Version 1.3 Effective Date: 1 October 2023
Datahash is a product of Datahash DMCC registered under – Dubai Multi Commodities Centre Authority (DMCCA), Registration Number DMCC179249, for the year 2019, License Number [DMCC-742963], Registered Office – Office 307, Fortune Tower, Cluster C, Jumeirah Lake Towers, Dubai (UAE), is committed to protecting and respecting your privacy.
Disclaimer:
- Datahash DMCC (hereinafter “Datahash”; “We” or “Us” which expression, unless repugnant to the context hereof, shall mean and include its successors, subsidiaries and assigns) is committed to conducting its business in a compliant manner while putting consumer privacy and compliance front-and-centre.
- This Privacy Policy describes Datahash privacy practices in relation to the use of the Datahash website (“Website”) and the related products, applications, and services (including support) offered by Datahash (the “Datahash Services”).
- In the policy, “You” or “Your” refers to:
- Individuals or entities who visit Datahash website and/or interact with Datahash online (“User/’Users”),
- Individuals or entities who register to use the Datahash Services (“Customers”), and
- Individuals or entities who provide information to Datahash to register for events (“Attendees”).
- The terms of this Policy apply to all individuals and entities to the extent it contains Your personal information as defined in the applicable laws and regulations.
- You should check back here periodically to see if the Privacy Policy has been updated as we will always show the date of the latest update of the Privacy Policy at the top of the page so you can tell when it was last revised.
Overview:
We keep Your personal information private and believe privacy is a fundamental human right. We are committed to providing you with products, information, controls, and transparency that allow You to choose how Your information is collected and used. This is especially important as technology progresses and privacy laws evolve. Datahash believes privacy is a fundamental human right. We are committed to providing you with products, information, and controls that allow you to choose how information is processed, collected, and used. Protecting your information is our highest priority.
What Information do we collect or maintain?
We collect two types of information: personally-identifiable and non-personally identifiable to operate effectively. We may use the aforementioned types of information to create aggregate information (collectively referred to as “automated information”). The information can be categorized as below:
- Information provided deliberately: This includes Your name, email address, phone number, and other contact information, provided by You to Us consensually through the following means.
- Registrations for/from webinars, webcasts, podcasts, seminars, conferences, etc., sponsored by Us or a partner.
- Subscription to Our blog, newsletters, whitepapers, eBooks, or other related content.
- Information submitted through purchases, demo request, support request, contact request, sales or pricing query, or free-trial signups of Our Products or Services (either on Your own or on behalf of Your company).
- Your inquiries sent by email to our registered email id.
- The Information You submit through any other Datahash web forms and website pages.
Additionally, please note that the sign-up to receive our content, newsletters, invitations, and other information takes place in a so-called double opt-in procedure, i.e., after signing up, You will receive an email in which You will be asked to confirm Your registration. The registration data is logged to be able to verify the registration. This includes Your name, email address, the time of registration and confirmation, and Your IP address. - Information collected automatically: When You use the Website we want to understand what services on our site interest you and we want to remind you about the services we offer when you are not on Website. In order to do this, We automatically collect Your IP address, traffic source, search keywords, page views, visits, location (aggregated), browser and operating systems (aggregated), device (aggregated), as well as other connection information like time and transferred information (collectively referred to as “Automated Information”).
Information Sharing
We will use personal data only to provide the services agreed upon, and for purposes compatible with providing those services. We do not use personal data or derive information from it for advertising.
Rights extended to you
Your personal data belongs to You. Any individual or entity whose information is available with Us is entitled to the following rights:
Datahash provides Rights to Object that provides You with the right to object at any time to our processing of personal information concerning you. For example, if you have requested to receive information from us, e.g., newsletters, but do not wish to receive further information, you can easily opt-out of receiving further information from us.
Datahash provides Right to be forgotten that provides You the right to have your information deleted.
Datahash provides Right to be informed that provides You the right to know what data is being collected, how it’s being used, how long it will be kept and whether it will be shared with any third parties.
