Contact us

LTI Privacy Policy

We are dedicated to protecting your privacy. This Privacy Policy explains how we collect, use, and protect your personal data and the rights you have concerning the use of such data. Please read this Privacy Policy carefully.

Note: If you are a California resident, please read “LTI California Privacy Statement.”

Who are we?
In this Privacy Policy, “LTI,” “our,” “us,” or “we” refer to Larsen & Toubro Infotech Ltd and/or its affiliates, subsidiaries, and newly acquired companies. We are the controllers of your Personal Data.

What personal data do we collect and for what purposes do we use them for?
Personal Data is information that identifies you or can be used to identify or contact you. Such personal data may include your name, address, email address, telephone number, and billing information.

We may also collect special categories of personal data which includes personal data related to an individual’s-

  • Racial or ethnic origin
  • Political opinions
  • Religious or philosophical beliefs
  • Membership of a trade union
  • Genetic data
  • Biometric data
  • Physical or mental health or condition
  • Sex life or sexual orientation

We may also collect personal data relating to criminal convictions and offenses.

We collect Personal Data about you in the course of our business activities from sources such as:

  • Social media such as LinkedIn;
  • Hard copy forms;
  • Electronic copy forms;
  • Our intranet systems;
  • During conversations between you and our representatives; or when you complete an application or purchase order;
  • From third party companies such as law enforcement agencies and other government entities;
  • Exchange of business cards

If you are a California resident, please read our California Privacy Statement.

Further, based on your relationship with us, we may collect and use personal data as follows:


Website visitors

Read the website privacy policy for details.

Job applicants

Read the privacy notice for job applicants for details.

Employees

Read the privacy notice for employees for details.

Clients

Read the privacy notice for clients for details.

Third-party service providers

Read the privacy notice for third-party service providers for details.

Visitors to LTI offices

Read the privacy notice for visitors to LTI offices for details.

General cases

Other general cases where we may collect personal data include the collection in relation to subscriptions to our promotional activities, events organised by LTI where you may be a participant, during acquisitions and mergers, for communicating with you when you reach out to us over email etc. The personal data collected in these scenarios will belong to the categories of personal data mentioned in the sections above, and the collection would be on the basis of one of the following lawful bases only:

  • Where we need to perform a contract that we will be entering into with you
  • Where we need to comply with a legal obligation
  • Where it is necessary for our legitimate interests
  • Where we need to protect your vital interests (or someone else’s vital interests)
  • Where we have obtained your explicit consent to process your personal data
  • Where it is required for the public interest (or for official purposes)


How do we keep your personal data secure?
We take reasonable steps to ensure your personal data is protected from misuse and loss and from unauthorised access, modification or disclosure, and other risks to which it may be exposed by virtue of human action or the physical or natural environment. To this effect, we adopt physical, technical, and organisational measures to ensure the security of personal data. We may hold your data in either electronic or hard copy form.

We take steps such as the following to protect your personal data:

  • Prevent unauthorised persons from gaining access to data processing systems in which personal data are processed
  • Ensure that hard copies are kept in locked cabinets with access to authorised personnel only
  • Prevent persons entitled to use data processing systems from accessing personal data beyond their needs and authorisations
  • Ensure that personal data in the course of electronic transmission during transport cannot be read, copied, modified or removed without authorisation
  • Ensure that in the case where processing is carried out by another entity on our behalf, the data is processed only in accordance with the contractual obligations
  • Ensure that personal data is protected against undesired destruction or loss
  • Ensure that personal data is not kept longer than necessary

How do we share and disclose your personal data?
We will not share, sell, transfer or otherwise disseminate your personal data to third parties, unless required by law, unless required for the purpose of your contract, unless we are allowed to do so on the basis of a data processing agreement according to, or unless you have given us express consent to do so.

We share some of your personal data with other LTI companies, to the extent necessary for such companies to provide services on our behalf. In particular, we are using other LTI companies to send marketing communication to you if you have given us your consent to do so.

Some of the companies we share your personal data with, as described above, are located outside of the European Economic Area.

In order to grant sufficient protection of your personal data in this context, we use standard data protection clauses adopted by the European Commission, with such companies, or certifications of such companies under the EU-U.S. Privacy Shield.

