This ThoughtFocus Privacy Policy (hereinafter called “Policy”) provides information to the user on the procedures followed by ThoughtFocus and its Affiliates (“ThoughtFocus,” “we,” “us,” “Company,” “our”) to collect/process/utilize/handle/store/disclose/ protect the personal information and sensitive personal information of ThoughtFocus employees, visitors, users of the ThoughtFocus sites, users of ThoughtFocus services or any data of customer/prospective customers including their representatives, the subscribers of ThoughtFocus newsletters, third party suppliers and business partners (“user,” “you”, “your”).
This Policy also applies to our services offered through any third-party site or service provider. This Policy applies to all employees of ThoughtFocus and is designed to comply with Applicable Data Protection Laws in the applicable jurisdiction.
ThoughtFocus reserves the right to make necessary changes to this Policy from time to time as it deems appropriate to continue to be compliant with the governmental/regulatory changes, changing requirements of business, or otherwise.
The key terms used in the Policy are defined below, and the terms that are not defined below shall have general meaning attributed to them.
- “Affiliate” shall mean the company or any other entity that, whether directly or indirectly through one or more intermediaries, controls, is controlled by, or is under common control with us.
- “Applicable Data Protection Laws” for this Agreement shall mean and include the General Data Processing Regulation (EU 2016/679) (GDPR), the California Consumer Privacy Act (CCPA) of USA, Health Insurance Portability and Accountability Act of 1996 (HIPAA) of USA, Graham-Leach-Bailey Act (GLBA) of USA, Information Technology Act 2000 of India, Digital Personal Data Protection Act 2023 of India, the Privacy Act (Canada), the Personal Information Protection and Electronic Documents Act (Canada) and any other data protection law which may be applicable (including any amendments, additional guidelines, regulations) from time to time.
- “GDPR” means Regulation (EU) 2016/679 of the European Parliament and of the Council of Apr 27th, 2016, on the protection of natural persons regarding the processing of personal data and means used.
- “Data,” “Personal Information,” and “Personal Data” shall mean any information that relates to an identified or identifiable natural person; an identifiable natural person can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
This Policy will outline the nature of the Data collected and processed by ThoughtFocus. It will also explain the means of processing and the purpose of processing the Data.
I. What kind of personal information/data is collected and for what purpose?
ThoughtFocus gathers various forms of Personal Data from our users to optimize the delivery of our services and functionalities. The specific information we collect depends on user interactions with our sites and services, the content of communications, and engagements with third-party entities.
- Direct Identifiers, including but not limited to your unique online identifier, name, alias, social media handle, IP address, username and password, postal and/or email address, phone number, account name and/or account number, social security number, driver’s license number, passport number, and/or state identification number.
- Related Identifiers, including but not limited to your date of birth, bank, credit or debit card number, financial information, insurance policy number, and/or license plate information.
- Physical Characteristics, including protected characteristics under federal and state law, such as age, sex, race, and ethnicity.
- Commercial Information, including records of products or services purchased, obtained, or considered, and other purchasing and consuming histories and tendencies.
- Biometric Information, such as fingerprints, is collected only from ThoughtFocus employees to secure access to office space.
- Internet or other Electronic Network Activity Information, including browser type and version, browser settings, operating systems and platform, device type, operating information, mobile carrier, page response time, and download errors, with our sites and in communications.
- Geolocation Data, such as your zip code and time
- Audio, Electronic, Visual, and Thermal Information, including telephone recordings, electronic communication records, security camera footage from applicable ThoughtFocus properties, and temperature readings.
- Professional or Employment-Related Information, such as your work history, salary history, and education history.
- Other details, any other information the user might provide to us voluntarily.
II. How do we collect personal information and data?
We collect Data through your interactions on our website and in our products. While some Data is provided directly to us, some Data is collected by us using a website, interaction therein, and choices and preferences you make. Your privacy setting in the device and the preferences you make while using our website or any product or service, determines the kind of Data shared with us.
