PII can be anything that can be used to identify an individual, not limited to but including; name, address, date of birth, marital status, contact information, ID issue and expiry date, financial records, credit information, medical history, where one travels, and intentions to acquire goods and services.
ANNIK is committed to the privacy and confidentiality of information provided to us. Annik uses any client or personal information only for the purpose as agreed upon the services provided by Annik to our clients.
ANNIK should ask an individual to provide certain information by which such individual can be identified then he/ she can be assured that it will only be used in accordance with this privacy statement.
Annik communicates its privacy guidelines with all its employees to make sure that personal information of client remains confidential and the same is binding for all its employees.
EU-US Privacy Shield and US-Swiss Safe Harbor/Notice
Collection of information/Notice
Annik involves in maintaining client database of its customers and for that it uses PII data provided by client itself. In order to provide services we may require to collect PII/ sensitive personal information. We are committed to safeguard such information in line with the applicable laws.
Before collection of such information, consent in writing shall be obtained by ANNIK.
ANNIK also provides an option to withdraw consent, once given at any time. In case of withdrawal of consent, ANNIK reserves the right to discontinue the services for which the information has been collected.
Usage and Retention of information
While collecting PII, ANNIK provides information as to why we are collecting this information and how we will use it.
ANNIK retains the information collected for a period reasonably required for business purposes or for a period as required under any law.
To opt-out of (participation/sharing your information) at any time please notify us at CISO@ANNIK.com
Disclosure and onward transfer of personal information
Any disclosure of personal information will be strictly controlled and made fully in accordance with the applicable local law.
However, sometimes ANNIK uses third parties to process your information. ANNIK contractually requires these third parties to comply strictly with its privacy instructions and not to further transfer your personal information.
ANNIK also requires that they do not use your personal information for their own business purposes, unless you have explicitly consented.
In some circumstances, ANNIK may maintain liability in cases of onward transfer to 3rd parties.
Access to your personal information
Depending on local law, you may access, update, or correct your Personal Information that we hold, including your profile and preferences. ANNIK permits, as and when requested in writing, to review the information provided. You can write to us at CISO@annik.com for any updates/rectification in the information provided.
Reasonable security practices and procedures
ANNIK has formulated and documented ANNIK Information Security Policy (hereinafter called as “the Policy”) based on international standard IS/ ISO/ICE 27001:2013.
ANNIK adopts strict security practices and procedures, in line with the Policy, which includes technical, operational, managerial and physical security control measures in order to protect your personal information from unauthorized access or disclosure while it is under ANNIK’s control.
The Policy limits access to personal information on business need basis. Our employees, to the extent they may have access to your personal information, are bound by Code of Business Ethics and Conduct and non-disclosure agreements which obligate them to protect the confidentiality of your personal information.
ANNIK shall undergo independent assessment / audit of its reasonable security practices and procedures, by an independent third party auditor, approved by the Government of India at least once a year.
Data integrity and Purpose Limitation
The personal information ANNIK processes is relevant for the purpose for which it is to be used and, to the extent necessary, ANNIK takes reasonable steps to ensure that data is reliable for intended use, accurate, complete, and current.
Recourse, Enforcement and Liability
14335 NE 24th St. Bldg. B, Suite 210
Bellevue, WA 98007
ANNIK has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles CASRO PRI VACY SHIELD PROGRAM, a non- profit alternative dispute resolution provider located in the United States and operated by Council of American Survey Research Organizations (CASRO) and US-Swiss Safe Harbor Privacy Principles to an independent dispute resolution mechanism, the CASRO SAFE HARBOR PROGRAM. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by ANNIK, Inc., please visit CASRO PRIVACY SHIELD PROGRAM website at http://www.casro.org/?page=pscomplaintcasro and the CASRO SAFE HARBOR PROGRAM website at https://www.casro.org/?complaintcasrosh for more information and to file a complaint.
Additionally, under certain limited conditions, individuals may invoke binding arbitration before the Privacy Shield Panel to be created by the U.S. Department of Commerce and the European Commission.
Annik is under the enforcement authority of the Federal Trade Commission.
ANNIK may receive passively-collected information through a variety of methods including Cookies.
Collection of information by third parties
Please note that at times the information may be collected by third party on behalf of ANNIK, under a lawful contract. These third parties’ websites have their own privacy policies and we recommend you to review them.
Privacy Breach Management
Managing privacy breaches include:
Privacy Breach Notification
ANNIK shall notify all affected individuals whose personal information has been or may have been compromised through theft, loss or unauthorized disclosure, especially if the breach:
Any grievance or complaint in regards to this policy, in relation to processing of information, should be send to ANNIK in writing to the following contact email ID. Grievance shall be redressed as expeditiously as possible.
Changes to this Policy
Any exception to this policy will be catered as per the exception process defined in the ISMS Manual (section 8.1).