Privacy Policy

Privacy Policy

Last Updated on January 2022

1. Introduction

We care about your Privacy, and we take it seriously. When you visit the websites of The Methodical Group, LLC and its affiliates (“Methodical Group”, “we”, “us”, “our”) you trust us with your personal information, and Methodical Group is committed to respecting your privacy while you are using our website. This Data Privacy Policy (“Policy”) explains what information we collect, how we use it, and your rights with regard to Personal Data and Sensitive Personal Data.  Protecting your privacy rights and safeguarding your personal data is important to us. The Methodical Group, being a global organization, is committed to complying with the applicable data privacy laws, legislations, and mandates (the “Data Privacy Laws”).

You may direct questions and inquiries regarding this Policy to inquiries@methodicalgroup.com.

 2. Policy Statement

This Policy is designed to explain and set out The Methodical Group’s procedures and policies when processing Personal Data and Sensitive Personal Data when you visit our website, or any related sites, services, sales, marketing, or events (the “Sites”). This Policy defines the requirements to ensure compliance with the Data Privacy Laws applicable to The Methodical Group’s collection, use, and transmission of Personal Data and Sensitive Personal Data.  If there are any terms within the Privacy Policy that you do not agree with, then you must discontinue use of our Sites.

 3. Scope

The scope of this Policy covers Processing (including but not limited to collection, storage, usage, transmission and destruction) of Personal Data and Sensitive Personal Data of The Methodical Group’s current and previous employees, prospective candidates, current, prospective and previous customers, current and previous partners/vendors, website visitors, sub-contractors and visitors, (together “you”/ “your”) by The Methodical Group during the course of its business activities.

The scope of this Policy also covers The Methodical Group as a Data Controller with respect to any Personal Data or Sensitive Personal Data it holds about you. The Methodical Group is responsible for ensuring that it uses your Personal Data in compliance with the Data Privacy Laws.  This Policy sets out the basis on which any Personal Data, Personal Information and Sensitive Personal Data about you that you provide to us, that we create, or that we obtain about you from other sources, will be processed by us.

You do not have to provide us with any personal data. However, our ability to handle your request or to provide you with the services you are requesting may be impacted.

4. Information We Collect

The Methodical Group may collect person data from you, such as your name, contact details, occupation, title, company, industry, region/country, relationship to Methodical Group, reason for contacting us, topics you are interested in, and other information you choose to share.  By browsing our Sites or sending us information, you explicitly consent to Methodical Group processing your personal data in accordance with this Policy.  We might use your information to fulfill your request, send you marketing communications, process your job application, or manager our relationship with you.   The personal information that we collect depends on the context of your interactions with us and the Sites, the choices you make and the products and features you use.

The Personal Information we collect can include, without limitation, the following:

• Name and Contact Data. We collect your first and last name, email address, postal address, phone number, and other similar contact data.

• Communications. We collect records and copies of your correspondence (including email addresses) or other forms of communication if you contact us.
• Credentials. We collect passwords, password hints, and similar security information used for authentication and account access.
• Cookies.  We might also collect information about how you use our Sites, in accordance with our Cookie Policy.
• Device Characteristics.  Some information – such as IP address and/or browser and device characteristics – is collected automatically when you visit our Sites.  We automatically collect certain information when you visit, use or navigate the Sites. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Sites and other technical information. This information is primarily used to maintain the security and operation of our Sites, and for our internal analytics and reporting purposes.
• Other Sources.  We may collect limited data from public databases, marketing partners, and other outside sources. We may obtain information about you from other sources, such as public databases, joint marketing partners, as well as from other third parties.  Examples of the information we receive from other sources include social media profile information, marketing leads and search results and links, including paid listings (such as sponsored links).

5. Purpose and Lawful basis of Processing

Your Personal Data may be stored and processed by us in the following ways and for the following lawful and legitimate business purposes:

• Job Applications.  Where you have applied for a role with us, to review and process your job application with us and (only where legally permissible and where strictly necessary to assess your suitability for the relevant role) to conduct background screening checks on you (when permitted or required by the applicable law).

• Employment. To carry out activities relating to your employment contract with us (including, but not limited to, processing your salary, administering benefits, managing and providing training relevant to your role and managing your performance).
• Services.  To provide our products and services to you.
• Discharge of Obligations.  To comply with any legal and regulatory obligations that we must discharge.
• Legal Proceedings. To establish, exercise or defend our legal rights or for the purpose of legal proceedings.
• Usage Monitoring. Where you are an employee or visitor to our premises, to record and monitor your use of our premises and/or information technology systems to maintain its security and protect them against fraud or unauthorized entry.

