Privacy Policy

Purpose

Jain Pawan & Associates, Chartered Accountants (‘JPA’ or ‘the Firm’ or ‘our Firm’) is committed to considering the Confidentiality, Integrity, and Availability of business-critical and potentially sensitive data. JPA and its respective successors in India are committed to ensuring the privacy of those customers. The EU citizens' personal data are collected and further processed pursuant to the GDPR, if applicable. For non-EU citizens, the personal data are processed as per their respective country’s data protection act. This Privacy Policy (‘Policy’) describes what information is collected from prospective employees, clients or suppliers, webpages of jpaconsulting.co.in, online application forms, and respondents and how that information is used and disclosed.  By using the website or continuing to receive communications, the data subject agrees to the use of such information in accordance with this privacy policy. 

 

Scope 

This policy applies to all information assets generated or processed by JPA, including those created before the publishing of this policy. Further, it also applies to prospective employees, clients or suppliers and respondents with all geographical locations.

​

Definitions

​

Controller

The natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

​

Data subject

To any individual person who can be identified, directly or indirectly, via an identifier such as a name, an ID number, location data, or via factors specific to the person's physical, physiological, genetic, mental, economic, cultural, or social identity.

 

Personal Data and Personal Information

Any information relating to an individual that can be used to identify that individual either on its own or in combination with other readily available data.ProcessorA natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller.

 

Special Categories of Data

Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.

​

Collection of personal information 

• Authorized users | The JPA website is unintended for children under the age of 16. If you are under 16 years old, please do not provide information of any kind whatsoever on the site. If you are the parent of a child under 16 and believe your child has provided us with personal information, please contact us via email (contactus@jpaconsulting.co.in) and we will remove their information.

• Usages and Browsing Information Your Devices Transmits | You can visit most of our site pages without registering or actively submitting personal data to us. If you do not register, general technical user data, such as your device’s Internet Protocol (‘IP’) address, operating system and browser type, and the date and time of your visit, may be automatically collected using “cookies” (small files stored on your computer by a website to give you a unique identification) or other technologies. You may contact us to delete or modify your consent by mailing us to contactus@jpaconsulting.co.in

• Information that you actively submit | Any personal Information we collect are used only to respond to your inquiry, such as your application, process an order, or allow you to access specific information, and is not shared with third parties except as described in this policy. We do not collect or otherwise process Personal Information about race, religion, sexual orientation, health, or any other information that is deemed to be sensitive in the ordinary course of business except for employees and job applicants.

• Careers | If you decide that you wish to apply for a job with us, you may submit your contact information and your resume through email to HR (contactus@jpaconsulting.co.in). We will collect the information you choose to provide with your application. We will use information provided by you in connection with your application for employment to assess your qualifications and we may share this information with clients and affiliates of the JPA solely in connection with our efforts to evaluate you for a position at the JPA or for assignment to one or more clients of our firm. We may retain application information provided by you for consideration in connection with the position that you actively apply for and other positions at the JPA, its affiliates and its clients that may become available in the future. We do not seek to collect or otherwise process any Personally Identifiable Information for any other purpose other than what is legitimate; and we do so in accordance with applicable law.

• Business Information | We do collect employee contact names, addresses, phone numbers and email addresses of our business partners, including buyers, suppliers, and vendors, for the administration of our business relationships. If you feel that your personal data or personally identifiable information is being collected inappropriately, please notify us at contactus@jpaconsulting.co.in.

 

Purpose of collecting personal information 

We use collected information to operate, evaluate and improve our business. This includes:

​​

• Developing and enhancing our services.

• Managing our communications; and 

• Sending newsletters.-

​​

Your requests raised through any of our services are answered through the contact information given by you. Your contact information is also used for marketing purposes until you opt-out for the same.

 

Data protection laws and rights

When our firm process Personal Data about data subjects, our firm do so with your consent and/ or as necessary to provide the website you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfil other legitimate interests of the JPA’s as described in this privacy policy.

 

​The JPA adheres to applicable data protection laws including the GDPR in the European Union and United Kingdom, which if applicable, includes the following rights: 

1. If the processing of Personal Data is based on data subjects (‘you’ or ‘your’) consent, you have a right to withdraw consent at any time for future processing.

2. You have a right to request us to rectify or correct your Personal Data. Please inform us of any data which you would like rectified, and we usually respond within a month of the request. We will pass on the changes to any third parties who need to change their records and let you know this has been done.

3. You have a right to access your Personal Data. Please contact us if you would like confirmation that your data is being processed and access to your personal data. There is no charge for providing you with this data and it will usually be provided within a month of the request.