Any sharing of your personal data with other LTI entities or service providers will be made in accordance with applicable data protection laws and will be limited to the extent necessary. We have carefully selected these companies and continuously monitor their compliance with our instructions. These companies are contractually prohibited from using your personal data for any other purposes than those described in this Privacy Policy.

We may also be required to disclose your personal data to government or law enforcement officials in response to a lawful request by a public authority, or if we have to do so to comply with a legal obligation, including to meet national security or law enforcement requirements. We can also disclose your personal data in order to pursue our legitimate interest in applying or enforcing our terms and conditions or in responding to any claims, in protecting our rights or the rights of a third-party, in protecting the safety of any person or in preventing any illegal activity (including for the purposes of fraud protection and credit risk reduction).

If required under applicable data protection laws, we will take your consent before sharing your personal data with other companies.

Do we use your personal data for any other purpose?
We will only use personal data for the purposes described above or as otherwise disclosed at the time we request such data from you. Should your personal data be processed for other purposes than those outlined in this Privacy Policy or other purposes than the ones your personal data has originally been collected for, we will provide you with information on that other purpose, and any additional relevant information.

How long do we store your personal data?
We store your personal data and other required information for as long as necessary to achieve the related purpose, such as to enable you to use our website, provide our services to you, comply with applicable laws (including those regarding document retention), resolve disputes with any parties, and otherwise as necessary, to allow us to conduct our business.

Do we process your personal data for automated individual decision-making?
We do not use your personal data to make decisions with legal or similar effects for you, based on only the automated processing of your personal data. In case we perform automated individual decision-making in the future, we will inform you of the same and your rights regarding the opting-out of such processing.

What rights do you have?
You have the following rights with respect to your personal data.


Right to Access

You have the right to request from us information on the personal data about you we process at any time.

Right to Rectification of Incorrect Data

If data about you is inaccurate, you have the right to obtain from us the rectification of such data without undue delay.

Right to Erasure

You have the right to request from us the erasure of your personal data. In particular, you may ask us to erase personal data, if (i) it is no longer necessary in relation to the purposes for which it was collected or otherwise processed; (ii) the personal data has been unlawfully processed; (iii) you object to the processing, and there are no overriding legitimate grounds for the processing; (iv) the personal data has to be erased for compliance, with a legal obligation in Union or Member State law to which we are subject; or (v) you withdraw your consent on which the processing is based, and there is no other legal ground for processing.

Right to Restriction of Processing

You have the right to obtain from us restriction of processing, where one of the following applies: (i) The accuracy of the personal data is contested by you, processing will be restricted for a period, enabling us to verify the accuracy of the personal data; (ii) the processing is unlawful, and you oppose the erasure of the personal data and request the restriction of its use instead; (iii) we no longer need the personal data for the purposes of the processing but are required by you to keep it for the establishment, exercise or defense of legal claims; or (iv) you have objected to processing, and the verification whether our legitimate interests override yours is pending.

Right to Data Portability

You have the right to receive the personal data concerning you, which you have provided to us in a structured, commonly used, and machine-readable format.

Right to Object

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you. We will no longer process your personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or the processing serves the purpose of establishing, exercising or defending legal claims.

Right to Withdraw Consent

You have the right to withdraw your consent for the processing of personal data where explicit consent has been sought. In the limited circumstances where you may have provided your consent to the collection, processing, and transfer of your personal data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your data for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.



What is the process for reporting a privacy-related breach or exercising my rights or sending complaints / grievances / questions?
You may write to our Data Protection Officer at DPO@lntinfotech.com for any of the following purposes:

  • to exercise your rights
  • to register any grievance / complaint related to our processing of your personal data or linked to our processing in accordance to applicable data protection principles, our policies, and procedures.
  • to report a breach of your privacy has been breached if you feel that we are not abiding by the terms of our posted Privacy Policy or the applicable data protection laws
  • to ask questions about our Privacy Policy or any other matters relating to processing of your personal data

It should be noted that situations may arise where providing the information requested by you would disclose personal data about another individual. In such cases, data may be redacted or withheld as may be necessary or appropriate to protect that person’s rights.

You also have the right to complain to the data protection authority in your country or refer the matter to a court of competent jurisdiction.

Changes to this Privacy Policy
This policy is effective as of 10th June, 2020. We may amend this Privacy Policy from time to time. Please refer to this Privacy Policy on a regular basis.