Pursuant to the provisions of the General Data Protection Regulation (EU) (“GDPR”), in instances where 7P Promotions collects and processes personal data pertaining to data subjects who are natural persons residing within the European Economic Area (hereinafter “EEA”), 7P Promotions shall assume the role and responsibilities of a ‘data controller’ as delineated in the GDPR. As such, 7P Promotions shall be accountable for ensuring that all processing of personal data is carried out in compliance with the principles the GDPR.

The ensuing provisions herein shall apply specifically to data subjects resident within the EEA and shall elucidate the rights conferred upon such data subjects under Chapter III of the GDPR, in relation to the processing of their personal data by 7P Promotions. These rights shall be exercisable by the data subject against 7P Promotions in its capacity as the data controller, subject to the conditions and limitations prescribed within the GDPR.

1.    How we will use your personal data?

1.1.        When we process your personal data, we do so in accordance with applicable data protection laws. These laws require us to have a valid legal basis for each processing activity. The specific legal basis depends on the purpose for which we process your data, as outlined earlier in this privacy notice.

1.2.        Our processing of your personal data may be based on one or more of the following legal grounds:

i.              Consent (Article 6(1)(a))

ii.             Performance of a contract (Article 6(1)(b))

iii.            Compliance with a legal obligation (Article 6(1)(c))

iv.           Protection of vital interests (Article 6(1)(d))

v.             Performance of a task carried out in the public interest (Article 6(1)(e))

vi.           Legitimate interests (Article 6(1)(f))]

1.3.        7P Promotions affirms that it shall not process personal data for any purpose that is incompatible with the purpose for which it was originally collected, unless such processing is based on the data subject’s consent or is otherwise permitted by the GDPR.

1.4.        We may use your personal data other than above-mentioned purposes, as already mentioned in general privacy notice:

i.              To ensure access to our website and services;

ii.             to answer your query, support and contact requests;

iii.            subscriptions to our promotional communications;

iv.           to manage, administer and fulfill the obligations under contracts, and regulations; and

v.             to promote TCS brand, products, initiatives and values with marketing communications.

2.    Transfer of personal data out EEA/EU

2.1.        We may transfer the personal data we collect about you to one of more countries outside the EU/EEA, including India, in order to perform one of the activities listed above (see “How we will use your personal information?”).

2.2.         We understand that such transfers require special safeguards to protect your personal data, and we are committed to ensuring that these transfers comply with the requirements of the General Data Protection Regulation (GDPR).

2.3.        When we transfer your personal data outside the EEA, we will do so only:

i.              To countries that the European Commission has decided provide an adequate level of data protection;

ii.             Using contractual clauses approved by the European Commission or other appropriate safeguards that ensure your data receives the same protection as it would in Europe;

iii.            To organizations that have binding corporate rules approved by EEA data protection authorities, ensuring a consistent level of data protection across their global operations;

iv.           When necessary for the performance of a contract with you or to fulfill your request;

v.             With your explicit consent, after we have informed you of the possible risks of such a transfer; and

vi.           When necessary for important reasons of public interest, to establish or defend legal claims, or to protect your vital interests.

3.    Your rights under the GDPR in connection with personal information

3.1.             Under certain circumstances, by law you have the right to:

i.                    Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you.

ii.                  Request correction of the personal data that we hold about you. This enables you ask us to have any incomplete or inaccurate information we hold about you corrected.

iii.                Request erasure of your personal data. This enables you to ask us, in certain situations, to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).

iv.                Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal data for direct marketing purposes.

v.                   Request the restriction of processing of your personal data. This enables you to ask us, in certain circumstances, to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.

vi.                Data portability: This enables you to ask us, in certain circumstances, to provide you with the personal data you have provided to us in a structured, commonly used and machine-readable format or to transmit the personal data that you have provided to us to another party.

vii.              Automated decision-making: The right not to be subject to a decision based solely on automated processing that produces legal effects concerning you or similarly significantly affects you

4.    Verification of Identity

4.1.        To protect your privacy and ensure we only respond to legitimate requests, we may ask you to provide specific information to verify your identity when you exercise your data protection rights.

5.    Complaint procedure under GDPR

5.1.             If you’re dissatisfied with our handling of your personal data under the GDPR, you can contact our Data Protection Officer or lodge a complaint with your local data protection authority. For a list of European authorities, click here.

6.    Data Protection Officer

6.1.        7P Promotions has appointed a Data Protection Officer (DPO) to oversee our data protection strategy and ensure compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR). Our DPO is your primary point of contact for any questions or concerns regarding your personal data.

6.2.        You can contact our DPO at:

Email: dpo@7ppromotions.com