Skip to main content Skip to footer

Infosys Public Services Canada and its affiliates hereinafter referred as ‘Infosys’, ‘we’, ‘us’ or ‘our’ is committed to respect your privacy and choices. The privacy statement (hereinafter “Privacy Statement” or “Statement”) highlights our privacy practices regarding Personal Information that we collect and process in compliance to applicable data privacy regulations.

Objective:

Through this privacy statement we intend to provide a synopsis of our privacy practices regarding Personal Information that we collect and process about you through various sources. Although the primary focus of this statement is on the data collected and processed through our website and sub-domains such as blogs.infosys.com, abm.infosys.com, etc. (Collectively referred to as “Infosys Websites”), our adherence to the below mentioned principles remain across the organization towards personal data processing. Depending on the purposes of processing and your relationship with us as a data subject, we may provide additional customized privacy statements, more information on which can be found below.

The scope of this Statement covers the categories of personal data collected, how we use or process such data, who are the recipients of such data, and your associated rights under applicable laws including how to exercise the same.

Wherever we may have provided the translation of our Statement in local language, as per applicability, in case of a conflict between the local language and the English version, the English version shall prevail.

1. Personal Information that we process and use

1.1 Personal Information that we process

We may collect the following categories of Personal Information:

  • Information collected as part of your visit and usage of our websites, such as Internet Protocol (IP) address, demographics, your computers’ operating system, device information, telemetry data and browser type and information collected via cookies or similar tracking technologies. As a website visitor who merely browses our websites (including the hosted content), without submitting any additional data, this is the most relevant paragraph for applicable data processing.
  • Personal and Contact details, such as, Name, title, e-mail address, phone numbers, address, designation, Company/Organization, Industry, Location (in terms of City/Country), LinkedIn profiles/URLs (or similar professional data set).
  • Login credentials, such as Username and Passwords, when you register for any of our applicable services.
  • Audio-Visual information such as photographs or images captured, video recordings (if enabled), when attending any of our events, webinars etc.
  • Queries, comments, or feedback as submitted by you, including any correspondence you have made with us.
  • Preferences relating to marketing communications, interest areas, subscription details, dietary preferences/allergies (in relations to events we may organize).
  • Additionally, we may collect certain data points based on the categories of data subject and their relationship with us, as are detailed out in additional Privacy Statements for relevant categories of data subjects at the end of this Statement.

1.2 Sources of Personal Information

We may collect the aforementioned Personal Information through various sources, such as mentioned below:

  • Submitted by yourself, through our Website forms, applications on our portals, or by contacting/emailing our official contacts.
  • Shared to Infosys employees, such as our sales or marketing representatives.
  • Shared with or by Infosys’ affiliates.
  • Shared by the employers of the visitors and contractors, where applicable.
  • Sourced from public websites and social media, including your publicly accessible profiles.
  • Shared by our suppliers, vendors and service providers.
  • Sourced via Cookies and similar tracking technologies as deployed on our website (details are available in the Cookie Policy).

1.3. Use of your Personal Information

We may use your Personal Information for the following purposes:

  • to provide better usability, troubleshooting and site maintenance
  • to understand which parts of the website are visited and how frequently
  • to create your login credentials, where applicable
  • to identify you once you register on our website
  • to facilitate communication with you, including contacting you and responding to your queries or requests
  • to offer curated content tailored to your preferences
  • To enable marketing and sales related communications and related purposes
  • to provide access to podcasts available on our website(s)
  • to know your interest of participation in ideathons or other competitions
  • as a participant of any competitions and/or award ceremonies organized by us, to publish your name and corresponding details to make them available to larger audience on the Internet (including details of awards won); for the jury members and other associated delegates and speakers, to publish their name, title, photograph, and bio in a similar manner
  • to invite you for events, seminars and equivalent ceremonies organized by us and related purposes such as running marketing or promotional campaigns, including such promotions or publications on social media
  • to publish testimonials and case studies
  • to generate and maintain leads as part of our Customer Relationship Management database
  • to perform data analytics for providing a better user experience, enhance website performance and achieve business objectives
  • to enhance and optimize our business operations, applications, systems, and processes, including operation and management of our communication assets and systems, ensuring and strengthening information security, maintenance of audit trail and associated records,
  • to protect your data and Infosys assets from information security threats and to secure against any unauthorized access, disclosure, alteration, or destruction
  • to comply with applicable laws and other legal requirements, such as regulatory filings, record-keeping and reporting obligations, cooperating with government authorized inspections or requests, protecting our legal rights, and seeking remedies, including defending against any claims or engaging in legal proceedings, responding to subpoenas or court orders and managing documentation for related purposes
  • to enhance your website experience and other associated purposes by deploying cookies or similar technologies. These may serve different purposes. For example, some of the cookies may be necessary for the operation of the website, while others are used to ensure its seamless performance. They may also enhance the functionalities provided on our website, help us understand how our online services are used, or to determine the interests of our website visitors. Additionally, our advertising partners collaborate with us to provide and assist in the use of such technologies on Infosys and other sites. For more information, refer to the cookie policies of site.

