Your privacy is important to us and we believe it is important for you to know what personal data we, Tata Consultancy Services Limited and our Affiliates ("TCS" or "we"), collect from you or your employer/organization and third parties, why we collect it, how we use it and what rights you might be entitled to as a data subject or consumer.
Please note: all information in this privacy notice is applicable to you unless otherwise indicated based on your residency status. For the additional terms which may be applicable to you based on your residency status, please refer to your country-specific terms at the end of this notice. In this notice, the term "personal data" is used to represent any information relating to an identified or identifiable person; country-specific notices might adopt a different terminology.
TCS is a "data controller" for the scope and context set in this document.
To the extent of this notice, TCS as a "data controller" is responsible to determine the purpose for which and the means by your personal data is processed. "Affiliate" means an entity that owns or controls, is owned or controlled by or is under common control or ownership with TCS where control is defined as the possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of an entity, whether through ownership of voting securities, by contract or otherwise.
This notice is meant for visitors to this website, customer users of TCS products/services which are accessible to you as per the contract which your employer/organization has concluded with TCS.
It is important that you read this notice, the regional notice (as available at https://www.tcs.com/who-we-are/legal/tcs-privacy-notice) that applies to you, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal data about you, so that you are aware of how and why we are processing such personal data.
We encourage you to read this notice, together with any additional and more specific information we may provide to you on various occasions when we are collecting or processing personal data on TCS websites, products or applications, events, and initiatives so that you are aware of how and the purpose for which we are processing your personal data. (Please note: We issue a different privacy notice which applies where there is an employment relationship between TCS and its employees.)
TCS follows the data protection principles outlined in relevant Data Protection Law in the processing of your personal data. This means that the personal data we hold about you is:
Our web servers or third parties who provide analytics and performance enhancement services may collect:
These information are aggregated along with user engagement data about events generated when interacting with TCS web application to measure the number of visits/logins, average time spent on the web application, error messages and general usage data to identify user metrics such as latency and feature engagement and similar information. TCS uses this information to measure the web application/service usage, improve the TCS web application/service and to ensure safety and security as well as enhance performance and user experience of the TCS web application/service.
Your personal data is collected from you or your employer/organization through the Contract we signed with your organization/Direct registration in the application/ Single Sign on Authentication (Active Directory)/Contacts through Marketing Activities
We may also obtain data from third parties including:
TCS uses cookies (small text files placed on your device) and similar technologies to facilitate proper functioning of our websites and to help collect data: [please read here our full cookie policy]. Please note that our websites may include links to websites of third parties whose privacy practices differ from those of TCS; if you provide personal data to any of those websites, your data is governed by their privacy statements.
How we will use your personal data
If you contact us with technical queries, we need your name and email id to identify the subscription to which you are contracted for.
If you contact us with queries, requests for more information about initiatives or products or other generic support inquiries, we may need to process personal data about you such as:
If you sign up to receive marketing communications from TCS we may send these by email, post, telephone or any other means of communication. For information about managing your contact data, you may reach out to the contact details provided in the event privacy notice or in the emails you receive, or you may use the contact us form on the website where you had given your personal data.
TCS frequently organizes events and initiatives, either free to join or by invitation only; in these cases, this privacy notice applies to both participants and speakers, together with any other supplementary information that is provided in relation with each event. To allow participants to join the events (including communications pre and post event), we are required to collect and process a limited amount of information, such as
Where a hospitality service is provided, we may also collect, store and process "special categories" of more sensitive personal data, such as information regarding any dietary requirements or personal disabilities. This will be done only and to the extent permitted by the law. Events might be recorded hence pictures and video of you may be collected too; in such case, you will be informed via a specific notice at the location of recording. This material can be used later by TCS for further compatible purposes if you don't object to it. In the course of these events we may collect your personal data and contact you again in order to receive feedback and provide further commercial information about TCS; this will be done with your consent, when necessary.
