TataWorld Privacy Policy and Legal Disclaimer

Your privacy is important to us. Tata Sons Private Limited (“Tata Sons” or “we”) takes the privacy of your information seriously. This privacy statement explains what personal data we collect from you, through our interactions with you on this intranet, and how we use that data.

This privacy statement applies to the main intranet www.tataworld.com, as well as in the sites.tataworld.com sub-domain (sometimes called “microsites”). Please note that this intranet may include links to websites of third parties whose privacy practices differ from those of Tata Sons. If you provide personal data to any of those websites, then your data is governed by their privacy statements.

1. Definitions

In this privacy policy, the following definitions are used:

Data	includes information that you submit to Tata Sons via the Intranet, and information which is accessed by Tata Sons pursuant to your visit to the Intranet.
Cookies	A cookie is a small piece of data sent from a website and stored in your web browser while you are browsing. The cookie allows the website to “remember” your actions or preference for a certain period of time.
Data Protection Laws	Any applicable law relating to the processing of personal data, including the GDPR and the Information Technology Act, 2000, as amended;
GDPR	The General Data Protection Regulation (EU) 2016/679;
Tata Sons or us	Tata Sons Private Limited, a company incorporated in India whose registered office is at Bombay House, 24 Homi Mody Street, Mumbai, India, 400001;
User or you	The natural person who accesses the Intranet;
Intranet	The intranet that you are currently using, www.tataworld.com, and any sub-domains of this site, unless excluded by their own terms.

2. Scope

Tata Sons collects data to operate this intranet. You provide some of this data directly, such as when you submit the registration form or feedback form or participate in the TataWorld activities and contests.

You can make choices about our collection and use of your data. For example, you may want to access, edit or remove the personal information in the Intranet or, change your password, or close your account. When you are asked to provide personal data, you may decline.

3. Data Collected

We may collect information or pieces of information that could allow you to be identified, including:

Contact information: We collect first and last name, email address, postal address, country, employer, phone number and other similar contact data;
profession and job title, employees’ data for group’s internal job opportunities; and
postcode or country.

4. How we Collect Data

We collect Data in the following ways:

data is given to us by you; and
data is collected automatically pursuant to your visit to the Intranet.

5. Data shared by You

Tata Sons may collect your Data in several ways from your use of this Intranet. For instance:

when you contact us through the Intranet;
when you register with us to access the intranet, receive our products, services and/or newsletters;
when you complete surveys conducted by or for us;
when you enter a competition or promotion;
when you elect to receive any communications (including any newsletter, promotional offers) from us;
from the information gathered by your visit to our webpages;
information provided by you (such as for subscribing to our newsletters, submission of job application).

6. Data that is Collected Automatically

We automatically collect some information about your visit to the Intranet. This information helps us to make improvements to Intranet content and navigation and includes your company’s intranet IP address (if you are coming through single sign on) and the way you use and interact with its content.

Our web servers or affiliates who provide analytics and performance enhancement services collect IP address, operating system details, browsing details, device details and language settings. This information is aggregated to measure the number of visits, average time spent on the site, pages viewed and similar information. Tata Sons uses this information to measure the site usage, improve content and to ensure safety and security, as well enhance performance of the Intranet.
We may collect your Data automatically via Cookies, in line with the cookie settings on your browser. For more information about Cookies, please see the section below, titled “Cookies”.

7. Our Use of Your Data

Any or all the above Data may be required by us from time to time to provide information relating to Tata Sons and its group entities and to work on the experience when using our Intranet. Specifically, Data may be used by us for the following reasons:

improvement of our products or services, as well as of our group entities;
to show search results when you use the 'search your colleague' function;
transmission by email or any other form of communication of marketing materials to you;
contact for survey or feedback which may be done using email or mail;
to enable our group entities to reach out to you in relation to their programs managed by them / products or services offered by them;
to process your requests (such as replying to your queries); and
to execute other activities such as marketing campaign, promotional communications for which consent is taken appropriately.

We may use your Data for the above purposes if we deem it necessary to do so for our legitimate interests. If you are not satisfied with this, you have the right to object in certain circumstances (see the section headed "Your rights" below).

8. Who we share Data with

We may share your personal Data with:

Tata Sons-controlled affiliates and subsidiaries and other entities within the Tata group of companies, to assist them to reach out to you in relation to their programs or campaigns (including marketing and sales) and to process your query / requests (such as job application);
our employees, vendors, agents and professional advisors working on our behalf for the purposes described in this policy statement; and
service-providers who assist in protecting and securing our systems and provide services to us which require the processing of personal data, such as to host your information or to process your information for data profiling and user analysis.

We usually do not share other personal Data collected from the Intranet with other third parties. However, this may happen if:

You request or authorize us to do so;
We need to comply with applicable law or respond to valid legal process; or
We need to operate and maintain the security of this intranet, including preventing or stopping an attack on our computer systems or networks.

9. Your data accessed by users

Tagging: users can tag you wherever there is a comment box provided on the intranet.

Search a colleague: users can type your name in this search box and the intranet will throw up results of all those with a similar name.
Share: users can share content on the intranet by tagging you through your name/ email ID.
Like: users can like a post uploaded by you on the intranet.