For some of the personal data processing we undertake, we might use AI, Machine learning and related technologies to enhance customer experience and data analytic capabilities, but whenever we do so, we use responsible AI practices.

1.4. Legal basis of the processing

The applicable privacy and data protection laws provide for certain justifiable grounds for collection and processing of personal data, commonly referred to as legal basis of processing. We primarily rely on the following legal bases:

1.4.1 We process your Personal Information when it is necessary for the performance of a contract to which you are the party or in order to take steps at your request prior to entering into a contract, e.g., when you would engage with us for receiving our services and offerings, or when managing the data of our employees for ensuring the performance of their employment contract.

1.4.2 We process your Personal Information when it is necessary for the purposes of a legitimate interest pursued by us or a third party (when these interests are not overridden by your data protection rights), e.g., when we need to understand your usage of our website and interaction with the same, for generating your secure login credentials, or to optimize our processes.

1.4.3 We process your Personal Information with your consent. Where we process Personal Data based on consent, your consent is revocable at any time, e.g., when registering and inviting you for events organized by us, or for sharing our marketing related communications with you.

1.4.4 We may process your personal Information to comply with any Legal obligations on us, including to applicable laws and protecting our legal rights, seeking remedies, and defending against claims.

2. Consequences of not providing Personal Information

If you choose not to provide your Personal Information that is mandatory to process your request, we may not be able to fulfill the relevant purpose of processing, including provision of any services to you, if applicable.

3. Data recipients, transfer, and disclosure of Personal Information:

3.1 Infosys does not share your Personal Information with third parties for their direct marketing purposes.

We share your Personal Information within

  • Infosys or with any of its affiliates;
  • Business partners;
  • Service providers;
  • Authorized third-party agents; or
  • Auditors, and/or government authorities, where applicable.

3.2 Facilitating International Data Transfers:

We may transfer Personal Information to countries outside of your country of residence, either to affiliates of Infosys Public Services Canada or third parties, including to countries which have different data protection standards from those which apply in your country or region of residence. The locations of Infosys group companies are set out here. Our service providers are located globally; however, the primary locations are in USA, Canada, Australia, Singapore, Hong Kong, India, and UK.

Where we may transfer the data outside your country or region of residence, we shall take reasonable and appropriate steps in line with applicable laws while executing such transfer.

Please contact us as set out below if you would like to obtain a copy of the methods used when executing such international transfer as per applicable laws. When required, Infosys may disclose Personal Information to external law enforcement bodies or regulatory authorities, in order to comply with legal obligations.

4. Your Rights:

4.1 Subject to the laws of your country, you may have certain rights as a data subject (including but not limited to right to information, access, rectification, erasure, object, restriction of processing, right to complain), relating to your Personal Information that we process. Where the data processing is based on your consent, you may withdraw your consent to the processing of any Personal Data at any time. This will not affect the lawfulness of any processing operation before your withdrawal.

4.2 Exercising your rights: For exercising your rights, we may need to request certain information from you for ascertaining your identity and confirming that you are entitled to exercise the same. You can exercise your rights by contacting us at privacy@infosys.com

4.3 Preference Center: You can choose to update your Infosys Marketing communications preferences from our Contact Preference center.

5. Data security

At Infosys, there exists a perfect balance between Governance, Process and Technology, the combination of which has established Infosys' commitment to its customers and stakeholders. Infosys adopts reasonable and appropriate security controls, practices and procedures including administrative, physical security, and technical controls in order to safeguard your Personal Information.

6. Data retention

Personal Information will not be retained for a period more than necessary to fulfill the purposes outlined in this privacy statement unless a longer retention period is required by law or for directly related legitimate business purposes. Personal Data that is no longer required to be retained as per legal and business requirements will be disposed in a secure manner.

