Chrysalis Privacy Policy < Chrysalis

Save butterflies, Switch to portrait mode.

  • Home
  • Chrysalis Privacy Policy

Chrysalis Privacy Policy

Introduction

Chrysalis HRD is committed to protecting the privacy and security of personal and business data of our clients, our people, our business associates and our stakeholders. Towards that end, this Privacy Policy outlines our practices regarding the collection, use, and disclosure of information in compliance with the General Data Protection Regulation (GDPR), and Digital Personal Data Protection Act (DPDP) 2023.

Important Definitions

The following are some important definitions for the purpose of this Privacy Policy:

  • “Privacy Policy” means the Chrysalis Privacy Policy which is the Privacy Policy of Chrysalis HRD Private Limited.
  • “Chrysalis” means Chrysalis HRD and its subsidiaries and affiliates (individually and/ or collectively).
  • “Third Party” means a service provider who associates with Chrysalis and is involved in handling, managing, storing, processing, protecting and transmitting information of Chrysalis. This definition also includes all sub-contractors, consultants and/or representatives of the Third Party.
  • The terms “We” / “Us” / “Our” individually and collectively refer to each entity being part of the definition of Chrysalis
  • The terms “You” /”Your” / “Yourself” refer to You who share Your personal or business data with Us.
  • “Parties” shall mean You and Us collectively.
  • “Personal information”, means any information that can be used by Us to uniquely identify, contact, or locate a person, or can be used with information available from other sources to uniquely identify an individual. For this Privacy Policy, sensitive personal data or information has been considered as a part of personal information.

1. Purpose

This Privacy Policy is a contract between You and Us whose website, email or any other digital media You may use or access or You may otherwise deal with, that concerns Us. This Privacy Policy shall be read together with the respective Terms of Use of Our website, email communications or any Digital Media used to disclose personal or business information.

Chrysalis has provided this Privacy Policy for the purpose of familiarizing You with the following:

  • Kinds of personal or business information/data that may be collected by Us
  • Measures taken by Us to ensure the privacy and security of business information/data collected by Us
  • The duration for which the business information/data may be retained by Us
  • How You may access and control the use of business information/data We collect from You
  • Your representations pertaining to the Personal Information shared with Us by You

2. Agreement on Collection of Personal and Business Information

The following are important points of agreement with respect to sharing Your Personal or Business Information with Us:

A. It is agreed between the Parties that Chrysalis, its associates and authorized third parties, if any, can collect information pertaining to Your identity, demographics, and related evidentiary documentation.

B. It is also agreed that We may also collect Your personal or business information when You use our services or websites or otherwise interact with us during the course of our relationship.

  • Personal information collected and held by us may include Your name, father’s name, mother’s name, spouse’s name, date of birth, current and previous addresses, telephone number, mobile phone number, email address, occupation and information contained in the documents used as proof of identity and proof of address. Chrysalis and its authorized third parties may collect, store, process Sensitive Personal Information. This information may be used to provide You with a better service experience along with evidentiary purposes.
  • Business information includes but is not limited to Your company’s name, Your job title, business address.

C. At any time while You are surfing Our website, if You do not wish to share surfing information, You may opt out of receiving the cookies from Our website by making appropriate changes to Your browser privacy settings. In case You do not provide Your information or consent for usage of personal information or later withdraw Your consent for usage of the personal information so collected, Chrysalis reserves the right to not provide the services or to withdraw the services for which the said information was sought.

3. Your Representation to Chrysalis on Personal and Business Information provided

You hereby represent to Chrysalis the following:

A. That the Information you provide to Chrysalis from time to time is and shall be authentic, correct, current and updated and You have all the rights, permissions and consents as may be required to provide such Information to Chrysalis.

B. That Your providing the Information to Chrysalis and Chrysalis’s consequent storage, collection, usage, transfer, access or processing of the same shall not be in violation of any third party agreement, laws, charter documents, judgments, orders and decrees.