We collect Data that you voluntarily provide to us through a website or email, account creation, or any physically filled form, or you voluntarily consent to us collecting the Data from you. We may also collect information about you from third-party sources like data aggregators, who may or may not have a direct relationship with you.
III. Purposes for which we process the personal information/data:
We use the personal information outlined in a variety of business and commercial purposes, including but not limited to:
- Provide the services you have
- Conduct business dealings with
- Fulfil a transaction you requested or
- Create and manage your account between ThoughtFocus and you or any other Third
- Operate the sites, including access management, payment processing, site administration, internal operations, troubleshooting, data analysis, testing, research, and statistical
- Respond to your requests, feedback, or
- Employment-related matters like hiring, training, performance management, benefits administration, and payroll management. This includes business purposes such as internal reporting, analysis, and planning.
- To process invoices for our services and manage our accounts (including usage and licensing compliance.
- Comply with laws, regulations, and other legal
- Comply with relevant industry standards and our
- Operate, evaluate, and improve our
- Provide you with information and advertisements about products, services, and promotions from us or affiliates that may interest you.
- Deliver content tailored to your interests and the way you use the
- Present content in a manner that is optimized for your
- Measure and analyse the effectiveness of the sites and services we provide to
IV. Who do we share personal information/data with, and why?
We do not sell or rent your Personal Information or share your Personal Information for cross-context behavioral advertising. We may, however, disclose Personal Information for purposes such as:
- With your We may disclose your Personal Information with your consent. We may obtain your consent in writing, email, online, or through “click-through” agreements when you accept the terms of use on our sites, orally, either in person or on the phone, or by other means.
- In a business transfer. We may disclose your Personal Information as part of a corporate business transaction, such as a merger or acquisition, joint venture, corporate reorganization, financing, or sale of company assets.
- To non-affiliated third parties, such as service providers and contractors. We may disclose your Personal Information with other parties, such as service providers and contractors, to facilitate your access and use of our sites and services, including but not limited to internet service providers, advertising networks, data analytics providers, governmental entities, operating systems, and platforms, social medial networks, and service providers who provide us a service (e.g., credit/debit card processing, billing, shipping, repair, customer service, auditing, marketing, debugging to identify and repair errors that impair existing intended functionality on our sites or services, and/or protecting against malicious, deceptive, fraudulent, or illegal activity).
- To subsidiaries and Affiliates. We may disclose your Personal Information with our subsidiaries and affiliates to further facilitate your use of our sites and services and to ensure the smooth and consistent operations of ThoughtFocus by identifying and repairing errors that impede intended functionality and to protect against malicious, deceptive, fraudulent, or illegal activity.
- For legal process and protection. We may disclose your Personal Information to satisfy any law, regulation, legal process, or governmental request or where we have a good faith belief that access, use, preservation, or disclosure of such information is reasonably necessary to:
- Protect our rights or interests, property or safety, or that of
- In connection with claims, disputes, or litigation – in court or
- Protect users of our sites and services and other carriers or providers from fraudulent, abusive, or unlawful use of, or subscription to, such services; and
- Facilitate or verify the appropriate calculation of taxes, fees, or other obligations due to a local, state, or federal government.
V. How we store your personal information/ data?
We take reasonable steps to protect the personal information we collect from being used, lost, or accessed in an unauthorized manner. Access to your data is limited to those employees, contractors, and other third parties who have business and need to know. Associates with access to such data are subjected to nondisclosure agreements and only to the extent required to process the business requirements. The data collected are primarily stored on servers in the US. A secondary data backup may be maintained on computer systems outside the US.
We assess privacy risks periodically and take measures to ensure that your personal information is protected and kept confidential. Data collected and stored employ robust encryption methods and hashing techniques that are standard and current in the industry.
VI. How long do we retain your personal information/data?
We will only retain your Data for as long as it is necessary to satisfy the purpose for which it was provided by you or collected by us (for example, for the required time for us to answer queries or resolve problems or for providing Services or for employment-related matters).
