Privacy Policy

Effective Date: January 1, 2024  |  Last Updated: January 1, 2024

Sterling & Wilson Private Limited ("Sterling & Wilson", "we", "us", or "our") is committed to protecting the privacy and security of personal data processed through this application ("Application"). This Privacy Policy describes how we collect, use, store, share, and protect personal information in accordance with applicable data privacy laws, including but not limited to the Digital Personal Data Protection Act, 2023 (India) and other applicable jurisdictional regulations.

By accessing or using this Application, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy.

1. Scope

This Privacy Policy applies to all users of the Sterling & Wilson Application, including employees, administrators, and authorized external users (collectively "Users"). It governs the processing of personal data collected through your use of the Application on behalf of Sterling & Wilson.

2. Personal Data We Collect

We collect only the personal data necessary for the legitimate operation of this Application. This includes:

  • Identity Data: Full name, employee ID or user ID, job designation, and department
  • Contact Data: Official email address and contact number (where applicable)
  • Authentication Data: Username, hashed password credentials, and multi-factor authentication records
  • Usage Data: Login timestamps, session activity, IP address, browser type, device information, and pages accessed within the Application
  • Transaction Data: Records of actions performed within the Application, such as approvals, submissions, and data entries relevant to your role
  • Technical Data: Log files, error reports, and audit trail data generated during your use of the Application

We do not collect sensitive personal data (such as biometric, financial account, or health data) unless expressly required and separately notified.

3. Purpose and Legal Basis for Processing

We process your personal data for the following purposes:

  • To authenticate your identity and provide you with authorized access to the Application
  • To facilitate business operations, workflows, and tasks assigned to you within the Application
  • To maintain security, detect unauthorized access, and investigate suspicious activity
  • To maintain audit logs and comply with legal, regulatory, and internal governance obligations
  • To communicate system notifications, updates, and alerts relevant to your use of the Application
  • To improve Application performance, reliability, and user experience

The legal basis for processing is the legitimate organizational interest of Sterling & Wilson in operating a secure and compliant internal platform, as well as compliance with applicable legal obligations.

4. Data Retention

Personal data collected through this Application is retained only for as long as necessary to fulfill the purposes described in this Policy, or as required by applicable law or organizational data retention policy. Audit logs and access records are retained for a minimum period as mandated by applicable regulatory requirements. Upon termination of your authorized access, your account data will be deactivated and archived in accordance with Sterling & Wilson's data retention schedule.

5. Data Sharing and Disclosure

Sterling & Wilson does not sell, rent, or trade your personal data. Data may be disclosed only in the following circumstances:

  • To authorized internal teams (IT, HR, Compliance, or Management) on a need-to-know basis for legitimate business purposes
  • To trusted third-party service providers engaged to support IT infrastructure, subject to appropriate data processing agreements
  • To regulators, law enforcement authorities, or courts when required by applicable law or legal process
  • In connection with a merger, acquisition, or restructuring, where data may be transferred to a successor entity
6. Data Security

Sterling & Wilson implements appropriate technical and organizational security measures to protect your personal data against unauthorized access, disclosure, alteration, or destruction. These measures include:

  • Role-based access controls (RBAC) restricting data access to authorized users only
  • Multi-factor authentication (MFA) for Application login
  • Encrypted transmission of data over secure (HTTPS/TLS) connections
  • Audit logging and monitoring of system access and activity
  • Periodic security assessments and vulnerability reviews

Notwithstanding these measures, no electronic transmission or storage system is entirely secure. Users are responsible for maintaining the confidentiality of their credentials and reporting any suspected breach immediately.

7. Your Rights

Subject to applicable law, Users may have the following rights with respect to their personal data:

  • Right of Access: Request a copy of the personal data we hold about you
  • Right of Correction: Request correction of inaccurate or incomplete personal data
  • Right of Erasure: Request deletion of your personal data, subject to legal retention obligations
  • Right to Restrict Processing: Request that we limit processing of your data in certain circumstances
  • Right to Raise Grievance: Lodge a complaint with the Data Protection Officer or applicable supervisory authority

To exercise any of the above rights, please contact the Data Protection Officer at the address provided in Section 9.

8. Cookies and Tracking

This Application uses session cookies solely to maintain your authenticated session and ensure secure navigation. These cookies are essential for the functioning of the Application and do not track your activity across external websites. No third-party advertising or analytics cookies are used. Session cookies are automatically deleted when you log out or close your browser.

9. Contact — Data Protection Officer

For questions, concerns, or requests related to this Privacy Policy or the processing of your personal data, please contact:

Data Protection Officer
Sterling & Wilson Private Limited
9th Floor, Universal Majestic, P. L. Lokhande Marg,
Chembur (West), Mumbai – 400 043, Maharashtra, India
Email: dpo@sterlingwilson.com

10. Changes to This Policy

Sterling & Wilson reserves the right to update this Privacy Policy at any time to reflect changes in applicable law, organizational policy, or Application functionality. Users will be notified of material changes via a notice within the Application or by other appropriate means. Continued use of the Application following notification of changes constitutes acceptance of the revised Policy.