Data Privacy Policy

This Data Privacy Policy describes Bluekode's practices regarding the collection and use of Personal Data about its customers, employees, job seekers, visitors, suppliers, contractors, associated third parties, and business partners. For the purpose of this policy, Bluekode shall mean Bluekode Solutions, all group companies, entities, subsidiaries, and affiliates. This Policy was last updated on 1st July 2024.

Applicable Data Protection Laws means all applicable international, federal, state, provincial and local laws, rules, regulations, directives, governmental requirements and guidelines currently in force relating in any way to the privacy, confidentiality or security of Protected Data. The Company undertakes to comply with all Applicable Data Protection Laws depending on the countries where the Company is established or is Processing Personal Data. Although certain requirements may vary from one country to another, Bluekode is particularly concerned about the privacy of Data Subjects and this Policy constitutes a global guideline for Bluekode as a whole.

This policy applies to Bluekode wherever a Data Subject's Personal Data is processed, and covers all records in any format or structure, either electronic or physical.

• In the context of the business activities of Bluekode
• Hiring or recruitment of employees, consultants, interns, and trainees
• Visitor management at Bluekode premises
• During supplier, third-party, contractor, or business associate onboarding
• For the provision or offer of goods or services to individuals and customers
• Active monitoring including cookies, IP tracking, audio-video surveillance, biometric monitoring, and cyber threat prevention

Bluekode may collect and process Personal Data only if one of the following legal grounds apply. If Bluekode receives unsolicited Personal Data, it will determine within a reasonable period whether the collection meets Data Protection principles; if not, the data will be de-identified and/or destroyed.

• The nature of the business purpose necessitates collection from other persons or bodies
• Collection is necessary for the performance of a contract to which the Data Subject is a party
• Emergency circumstances to protect the vital interests of the Data Subject or prevent serious loss or injury
• The Personal Data is sourced from public record or has been made public by the Data Subject
• Where the Data Subject is a child, the competent legal guardian has consented
• Data Subjects have given their consent to the collection and Processing

The following legal bases constitute the foundation on which the Company relies to carry out the Processing of Personal Data. Other legal bases may be used depending on where the Data Subject resides and the relevant Applicable Data Protection Law.

Personal Data so collected will be deleted once the purpose of the Processing has been achieved. However, Bluekode may retain Personal Data longer if necessary to comply with an applicable law including Applicable Data Protection Law, or if necessary to protect or exercise rights of Bluekode. At the end of the retention period, Bluekode may also need to archive Personal Data for a limited period and with limited access to comply with Applicable Data Protection Law. These retention periods may vary depending on the country where the Data Subjects reside.

Bluekode may share Personal Data, subject to consent obtained from the Data Subjects or other relevant legal basis, with the following parties. Where applicable, Bluekode implements contracts with third parties to ensure Personal Data is processed based on Bluekode's instructions and in compliance with this Policy.

• Authorized employees on a need-to-know basis
• Other Bluekode entities, group companies, subsidiaries, and affiliated companies
• Business partners providing services on behalf of Bluekode (technical support, marketing, service delivery)
• Governmental and public authorities as required by law, court order, or to protect rights and safety

Third parties to whom Bluekode may disclose Personal Data may be located outside of a Data Subject's country of domicile, in countries whose data protection laws may differ. Where Personal Data is transferred internationally, Bluekode will ensure all of the following safeguards are in place.

• Adequate procedures to comply with Applicable Data Protection Law, including supervisory authority authorizations where required
• Appropriate organizational, technical, and legal safeguards to ensure the necessary level of protection
• For Personal Data originating from the EU, transfers to third countries are based on Standard Contractual Clauses adopted by the European Commission
• Supplementary measures such as data transfer adequacy assessments where necessary for the protection of transferred data
• Appropriate legal mechanisms for non-EU/EEA data transferred outside the Data Subject's jurisdiction

Bluekode has implemented strict security measures, as required under Applicable Data Protection Law, to protect Personal Data from security incidents or accidental or unauthorized disclosure, access, loss, and Personal Data breaches. These measures include access controls, password protection, encryption, and regular security assessments - recognized as appropriate industry standards.

Based on Applicable Data Protection Law, Data Subjects have rights related to their Personal Data. All requests must be directed to the Data Protection Office at info@bluekode.com. A response will be provided within 30 days of receipt. No fee applies unless a request is clearly unfounded or excessive.

• Right to request access to Personal Data held about you
• Right to rectification of inaccurate or incomplete Personal Data
• Right to erasure of your Personal Data
• Right to restriction of Processing
• Right to object to Processing, including automated decision-making and profiling
• Right to data portability
• Right to withdraw consent where Processing is based on consent
• Right to lodge a complaint with the local supervisory authority or competent regulator

All Suppliers, vendors, contractors, business partners, and associated third parties of Bluekode who Process Personal Data on behalf of Bluekode or have access to Personal Data held by Bluekode are required to adhere to and maintain the same standard of protection and care. All Suppliers are required to enter into further privacy, information security, data transfer, or data processing agreements requested by Bluekode in order to ensure compliance with this Policy and Applicable Data Protection Laws.

The Data Protection Office is responsible for the maintenance and accuracy of this policy. If necessary, Bluekode may from time to time update this Policy to reflect new or different privacy practices. Updated versions will be published on this page. A revised Policy will apply only to data collected subsequent to its effective date. Any changes shall come into force when published on the Bluekode website.

For any questions, comments, or concerns about this Policy, or in order to exercise the privacy rights permitted by Applicable Data Protection Laws related to your Personal Data, please contact our Data Protection Officer.

• Email: info@bluekode.com
• Website: https://www.bluekode.com
• Address: Coimbatore, Tamil Nadu, India