Privacy Policy - digital blanket®

digital blanket® (formerly known as FlamencoTech), a company incorporated under the Companies Act, 1956, having its registered office at #731, 7th Cross Road, 3 Block Koramangala, Bengaluru, Karnataka 560034.

digital blanket® is an IOT framework which leverages re-usable software modules to offer SMARTer Workplace solutions over web, Kiosk and the Mobile. digital blanket® provides a future-proofed deployment pathway, allowing for integration to other applications and platforms, as well as for future enhancements such as the use of sensors, biometrics, beacons, video, mobile apps and business rule based analytics. The Digital Blanket® Employee interface can be downloaded on to your mobile as an App, pursuant to the Services being offered to your employer (‘Employer’) and your Employer’s configuration instructions in this regard.

For the purposes of this Privacy Policy (“Policy”), the term “you” or “employee” and all grammatical variations of it means, you the employee, whose Employer has availed the Services, and the terms “we”, “us”, our” means Flamenco Tech. Please note that this Policy provides you information about the data collection, storage, access, processing and transmission activities of Digital Blanket® and should be read in addition to any other information security policy that your Employer may have in relation to the processing of your personal information at your workplace. The details of personal information collected are mentioned in page 2, under the heading “What Information Do We Collect ?”. Please note that other than an anonymous CRES ID and the corresponding System Login password which are mandatory, the rest of the fields are optional. We are committed to respecting and protecting your privacy rights. We created this Policy to describe to you how and what data we collect and store when your Employer uses our Services and you engage with the Digital Blanket® user interface. Employers can opt to utilize our Services by subscribing to Digital Blanket® on our cloud servers or have entire application deployment done ‘on-premises’ within their own network and infrastructure. Your data will be collected, stored and processed on our servers. While this Policy primarily is aimed at our cloud subscribers’ employees, wherever applicable, we have mentioned how our ‘on-premises’ employee’ data is also protected.

What Information Do We Collect?

Information You Provide As your Employer Uses the Services

The personal information collected in the digital blanket® user interface from you will include the following information:

CRES ID – (Anonymous User ID) – (Mandatory Field)
Full Name (Optional if proxy CRES ID is used, else mandatory)
Domain/System login id (Mandatory Field)
Email address (Optional Field if proxy CRES id is used, else mandatory)
Mobile number (mandatory only if SMS notification is required)
Location (Optional Field)

All or any of the above data, is collected from you during the initial implementation phase. You agree to (a) provide true, accurate, current and complete information about yourself; (b) maintain and promptly update the information to keep it true, accurate, current and complete. We do not collect or otherwise process any other information such as financial details, race, religion, sexual orientation or health or any other information that may be deemed to be sensitive under applicable law (collectively, “Sensitive Personal Information”) in the course of providing our Services to your Employer or to you. Information we collect from you passively during your Employer’s usage of our Services

In addition, digital blanket® collects the following data related to your daily activity on the configurations specified by your Employer: Your desk / meeting room / parking / transport booking requests

You on-site check-in data
Workstation occupancy
Your location during wayfinding scan or during emergencies
Your pantry orders
Your personal comfort choices (HVAC, Lighting)
Your visitor requests
Any feedback you provide
Your visitor requests

…..and more

Data about Usage of Services by managers:

We automatically collect certain information about your usage of digital blanket®, during the course of providing our Services to your Employer, such as time when you log in to digital blanket® Mobile App to view and use the services.

This information is collected as part of our audit module to keep track of usage of application, modification done to any business rules or settings and understand which services are more important and useful to you and other employers in general.

We Use Information about You as Disclosed and Described in this Policy
We use information to administer and provide the core functionality of the Services to your Employer, as agreed between us and your Employer. For example, we use your information to personalize services, as well as ensure that Digital Blanket® settings and business rules are setup in the most effective way to provide your Employer value from our Services.
We use your information to generate reports based on the time spent on your workstation.
We may use information to respond to your requests or questions – which we receive on our online helpdesk or over email. The data is used to analyse the issue reported or respond to your requests, questions and queries.
We use information to improve our products and services. We may use your information to make our product better or we might use your information to customize your’s or your Employer’s experience with us. As part of audit trails and logs, we keep track of which services are most used. We also try and improve the user experience by reducing the latency to the services.