TCS has a strong legitimate interest in promoting its brand, products, initiatives and values. In order to further such goals, we process personal data about our business contacts including existing and potential TCS clients, third parties and intermediaries TCS interacts with in the course of doing business. TCS may collect details about you including name, contact details and other information such as your job title, employer, areas of business interest and other business details. We may process such data using software or platforms which allow us to manage our client relationships. We collect such data directly or indirectly from you, or from third parties, such as business partners, data brokers, social networks, marketing companies, and publicly available sources such as social media sites where lawful to do so. In such cases, we will also comply with any additional restrictions imposed by the region in which your data was collected as well as the source of the data. TCS may also collect data from our email and calendar systems concerning interactions between TCS associates and contacts or third parties.
Your data is used by us in part for administering, managing and developing our business and services; such as identifying existing and potential client business needs, analysing and evaluating the strength of our interactions with certain business contacts, performing analytics including to produce metrics such as relationship maps for our business leadership and limited profiling for the purposes of helping us to develop and offer appropriate products and services to existing and potential clients. Analytics may be performed by us using algorithms which help us analyze and rank interactions with you depending on interaction frequency and duration. We may also send you marketing communications and surveys to carry out market research or provide information to you about us and our services which we have reason to believe would be of interest to you in your professional capacity.
When reaching out to you, we may do so through different channels, such as email, phone calls, post or any other means of communication such as through social media sites such as LinkedIn. We will only send electronic marketing communications to business contacts in a business-to-business context, where we have your prior consent or where it is otherwise lawful to do so in the jurisdiction you are located in. You can opt-out from receiving such communications at any time using the contact us form on this website where you had given your personal data, writing to our Data Protection Officers or Head - Global Privacy Office (see section below) or by any other given method provided from time to time (for example: unsubscribe link included at the bottom of emails).
From time to time, we may use your name, quotes, pictures or videos to promote and amplify TCS' brand and activities. In any such case, you will receive appropriate additional information about the usage of your personal data.
Where TCS is in a contractual relationship with you (other than an employment relationship), your employer or your company, or is taking steps to enter into such a contractual relationship, we may need to process your personal data, usually limited to name, email id, and business contact details in order to enter into and/or fulfill the obligations arising from the same contract, such as providing you or your employer or company with the services you have requested or make use of the services that you or your employer or company are offering to us. We will also process such personal data for ancillary tasks related to our daily business activities, such as accounting, auditing, reporting (to regulators and authorities) and to comply with applicable regulations.
If you fail to provide personal data
If you fail to provide certain information when requested, we shall not be able to serve the purpose(s) for which we process your personal data, or we may be prevented from complying with our legal obligations also.
Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the lawful basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Do we need your consent?
In limited circumstances, we may approach you for your written consent to allow us to process certain personal data. If we do so, we will provide you with full details of the information that we would like and the reason we need it, so that you can carefully consider whether you wish to consent. You should be aware that it is not a condition of your contract with us that you agree to any request for consent from us.
Personal Data Sharing:
We may share your personal data with third parties, where required by law, where it is necessary for one of the activities mentioned above or where we have another legitimate legal basis in doing so. We require third parties to respect the security of your personal data and to process it in accordance with the law and our instructions.
For instance, we may share your data with Third party cloud service providers on which the application is hosted
Why might you share my personal data with third parties?
We may share your personal data with third parties where required by law, where it is necessary for one of the activities mentioned above or where we have another legitimate legal basis in doing so. We require third parties to respect the security of your data and to treat it in accordance with the law. Where required by the law, we will request your consent before transferring data to third parties which are not part of the TCS group of companies.
Which third-party service providers process my personal data?
"Third parties" includes third-party service providers (including contractors and designated agents) and other entities within our group. The following activities may be carried out by third-party service providers: hosting and other internet services, Ticket Management, data storage and analytics, marketing research and campaign management, event organizers and caterers. All our third-party service providers are required to take appropriate security measures to protect your personal data in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions and applicable law. We may also need to share your personal data with regulators or to otherwise comply with the law.
