Privacy Notice

C5i PRIVACY NOTICE OBJECTIVE

This privacy notice will tell you about what we collect and do with your personal information when you visit the C5i website or interact with us for various services or fill in your personal information to contact us or want to access our services where we process your personal information.

C5i is a global analytics provider that drives digital transformation through analytics, insights, and Artificial Intelligence (AI). Course5 Intelligence helps businesses make the most effective strategic and tactical moves relating to their customers, markets, and competition. Course5 Intelligence leverages rapid advances in Artificial Intelligence and Machine Learning to create disruptive technologies and accelerators for analytics, digital, and research solutions that provide significant and long-term value to their clients.

CONTROLLER’S CONTACT DETAILS

C5i is the controller for the personal information we collect and process. If you want to exercise your privacy rights and know about what information we hold about you.

You can contact us via E-mail and post at the below details:

C5i OFFICE ADDRESS:

Course5 Intelligence,

Unit No. 103 & 104, 1st Floor, Building C4-Ladybird, Brigade Tech Gardens SEZ, Brookefield, ITPL Main Rd, Kundalahalli, Bengaluru, Karnataka 560037.

Dataprotectionofficer@c5i.ai

HOW DO WE GET PERSONAL INFORMATION?

Most of the personal information we process is provided to us directly by you for one of the following reasons:

If it is not disproportionate or prejudicial, we’ll contact you to let you know we are processing your personal information.

HOW WE COLLECT PERSONAL DATA

C5i collects personal data directly from you via online forms or when you contact C5i and we also collect personal data from third parties, and we process that personal data on behalf of the Data controller.

The data we collect includes:

PURPOSE FOR COLLECTING PERSONAL DATA

The personal information we collected would be used for the following purposes:

REASONS WE MAY SHARE YOUR PERSONAL DATA

We may share your personal data:

HOW TO CONTROL AND ACCESS YOUR PERSONAL DATA

You can access and control the personal data that C5i holds from you by contacting or submitting a Data Subject Access Request (DSAR) form to C5i:

OUR PRIVACY PRINCIPLES

We operate in multiple jurisdictions and to maintain global privacy posture and maximum legal compliance we have our privacy principles based on OECD guidelines, which also serve as founding principles for laws including but not limited to EU GDPR, KSA PDPL, Indian DPDP, UK DPA2018, CCPA, and various US state privacy policies.

The OECD Privacy Guidelines are high-level policy recommendations that can be used as a basis to develop a privacy protection framework with the flexibility to accommodate regional and local variations. Meanwhile, they also facilitate international interoperability for transborder flows of personal data. We at C5i follow the following principles in our “Data Privacy & Protection” practices and our controls are regularly evaluated for:

Collection Limitation Principle: There shall be limits to the collection of personal data and any such data should be obtained by lawful and fair means and, where appropriate, with the knowledge or consent of the data subject.

Data Quality Principle: Personal data should be relevant to the purposes for which they are to be used, and, to the extent necessary for those purposes, should be accurate, complete, and kept up to date.

Purpose Specification Principle: The purposes for which personal data are collected should be specified not later than at the time of data collection and the subsequent use is limited to the fulfillment of those purposes or such others as are not incompatible with those purposes and as are specified on each occasion of change of purpose.

Use Limitation Principle: Personal data shall not be disclosed, made available or otherwise used for purposes other than those specified in accordance with (the Purpose Specification Principle) except:

Security Safeguards Principle: Personal data should be protected by reasonable security safeguards against such risks as loss or unauthorized access, destruction, use, modification, or disclosure of data.

Openness Principle: There should be a general policy of openness about developments, practices, and policies with respect to personal data. Means should be readily available for establishing the existence and nature of personal data, and the main purposes of their use, as well as the identity and usual residence of the data controller.

Individual Participation Principle: An individual should have the right:

Accountability Principle: A data controller should be accountable for complying with measures that give effect to the principles stated above.

DATA SUBJECT RIGHTS

C5i provide their data subject to access their personal data held by us and further exercise their subject rights provided in their respective jurisdiction, where data was collected or used, and this is done as per applicable laws. Data Subjects can practice this by simply filling out the DSAR form or by contacting C5i.

We respect all the rights guaranteed to data subjects, when we use their personal data, as mentioned in their applicable laws on personal data processing in specific jurisdictions. Such rights include and are limited to the following:

BROWSER BASED CONTROL

We use cookies and other similar technologies to analyze customer behavior, administer the website, track users’ movements, and collect information about users. This is done in order to personalize and enhance your experience with us.

You can control the data stored by cookies and withdraw consent to cookies by using the browser-based cookie controls described in the Cookies section of this privacy statement. We may use cookies to determine whether your browser can accept a particular type of software, or to stop pop-up boxes appearing each time you visit our site. We may use cookies for other purposes in the future, as our site develops, and this statement will be amended to reflect any such changes.

We use cookies to process information that helps us to secure our website, as well as detect fraud and abuse.

We use cookies for the following purposes:

LINKS TO OTHER WEBSITE

Where we provide links to websites of other organizations, this privacy notice does not cover how that organization processes their personal information. We encourage you to read the privacy notice on the other websites you visit.

EXPLANATION OF KEY TERMS

Data Subject* – A "data subject" refers to an individual who is the subject or the focus of personal data. In the context of Indian data protection and privacy laws, (DPDP), a data subject is identified as a Personal Data Principle and is any identifiable person whose personal data is being collected, processed, or stored by an organization or data controller.

Data Controller* - A "data controller" is an entity or organization that determines the purposes and means of processing personal data. In the context of Indian data protection and privacy laws (DPDP), the term Data Fiduciary shall be used for data controller, which is the entity that is responsible for collecting personal data from individuals and deciding how that data will be processed.

The data controller has the authority to make decisions regarding the processing of personal data, including the types of data collected, the purposes for which the data is collected, the methods of processing, and the duration for which the data will be retained. The data controller is also accountable for ensuring that the processing of personal data complies with applicable data protection laws and regulations.

Data Processor – A "data processor" is an entity or organization that processes personal data on behalf of a data controller. In the context of data protection and privacy laws, including Indian DPDP in the European Union, a data processor is a separate entity from the data controller and is engaged by the data controller to handle personal data on its behalf.

Personal Data –  The term "personal data" encompasses any information that relates to an identified or identifiable individual. It can include various types of data, such as names, addresses, email addresses, identification numbers, financial information, health records, IP addresses, and any other information that can directly or indirectly identify a person.

DPDP 2023 – India's main data privacy law is the Digital Personal Data Protection Act, 2023 (DPDP). The DPDP Act was published in the Official Gazette on Friday, August 11, 2023.

The DPDP Act regulates the processing of digital personal data, which is defined as any information that can be used to identify an individual, either directly or indirectly. The Act applies to all organizations that process digital personal data, regardless of their size or location in India.

DISCLAIMER

For all legal purposes, the terms C5i, Course5, and Course5 Intelligence Ltd. should be considered synonymous and have the same legal meaning.


[Version: 4.0, Released on 28 June 2024]