|
We, KP Corporate Solutions Ltd (?we?, ?us?, ?our?), are the owner of the web-based platform viz. My ESOPs (?Platform?)
We respect the data privacy rights and are committed to protecting the personal information collected on this Platform for the purpose of exercising ESOPs. This privacy policy (?Privacy Policy?) sets forth how we use and protect the personal information collected on this Platform.
1. What Qualifies as Personal Information
For the purposes of this Privacy Policy, any information [such as Employee ID, Email ID, Permanent Account Number (?PAN?), Demat account details, Broker account details, bank account details, Address, Phone number etc.] provided to us by you or your employer by you or collected by us, as a result of your use / access of the Platform, that can identify you as a person or identify any other person such as your nominee or other third parties shall be referred to as ?Personal Information?.
2. Applicability of General Data Protection Regulation
Residents of the European Union (?EU?) should note that this Privacy Policy has been updated in accordance with the requirements of the EU General Data Protection Regulation (the ?GDPR?). As per the provisions of the GDPR we shall be considered the Controllers of the Personal Information listed above.
For non-EU residents, by continuing to use or access the Platform, you agree to this Privacy Policy. If you do not agree to this Privacy Policy, you may not use or access the Platform.
3. What Personal/ Non-Personal Information do we Collect?
The Personal Information we collect falls into two categories: information you or your employer provide (for instance when your account is created), and information we collect through your use of our Platform, and through third party sources such as Employer, as further described below.
3.1. Information you or your employer provide to us
3.1.1. Registration and Profile Information
When you register for an account, we will ask for your full name, PAN, information about your demat account, email and physical address, a phone number and location. We will also collect Personal Information of your nominee such as their name, their relationship with you, information about their Demat account details, PAN, (if any) and email id etc. when you participate in ESOP scheme through your employer.
We may also collect Personal Information provided to us by your employer.
To request for a free demo, subscribe to our newsletter/alerts or to get in touch with us through the form available on our ?contact us? section, you would need to provide us with Personal Information such as your name, designation, department, telephone number, organization name, location and e-mail address.
3.1.2. Reporting
We may also collect, store and use your Personal Information when you access our Platform to submit various forms to the various regulatory bodies including but not limited to Securities and Exchange Board of India (?SEBI?).
3.2. Information we receive from your use of the Platform
3.2.1. Content you provide through our Platform
We may also collect and store Personal Information when you use our Platform. This includes any information about you that you may choose to include while using the Platform including how you interact with the Platform and, how you use the features present in it.
3.2.2. Cookies
We may also automatically collect Personal Information through cookies, for example, to validate your login credentials, to remember session allowing you to continue the session in case of time-out and to prevent unauthorized use of the Platform. Cookies are small encrypted files, that the Platform transfers to the device through which you access our Platform. We may also collect information whenever you visit our Platform to improve the usability and functionality of the Platform. Such information may be collected through third party services.
3.3. Accuracy of information
Please make sure that any Personal Information you share with us is accurate and up to date information. You are required by relevant Companies (Share Capital and Debenture) Rules 2014 and SEBI (Share Based Employee Benefits) Regulations 2014 to disclose information about third parties such as your nominee.
4. Information of third party located in the EU:
If you share any Personal Information of any third party who is located in EU, you must ensure that you notify him/her about you are sharing such person?s Personal Information with us. This should be done no later than Two (2) weeks from the date you share their information with us. You may provide such person a link or a copy of this Privacy Policy to help the person understand how his/ her Personal Information is handled by us and for what purpose.
5. What do we do with Your Personal Information?
We use the Personal Information for the following purposes:
5.1. to authenticate your account or information on our Platform;
5.2. to provide you with our services under My ESOPs including planning, designing, managing, administering and implementation of ESOP plans/schemes;
5.3. to generate various ESOP Scheme documentations and reports such as grant consolidated report, grant summary report, exercise report, cancellation report, vest wise report, lapse report, individual options summary report, personal status report and any other system based / customized reports;
5.4. to enable you to generate ESOP exercise form and manage your ESOPs;
5.5. to communicate you with regards to change in the ESOP Plan management process;
5.6. to assist you and your employer with documentation of disclosure as per Companies (Share Capital and Debenture) Rules 2014 and SEBI (Employee Stock Option Scheme and Employee Stock Purchase Scheme) guidelines ;
5.7. to assist in valuation of ESOP schemes for example calculating intrinsic and fair value of options as per Indian GAAP;
5.8. to assist you and your Employer in accounting of employee stock options;
5.9. to assist you and your Employer with statutory disclosures and compliances relating to ESOPs with various government regulatory authorities;
5.10. to send email alerts prior to vesting, lapse of options and share price reaching a target level;
5.11. To advise your employer of your registration;
5.12. to provide you and your employer information about My ESOPs;
5.13. to assist you in the event you need any additional support;
5.14. for MIS reporting.
