Privacy Notice for Customers

  • Facebook
  • Twitter
  • Linkedin
  • Email

We at Genpact and our affiliated companies worldwide (“Genpact”) are a global professional services firm focused on delivering digital transformation for our clients We respect you and are committed to honoring and protecting your privacy and the reason we collect your personal data is to improve our services to you. This Customer’s Privacy Notice describes our approach to privacy and our practices regarding why we collect your personal data, what data we are collecting, how we process it, and how you can manage and delete your personal data. If you have any questions or concerns about this privacy notice or your personal data, please contact us at Marketing.GDPR@Genpact.com or DPO.Genpact@Genpact.com.

Where we determine the purpose and means of processing personal data, Genpact will be a controller. Where we act as a processor in our capacity of providing services to a customer, we will only process personal data in accordance with the instructions of the customer. The customer will be the data controller of that personal data and will be responsible to data subjects for the way in which their personal data is processed. Where applicable, in accordance with data protection laws we shall assist the data controller in effecting data subject rights. 

What personal data we collect and how we collect it 

Genpact, may at times collect your personal data in one of the following ways:

  • By entering information such as your name, and email address, country of residence, company you represent, industry and details of an inquiry on the page titled Contact Us, you enable us to respond to a general/ business inquiry made by you or on behalf of the company that you represent. If you wish to be contacted by telephone, we may also collect your work phone number.
  • Genpact use cookies and web beacons to collect data on how you use our websites. This may include for example information with respect to what Genpact websites you have visited, how long you stayed on them, which items you clicked on and your IP-address. To know more about our use of cookies, please visit https://www.genpact.com/downloadable-content/genpact-cookie-policy.pdf to see our Cookies Policy.
  • You may provide Genpact with information when subscribing and using the Genpact Subscription Center. This data may include for example your name, email address and the company you represent. The subscription center also keeps track of your communication preferences (over email or phone) and areas of interest (such as receiving newsletters, thought leadership content and/or marketing collateral) that you may have either opted into or opted out of.
  • E-mail Communications: If you are a recipient of our marketing communications, we will track whenever you receive, open, click a link, or share an e-mail you receive from Genpact. To unsubscribe from Genpact marketing communications, please visit our unsubscribe webpage at https://www.genpact.com/form/unsubscribe.
  • Information from Other Sources: Genpact might receive information about you from other sources, such as public sources, social media, directories, registries to ensure the accuracy and completeness of your personal data.
  • Call recordings: Genpact may record the conversations between you and Genpact’s global voice solutions team when you contact our helpline phone number. Also, Genpact tele nurture representatives may contact you to address any inquires made by you or to further communicate with you about Genpact service offerings. All such conversations will also be recorded for quality and training purposes and to facilitate resolution of any queries or complaints.
  • Information when you access Genpact content on our Third Party Partner Website(s): From time to time, Genpact publishes thought leadership, marketing collateral and webinars on third party website platforms. By accessing Genpact content, Genpact may collect your name, email address, contact number, designation/job role, company you represent and any other Genpact content/ links accessed.
  • Corporate Marketing and Thought Leadership Events: From time to time, Genpact may host various sales, marketing and thought leadership events. Genpact may collect your name, email address, contact number, designation/job role and the company you represent from such events. Additionally, Genpact sales executives and business leaders may visit similar events conducted by other companies or forums. As part of these events, Genpact sales executive and business leaders may receive business cards from you in order to establish a working relationship with you on behalf of the customer you represent.
  • Information obtained from Third Party Business Contact Directory and Services: Genpact has carefully selected and contracted with third party agencies providing business contact directory services to obtain the name, title, company you represent, work phone number, work email address and work address of potential business contacts.
  • Information obtained from our Business Leaders: Genpact may receive information related to your name, company you represent, designation/job role and email address from Genpact business leaders who have established professional/ personal connections with you. 
  • Information obtained from public sources and professional networking platforms: Genpact may also collect information related to your name, company you represent, designation/job role, and email address from public sources (where available) or professional network platforms such as LinkedIn.
  • Information received prior to/during fulfilment of contractual services: This may include for example your name, designation/job role, company you represent, telephone number and email address that you provide Genpact with during the Request for Proposal stage, proposal discussions, contract negotiations and/or the duration of time for which Genpact provides the customer with services.
  • Information to facilitate travel and lodging: From time to time, Genpact also provide assistance toour customers’ representatives visiting our premises by facilitating travel and accommodation. In such cases, Genpact would collect your name, date of birth, contact number, company you represent, email address, travel and accommodation preferences, passport and visa details.

