GDPR ADDENDUM

Last updated:

August 09, 2022

This GDPR Addendum (“GDPR Addendum”) supplements the information contained in the Data Privacy Policy of White Crow Research Private Limited (“WhiteCrow / We / Our”) through the website ‘www.whitecrow.co’ (“Website”) featuring the portals ‘talent.whitecrow.co’ (“Talent Platform”) and ‘hire.whitecrow.co’ (“Talent Marketplace”) (Talent Platform and Talent Marketplace are collectively referred to as “Portals”) and applies to the data provided by:

(i) the candidate accessing/signing-up on the portal ‘talent.whitecrow.co’ / Talent Platform, with the intent to seek job opportunities (“Individual Candidate”); or

(ii) the client and/or the designated employees of such client, subscribing to the portal ‘hire.whitecrow.co’ / Talent Marketplace with the intent to search for appropriate talents from across the internet to suit an employer’s job profile requirements (“Subscribing Client”).

(Hereinafter, the Individual Candidate and the Subscribing Client are collectively referred to as “You / Your”).

It is to be noted that as this GDPR Addendum supplements the Data Privacy Policy, the capitalized terms unless defined herein shall have the same meaning assigned to them under the Terms and Conditions and the Data Privacy Policy.

WhiteCrow / Website may, from time to time, make changes/modifications to this GDPR Addendum, which shall come into effect automatically on the date of such changes/modifications, which shall be notified by posting on the Website.

  1. GDPR:

    Right to data is fundamental for every individual. With organizations across the world collecting customer data to enable them to provide services, it becomes important that the companies manage data in a transparent manner with the customer’s consent. 

    GDPR stands for “General Data Protection Regulation”. It establishes a new framework for handling and protecting the personal data of EU-based residents. It provides the citizens of the EU greater control over their personal data and assurance that their information is being securely protected across Europe.

    Although GDPR is a data protection framework for the citizens residing in the EU, it also applies to all companies that handle personal data of individuals from the EU. Also, in the event of an infringement of these laws, the infringing party can face fines and penalties ranging from 10 million to 20 million or 2% to 4% of the annual revenue of the defaulting company/organization depending upon whichever is higher.

  2. WhiteCrow’s commitment to GDPR:

    WhiteCrow / Website controls and processes Your information once You access/sign-up/subscribe to WhiteCrow’s Services. At WhiteCrow, We have always implemented and practiced processes which ensure that Your data / customer data/ PII is stored and processed in ways only necessary to serve You / customers in the best possible way. Our policies are also streamlined with the GDPR goals and objectives.

  3. GDPR Readiness Initiatives on the Website and the Portals:

    On the Website and the Portals, We are committed to upholding the underlying principles of GDPR and below are some of the initiatives undertaken:

    Accountability

    There exists an established Data Privacy Policy created with the support from WhiteCrow’s leadership. Our leaders commit to support and provide guidelines for data protection compliance through a framework of standard policies and procedures.

    Your Personal Data with the Website

    The GDPR requires organizations to provide more information about the way in which an individual’s information is used. The Website and the Portals delivers on Your Data Privacy Policy objective by enabling comprehensive data flow and process maps for Your data which is updated from time to time and in sync with the GDPR guidelines. 

    Privacy by Design and Default

    From consent capture, data processing and data transfer, the data flow principles are made to be in line with the GDPR and instilled in the conception of this Website’s / Portals’ design.

    Individual Rights, Subject Access, and Communication

    The GDPR program thoroughly evaluates how WhiteCrow / Website, both as a data controller and a processor, is placed with its existing procedures for readiness to:

    • Provide rights of individuals under GDPR; and
    • Assist You in responding to data access requests from individuals.

    Data Transfer

    Data transfers shall take place in accordance with the Data Privacy Policy available on the Website. Please refer to Section 6, below, for details on transfer of data to third party.

  4. GDPR Compliance by WhiteCrow:

    • Clarity of information sharing with the users (i.e., You) of the Website / Portals.
    • Transparent demonstration of consent, storage and transfer of information.
    • Data accessibility for You with the ability to modify, remove or complexly deactivate at will.
    • Website’s / Portals’ Opt-out, email unsubscribe options for You at any time.
    • Opt-In and processing purposes are clearly shared with You.
  5. Your Rights Under GDPR:

    WhiteCrow / Website will always fully respect Your rights regarding the processing of Your personal data and Section 7, below, provides for the contact details, if You have any concerns or questions regarding the exercise of any rights You have under the GDPR. Listed below are the rights available to You under the GDPR:

    • The right to be informed;
    • The right of access;
    • The right to rectification;
    • The right to erasure;
    • The right to restrict processing;
    • The right to data portability;
    • The right to object; and
    • Rights related to automated decision making and profiling.
  6. Transfer to Third Parties:

    WhiteCrow / Website may share Your PII with third parties as mentioned in the Data Privacy Policy, who perform functions necessary for providing the Services on its behalf. Examples include analysing data and providing marketing assistance and customer service. The PII shall only be transferred to or processed by such third parties where their services are necessary to fulfil WhiteCrow’s obligation towards You with respect to providing the Services availed for on the Website / Portals.

    Your PII shall not be transferred to a country or territory outside the European Economic Area (EEA) unless the transfer is made to a country or territory recognised by the EU as having an adequate level of ‘Data Security’, or is made with the consent of the ‘Data Subject’, or is made to satisfy the legitimate interest of WhiteCrow in regard to the Agreement.

  7. Contact Information:

    If You have any questions or comments about this GDPR Addendum, the ways in which WhiteCrow / Website collects and uses Your personal information, Your choices and rights regarding such use or wish to exercise Your rights under GDPR, please do not hesitate to contact WhiteCrow at:

    • Email: gdpr@whitecrow.co
    • Contact at: +91-22-69229111