10. Keeping Data secure

We will use technical and organisational measures to safeguard your Data and we store your Data on secure servers.

Technical and organisational measures include measures to deal with any suspected data breach. If you suspect any misuse or loss or unauthorised access to your Data, please let us know immediately by contacting us at tataworld@tata.com

11. Retention of Personal Data

Tata Sons retains personal Data for as long as necessary to provide the access to and use of the intranet, or for other essential purposes such as complying with our legal obligations, resolving disputes and enforcing our agreements. Because these needs can vary for different data types and purposes, actual retention periods can vary significantly.

Even if we delete your Data, it may persist on backup or archival media for audit, legal, tax or regulatory purposes.

12. Your Rights

When we process Data about you, we do so with your one-time consent and/or as necessary to provide the intranet you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfil other legitimate interests of Tata Sons as described in this privacy statement.

Below, you will find additional privacy information that you may find important. Tata Sons adheres to applicable data protection laws in the European Economic Area, which if applicable includes the following rights in relation to your Data:

Right to access - the right to request
- copies of the information we hold about you at any time, or
- that we modify, update or delete such information.

If we provide you with access to the information we hold about you, we will not charge you for this, unless your request is manifestly unfounded or excessive. Where we are legally permitted to do so, we may refuse your request. If we refuse your request, we will tell you the reasons why.

Right to correct - the right to have your Data rectified if it is inaccurate or incomplete.
Right to erase - the right to request that we delete or remove your Data from our systems.
Right to restrict our use of your Data - the right to limit the way in which we can use it. We may not be able to block Google from tracking user behaviour as well as some demographic data, including Age and Geography.
Right to data portability - the right to request that we move, copy or transfer your Data.
Right to opt out - the right to opt out from our use of your Data to third party sites as defined in Point no. 8. To opt out please visit https://www.tataworld.com/profile/edit. For information about managing your contact data, email subscriptions and promotional communications, please submit a request to us on tataworld@tata.com

It is important that the Data we hold about you is accurate and current. Please keep us informed if your Data changes during the period for which we hold it.

13. Security of Personal Data

Tata Sons is committed to protecting the security of your Data. We use a variety of security technologies and procedures to help protect your personal data from unauthorized access, use or disclosure.

14. Where We Store and Process Personal Data

Personal data collected by Tata Sons may be stored and processed in your region, in India, and in any other country where Tata Sons or its affiliates, subsidiaries or service providers operate facilities. The storage location(s) are chosen to operate efficiently. We take steps to ensure that the Data we collect under this privacy statement is processed according to the provisions of this statement and the requirements of applicable law wherever the data is located.

Data which we collect from you may be stored and processed in and transferred to countries outside of the European Economic Area (EEA). We also share information with our group companies which are located outside the EEA. Transfer of Data will be in compliance with applicable laws.]

To ensure that your Data receives an adequate level of protection, we have put in place appropriate safeguards and procedures with the third parties we share your Data with. This ensures your Data is treated by those third parties in a way that is consistent with the Data Protection Laws.

15. Links to other websites

This Intranet may, from time to time, provide links to other websites. We have no control over such websites and are not responsible for the content of these websites. This privacy policy does not extend to your use of such websites. You are advised to read the privacy policy or statement of other websites prior to using them.

16. Cookies

This Intranet may place and access certain Cookies on your computer. Tata Sons uses Cookies to improve your experience of using the Intranet.

This Intranet may place the following Cookies:

Type of Cookie	Purpose
ASPXAUTH cookie	Used to determine if a user is authenticated.
ASP.Net_SessionId	A cookie which is used to identify the users session on the server. The session being an area on the server which can be used to store data in between http requests.
ga (Google analytics):	This is a third party cookie that tracks users to the intranet. Expiration Time: 2 years
gat (Google analytics):	This is a third-party cookie used to create and retrieve tracker objects, from which all other methods are invoked. Used to throttle request rate. Expiration Time: 10 minutes.
_gid (Google analytics):	This is a third party cookie used to distinguish users. Expiration Time:24 hours

17. You can choose to enable or disable Cookies in your internet browser. By default, most internet browsers accept Cookies, but this can be changed. For further details, please consult the help menu in your internet browser. On doing so, the intranet will stop functioning.

18. You can choose to delete Cookies at any time; however, you may lose any information that enables you to access the Intranet more quickly and efficiently including, but not limited to, personalisation settings. On deleting ASPXAUTH cookie and ASP.Net_SessionId your session will expire and you will be required to relogin

19. It is recommended that you ensure that your internet browser is up-to-date and that you consult the help and guidance provided by the developer of your internet browser if you are unsure about adjusting your privacy settings.

20. General

If any court or competent authority finds that any provision of this privacy policy (or part of any provision) is invalid, illegal or unenforceable, that provision or part-provision will, to the extent required, be deemed to be deleted, and the validity and enforceability of the other provisions of this privacy policy will not be affected.

21. Changes to this Privacy Statement

Tata Sons reserves the right to change this privacy statement as it may deem necessary from time to time or as may be required by law. Any changes will be immediately posted on the Intranet and you are deemed to have accepted the terms of the privacy statement on your first use of the Intranet following the alterations.

You may contact Tata Sons through tataworld@tata.com