- the type of information collected from Users;
- the purpose, means and modes of usage of such information; and
- how and to whom Firmway will disclose such information.
- the fact that the information is being collected;
- the purpose for which the information is being collected;
- the intended recipients of the information;
- the name and address of the entity that is collecting the information and the entity that will retain the information; and
- the various rights available to such Users in respect of such information.
2. Definitions of Personal Information and Sensitive Personal Information as defined in the IT Act 2000 and Rules
- Personal Information is defined as any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available with a body corporate, is capable of identifying such person.
- Sensitive Personal Data or Informationof a person means such personal information which consists of information relating to their:
- financial information such as bank account or credit card or debit card or other payment instrument details;
- physical, physiological and mental health condition;
- sexual orientation;
- medical records and history;
- biometric information;
- any detail relating to the above clauses as provided to body corporate for providing service;
- any of the information received under the above clauses by body corporate for processing, stored or processed under lawful contract or otherwise.
3. Collection of Personal Information
- In order to use the Website and our services, a User must register by completing the registration form available on the Website. During registration a User is required to give professional and personal contact information (such as name and email address).
- Firmway at the time of registration and confirmation asks for and collects certain information about Users, including personally identifiable information, such as name, phone number, email address, digital signatures, Aadhar number, etc. We use this information to validate our Users, and to therefore grant access to and provide our services. We collect payment information provided by the Users at the time of the payment for availing our services. We also ask our auditor Users to provide their registration/credentialing information in order to validate his/her status. We also collect financial information shared by registered and non-registered Users at the time of confirmation activities.
- While you may use some of the functionalities of the Website without registration, most of the content and services require registration. Firmway may also collect or gather information about User indirectly in the background relating to the usage of the Website by the User, such as IP address, location details, date-time stamp, practice information, confirmation activity, through cookies, other information associated with the interaction of your browser and the Website, By using the Website and our services you have given your consent to Firmway to collect or gather information about the User directly or indirectly through cookies or other technical methods.
4. Use of Information by Firmway
- Firmway will use the User’s information to provide our services. Firmway may also use the User’s personal information directly or indirectly to provide subscription benefits, which could include notifications of upcoming events, newsletters, publications, etc., to promote or market products and services of Firmway or of a third party which Firmway thinks may be of interest or beneficial to User, to communicate with User for other purposes, to enable User to effectively use Firmway, for analytics such as studying user behavior, to evaluate or improve the Firmway website and services design, to enhance the User experience, or for technical support or feedback. Firmway reserves the right to disclose the name of the registered Users for its marketing and advertisement purposes. Firmway also reserves the right to use the personal information for analytics, research, etc. and also for providing analytics and business intelligence based on the Users’ personal information in an anonymised form.
- Additionally, by registration you authorize us to send SMS/email alerts to you for your login details, password use and resets and any other service requirements or advertising messages/emails.
- We may use non personal information to improve our services and to generally promote the Website and our services.
5. Disclosure Policy
Personal information may be disclosed to a third party if Firmway is required to do (i) so due to an applicable law, court order or governmental regulation, or if such disclosure is otherwise necessary in support of any criminal or other legal investigation or proceeding here or abroad, (ii) for rendering services requested by you, or (iii) if we have your consent to do so. In order to provide our services, we may share or disclose the information shared by our Users relating to confirmation activities with other Users including auditor Users concerned with such confirmation activities.
6. Third Party Websites or Applications
8. Users can review and amend the personal information. If User updates any of his/ her personal information, Firmway may keep a copy of the information which the User originally provided in its archives. The information submitted by the Users shall be held for as long as is required to access the services requested and as required by law. Users have the right to withdraw his/her consent at any time. On termination of this agreement or withdrawal of consent, User’s login details including all personal information will be deactivated on our website.
9. Firmway shall not be responsible in any manner for the authenticity or accuracy of the personal information or sensitive personal information or information supplied by the Users.
10. Firmway is not liable for any loss of data technical or otherwise, information or particulars supplied by the Users, due to reasons or causes or conditions beyond its control including but not limited to corruption of data, strike, riots, civil unrest, Governement policies, tampering of data by unauthorized persons like hackers, war and natural calamities.
11. The GDPR and Additional Information for Individuals in the European Economic Area (“EEA”): If you are a resident of the European Economic Area (“EEA”) and accessing our Platforms or subscribing to our services, please note:
- The EU General Data Protection Regulation (GDPR) is a new comprehensive data protection law that updates existing EU laws to strengthen the protection of “personal data” (any information relating to an identified or identifiable natural person, so called “data subjects”). The GDPR replaces the current national data protection laws with a single set of rules, enforceable in each EU member state.
- We may need to collect and process the data stated above in order to provide our services to you or because we are legally required to do so. If you do not provide the information that we request, we may not be able to provide you with our services. We may use the data for our legitimate business interests, including those listed above.
- We do not knowingly permit children in the EEA under age 16 to register for any content, product or service. We do not knowingly collect, use or disclose personal information about users under age 16, except as permitted by law.
- If you would like to receive an electronic copy of your data for purposes of transmitting it to another company, you may contact us at [email protected].
- In relation to the sections above on “Transfer of Data” and “Storage and Security of Data” some non-EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards. For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place measures such as standard contractual clauses adopted by the European Commission to protect your data. Additionally, we shall retain your data for as long as needed or permitted in light of the purposes for which it was obtained. This includes,(i) any contractual relationship we may have with you to provide our services and (ii) as required by law or our legal position (such as in litigation or regulatory investigations). To receive information on any such measures, you may contact us at [email protected].
- This Website takes every precaution to protect our Users’ personal information and sensitive personal data or information. When Users submit personal and sensitive information via the Website, their information is protected both online and off-line.
- All of our Users’ information, not just the sensitive information mentioned above, is restricted in our offices. Only employees who need the information to perform a specific job (for example, our billing clerk or a customer service representative) are granted access to personally identifiable information. Our employees will sign off from their devices when they leave their desk. All the accesses to our systems are password protected. When they return, they must re-enter their password to regain access to User information. Furthermore, all employees are kept up-to-date on our security and privacy practices. Our employees are frequently notified and/or reminded about the importance we place on privacy, and what they can do to ensure our Users’ information is protected. However, no method of transmission over the Internet, or method of electronic storage, is completely secure. Therefore, we cannot guarantee its absolute security.
- If you believe that your privacy has been breached, please contact our Grievance Officer using the contact information below and provide details of the incident in writing so that we can investigate it. The name and contact details of the Grievance Officer are provided below:
Jai Hind Estate, Bldg no. 1, Shop no. 18, Dr. A.M Road, Bhuleshwar, Mumbai – 400004
Timings: 10am – 5pm