Privacy Policy

1. Introduction

As a globally integrated company, Tigerspike's business processes increasingly go beyond the borders of one country. Tigerspike’s global business requires communication and information systems across its worldwide operations and involves the processing, sharing and use of multiple types of information, including information that identifies, or can reasonably be used to identify, an individual (“Personal Information”). This Policy sets forth the general privacy principles which underlie Tigerspike's practices for collecting, using, disclosing, retaining, deleting, accessing, transferring and otherwise processing Personal Information (“Processing”).

2. Applicability

This Policy applies to the Processing of Personal Information anywhere in the world, for or on behalf of Tigerspike by its employees, suppliers, business partners, and contractors. This Policy is subject to compliance with both contracts and applicable laws and regulations, including, without limitation, laws and regulations defining and governing the Processing of Personal Information in any applicable region, country, state or principality (“Jurisdiction”).  This Policy is also subject to, and supplemented by, Tigerspike’s policies, notices, guidelines and documented processes and instructions for Processing Personal Information in specific circumstances, including, without limitation, the Processing of Personal Information: I. pertaining to Tigerspike employees, employees and customers of Tigerspike’s clients, employees of vendors and business partners, and/or other individuals (“Data Subjects”) located in specific Jurisdictions;II. for specific Tigerspike websites, platforms, IT applications or tools;III. in compliance with certain other industry standards and practices; andIV. in compliance with applicable laws and regulations.

3. Privacy Policy Statement

Tigerspike is committed to protecting the privacy and confidentiality of Personal Information pertaining to Data Subjects to the extent their Personal Information is Processed by or on behalf of Tigerspike. The general privacy principles set forth in this policy enable Tigerspike to securely process Personal Information fairly, appropriately, and in a legally permissible manner.

4. General Privacy Principles

These general privacy principles apply globally to Tigerspike’s Processing of Personal Information. A. Accountability:Tigerspike understands its accountability and responsibility for any Personal Information that it Processes in connection with its business. Accordingly, Tigerspike will:I. have appropriate policies, notices, guidelines and documented processes and instructions to demonstrate that Personal Information is Processed in compliance with applicable laws, regulations and contracts;II. designate an individual or individuals who are accountable for Tigerspike’s compliance with the general privacy principles set forth in this Section; andIII. provide adequate access to such policies, notices, guidelines and documented processes and instructions for Processing Personal Information, and review such documentation at a minimum annually, and any time a change in circumstances dictates that such a review may be warranted. B. Fairness and Purpose:Tigerspike will collect adequate, relevant and necessary Personal Information, and will process such Personal Information fairly and lawfully for the purposes for which the Personal Information was collected.The purposes for collecting Personal information will be specified upon or before its initial collection as well as before any previously collected Personal Information is Processed for a new or different purpose. C. Accuracy:Tigerspike will implement appropriate processes and measures to keep Personal Information as accurate, complete and up-to-date as is necessary for the purposes for which the Personal Information is Processed. D. Disclosure and Data Sharing:Subject to applicable laws, regulations and contractual requirements, the Tigerspike entity that collects Personal Information may disclose such Personal Information to other Tigerspike entities and third-party entities, in order for such entities to Process such Personal Information for permitted purposes. E. Cross-Border Data Flows:Subject to applicable laws, regulations and contractual requirements, the Tigerspike entity that collects Personal Information may transfer such Personal Information to other Tigerspike entities and third-party entities that are located in different countries in order for such entities to Process such Personal Information for permitted purposes. To the extent required under applicable laws and regulations, Tigerspike will implement appropriate data transfer mechanisms for any such transfers of Personal Information which may include, for example:I. a data transfer agreement with the party who will Process the Personal Information;II. notice to and/or approval from a country’s local data protection authority, orIII. notice to and/or consent from the individual whose data is to be transferred. F. SecurityTigerspike will implement reasonable technical and organisational measures to safeguard Personal Information and instruct third parties Processing Personal Information on behalf of Tigerspike or its clients to Process and manage Personal Information in a manner which is consistent with Tigerspike’s measures for safeguarding Personal Information and applicable contractual requirements for safeguarding Personal information. G. Access:Upon request, to the extent and in the manner required under applicable laws, regulations and contracts, Tigerspike will, within a reasonable period of time, provide individuals appropriate access to their Personal Information Processed by or on behalf of Tigerspike and to exercise any other rights such individuals may have under applicable laws, regulations and contracts. H. Retention and Disposal:Tigerspike will retain Personal Information in a form that permits identification for no longer than is necessary forI. the fulfilment of the permitted purposes for Processing such Personal Information, andII. compliance with any required retention periods or other requirements under applicable laws, regulations and contracts. I. Transparency:Tigerspike will provide reasonable disclosure of its policies, notices, guidelines, documented processes and instructions and other relevant documentation for Processing Personal Information. J. Custodianship:Tigerspike will comply with applicable laws, regulations, and contracts that relate to the protection and Processing of Personal Information on behalf of Tigerspike’s clients, business partners, and other third parties, including any third-party policies and practices with which Tigerspike agrees to comply.

5. Enforcement and Redress

Tigerspike has implemented and will adhere to reasonable processes and measures for monitoring and enforcing compliance with these privacy principles, including processes and measures to review and address any actual or potential failure to adhere these privacy principles.

More information on GDPR

6. Waiver

Any request for a waiver (exemption or exception) to any policy or provision of a policy, and the reasons for the request,  shall be formally documented and submitted for approval by the respective policy and/or process owners, line management, and where applicable, the customer. A request for a waiver will not be approved if the requested waiver would result in a breach or violation of a law, regulation or contract. All waivers approved in accordance with this Section should be registered at security@tigerspike.com and DPO@concentrix.com.

7. Additional Notes

Tigerspike does not have control over privacy risks arising from or relating to a customer-owned and/or managed environment. In these circumstances, Tigerspike will be act on the customer’s instructions pursuant to the contract or as otherwise mutually agreed. Tigerspike may, however, communicate known risks to the customer. Mandatory laws, regulations, or rules shall, to the extent applicable, take precedence over the terms of this policy.