We may, therefore, retain your Data for a reasonable period after your last interaction with us. When the Data that we collect is no longer required in this way, we destroy or delete it securely. We may, instead of destroying or erasing your Data, make it anonymous so that it cannot be associated with or tracked back to you. In some instances, we may have legal or regulatory obligations that require us to retain specific records for a set period.
VII. How do we ensure the security of your personal information/data?
We use a variety of physical, technical, and administrative security standards, technologies, and procedures to help protect your Data from loss, misuse, alteration, destruction, or damage to an appropriate level depending on the sensitivity of the information. All Data is secured safely in our database.
Wherever we collect personal sensitive information (such as credit card details, biometrics, etc.), the Data is encrypted and transmitted to us securely. You can verify this by looking for a lock icon in the address bar and looking for “https” at the beginning of the address of the web page.
While we use encryption to protect personal sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example, billing or customer service) are granted access to Data. The computers/servers in which we store Data are kept in a secure environment.
The following measures are employed to protect your Data:
- Physical security measures such as restricted access facilities and locked filing cabinets.
- Organizational processes such as limiting access to your personal information to a selected group of individuals.
- Technological measures include electronic security measures for computerized personal information, such as password protection, database encryption, and personal identification numbers.
- Requiring third parties with access to your personal information to protect, secure, and appropriately dispose of it.
- Shredding of documents containing personal information.
VIII. What are your rights over the data?
We provide you the ability to exercise specific controls and choices regarding our collection, use, storage, and disclosure of your personal information.
- Right of Regardless of where you live, you may submit a request that we correct or update the information we have about you.
- Right to obtain a copy of your data together with information about how and on what basis that Data is processed.
- Right to change Regardless of where you live, you may change your choices for subscriptions, newsletters, and alerts.
- Right to unsubscribe from ThoughtFocus marketing and Regardless of where you live, you may choose whether you want to receive marketing and advertising from us.
- Right to control advertising and online Regardless of where you live, you have a right to control how your personal information is tracked online.
- Right to restrict processing. In the event you want us to stop using any Data about you due to it being inaccurate, then you may notify us to stop using the Data.
- Right to anonymize your data so that it cannot be associated with or tracked back to you.
- Right to erasure: You may write to us to request that we delete all the data in our database.
- Right of non-discrimination. You have a right to exercise your rights under this section free of discrimination. ThoughtFocus will not discriminate against you in any way if you choose to exercise your rights under this section.
IX. How can you opt out of the process?
Unless you ask us not to, we may contact you via email in the future to tell you about new products or services or changes to this Policy or otherwise for any promotional activity. You may opt out from receiving such emails in the future as per the instructions in the email.
You may opt out of future contacts from us at any time by contacting us via the email address specified in this Policy, including to get information about your rights over the Data.
We may be required to retain specific Data for compliance, audit, or regulatory purposes to the extent permitted by the Applicable Data Protection Laws.
X. Use of Cookies
ThoughtFocus uses cookies and similar technologies, which are small text files used to store data for the webserver to remember you, your device, and your preferences and settings. This is done with the sole intention of providing better service, remembering user preferences, enabling account login, preference-based marketing, performance analysis of ThoughtFocus, and any other lawful purpose as may be required by the business.
If you do not wish to receive cookies from us, you have access to the information the cookies collect and can edit it through the settings of the internet browser, limiting the access granted to our cookies. This enables you to withdraw your consent as well by clearing or blocking the cookie.
XI. How do we collect, use, and disclose Non-Personal Information?
Non-personal information is data that does not identify you or directly relate to you as an individual. This may include de-identified or aggregated personal information that no longer identifies a specific individual.
We may anonymize any personal information (i.e., render it so that it irreversibly no longer allows the person to be identified directly or indirectly). Such information may be used for a variety of purposes, such as performing services, developing and improving our products and services, and sharing it with third parties and/or business partners for any lawful purposes.
We will obtain your consent if we ever combine non-personal information with any personal information, and such information will be treated as personal information under the Policy.
XII. How to Contact Us
Contact our Data Privacy Officer if;
- You have a general question about how ThoughtFocus protects your personal data.
- You wish to make a complaint about ThoughtFocus’ use of your data.