Purpose and Lawful Basis for processing personal data

  • With your consent. Where we require your consent you will find opt-in mechanisms and you have the ability to withdraw consent at all times.
  • Where we need to perform the contract we are about to enter into or have entered into with you. For example, when we perform our services to you.
  • Where we need to comply with a legal or regulatory obligation. This will include maintaining records, compliance checks or screening and recording (e.g. anti-money laundering, financial and credit checks, fraud and crime prevention and detection, trade sanctions and embargo laws). This may include automated checks of personal data you provide about your identity against relevant databases and contacting you to confirm your identity or making records of our communications with you for compliance purposes.
  • Where it is necessary for our legitimate interests or those of a third party and your interests and fundamental rights do not override those interests. Our legitimate interest will include for example, market research purposes, marketing purposes and appropriate controls to ensure our website, processes and procedures are running effectively for the prevention and detention of against fraud and for IT security purposes. You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.
  • To contact you in order to inform you of new products, services or promotions Genpact may offer including to keep you appraised of Genpact thought leadership and marketing collateral and to better assist your needs, in pursuit of Genpact legitimate business interests and on occasion with your consent.
  • To invite you to Genpact hosted or sponsored events in your geographical region that may be of interest to you based on your role within the company and/or industry, in pursuit of our legitimate business interests.
  • To conduct market research and to carry out marketing campaigns, in pursuit of Genpact legitimate business interests.
  • To carry out the services for which Genpact has been contracted by the customer you represent to deliver, and to contact you for customer care related purposes including regular communication regarding project status, notifying issues/concerns, sharing project deliverables and carrying out day-to-day project activities, in order to comply with Genpact contractual obligations towards the customer you represent.
  • As part of our email campaigns, Genpact will track whenever you receive, open, click a link, or share an e-mail you receive from Genpact. Genpact will carry out automated profiling of such information to evaluate your interest towards Genpact service offerings or promotions. This processing will enable Genpact to identify and target potential customers or business partners, tailor Genpact marketing and provide you with relevant and timely content based on your interests, in pursuit of Genpact legitimate business interests.
  • Genpact records all conversations/interactions between you and Genpact global voice solution teams and/or tele nurture representatives for quality and training purposes, and in pursuit of Genpact legitimate business interests. Also, Genpact ensures you are notified about call recording, prior to the initiating any such conversations/interactions.
  • In certain cases, Genpact may record the conversations/ interactions with you and Genpact representatives during Request for Proposal/ Proposal discussions, trainings, transition workshops or project discussions that may be carried out over Voice over IP (VoIP) sessions for future reference and training. Genpact will always inform you and obtain your verbal consent prior to recording any such sessions. 
  • As part of Genpact’s tele nurture program, Genpact tele nurture representatives may call you to inform you about Genpact’s service offerings or promotions and may record their feedback and observations of such conversations to help Genpact identify and target potential customers and business partners in pursuit of Genpact legitimate business interests. 
  • Genpact engages carefully selected third party vendors to conduct surveys to receive feedback from you on the services currently provided by Genpact to the company you represent. Genpact uses your responses to better understand our strengths and identify improvement areas. This will help Genpact serve the company you represent better and improve our overall service offerings and business strategies, in pursuit of Genpact legitimate business interests.
  • To develop new and improved products and services to help Genpact serve the company you represent better and to improve Genpact overall service offerings in pursuit of Genpact legitimate business interests. 

If processing of personal data is subject to any other laws, then the lawful basis of processing personal data may be different to that set out above and in those circumstances will be based on national laws.

Genpact shall only process the received information pursuant to pursue our legitimate business interests for example, establishing communication with prospective customers and personnel with general/business inquiries and to enhance our user experience.

You also have the option to subscribe/opt-in to receive newsletters, thought leadership content and/or marketing collateral. You can always opt-out of such options using our subscription centre or write to Marketing.GDPR@genpact.com. Genpact shall adhere to your preferences.

Security
Genpact implements industry standard security measures to keep your personal data secure and confidential, including but not limited to:

  • Restriction of access to your personal data to Genpact employees strictly on a need to know basis, such as responding to an inquiry or request.
  • Implementation of physical, electronic, administrative, technical and procedural safeguards that comply with all applicable rules, laws, legislation and regulations to protect your personal data from unauthorized or inappropriate access, alteration, disclosure and/or destruction. It is important for you to protect against unauthorized access to your password and to your computer. Be sure to sign off when you are done using a shared computer.
  • Genpact employees who misuse personal data are subject to strict disciplinary action, as it is a violation of the Integrity Policy of Genpact.