C. That Chrysalis and each of Chrysalis entities officers, directors, contractors or agents shall not be responsible for the authenticity of the Information that You or any other user provide to Chrysalis. You shall indemnify and hold harmless Chrysalis and each of Chrysalis entities officers, directors, contracts or agents and any third party relying on the Information provided by You in the event You are in breach of this Privacy Policy including this provision and the immediately preceding provision above.

D. That We may enter into agreements with third parties (in or outside of India) to store or process Your information or data. These third parties may have their own security standards to safeguard Your information or data and We will on commercial reasonable basis require from such third parties to adopt reasonable security standards to safeguard Your information or data.

E. That You agree and acknowledge that You are providing your Information out of Your free will. You have an option not to provide or permit Chrysalis to collect Your Personal Information or later on withdraw.

4. Usage of Personal and Business Information

Chrysalis may collect Your personal information for a variety of regulatory and business purposes. These include, but are not limited to:

a. Verify Your identity

b. Communicate with You

c. Respond to Your request for any service or assistance.

d. Perform market analysis, research, business and operational analysis.

e. Provide, maintain and improve our products and services.

f. Anticipate and resolve issues and concerns with Our products and services.

g. Promote and market Our products and services which We consider may be of interest to You and may benefit You.

h. Ensure adherence to legal and regulatory requirements for prevention and detection of frauds and crimes.

i. Ensure data security and integrity.

5. Agreement on Utilization and Transfer of Personal and Business Information

The following are important points of agreement with respect to the Utilization and Transfer of Your Personal or Business Information by Us to Third Parties:

A. Internal Use: You hereby unconditionally agree and permit that We may utilize some or all available personal information for internal assessments, measures, operations and related activities.

B. Authorized Third Parties: You hereby unconditionally agree and permit that Chrysalis may at its discretion employ, contract or include Third Parties external to itself for strategic, tactical and operational purposes. Such agencies though external to Chrysalis, will always be entities which are covered by contractual agreements. These agreements in turn include Chrysalis’ guidelines to the management, treatment and secrecy of personal information. Please refer to Chrysalis Sub processors.

  • You hereby unconditionally agree and permit that We may transfer Your personal information or other information collected, stored, processed by us to any other entity or organization located in India or outside India only in case it is necessary for providing services to You or if You have consented (at the time of collection of information) to the same. This may also include sharing of aggregated information with them in order for them to understand our environment and consequently, provide You with better services. While sharing Your personal information with Third Parties, adequate measures shall be taken to ensure that reasonable security practices are followed at the Third Party.
  • You hereby unconditionally agree and permit that We may obtain Your consent for sharing your personal information in several ways, such as in writing, online, through “click-through” agreements; orally, including through interactive voice response; or when Your consent is part of the terms and conditions pursuant to which we provide you service. We, however, assure You that Chrysalis does not disclose your personal information to unaffiliated third parties which could lead to invasion of Your privacy.

C. Government Agencies: You hereby unconditionally agree and permit that We may also share Your personal information with Government agencies or other authorized law enforcement agencies (LEAs) mandated under law to obtain such information for verification of identity or for prevention, detection, investigation including but not limited to cyber incidents, prosecution, and punishment of offences.

6. Data Storage, Security Practices and Procedures

Our data storage, security practices and procedures ensure the following:

A. Data is stored on secure online servers hosted by reputed global companies. We implement robust security measures to protect data against unauthorized access, alteration, disclosure, or destruction.

B. Reasonable security practices and procedures are adopted by Us, in line with international standard, to include technical, operational, managerial and physical security controls in order to protect Your personal information from unauthorized access, or disclosure while it is under our control.

C. Our security practices and procedures limit access to personal information on need-only basis. Further, Our employees are bound by Code of Conduct and Confidentiality Policies which obligate them to protect the confidentiality of personal information.

D. Adequate steps are taken by Us to ensure that our third parties adopt a reasonable level of security practices and procedures to ensure security of personal information.

E. We may retain Your personal information for as long as required to provide You with services or if otherwise required under any law.