5.15. for creation or development of business intelligence or data analytics in relation to our Platform and/ or My ESOPs provided by us;
5.16. to improve usability of the Platform and/ or My ESOPs and its maintenance;
5.17. to prevent fraud and abuse;
5.18. to enhance the security of the Platform and/or My ESOPs;
5.19. to ensure that content from the Platform and/or My ESOPs is presented in the most effective manner for you and for your computer;
5.20. to provide you information that we may believe may be of your interest;
5.21. for internal record keeping; and
5.22. to comply with our legal or statutory obligations
6. Legal Basis (for EU residents):
We will not process your Personal Information without a lawful basis to do so. We will process your Personal Information only on the legal bases of consent [as provided in Art. 6 (1) (a) of the GDPR], contract [as provided in Art. 6 (1) (b) of the GDPR], or on the basis of our legitimate interests [as provided in Art. 6 (1) (f) of the GDPR], provided that such interests are not overridden by your privacy rights and interests.
7. Whom do we Disclose Your Data to?
We do not sell, rent, share, distribute, lease or otherwise provide your Personal Information to third parties, without your prior consent. Keeping this in mind, we may disclose your Personal Information in the following cases:
7.1. Your Employer
We may share your Personal Information with your employer, your employer internal or external auditor to meet their internal and external audit and various administrative and compliance requirements.
7.2. Merger or Acquisition
We may transfer your Personal Information if we are acquired by another entity, or if we merge with another company or transfer a part of our business, including the license to this Platform, to a third party. Any such third party or resultant entity that receives your Personal Information shall have the right to continue to use your Personal Information in line with the purposes set out herein.
7.3. Legal and Regulatory Authorities
We may disclose your Personal Information in order to comply with our legal obligations/ court orders/ requests by Government authorities
7.4. Transfer of Your Personal Information Across Borders (for EU Residents)
We have a presence through our regional sales or delivery centers across India. The Personal Information we collect (of EU residents) might be processed outside the EU at secure centers in India. With regards to the Personal Information governed by provisions of the GDPR, we collect and transfer Personal Information outside the EU in accordance with the provisions of the GDPR. If you have questions, please contact us as at info@esopdirect.com
8. How Long do we Retain Your Personal Information?
8.1. We endeavour to only collect such Personal Information that is necessary for the purposes indicated here, and to retain such data for no longer than is necessary for such purposes. The length of time Personal Information is retained, and criteria for determining that time, are dependent on the nature of the Personal Information and the purpose for which it was provided/ collected.
8.2. Subject to this section, we retain your Personal Information unless your Employer revokes our access or deletes your account i.e. if you wish for us to delete your Personal Information in our records, you may request your company?s representative to have your account with us deleted. Please note, however, that there might be latency in deleting Personal Information from our servers and backed-up versions might exist even after deletion. For more information on where and how long your personal data is stored, and for more information on your rights of erasure and portability, please contact info@esopdirect.com
9. Our Security Measures
We store your Personal Information in India and also on our Microsoft Azure servers located in India and this information is accessible to our personnel across our offices. We also implement a variety of security measures to maintain the safety of your Personal Information such as transmission of Personal Information in an encrypted form and protected using SSL technology or storing only specific Personal Information and in a secure environment where access is restricted. Although we provide appropriate firewalls and protections, we cannot warrant the security of any Personal Information transmitted as these systems are not hack proof. Data pilferage due to unauthorized hacking, virus attacks, technical issues is possible, and we assume no liability or responsibility for it.
10. Your Rights (For EU Residents specifically)
You have the right to request us to let you know what Personal Information belonging to you do we hold in our possession, right to have us rectify or modify any such Personal Information except for email id, right to have us erase/delete your Personal Information, right to restrict us from processing such Personal Information, right to object to our use of your Personal Information. If you would like to exercise any of these rights, you may contact us through your Employer, and accordingly we shall comply with your request
11. Limitation of Liability
To the extent permissible under the law, we shall not be liable for any direct, indirect, incidental, special, consequential or exemplary damages, including but not limited to, damages for loss of profits, goodwill, data, information, or other intangible losses (even if we have been advised of the possibility of such damages), arising out of this Privacy Policy on your use of the Platform or My ESOPs.
12. Governing Laws and Disputes
This Privacy Policy shall be construed and governed by the laws of India without regard to principles of conflict of laws. Any dispute arising, between you and us shall be submitted to the arbitration to be conducted in Pune, India in English language, in accordance with the provisions of Arbitration and Conciliation Act, 1996, by a sole arbitrator (appointed by us), and the award made in pursuance thereof shall be binding. Subject to the arbitration provisions, you agree that the courts in Pune, India shall have an exclusive jurisdiction over such disputes.
For any EU residents, this Privacy Policy shall be governed by the provisions of the GDPR.
13. Changes to This Policy
We may update this Privacy Policy from time to time. You are encouraged to check this Privacy Policy on a regular basis to be aware of the changes made to it. This Privacy Policy was last modified in May 2019.
14. Contact Us
If you have any questions or concerns or grievances regarding this Privacy Policy, you can email us at info@esopdirect.com