We at Virtusa Corporation, including its subsidiaries and affiliates (collectively referred to as “Virtusa” or “our”, “we” or “us”), are strongly committed to respecting our Supplier privacy (collectively referred as “you” or “your”) which also includes individual contractors. When engaging with you, we may process personal data for various purposes to manage our business relationship. We recognize the need to protect any personal data we process, as well as the need for transparency in regard to the data processing and its purposes. We are “data controller” under applicable data protection laws and this supplier privacy notice (the “Privacy Notice”) describes how we handle data in relation to our suppliers.
We may collect, use and maintain the below categories of personal data. The personal data we collect or otherwise receive varies by country and your relationship with us and may include but is not limited to information related to the following categories:
Special categories of personal data collected may include:
When engaging with our suppliers, we may process personal data for various purposes to manage our business relationship with you. In this respect, Virtusa may use your personal data, to organize our sourcing activities, issue purchase orders, process payments, perform accounting, manage our contract with you or review the services or products you supply with Virtusa.
Virtusa has implemented technical, physical, contractual, and organizational safeguards designed to protect the security of personal data from loss, damage, or unauthorized use, disclosure, alteration, or access, having regard to the nature of the data, and the risks to which they are exposed by virtue of human action or the physical or natural environment.
We are part of an international group of companies and, as such, we may transfer and disclose personal data concerning you to countries outside of your country of residence. While such information is outside of your country, it is subject to the laws of the country in which it is located, and may be subject to disclosure to the governments, courts or law enforcement or regulatory agencies of such other country, pursuant to the laws of such country.
We transfer personal data between our affiliated entities and delivery centers, as well as to third party service providers, for the purposes explained above. Please click here to see a list of our companies within our corporate group. We require our affiliates and service providers to maintain the confidentiality of your personal data and keep your personal data secure. We also require that they only use your personal data for the limited purposes for which it is provided, and that it is retained as per the local regulatory requirements. In some circumstances, we may permit our affiliates or service providers to retain aggregated, anonymized or statistical information that does not identify you. We do not authorize our affiliates or service providers to disclose your personal data to unauthorized parties or to use your personal data for their direct marketing purposes.
We may disclose your personal data to give effect to transactions with you, to enforce our agreements with you (including our website terms of use), to protect our rights, systems, property and personnel, and for such other purposes as are required or permitted by law. From time to time, we may consider corporate transactions such as mergers, acquisitions, reorganization, asset sales or similar. In such instances, we may transfer, disclose, or allow access to information to enable assessment and undertaking of transactions.
Your personal data is stored in databases, and on the servers of the cloud-based database management services that Virtusa engages, located within and outside of your country of residence.
We may be required by law to preserve or disclose your personal information and service data to comply with any applicable law, regulation, legal process or governmental request, including to meet national security requirements, to carry out background checks (background verification agencies) to facilitate your travel and expense (travel and immigration vendors) and to facilitate audits (third-party auditors).
We will only keep your personal data for as long as is reasonably necessary to fulfill the purposes for which it was collected, taking into consideration our need to respond to your queries or resolve problems, any other purpose outlined above, or to comply with legal requirements under applicable law(s). This means that we may retain your personal data for a reasonable period after, for example, the end of the contract with the client you represent, or after your query has been addressed. After this period, your personal data will be deidentified and/ or deleted as applicable from Virtusa systems.
We remind you that you have a right to request to have your personal data deleted at any time. You may always choose to opt-out by writing to us at dpooffice@virtusa.com.
Subject to the requirements under applicable privacy laws, you have a right to:
To exercise the rights outlined above in respect of your personal data, you may contact our Data Protection Officer via email at dpooffice@virtusa.com
If you provide personal data about another individual to us, it is your responsibility to obtain the consent of that individual to enable us to collect, use, and disclose his or her information as described in this privacy notice.
This Supplier Privacy Notice is effective from April 2025. It addresses the requirements of the EU GDPR, UK GDPR, CCPA, Personal Information Protection and Electronic Documents Act (Canada) (PIPEDA), applicable provincial privacy laws in Canada and other privacy regulations. We may modify this Supplier Privacy Notice from time to time and will update it upon any changes in global privacy regulations applicable to us. When changes are made to this Supplier Privacy Notice, they will become immediately effective when posted on our website unless otherwise noted. By submitting your personal data to us, by using our website, or by voluntarily interacting with us after we publish or communicate a notice about the changes to this Supplier Privacy Notice, you consent to our collecting, using, and disclosing your personal data as set out in the revised Supplier Privacy Notice. We would however recommend that you look back at this notice from time to time to check for any updates.
Virtusa is the controller of data for the purposes of data privacy under applicable data privacy laws. If you have any concerns as to how your data is processed, you can contact our Data Protection Officer at dpooffice@virtusa.com.