top of page

PRIVACY &
DATA PROTECTION

Our use of data and business intelligence is what sets us apart.

But how we ensure the privacy, control and restriction of data in line with our client's requirements and associated regulation is also part of what sets us apart

Ensuring privacy, control & security of data is paramount

Protecting both our data and the data of those we work with is our number one priority

If, how & why we collect, store, use and share information including corporate & personal data should be explained, transparent and entirely approved by the owner of the data

We are guided and always adhere global regulatory policies and laws

POLICY

Quantum Generate is committed to respecting and protecting the privacy of individuals and keeping Personal Information secure by complying with applicable data protection, privacy and information security laws and regulations.


This Policy describes our methods regarding the necessary collection, use, disclosure, and safeguarding of Personal Information for business related purposes. We will protect personal Information and ensure that such information remains secure and available.

SCOPE

This Policy applies to all Quantum Generate lines and departments globally, including all corporate office locations, lines of business, shared services and operational business units. It also applies to independently operated subsidiaries.

DEFINITIONS

1. Personal Information

Any and all information or data (regardless of format) that (i) identifies or can be used to identify, contact or locate an individual, or (ii) that relates to an individual, whose identity can be either directly or indirectly inferred, including any information that is linked or linkable to that individual regardless of any attributes or status of such individual.

 

2. Sensitive Personal Information

A subset of Personal Information, which due to its nature has been classified by law, contract, or by Quantum Generate policy as requiring additional privacy protections and Enhanced Safeguarding.

Examples of Sensitive Personal Information may include:
 

  • (i) government-issued identification numbers,

  • (ii) financial account numbers (including payment card information and Cardholder Data, as defined by the Payment Card Industry Data Security Standard),

  • (iii) individual medical records (including Protected Health Information, 45 CFR § 160.103) and biometric information,

  • (iv) data obtained from a consumer reporting agency (including employee background investigation reports, credit reports, and credit scores),

  • (v) data elements revealing race, ethnicity, national origin, religion, trade union membership, sex life or sexual orientation, and criminal records or allegations of crimes, and

  • (vi) any other Personal Information designated by Quantum Generate as Sensitive Personal Information.

3. Enhanced Safeguarding

The implementation of more stringent physical, technical, and administrative measures against the risk of inadvertent or unauthorized disclosure of Sensitive Personal Information than the safeguards generally required because the inadvertent or unauthorized disclosure of Sensitive Personal Information may create a risk of substantial harm to the individual (for example, identity theft or financial fraud).

4. Privacy Officer

The individual appointed by the Quantum Generate for the oversight of Quantum Generate's Global Privacy Program

GOVERNANCE

  1. The Privacy Officer is responsible for the oversight of this Policy, the enterprise strategy to address operational and information privacy management risk, and the support of compliance with all applicable data protection, privacy and information security laws and regulations.
     

  2. Each individual business line and department is responsible for following this Policy in order to address its specific activities involving the collection, use, disclosure and safeguarding of Personal Information

COLLECTION

  1. Quantum Generate may collect Personal Information for business related purposes, which may include providing customer service, managing the services we provide to clients, complying with legal requirements, payment processing, and for marketing our products and services.
     

  2. If required by contract, Quantum Generate policy, or applicable law or regulations, Quantum Generate shall obtain consent to collect Sensitive Personal Information.
     

  3. Quantum Generate may collect Personal Information from publicly available sources, including, but not limited to, public internet websites and databases, public or government sources, and news or open source reporting.

USE

  1. Quantum Generate may use and process Personal Information for providing information on products and services, promoting and marketing products and services, and for statistical and research purposes.
     

  2. Any use or processing of Personal Information to generate de-identified, statistical, summary, or aggregated information shall be deemed an allowable use compliant with this Policy; provided that such information cannot be used to identify any individual.
     

  3. Quantum Generate shall retain Personal Information only for as long as necessary to fulfil the business related purposes described in this Policy or as may be required by applicable laws or regulations. In addition, such retention of Personal Information shall be consistent with Quantum Generate policies regarding the storage of business records.

DISCLOSURE

Quantum Generate may disclose Personal Information to outside organizations, including Quantum Generate's affiliates, partners or other third parties that provide Quantum Generate with various outsourced business functions, including, but not limited to, employee benefits administrators or credit card vendors. ​
 

  • i) When Quantum Generate discloses Personal Information to a third party, it is authorized to use and further disclose the related Personal Information only as necessary to provide their services to Quantum Generate or as required by law.
     

  • ii) Quantum Generate shall take appropriate actions to ensure that a third party protects Personal Information that Quantum Generate discloses to it.
     

  • iii) Quantum Generate may disclose Personal Information when required by applicable law or regulation, as well as when Quantum Generate has reason to believe that disclosure is necessary to protect Quantum Generate's rights, protect the safety of individuals or others, investigate fraud or other criminal activity, or respond to a government request.

SAFEGUARDS

  1. Quantum Generate shall collect, use, maintain, disclose (internally and externally), and destroy Personal Information in a manner that reasonably limits the risk of loss, theft, misuse, or unauthorized access.

  2. Quantum Generate shall appropriately dispose of Personal Information upon expiration of required retention periods or when no longer needed for the business related purposes.

FURTHER GUIDANCE

Any exceptions and interpretations of this Policy should be submitted to the Privacy Officer. The Privacy Officer is responsible for interpreting any portions of this Policy as they may apply to specific situations.

bottom of page