• Legitimate Business Interests.  Use it for our legitimate business interests, such as operating our Sites, managing the efficient management and operation of our business, conducting marketing activities designed to improve the products and services we offer to you, and administering the security of our business (“Legitimate Business Interests”); and
• Fraud. Use it to prevent and respond to actual or potential fraud or illegal activities.
• Internal Research. We may Process Personal Information for internal research for technological development and demonstration.
• Transactional. We may transfer Personal Information as an asset through a merger, acquisition, bankruptcy, or other transaction in which a Third Party assumes control of the business in whole or in part. In such event, the Third Party cannot materially alter how it uses or shares the acquired Personal Information subject to certain exceptions.
• Performance of Contract. We may process your Personal Data, Personal Information or Sensitive Personal Data, where necessary to enter a contract with you or to perform our obligations under a contract with you (e.g. – processing of personal data for employment purposes, such as processing your salary, administering benefits, or providing services to our customers which are necessary to execute the contract). If you do not provide Personal Data for processing under this legal basis, we may not be able to perform as per the respective contract.

• Consent. Where permitted under applicable local laws, we may (but usually do not) process your Personal Data, Personal Information or Sensitive Personal Data based on your prior consent. In such cases, you have the right to withdraw your consent at any time by contacting the details below provided in this Privacy Policy. In certain limited circumstances, even after withdrawal of Data Subject consent, we may be entitled to continue processing your Personal Data where we have a lawful reason to do so and as communicated to you.
• Other “Public Interest” Grounds. We may process your Personal Data, Personal Information (or where relevant, your Sensitive Personal Data) on other public interest grounds where it is subject to regulatory requirements where Processing is necessary by us for the performance of a task mandated by governmental authorities, regulatory authorities or any other law enforcing authorities in the public interest.

6. Processing Sensitive Personal Data

We may, where legally permissible, process your Sensitive Personal Data on the following lawful bases:

• Explicit Consent is obtained from you when required under applicable local laws or in specific circumstances.
• Where you are physically or legally incapable of giving consent, but the processing is necessary to protect your vital interest for example, where emergency medical care is needed.
• Without explicit consent when such Processing is specifically authorized or mandated by applicable local Data Privacy Laws including but not limited to circumstances where The Methodical Group is permitted to process Sensitive Personal Data.

7. Personal Data of Individuals below 18 years

We may process Personal Data or Sensitive Personal Data of any individuals below the age of 18 years only for travel and immigration purposes.  If we are required to process Personal Data or Sensitive Personal Data of such individuals, then we shall do so by taking explicit written consent from their legal guardians. If it comes to your knowledge that we have unintentionally collected or received Personal Data or Sensitive Personal Information about an individual below the age of 18 years directly from them, then immediately notify Methodical Group in the contact details provided in this Policy and we will accordingly delete such information.

We do not knowingly collect data and information from, or market to children under 18 years of age.  If you are under the age of 18 years, then we do not want you to provide any of your Personal Data in our Sites.

8. How we will be using your Personal Data and Personal Information for Direct Marketing

For direct marketing, we may be using your Personal Data and Personal Information in the following ways (to the extent in compliance with applicable local laws):

• Manage and maintain our relationship with you, including responding to an inquiry, question or comment made by you.
• Engage in marketing and business development activities in relation to improve The Methodical Group’s products and services.
• Improve the products and services we offer to you and administering the security of our business.
• Conduct analysis and market research to improve this website
• Inform you about our service offerings by communicating through email, SMS, phone and any other similar communications means

• Respond to any legal process or as required by law in response to any court order, subpoena, or a law enforcement agency, defending us in case of legal disputes or to take action against any illegal activity and to address any potential threat to the physical safety of a person.

California residents who provide Personal Information are entitled to request information about themselves that we shared with Third Parties for their own direct marketing purposes (if applicable), including the categories of information and the names and addresses of those businesses. We do not currently share the Personal Information of California residents with Third Parties for their own direct marketing purposes.

9. Events and Initiatives

We organize and participate in events and initiatives. In such cases this Policy applies to participants and speakers together with any other supplementary information that is provided in relation with each event. In the event we appoint any Third Parties to conduct or organize such events and initiatives, your Personal Data or Personal Information shall be shared to such Third Parties under contractual obligations with such Third Parties in compliance with applicable Data Privacy Laws. The processing of Personal Data and Personal Information by such Third Parties shall however be governed by the respective parties’ privacy policies and the contractual obligations entered with us.

