feedback.
  • Drafting: We draft revisions to our Privacy Policy, taking into account the reasons for changes and ensuring that the updated policy reflects our commitment to privacy and data protection.
  • Review: We review the draft revisions with relevant stakeholders, including legal advisors, data protection officers, and senior management, to ensure accuracy, clarity, and compliance with applicable laws and regulations.
  • Approval: We obtain approval from authorized decision-makers, such as the CEO, board of directors, or data protection committee, before finalizing changes to our Privacy Policy.
  • Implementation: We implement the approved changes to our Privacy Policy on our website, mobile application, and other online platforms where the Privacy Policy is made available to stakeholders.
  • Notification: We notify stakeholders about changes to our Privacy Policy through appropriate channels, such as email notifications, website banners, or pop-up messages, depending on the significance of the changes and the impact on stakeholders.

8.4 Notification Process

We notify stakeholders about changes to our Privacy Policy in the following ways:

  • Email Notifications: We may send email notifications to clients, users, employees, and other stakeholders who have provided their email addresses and consented to receive communications from us.
  • Website Banners: We may display banners or alerts on our website and mobile application to inform visitors and users about changes to our Privacy Policy and provide a link to the updated policy.
  • Pop-Up Messages: We may present pop-up messages or notifications when users access our website or mobile application, directing them to review the updated Privacy Policy.
  • In-App Notifications: For users of our mobile application, we may send in-app notifications or push notifications to inform them about changes to our Privacy Policy and prompt them to review the updated policy.
  • Direct Mail: In some cases, we may send physical mail or notices to stakeholders by postal mail, especially for clients, partners, or other stakeholders who prefer traditional communication channels.

8.5 Reviewing the Updated Privacy Policy

Stakeholders can review the most current version of our Privacy Policy on our website, mobile application, or other online platforms where the policy is made available. We provide a prominent link or access point to our Privacy Policy from our homepage or main menu to ensure that stakeholders can easily find and access the policy.

8.6 Acceptance of Changes

By continuing to use our services after being notified of changes to our Privacy Policy, stakeholders indicate their acceptance of the updated policy. If stakeholders do not agree with the changes, they should discontinue using our services and contact us to exercise their rights and preferences regarding their personal information.

9. Conclusion

Thank you for taking the time to read our Privacy Policy. We are committed to protecting your privacy and ensuring that your information is handled responsibly. By using our Services, you consent to the collection, use, and sharing of your information as described in this Privacy Policy.