7. Contact your Local Data Protection Authority

If you are unhappy with how we safeguard your personal data, depending on the laws of the country where you reside, you have the right to bring a complaint to your local data protection authority.

8. Linked websites

Our privacy practices regarding Personal Information that we collect and store about you through our portals such as Recruitment and Global Alumni will be as per the privacy policy of those portals.

Infosys provides links to third-party websites and services. However, Infosys is not responsible for the privacy statements, practices, or the contents of such third-party websites.

9. Children’s Privacy

Infosys Websites, its associated products or services and hosted contents, are not intended for the use by children.

As such we do not knowingly solicit or collect personally identifiable information online from children without prior verifiable parental consent. If Infosys learns that a child has submitted personally identifiable information online without parental consent, it will take all reasonable measures to delete such information from its databases and to not use such information for any purpose (except where necessary to protect the safety of the child or others as required or allowed by law). If you become aware of any personally identifiable information we have collected from children, please email us at privacy@infosys.com.

10. How to contact us

If you have any questions regarding our privacy practices or this privacy statement, or to request this privacy statement in another format, please contact us at: Email: privacy@infosys.com

11. Updates to this privacy statement

Infosys may change the data privacy practices and update this privacy statement as and when the need arises, and the same will be made available on the website. However, our commitment to protect the privacy of website users will continue to remain.

12. For the purpose of processing your Personal Information in Canada (applicable to data subjects residing in Canada), we will follow the Data Privacy Principles and regulations of the Personal Information Protection and Electronic Documents Act, 2000 (commonly known as PIPEDA). Please note that the following additional provisions will apply to you if you are a Data Subject (resident or citizen) in Canada.

Cross Border transfer of Personal Information:

We may transfer Personal Information to countries outside Canada. Under PIPEDA, there is no distinction between domestic and international transfers of data. Infosys Public Services Canada as the transferring organization will remain accountable for the protection of that personal information and ensuring compliance with the applicable legislation, using contractual or other means to provide a comparable level of protection while the information is being processed by the third party.

Your Data Subject Rights in Canada

As a Data Subject located in Canada, you are entitled to the following rights:

  • The right to access the personal information that we collect about you.
  • The right to know about the purposes for which your personal information is collected by us.
  • The right to withdraw consent to the processing of your personal information.
  • The right to have your personal data to be accurate, complete, up-to date and relevant to the purpose for which it is collected.
  • The right to request that your personal information collected be amended, where applicable.
  • The right to have your personal information that is no longer required be deleted or made anonymous.
  • The right to receive send your personal information to any other organization.
  • The right to lodge a complaint regarding the manner in which your personal information is being processed.

If you are a Canadian resident and you wish to exercise your data subject rights as called out above, please refer to section 4 on exercising ‘Your Rights’.

Privacy Statements for Other Categories of Data Subjects

Candidates and Interns

*Detailed privacy notice will be provided when one applies for a job or internship in Infosys through careers page available on Infosys website.

Categories of Personal Information (including sensitive personal information) that we process:

Candidate name, Contact details, Resume, Date of Birth, Educational qualification including skill details, Employment related information, details pertaining to background checks, passport details (only if shortlisted). Few other details collected such as web address, willingness to travel, etc. (optional), Financial details and national identification details (only in selected countries, where required by law)

* Please note that the categories of personal (or sensitive personal) details processed may differ based on the business requirement of the entity and legal requirement of a country.

Use of your Personal Information:

We use your Personal Information for the following purposes:

  • To assess candidate’s suitability towards job requirement as part of the recruitment or internship selection process and other associated processes including background verification by our authorized vendor,
  • To carry out various employer related activities if you are selected to join the organization and to enable us to ensure that we are compliant with any applicable labor and/or other relevant laws.

Legal Basis of Processing:

We process your Personal Information when it is necessary for the performance of a contract to which you are the party or in order to take steps at your request prior to entering into a contract or based on your consent, as per applicable laws.

Data Recipients/Accessible to:

Your data may be accessible to authorized Internal recipients within Infosys Public Services Canada, its affiliates, our authorized service providers including cloud service providers who provide services to Infosys, business partners, Government Bodies including statutory, regulatory authorities, law-enforcement agencies (where applicable), Auditors (internal/external), and Infosys’ Clients (where applicable) based on contractual obligation.

For reference to our additional privacy practices regarding data security, retention, transfers (if any), and helping you exercise your rights, as applicable, please refer to our Privacy Statement.