How secure is my information with third-party service providers and other entities?
All our third-party service providers and other entities in the group are required to take appropriate security measures to protect your personal data in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
When might you share my personal data with other entities in the group?
We may share your personal data with other entities in our group as part of our regular sales activities, for web application maintenance support and hosting of data.
What about other regulatory and/or government authorities?
We may disclose your personal data with regulatory and/or government authorities when asked and in order to comply with the applicable law(s).
Transferring personal data outside the country:
We may transfer the personal data we collect about you to one or more countries to provide you access to the TCS application and its associated services
We undertake all measures required to comply with cross-border personal data transfers, before transferring any of your personal data overseas. In case you want to know the complete list of data recipients, please contact Data Protection Authority DPO contact details mentioned in below section or tcs.cpo@tcs.com
How we will keep your information safe
We have put in place appropriate technical, organizational and security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
How long we will keep your information.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Details of retention periods for different aspects of your personal data are available in our retention policy upon request from our Data Protection Officers (see contact details below). To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymize your personal data so that it can no longer be associated with you, in which case we may use such information without further notice to you.
We have put in place appropriate technical, organizational and security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to TCS`s employees who have a business need to process your data. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data security breach and will notify, your employer/organization and any applicable regulator of a suspected breach where we are legally required to do so.
Your personal data will be retained for the period mentioned or agreed in the agreement with your employer/organization. If required by applicable Data Privacy Law which TCS is subject to, TCS could retain a copy of your personal data for the period specified by the Law. We guarantee that the security, privacy and confidentiality of the personal data retained shall have the same level of security as a personal data currently in use.
In some circumstances where TCS is a data controller, your rights are to:
If you want to exercise a data subject right please contact as per TCS contact details provided in the document below
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal data is not disclosed to any person who has no right to receive it.
In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact [us at details mentioned in below section Data Protection Authority DPO contact details for the respective country, where the notice is issued or the contact, which was provided in the consent form]. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
What policies are in place for reporting any incidents of data breaches?
We have put in place procedures to deal with any suspected/materialised personal data security breach and will carry out notifications regarding a suspected breach in accordance with the terms of our agreement with your employer/organization or as is required by applicable law.
You have been nominated by your employer/ organization (Data Controller) to access this application.
The collection and processing of your personal data by your employer/organization while using the application will be subject to the privacy notice published by your employer/organization, who will act as controller.
Your use of the application on behalf of your employer/organization constitutes instructions to TCS to process your personal data in accordance with the contractual agreement and Data Processing Agreement agreed with your employer/organization or as otherwise necessary to perform its obligations under the Data Protection Laws.
If you want to exercise a data subject right regarding your personal data collected by your employer/organization, please contact your employer/organization.
How to contact us
If you have any questions regarding this privacy notice, please direct it to the respective DPOs list or Head - Global Privacy Office of Tata Consultancy Services at tcs.cpo@tcs.com.
Data Protection Office
We have dedicated data protection office and have appointed data protection officers (DPO) to oversee compliance of TCS with applicable data protection laws and with this privacy notice. If you have any questions about this privacy notice or how we handle your personal data, please contact the respective DPO at details mentioned in below section as per your location:
Data Protection Officer for TCS Technology Solutions (TTS) DCETTSDPO@tcs.com |
Data Protection Officer for UK and Ireland DPO.uki@tcs.com |
Data Protection Officer for Continental Europe DPO.Europe@tcs.com |
Data Protection Officer for the United States: US.Privacy@tcs.com |
Data Protection Officer for Canada: Canada.Privacy@tcs.com |
Data Protection officer for Brazil: DPO.Brasil@tcs.com |
Data Protection Officer for LATAM DPO.LATAM@tcs.com |
Data Protection officer for APAC: DPO.APAC@tcs.com |
Data Protection officer for MEA Mea.privacy@tcs.com |
We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal data.