10. Retention and Disposal of Personal Data or Personal Information

How long we store your Personal Data and Personal Information will vary depending on:

• Purposes identified in this Policy for using the Personal Data and Sensitive Personal Data – we will need to keep the information for as long as is necessary for the relevant purpose; and
• Legal obligations – laws or regulation may set a minimum period for which we will have to keep your Personal Data and Sensitive Personal Data.

Disposal of Personal Data and Sensitive Personal Data shall be handled with utmost care and shall be governed in accordance with reasonable data security practices as detailed by its internal policies governing data disposal.

Personal Data and Sensitive Personal Data shall only be Processed for the period necessary for the purposes for which it was originally collected as per the The Methodical Group Retention Policy.

11. Cross Border Transfer

The Methodical Group is a global company.  We may transfer your Personal Data and Sensitive Personal Data to various countries where we and our affiliates operate.

We may transfer Personal Data and Sensitive Personal Data between our group operating divisions and companies and data centers for the purposes described in this Policy.  We may also transfer Personal Data and Sensitive Personal Data to our Third-Party suppliers, customers or business partners in different geographic locations.

Where we transfer your Personal Data and Sensitive Personal Data outside of the European Economic Area (“EEA”), we will ensure that it is protected and transferred in a manner consistent with applicable Data Privacy Laws.

You can obtain more details of the protection given to your Personal Data and Sensitive Personal Data when it is transferred outside the EEA (including a sample copy of the safeguards) by contacting us using the details set out within this Policy.

12. Security of Personal Data, Personal Information, and Sensitive Personal Data

To comply with our data security obligations under applicable Data Privacy Laws, Methodical Group has adopted the following physical, technical and organizational security measures to ensure the security of your Personal Data, Personal Information, and Sensitive Personal Data.

• Prevention of their alteration, damage, loss, unauthorized processing or access, having regard to the nature of the data and the risks to which they are exposed by virtue of human action or the physical or natural environment.
• Compliance with the security safeguards as per our contractual and statutory requirements in consultation with our internal IT department.
• Assess the security measures implemented to safeguard Personal Data and Sensitive Personal Data on a regular basis and update the same, where required.

• All employees and contractors shall be imparted with mandatory Privacy training (e.g., Training on Embedding Privacy in Software Development etc.).
• Confidentiality agreements and Non-Disclosure Agreements shall be signed by all employees and contractors on or before their joining date with The Methodical Group.

13.  Your Rights

You have certain rights relating to your Personal Data and Sensitive Personal Data provided for under applicable Data Protection Laws.

• Request access to your Personal Data and Sensitive Personal Data and the processing activities on the Personal Data and Sensitive Personal Data and, where applicable, receive a copy of your Personal Data and Sensitive Personal Data. Please note that there may be circumstances in which we are entitled to refuse requests for access or to receive copies of your Personal Data and Sensitive Personal Data.
• Request that your Personal Data and Sensitive Personal Data is corrected if it is inaccurate or incomplete.
• Request erasure of your Personal Data and Sensitive Personal Data in certain circumstances. Please note that there may be circumstances where you ask us to erase your Personal Data, but we are legally entitled to retain it.
• Request that the processing of your Personal Data and Sensitive Personal Data is restricted in certain circumstances.
• Object to processing of your Personal Data and Sensitive Personal Data in certain circumstances. Again, there may be circumstances where you object to our processing of your Personal Data and Sensitive Personal Data, but we are legally entitled to refuse that request.

• Receive your Personal Data and Sensitive Personal Data provided to us as a Data Controller in a structured, commonly used and machine-readable format in certain circumstances and/or request that we transmit that Personal Data and Sensitive Personal Data to a Third Party where that is technically feasible. Please note that this right only applies to Personal Data and Sensitive Personal Data which you have provided to us.
• Lodge a complaint with an applicable data protection supervisory authority, if you think that any of your data protection rights have been infringed by us. We can, via the contact details provided in this Policy, tell you which data protection supervisory authority is relevant to the processing of your Personal Data and Sensitive Personal Data.
• If the Processing of your Personal Data and Sensitive Personal Data is based on (explicit) consent, you can withdraw your consent at any time by contacting us. Please bear in mind that in certain circumstances it may be lawful for us to continue processing your Personal Data and Sensitive Personal Data without your consent if we have another legal basis (other than consent) for doing so.

To exercise the rights outlined above in respect of your Personal Data and Sensitive Personal Data or to receive more details, you may raise a request by contacting inquiries@methodicalgroup.com.