Employee and Alumni

* Detailed privacy notice for our employees will be provided at the time of onboarding. For our alumni, a detailed privacy notice is available on our Alumni Portal.

Categories of Personal Information (including sensitive personal information) that we process:

Contact Details, Family Particulars, Educational Qualifications, Personal Details, Work experience details, National identification information, Official Identifications details, Salary, Compensation, taxation, benefits, claims and other financial information, Performance and development records, Digital Access and IT related information, Travel-related records, Health and safety records, Background checks and screening details, Leave and Attendance records, Information we obtain from monitoring the use of our official systems and networks (as permitted by applicable laws).

* Please note that the categories of personal (or sensitive personal) details processed may differ based on the business requirement of the entity and legal requirement of a country.

Use of your Personal Information:

We use your Personal Information for the following purposes:

  • To assist in onboarding you as an employee, other associated processes, and to carry out various employment related activities and to enable us to ensure that we are compliant with any applicable labor and/or other relevant laws.
  • As an alumni/ex-employee, to contact you and enable you to take part in our alumni related engagements, be a part of the alumni community, help you with documents and details related to your employment with Infosys, share current job opportunities at Infosys and enable you to apply for them (where applicable).

Legal Basis of Processing:

The above data elements are collected under one or more of the following lawful basis of processing –

  • Performance of a contract
  • Legal Obligation
  • Legitimate business interest
  • Consent

Data Recipients/Accessible to:

Your Personal Data will be accessible to certain authorized Infosys employees in internal functions such as Human Resources, Finance, Project Delivery Units, etc.; and to our authorized service providers or agents who may require access to the same for processing in relation to the above stated purpose(s); Government Bodies including statutory, regulatory authorities, law-enforcement agencies (where applicable); Auditors (internal/external); Infosys’ Clients (where applicable) based on contractual obligation; Any other parties expressly or impliedly authorized by you for receiving such disclosures.

For reference to our additional privacy practices regarding data security, retention, transfers (if any), and helping you exercise your rights, as applicable, please refer to our Privacy Statement.

Visitors privacy notices

*Visitors privacy notices are also displayed at the visitors’ entrance in Infosys offices.

Categories of Personal Information (including sensitive personal information) that we process:

Visitor Name, Contact Details, Organization, Assets Information (if any), Date and purpose of visit, Photograph, and images/footage captured on CCTV or other video and related security/monitoring systems.

* Please note that the categories of personal (or sensitive personal) details processed may differ based on the business requirement of the entity and legal requirement of a country.

Use of your Personal Information:

We use your Personal Information for the following purposes:

To allow access to Infosys premises.

Legal Basis of processing:

We process your Personal Information when it is necessary for the purposes of a legitimate interest pursued by us or based on your consent, wherever applicable.

Data Recipients/Accessible to:

Your data may be accessible to authorized Internal recipients within Infosys Public Services Canada, its affiliates, our authorized service providers including cloud service providers who provide services to Infosys, Government Bodies including statutory, regulatory authorities, law-enforcement agencies (where applicable), Auditors (internal/external), Infosys’ Clients (where applicable) based on contractual obligation.

For reference to our additional privacy practices regarding data security, retention, transfers (if any), and helping you exercise your rights, as applicable, please refer to our Privacy Statement.

Vendors

Categories of Personal Information (including sensitive personal information) that we process:

Vendor name and contact details, address, tax related details, Contact details of Vendor POC

* Please note that the categories of personal (or sensitive personal) details processed may differ based on the business requirement of the entity and legal requirement of a country.

Use of your Personal Information

We use your Personal Information for the following purposes:

  • For vendor empanelment
  • Purchase order and Invoice creation.
  • For facilitating communications with you
  • For submitting quotations

Legal Basis of Processing:

We process your Personal Information when it is necessary for the performance of a contract to which you are the party or based on your consent, as per applicable laws.

Data Recipients/Accessible to:

Your data may be accessible to authorized Internal recipients within Infosys Public Services Canada, its affiliates, our authorized service providers including cloud service providers who provide services to Infosys, tax consultants and authorities, Government Bodies including statutory, regulatory authorities, law-enforcement agencies (where applicable), Auditors (internal/external).

For reference to our additional privacy practices regarding data security, retention, transfers (if any), and helping you exercise your rights, as applicable, please refer to our Privacy Statement.

Trending @InfosysPS