Datahash provides Right to rectification that provides You the right to correct data that is inaccurate or incomplete.
Datahash provides Right to portability that provides You the right request Datahash to transfers any data that it holds on You to another company.
Datahash provides Right to access that provides You the right to request a copy of the information that We hold on You.
Security measures adopted by us:
- Datahash's periodic reviews are planned on intervals or after significant changes, policies, standards, and procedures are reviewed to ensure continuing suitability, adequacy, and effectiveness to meet the organization’s applicable statutory, regulatory and contractual needs.
- We provide oversight of privacy control throughout the lifecycle of systems, applications, and services to ensure that in a timely manner, senior leaders with the organization are made aware of privacy-related risks that are not appropriately remedied.
- Datahash Management oversees the execution of privacy controls with appropriate evidence of due care and due diligence, demonstrating compliance with all applicable statutory, regulatory, and contractual obligations, including age-based restrictions.
- We classify data according to the sensitivity and type of personal data as defined by appropriate statutory, regulatory, and contractual contexts.
- We identify and plan for resources needed to operate a privacy program and include privacy requirements in solicitations for technology solutions and services.
- We have established a robust privacy program that includes awareness and training programs for all the workforce members. Mandatory Privacy & Security Awareness training is provided to all workforce members on an annual basis. Workforce members who access any system for processing, storing, or transmitting personal information or sensitive information are formally trained in data handling requirements prior to being authorized to access the system.
- At Datahash, You are directly involved in the decision-making process regarding the fair and lawful processing of Your personal data and, to the extent practicable, directly-engaged to receive explicit permission to use Your personal data. We provide clear and conspicuous choices that enable You, or a person authorized by You, to permit or prohibit the collection, creation, use, dissemination, maintenance, retention, and/or disclosure of Your personal data.
- We take initial consent, prior to the collection, creation, use, dissemination, maintenance, retention, and/or disclosure of the individual’s personal data. We do not “sell” our customers’ personal information to anyone, meaning that we also do not rent, disclose, release, transfer, make available or otherwise communicate that personal information to a third party for monetary or other valuable consideration.
- We ensure that the design of information collection is consistent with the intended use of the information, and the need for new information is balanced against any privacy risks. Also, we take steps to minimize the collection, creation, use, dissemination, maintenance, retention, and/or disclosure of the individual’s personal data to what is directly relevant and necessary to accomplish a legally authorized purpose.
- We provide a transparent notice to the public about privacy practices through a clear and conspicuous notice on all organizational websites, mobile applications, and other digital services regarding the collection, creation, use, dissemination, maintenance, retention, and/or disclosure of personal data.
- We limit the collection, creation, use, dissemination, maintenance, retention, and/or disclosure of personal data to that which is legally authorized, relevant, and deemed “reasonably necessary” for the proper performance of business functions. We ensure that all records containing personal data are maintained in accordance with the organization’s records retention schedule and comply with applicable statutory, regulatory, and contractual obligations.
- We make sure of Secure Destruction of Personal Information and Utilize secure methods to dispose of or destroy, both physical and digital media, that contains personal data. We restrict the location of processing, storage and service locations to comply with the privacy notice, as well as applicable statutory, regulatory and contractual obligations. Datahash has taken all the necessary and appropriate steps to protect and respect data subject rights and personal information.
- We keep accurate information held in each system of records under its control including date, nature, and purpose of information of record, name, and address of the person or agency to which the disclosure was made. Retaining the accounting of disclosures for the life of the record or as per applicable data protection laws. And makes the accounting of disclosures available to the person named in the record upon request by the data protection authority or applicable.
- We maintain quality assurances throughout the information lifecycle with such accuracy, relevance, timeliness, and completeness as is reasonably necessary to ensure fairness to the individual. Also, we Identify and correct flaws related to personal data as it is collected, created, used, disseminated, maintained, retained, and/or disclosed.