 14. California Privacy Rights

The CCPA provides California residents with the right to request disclosure of the categories and specific pieces of Personal Information that the business collects, sells or discloses concerning California residents and we shall provide such information without charge to the requesting California resident after verifying the request. We are required to provide such information no more than twice in a 12-month period. Under the CCPA, “collects” includes information bought, rented, gathered, obtained received and accessed whether actively, passively or by observing the California resident, provided, however, that we are limited in terms of what we can disclose when such information is Sensitive Personal Data.

The CCPA requires that we provide data portability to California residents. Subject to certain exceptions, the CCPA grants rights to California residents to request the deletion of their Personal Information.

The CCPA prohibits discrimination against California residents that elect to exercise their rights under the CCPA.  The CCPA prohibits any agreement or contract that seeks to waive or limit California residents’ rights under the CCPA.

Please contact the Data Privacy Officer if you are attempting to fulfill any of the above requests by contacting inquiries@methodicalgroup.com.

California residents who provide Personal Information are entitled to request information about themselves that we shared with Third Parties for their own direct marketing purposes (if applicable), including the categories of information and the names and addresses of those businesses. We do not currently share the Personal Information of California residents with Third Parties for their own direct marketing purposes.

15. Automated profiling and decision making

We do not use any automated decision-making (including profiling) to process your Personal Data, Personal Information, and Sensitive Personal Data.

16. Disclosure to Third Parties

We may disclose some of your Personal Data and Sensitive Personal Data to affiliates within our corporate group companies under the following circumstances:

• Personnel administration, employee work and business management purposes.
• Provide service that is legally bound by a valid contract.

• Carry out day-to-day business transactions.
• Identify and contact the Data Subject.
• Ensure compliance to local laws and regulations.
• Security Management
• Events and Initiatives

We may also share Personal Data and Sensitive Personal Data outside of its corporate group where we rely on Third Parties to assist in its processing activities. This may include:

• Third Party agents/suppliers or contractors, bound by obligations of confidentiality, in connection with the processing of your Personal Data and Sensitive Personal Data for the purposes described in this Policy. This may include, but is not limited to, information technology and communication services providers.
• Third Parties relevant to the products and services that we provide. This may include, but is not limited to, hardware or software manufacturers, other professional services providers, regulators, authorities, and other governmental institutions.

To the extent required by law, regulation, or court order, for example if we are under a duty to disclose your Personal Data and Sensitive Personal Data in order to comply with any legal obligation.

You may reach out to the contact details provided in this Policy if you would like to know the name of the Third Parties to whom we have shared your Personal Data.

With respect to disclosing Personal Data and Sensitive Personal Data to Third Parties, such written contracts with Third Parties will include restrictions prohibiting the Third Party from retaining, using or disclosing Personal Data and Sensitive Personal Data for any purpose except performing the services specified in the contract or as otherwise permitted by applicable Data Privacy Laws.

Where it discloses your Personal Data and Sensitive Personal Data to Third Parties The Methodical Group will seek to use a Data Processors or Subprocessors that are capable of providing sufficient security measures in accordance with applicable Data Privacy Laws and shall put in place contractual mechanisms to ensure that the relevant Data Processor or Subprocessor takes reasonable steps to ensure compliance with those measures.

The Methodical Group does not sell any Personal Data and Sensitive Personal Data under any circumstances.

17. Links to Third Party Websites

Our Sites may provide links to other Websites, which have their own privacy policies. Such websites will be governed by their respective privacy policies, and you may refer to them to understand how they process Your Personal Information. Some content or applications, including advertisements on our Sites accessed by you while availing our services are served by third parties. These third parties may use cookies alone or other tracking technologies to collect information about you when you use their services. The information they collect may be associated with your Personal Information or they may collect information about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content. We do not control these third parties’ tracking technologies or how they may use the data which they have accessed. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider/advertiser directly.

18. Policy Revisions and Publication

This Policy may be revised and updated from time to time.  The most recent version of this Policy will be available on this web page.

 19. Quality of Personal Data and Personal Information and Sensitive Personal Information

We shall ensure to implement reasonable Processes to monitor the quality of the Personal Data and Sensitive Personal Data we store or process.

Each business unit & support function within our organization shall take steps to assure that Processed Personal Data and Sensitive Personal Data is complete and accurate.

We shall implement a process to ensure that our employees can review, update, and confirm on the accuracy and completeness of their Personal Data and Sensitive Personal Data Processed by us.