F. When We dispose of Your personal information, We use reasonable procedures to erase it or render it unreadable (for example, shredding documents and wiping electronic media).

Note: Please refer to the Chrysalis Sub processors.

7. General Data Protection Regulation (GDPR) Compliance

We collect, store and process Your personal information in compliance with GDPR requirements stated in Article-6 and Article-7 which are as follows:

A. Consent: When You have given clear consent for Us to process Your personal data as mentioned in Clause 2, Section B, Subsection a.

B. Contract: When processing is necessary for the performance of a contract.

C. Legal Obligation: When processing is necessary to comply with the law.

D. Legitimate Interests: When processing is necessary for Our legitimate interests, provided these are not overridden by Your rights.

E. Public Interests: When processing in necessary to perform a task carried out in the public interest or in the exercise of official authority vested in us, in accordance with applicable laws.

8. Your Rights as per Articles 12-23 of General Data Protection Regulation (GDPR)

Under GDPR, you have the following rights:

A. Right to access: You can request access to Your personal data.

B. Right to rectification: You can request correction of inaccurate data.

C. Right to erasure: You can request deletion of Your data.

D. Right to restrict processing: You can request restriction of data processing.

E. Right to data portability: You can request transfer of Your data to another service provider.

F. Right to object: You can object to data processing based on legitimate interests.

G. Right Not to be subjected to automated decision-making: If automated profiling is used, You must be informed and given the right to opt out.

9. Digital Personal Data Protection Act 2023 (DPDP) Compliance

We collect, store and process Your personal information in compliance with DPDP requirements by:

A. Obtaining consent from You, the data principal, before collecting Your personal data except in cases where processing is permitted by law.

B. Providing You with clear notice about Our data collection and processing practices.

C. Ensuring data minimization and accuracy and purpose limitation, so that only necessary data is collected and retained for as long as required.

D. Implementing measures for data security and confidentiality from unauthorizes access, breach or misuse.

E. Responding to the data principals’ (Your) requests for access, correction, and deletion of their data.

F. Limiting data sharing to authorized entities and ensuring compliance with cross-border transfer regulations.

10. Data Sharing and Disclosure

We do not share Your data or information with any third party except under the following conditions:

A. When required by the law.

B. With such service providers who assist in Our operations, under strict confidentiality agreements.

C. When You have given Us Your consent.

11. International Data Transfers

As a practice We usually ensure that Our data is hosted on secure online servers hosted by reputed global companies in India. However, if international data transfer is required, we will ensure that it is in compliance with applicable data protection laws including GDPR and DPDP 2023. We will use standard contractual clauses and other safeguards as required to protect data during transfer.

12. Internet Use

We maintain the security of our internet connections, however for reasons outside of Our control, security risks may still arise. Any personal information transmitted to us or from Our online products or services will therefore be your own risk. However, we will strive to ensure the security of your information. We observe reasonable security measures to protect Your personal information against hacking and virus dissemination.

13. Update of Personal Information

We strive to keep Our records updated with Your latest information. To this end, if You see any discrepancy in Your personal information or if a part of Your personal information changes, we request You to us at info@chrysalishrd.com and communicate the change(s) for updating Our records.

In case of non-compliance with the terms and conditions of privacy policy, Chrysalis reserves the right to remove Your non-compliant information from its systems. Further, depending on the seriousness of the non-compliance, we may choose to discontinue some or all of the services being provided to You by us.

14. Feedback and Concerns

We are committed to safeguard Your personal information collected and handled by Us and look forward to Your continued support for the same. In case of any feedback or concern regarding protection of Your personal information, you can contact us at info@chrysalishrd.com

We will strive to address Your feedback and concerns in a timely and effective manner.

15. Changes and Updates to the Privacy Policy

Chrysalis reserves the right to amend or modify this Privacy Policy from time to time, as and when the need arises, as per internal requirements or changes made to applicable laws. We will notify You of these changes by posting the revised policy on our website as and when changes are made. We request you to visit our website www.chrysalis.in periodically for contemporary information and changes.

Last Updated on: 26th February 2025.