Supplemental Privacy Policy for India

If you are located in India, you have certain rights with respect to your personal information. The following is a summary of those rights and additional information applicable to our collection and use of your personal information. For clarity, this Supplemental Privacy Policy for India is in addition to, and not in lieu of, the information provided in our Privacy Policy.

India’s Information Technology Rules

We have adopted India’s Information Technology (Reasonable Security Practices and procedures and sensitive personal data or information) Rules, 2011 contained in the Information Technology Act, 2000 as amended by Information Technology (Amendment) Act of 2008 (the "IT Act"). These Information Technology Rules govern the way in which we collect, use, disclose, secure and dispose of personal information subject to the IT Act.

Sensitive Personal Information

Under the IT Act, sensitive information includes information about such things as an individual’s sexual orientation, health condition, medical records and medical history, password information, biometric information, and financial information associated with bank accounts or other payment methods. We only use sensitive information:

For the primary purpose for which it was obtained;
For a secondary purpose that is directly related to the primary purpose;
With your consent; or
Where required or authorized by law.

Summary of Uses and Disclosures of Personal Information

The following is a summary of the categories of personal information we collect, whether we collect the information about Visitors, Employees and Contractors, and/or Client, the purposes for which we collect the information, and the categories of third parties with whom we share personal information.

This is a summary of the categories of personal information we have collected and shared in the preceding 12 months.

Category of Information	About Whom We Collect This Information	Sources From Whom Information Was Collected	Purposes for Which Personal Information Is Collected	Categories of Third Parties With Whom We Share Personal Information
A. Identifying Information	Visitors Employees and Contractors Clients	You	Communicate with you Provide services to you Personalize your experience with us Provide customer service Maintain and secure your account with us Respond to your requests Respond to law enforcement requests or as required by law	Vendors that provide marketing and communication services Service providers Government or law enforcement agencies
	Employees and Contractors	You	Identify you, or validate or verify your identity	Companies with employment or engagement opportunities
	Employees and Contractors	You	Comply with legal requirements	Government agencies
	Employees and Contractors	Consumer Reporting Agencies	Pre-engagement screenings Obtain a consumer report	Companies with engagement or employment opportunities for you
	Employees and Contractors	You	Make payments to you	Banks and other financial institutions
B. Categories of Personal Information described in India’s IT Act, Information Technology Rule 3 Protected by Law Note: Some information may overlap other categories	Visitors Employees and Contractors Clients	You	Communicate with you Provide services to you Personalize your experience with us Provide customer service Maintain and secure your account with us	Vendors that assist with communications Service providers
	Employees and Contractors	Consumer Reporting Agencies	Pre-engagement screenings Obtain a consumer report	Companies with engagement or employment opportunities for you
	Employees and Contractors	You	Make payments to you	Banks and other financial institutions
	Employees and Contractors	You	Provide demographic information to your Client	Your Client
	Employees and Contractors	You	Comply with legal requirements	Government agencies
C. Characteristics and similar Information Protected by Law	Employees and Contractors	You	Comply with legal requirements Provide benefits to you	Government agencies Benefit providers
D. Commercial Information	Visitors Employees and Contractors Clients	You Cookies	Improve your experience on our Websites Provide services to you	Service Providers
E. Biometric Information	Fingerprints	You	As required for federal security clearance	Government agencies as required
F. Activity on our Websites	Visitors Employees and Contractors Clients	You Cookies	Manage your preferences Maintain and secure your account Improve your experience on our Websites Provide Services to you	Service providers
G. Geolocation Data	Visitors Employees and Contractors Clients	You Cookies	Manage your preferences Improve your experience on our Websites Provide Services to you Improve our processes	None
H. Sensory Data including audio, electronic, visual, thermal, olfactory or similar information	Visitors Employees and Contractors Clients	You	Telephone calls to customer support staff may be recorded for training and quality control	None
	Individuals who visit our offices	You	Audio/video monitoring of individuals who enter our offices	None
I. Professional or Employment Related Information	Employees and Contractors	You	Verify your qualifications for employment or engagement opportunities Provide opportunities for you to be employed or engage with clients Provide services to you	Companies with employment or engagement opportunities Service providers
	Employees and Contractors	Consumer Reporting Agencies	Pre-engagement screening Obtain a consumer report	Companies with engagement or employment opportunities for you
J. Education Information	Employees and Contractors	You	Verify your qualifications for employment or engagement opportunities Provide opportunities for you to be employed or engage with clients	Companies with employment or engagement opportunities Service providers

Reasonable Security Practices and Procedures

Pursuant to India’s IT Act, Information Technology Rule 8, India has determined that the International Organization for Standardization (ISO) demonstrates compliance with India’s reasonable security practices and procedures.

MBO Partners received the ISO 9001:2015 certification after demonstrated ability to meet customer, statutory, and regulatory standards. Therefore, our security practices and procedures are in full compliance with India’s laws.

Contact Details and Complaints

For any questions, concerns or complaints regarding a possible breach of your privacy by us, please contact our Data Protection Officer as follows:

By completing the Individual Data Request Form
By phone at 0011+1+703 793 6000
By mail to MBO Partners, Inc, Attention Data Protection Officer, 20405 Exchange Street, Suite 301, Ashburn VA 20147

We will treat each complaint confidentially. We will investigate each complaint and will contact the individual that submitted the complaint within a reasonable time period once the complaint is resolved (and in any event within any applicable time periods required by law).

Transfers of Personal Information

We may disclose your personal information to our affiliates, third party suppliers and service providers, and other third parties as described in our Privacy Policy and as authorized by India’s IT Act. Some of these entities may be located outside India, including in the United States, New Zealand, Singapore, Germany, Ireland, Australia, and the United Kingdom. We take reasonable steps to ensure that any entities located inside or outside India that receive your personal information from us ensure the same level of data protection that is adhered to by us and that such entities do not breach applicable privacy obligations.

Changes to This Supplemental Privacy Policy for India

We may update this Supplemental Privacy Policy for India from time to time. When we do update them, we will post a notice on our Websites, make the updated version of this Supplemental Privacy Policy for India available on this page, and indicate the date it was last updated above. For clarity, any updates will apply from the date they are posted. Please check back periodically to see if this Supplemental Privacy Policy for India has been updated.