4. You have a right to request that your Personal Data be erased, subject to certain exceptions. You may exercise your right to have your personal data erased in several circumstances (e.g., if the data is no longer necessary in relation to the purpose for which it was created, or you withdraw your consent). 

5. You have a right to restrict processing of your Personal Data. You can tell us that we can keep your data but must stop processing it, including preventing future mailings and communications. If possible, we will inform any third parties to whom your data has been disclosed, of your requirement.

6. You have a right to object to the processing of your Personal Data. We will stop processing your data if you object to processing based on legitimate interests or the performance of a task in the public interest / exercise of official authority.

7. You have a right to request data portability. Your data is stored across manual records and electronic database. We will do our best to provide information in a portable format.

8. You have a right to not to be subject to automated decision-making including profiling; and

9. You have a right to lodge a complaint with a data protection authority.

• Do Not Sell My Information | While JPA does not sell your Personal Information in exchange for any monetary consideration, we do share your information for other purposes, including analysis and ecommerce with third party channels and ad words, that could be deemed a “sale” as defined by the CCPA or any other US data protection law. We support the CCPA and wish to provide you with control over how your personal information is collected and shared. 

• Data retention | Once the decision is made to dispose according to the retention schedule, the data should be deleted, shredded, or otherwise destroyed to a degree equivalent to their value to others and their level of confidentiality. The method of disposal varies and is dependent upon the nature of the document. For example, any documents that contain sensitive or confidential information (and particularly sensitive personal data) must be disposed of as confidential waste and be subject to secure electronic deletion; some expired or superseded contracts may only warrant in-house shredding. The document disposal schedule section below defines the mode of disposal.  Further details about data retention are discussed in our IT security manual.

• Data Minimization | Our firm supports every reasonable step to ensure that user information that we process is limited to this policy and data is collected further stored if and if required by considering data protection acts (such as GDPR). 

• Sharing of personal data | Information associated with data subjects Personally Identifiable Information is shared in accordance with the procedures stated as follows:

​​

1. With your consent.

2. Our firm use affiliated and unaffiliated service providers all over the world that help us deliver our service and run our business subject to confidentiality agreements.

3. Our firm will disclose data as required by law including to meet national security requirements or to protect you, other users, us or third parties from harm, including fraud, data security breaches or where someone’s physical safety seems at risk; and

4. In a reorganization or sale of our company or assets, your data may be transferred, subject to the acquirer accepting the commitments made in this Privacy policy and in compliance with applicable law.

​​

When JPA does share your Personal Information with third party service providers and/or sub-processors, JPA will:

​​

1. Transfer such data only for limited and specified purposes.

2. Ascertain that the sub-processor is obligated to provide at least the same level of privacy protection as is required by this policy.

3. Take reasonable and appropriate steps to ensure that the sub-processor effectively processes the Personal Information transferred in a manner consistent with our obligations under this policy.

​

Information Security

JPA is committed to protecting the security of your Personal Data. Our firm either protects personal data through encryption or through password protection. However, JPA cannot guarantee the security of information on or transmitted via the Internet. If we learn of a security systems breach, then we may attempt to notify you electronically so that you can take appropriate protective steps.

​

Limitations

Our firm’s website may contain links to external websites, and areas where you can provide information to third parties. These are provided for your convenience only, and we do not have control over the content or privacy and security practices and policies of such third parties or third-party sites. Any Personal Information you provide in such areas, and on such linked pages is provided directly to that third party and is subject to that third party’s privacy policy. Please learn about the privacy and security practices and policies of external websites and third parties before providing them with personal information.

 

Changes to this policy

• JPA reserve the right to modify this Privacy Policy at any time. If we decide to change our Privacy Policy, our firm will prominently post those changes here and any other place we deem appropriate, so you are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If we make any material changes, we will notify you by means of a policy on this site prior to the change becoming effective. We will use information in accordance with the Privacy Policy under which the information was collected.

• Periodically, our operations and business practices are reviewed for compliance with corporate policies and procedures governing the confidentiality of information.

 

Contacting JPA

For any further, queries you can contact us through email at contactus@jpaconsulting.co.in or through regular mail:
28, Raja Enclave, Pitampura, Delhi 110034, India.

​

Enforcement

Violation of this Policy will result in corrective action from the management. Disciplinary action will be initiated consistent with the severity of the incident as determined by the investigation, and may include, but not limited to:​

1. Loss of access privileges to information assets

2. Termination of employment or contract

3. Other actions deemed appropriate by the leadership team. 

​​

Violation of the policy shall be reported to the Human Resources Director and Managing Partner and a security incident record shall be created for the further investigation of the incident.