Who we may share your personal data with

  • The personal data Genpact collects from you is stored in one or more databases hosted by third parties. These third parties do not use or have access to your personal data for any purpose other than cloud storage and retrieval. On occasion, Genpact engages third parties (Tele-nurture vendors) to respond to any queries raised by you or to establish business communications including marketing communication to prospective customers or to carry out surveys (third party survey vendors) and to facilitate your travel and accommodation (travel, lodging and immigration vendors). For information on the third party vendors partnered with Genpact, please visit https://www.genpact.com/downloadable-content/genpact-list-of-associated-partners-and-suppliers.pdf.
  • Genpact has offices and operations in a number of international locations and we share information between our group companies for business and administrative purposes. Please visit https://www.genpact.com/about-us/regions to see a list of the locations within our corporate group.
  • Where required or permitted by law, information may be provided to others, such as but not limited to regulators, under legal process, enforceable government directives.
  • From time to time, Genpact may consider corporate transactions such as a merger, acquisition, reorganization, asset sale, or similar. In these instances, we may transfer or allow access to information to enable the assessment and undertaking of that transaction. If we buy or sell any business or assets, personal data may be transferred to third parties involved in the transaction. In these instances Genpact will continue to ensure your personal data is protected and private, and Genpact will give any impacted data subjects notice before any personal data is transferred or subject to a different privacy policy.

International and group company transfers of personal data
We are part of an international group of companies and, as such, transfer personal data concerning you to countries outside the European Union (EU). Please visit https://www.genpact.com/about-us/regions to see a list of the locations within our corporate group.

We transfer personal data between our group companies and data centers for the purposes described above. We may also transfer personal data to our third party suppliers outside of the EU as described above.
Your personal data may be stored in databases located outside of the EU including in India. The database is controlled by our administrative staff located outside of the EU including in India and can be accessed electronically.

Where we transfer personal data outside of EU, we either transfer personal data to countries that provide an adequate level of protection as determined by the European Commission or we have appropriate safeguards in place. Appropriate safeguards to cover these transfers are in the form of standard contractual/data protection clauses adopted by the European Commission. Please visit http://eurlex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2010:039:0005:0018:EN:PDF to know more about standard contractual/data protection clauses.

Where we transfer personal data between our group companies we have covered these transfers by entering into standard contractual clauses adopted by the European Commission. If you would like more information on the any of the data transfer mechanisms on which we rely please contact our Data Protection Officer, details available in the contact section below.

Data Storage and Retention
Genpact shall retain your personal data pursuant to the business purposes and in line with our retention policies. We will only keep your personal data for as long as is reasonably necessary taking into consideration our purposes outlined above or to comply with legal, accounting or reporting requirements under applicable law(s). 

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of personal data, the purposes for which we process the personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

For more information on where and how long your personal data is stored, and for more information on your rights of erasure and portability, please contact our Data Protection Officer, details available in the contact section below.

Existence of Automated Profiling
Genpact uses automated profiling in limited circumstances relating to email campaigns. As part of our email campaigns, we track when you receive, open, click a link, or share an e-mail you receive from Genpact using a Genpact managed automated solution. The automated solution profiles the information tracked to evaluate your interest in Genpact’s service offerings and/or promotions. This enables us to identify and target potential customers and/or business partners and aims to provide you with relevant and timely content based on your indicated interests.

Data Subject rights
You may have certain rights relating to your personal data provided under the GDPR. These include the right to:

  • Request access to your personal data and request details of the processing activities conducted by Genpact.
  • Request that your personal data is rectified if it is inaccurate or incomplete
  • Request erasure of your personal data in certain circumstances.
  • Request restriction of the processing of your personal data in certain circumstances.
  • Object to the processing of your personal data in certain circumstances.
  • Receive your personal data provided to us as a controller in a structured, commonly used and machine-readable format in certain circumstances.
  • Object to, and not to be subject to a decision based solely on, automated processing (including profiling), which produces legal effects or significantly affects you.
  • Withdraw your consent provided at any time by contacting us.

To exercise the rights outlined above in respect of your personal data you may submit a data subject request on Genpact’s portal - https://app-eu.onetrust.com/app/#/webform/6f529743-657b-472f-9f18-b4a49d9cd6a2. For issues accessing Genpact’s portal, you may also write to us at DPO.Genpact@Genpact.com.

Contact us
If you have any questions or concerns as to how your data is being processed, you can contact our Data Protection Officer by writing to DPO.Genpact@Genpact.com or submit a data subject request on our portal - https://app-eu.onetrust.com/app/#/webform/6f529743-657b-472f-9f18-b4a49d9cd6a2.

Complaints 
In the first instance, please contact us with concerns you may have. Data protection laws such as the GDPR gives you the right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws has occurred.

Changes to our customer’s privacy notice
This Customer’s Privacy Notice was last updated in October 2019 and Genpact will notify you of changes we may make to this privacy notice where required, however we would recommend that you look back at this notice from time to time to check for any updates.