- We maintain a capability to receive and respond to privacy-related requests, complaints, concerns, or questions from individuals. We may request specific information from you to help us confirm your identity and process your request. We Provide individuals with appropriate opportunities to correct or amend their personal data.
- We will notify affected individuals when their personal data is corrected or amended. Also, We provide individuals with appropriate opportunity to request the deletion of personal data where it is used, disseminated, maintained, retained, and/or disclosed, including where the personal data is stored or processed by third-parties.
- We have top-down governance and security in our DNA that lets us constantly wade through our threat vectors and calibrate to strengthen our security posture. That way, we align with the changing business and technology landscape. We Incorporate privacy requirements into enterprise architecture to ensure that risk is addressed so that the systems, applications, and services achieve the necessary levels of trustworthiness, protection, and resilience.
- We Ensure that personal data is encrypted both at rest and in transit, physical security, and environmental controls to provide appropriate protection for environments where personal data is stored, transmitted, and/or processed.
- We Upgrade, replace, or retire any system, application or service for which appropriate protections, commensurate with risk, cannot be effectively implemented.
- We Implement personnel management practices, covering employees, contractors, and other entities, that ensure appropriate vetting and clearance to systems, applications, and/or services that contain, store or transmit personal data. We require our employees and contractors to read and agree to abide by the organization’s rules of behavior, prior to being granted access to systems, applications, and/or services that store, transmit or process personal data.
- We have a Disciplinary Policy for sanctioning personnel who fail to comply with established security & privacy policies, standards, and procedures of the organization. We develop and enforce privacy competency requirements for staff members involved in the acquisition, management, maintenance, and use of information resources, to ensure they have the appropriate knowledge and skill.
- We have a Notification Plan where any security incident or data breaches are reported with any undue delay.
- We have a Risk Management Program in place, which includes but not limited to Risk assessment, Risk treatment, Business Impact Analysis, Privacy Impact Assessment, etc. We conduct an annual assessment of risk that includes the likelihood and magnitude of the harm, from unauthorized access, use, disclosure, disruption, modification, or destruction of the information systems and information. We maintain a current and accurate register of risk. We Assess supply chain risks associated with systems, system components, and services for privacy implications.
- We enter into a contractual agreement with all of our vendors/service providers and the confidentiality clause is an essential part of such agreements. Further, wherever any personal information is involved, we sign a data protection agreement with our vendors/service providers to ensure that roles and responsibilities with respect to personal information are clearly defined. Datahash hasWe have a process and plan in place for conducting security and privacy training, assessment, monitoring activities associated with the organizational systems, and compliance with all applicable statutory, regulatory, and contractual obligations. We don’t provide any personal information accessible to any third parties or vendors. without Your consent.
How to contact us:
We regularly review our compliance with this Privacy Policy. Questions, comments and requests regarding this Privacy Policy are welcomed and should be addressed in the first instance by mail to Datahash DMCC Registered Office - Office 307, Fortune Tower, Cluster C, Jumeirah Lake Towers, Dubai (UAE) or email us at privacy@datahash.com .
We respect our Users and Customers & respect their privacy.
Our time-tested approach to privacy is grounded in our commitment to give you control over the collection, use, and distribution of your customer data. We are transparent about the specific policies, operational practices, and technologies that help ensure the privacy of your data in our Services. We put our commitment in writing and detail out Datahash data protection policies and practices in a clear & straightforward language.
As mentioned above in our beliefs, we are committed to the privacy and data protection of individuals and customers. This is especially important as technology progresses and privacy laws evolve.
We believe these ideas are inseparable. Together, they represent a single, core belief that has influenced everything we’ve made since day one and everything we’ll make moving forward. When people use our products they trust us with their information, and it’s our job to do right by them. This means always being thoughtful about what information we use, how we use it, and how we protect it.
Previous Versions:
Privacy v1.1 – 27 Mar 2021 – 17 Apr 2023
Privacy v1.2 – 18 Apr 2023 – 30 Sep 2023