Privacy statement

Personal data collection and use

1. Personal data collected automatically
   Our website collects certain information automatically and stores it as logs. The information collected by us is as follows:
   • Internet protocol (IP) addresses, the region or general location where your computer or device is accessing the internet, device type used to access the website, browser type, operating system and other information about the usage of Virtusa’s website, including a history of the pages you view. This is typically done to recognize your device, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages and other statistics to enable us in providing better user experience to you in your future visits to this website.
   • Virtusa’s website also uses cookies and web beacons. Virtusa has enabled personalized advertisements based on your interests, using information made available when you interact with our website. Personalized or targeted ads are displayed based on your activities on Virtusa and Third-party websites which includes, but is not limited to visiting the website and interacting with content provided in the website. Cookies are used to enable us to learn what actions you perform in the website. These ads are displayed on external websites unaffiliated to Virtusa. To know more about our use of cookies, please see our Cookies Privacy Policy.

1. Personal data collected from you
   We directly collect from you, the personal data in following ways:
   • By entering information to Contact Us, we collect your name, email address, country of residence, phone number, job title, company you represent and details of the inquiry to enable us to respond to a general/business inquiry made by you on behalf of your company.
   • You provide us information during registrations. In order to send you our newsletters, other news alerts that you may have subscribed to and webinars, we ask for your name, phone number, designation, email address and company you represent. Please note that we may also be collecting any information that you may have mentioned in any communication/email that you send to us after registering with us.
   • You provide us your email address when subscribing to and using the Email Preference Center. The preference center keeps track of your communication preferences (over email) and areas of interest (such as receiving newsletters and/or webinar mailers) that you may have either opted into or opted out of.
   • By entering information on registration with Virtusa Careers, we obtain your name and email id to contact you as an Employment candidate, and consider you for job opportunities within Virtusa.

We process the received information only to pursue our legitimate business interests in keeping you updated on our services and products, respond to your queries, establish communication with prospective clients (whom you represent) and to enhance user experience. We might process information as a part of our audit processes or may provide personal data where required or permitted by law to others such as regulators or law enforcers

From Time to time we may consider corporate transactions such as mergers, acquisitions, reorganization, asset sale or similar. In such instances, we may transfer or allow access to information to enable assessment and undertaking of transactions.

You also have the option to subscribe/opt-in to receive newsletters, new alerts and marketing content. You can opt-out of such options using our blog or click the “unsubscribe” link at the bottom of an email newsletter. Virtusa shall adhere to your preferences.

Also, our website is not designed or directed at children. We will not intentionally collect, maintain, or distribute information about anyone under the age of 16. 

If you are a parent or guardian of a child who has provided personal information without your knowledge and consent, you may request us to remove the minor’s  information by emailing us at dpooffice@virtusa.com. 

Security

Virtusa has implemented adequate technical and organizational safeguards, in line with industry standards to ensure the security of personal data, including the prevention of their alteration, loss, damage, unauthorized processing or access, having regard to the nature of the data, and the risks to which they are exposed by virtue of human action or the physical or natural environment.

Key security measures to keep your personal data secure and confidential, includes and is not limited to the below:

• Limiting access to your personal data to Virtusa employees strictly on a need to know basis, such as to respond to your inquiry or request.
• Virtusa adheres to ISO 27001, Certification on Information Security Management Systems and is annually audited by the Independent auditing body, British Standards Institute (BSI) for effectiveness of controls to protect Virtusa and Customers’ information.
• Virtusa undergoes regular Penetration Testing by independent third-party service providers.
• Virtusa employees are expected to adhere by Virtusa’s Code of Conduct and Privacy trainings, any misuse of information is liable to strict disciplinary actions.

Transfers of personal data

We are part of an international group of companies and, as such, transfer personal data concerning you to countries outside the EU. Please click here to see list of our companies within our corporate group.

We transfer personal data between our subsidiaries and affiliated entities and delivery centers for the purposes explained above.

Your personal data is stored in databases, and on the servers of the cloud-based database management services that Virtusa engages, located within and outside EU.

Where we transfer personal data outside of the EU, we either transfer personal data to countries that provide an adequate level of protection (as determined by the European Commission) or we have appropriate safeguards in place. Appropriate safeguards to cover these transfers are in the form of standard contractual/data protection clauses adopted by the European Commission.

Virtusa does not provide any personal information to advertisers that display the personalized ads. Advertisers may provide us information about you (such as the sites where you have been shown ads) that we may use to provide you more relevant and useful advertising. Advertisers use technology to serve the ads that appear on our sites directly to your browser. They may use cookies to measure the effectiveness of their ads and to personalize ad content.

In no event shall we be liable for any damages (whether consequential, direct, incidental, indirect, punitive, special or otherwise) arising out of, or in any way connected with, a third party's unauthorized access to your information, regardless of whether such damages are based on contract, strict liability, tort or other theories of liability, and also regardless of whether we are given actual or constructive notice that damages were possible, except as provided under applicable laws.

Personal data Retention

We will only keep your personal data for as long as is reasonably necessary taking into consideration our need to respond to your queries or resolve problems, any other purpose outlined above or to comply with legal requirements under applicable law(s). This means that we may retain your personal data for a reasonable period after, for example, the end of the contract with the client you represent, or after your query has been addressed. After this period, your personal data will be deleted from all Virtusa systems.

We remind you that you have a right to request to have your personal data deleted at any time. You may always choose to opt-out by writing to us at dpooffice@virtusa.com.

Your rights

You have a right to:

• Request access to your personal data and request details of the processing activities conducted by Virtusa.
• Request that your personal data is rectified if it is inaccurate or incomplete
• Request erasure of your personal data in certain circumstances.
• Request restriction of the processing of your personal data by Virtusa in certain circumstances.
• Object to the processing of your personal data in certain circumstances.
• Receive your personal data in a structured, commonly used and machine-readable format in certain circumstances.
• Lodge a complaint with the relevant supervisory authority.
• Object to, and not to be subject to a decision based solely on, automated processing (including profiling), which produces legal effects or significantly affects you.
• Withdraw any consent you may have provided to us at any time by contacting us.

To exercise the rights outlined above in respect of your personal data you may also contact our Data Protection officer dpooffice@virtusa.com

External website links

This site contains links that may lead you to other sites. Be careful when accessing these links, as Virtusa is not responsible for the privacy practices or the content of such other Websites.

Changes to our privacy policy

This privacy policy was last updated on 01 May 2021. And covers the aspects of EU GDPR, UK GDPR and CCPA. We would update this policy upon any changes in global privacy regulations applicable to us or at a minimum annually. We would however recommend that you to look back at this policy from time to time to check for any updates.

Our Contact details

Virtusa is the controller of data for the purposes of Data Privacy. If you have any concerns as to how your data is processed you can contact our Data Protection officer at dpooffice@virtusa.com