We may use information to communicate with you about your account status. We may contact you about your account with respect to password renewal, reset, notifications, alerts etc. We would like to emphasize that we do not share your data with any third party under any circumstances and nor do we share your data for any demo, analysis or promotional purposes. How We Store & Retain Your Information

Digital Blanket® data is stored in relational database. digital blanket® uses MySQL database server out-of the-box; however MS SQL database is also supported in case any Employer specifically wants to use this database on their on-premises deployment.

For employers Subscribing to Our Cloud Services

We use Microsoft Azure service to store data in MySQL database, to leverage their data centre and network architecture which is built to meet the requirements of the most security-sensitive organizations
Each record stored in the database is logically segregated from other employer records by tagging the record to the Employer’s unique id or CRES id
Our cloud server database cannot be directly accessed from any external system other than our designated and authorized digital blanket® application servers hosted on Microsoft Azure infrastructure
We use the automated backup feature of Microsoft Azure which enables point-in-time recovery of the DB instance. As part of automated backup feature, Microsoft Azure RDS automatically performs a full daily snapshot of our data. Backups are retained for the past 7 days
We retain your data only for the duration of the Services availed by your Employer or until the expiry of 24 hours from the date of notification from your employer, whichever is earlier
The UX applications run on Azure Cloud and provide a web & Mobile access for employees through a Mobile Network
If Personal identity and information collection is not approved by your employer, all employees will be identified through a proxy CRES ID and their mapping to the employees will be maintained by your employer only
CRES ID, PIN, password change questions and the passwords are stored only in encrypted form (AES) and Flamenco Tech or any other provider will not have any access to these information
Employees can change PW or request for PIN securely through a Portal without any email communication or identification

For employers Using on Premises Services

If your Employer is using on premise Services, the database server and all other service component reside within their infrastructure and network and complete access or control to this server and data residing on it is controlled as per the Employer’s internal IT policy and data protection and privacy policies. We do not have any control or access to your Employer’s infrastructure and network, where such data or information is being stored
We access this data on your Employer’s infrastructure by taking remote access to it which is completely approved and controlled by your Employer. At no point of time is your data stored on our servers
Data backup and retention of the same is done by your Employer as per your Employer’s specific policy and requirements

How We Secure & Protect Your Information

Our practices and controls are implemented to meet information security requirements and are aligned to ISO 27001:2013 clause 8
digital blanket® provides several means of securing and protecting the data. The access to digital blanket® data is with secure authentication and authorization controls
Any personal identify and information that we collect is encrypted at storage
We follow generally accepted standards to store and protect the personal information we collect, both during transmission and once received and stored, including utilization of encryption where appropriate
We conduct vulnerability assessment and penetration testing (VAPT) of our Services by an independent 3rd party consultant once a year to ensure we proactively secure our Services from all risk and threats due to any malicious attacks
Our Services do not have links to any websites nor do our Services have any plugins or host other third-party services that we don’t control

FOR EMPLOYERS SUBSCRIBING TO OUR CLOUD SERVICES

We use HTTPS for secure transmission of data from sensors, data link servers and gateways to our cloud server
Similarly access to reports, dashboards and reports using web browser is over HTTPS
All passwords are stored in database in encrypted format using AES 128-bit encryption
Transmissions over the internet are never 100% secure or error-free. However, we take reasonable steps as mentioned above, to protect your personal information from loss, misuse, unauthorized access, disclosure, alteration and destruction, subject to your employer implementing such suggestions

FOR EMPLOYERS USING ON PREMISE SERVICES

For Employers who use on-premise Services, all personal information that is captured by digital blanket® user interface or that is collected through digital blanket®, reside within your Employer’s infrastructure and network and complete access or control to this server and data residing on it is controlled as per the Employer’s internal IT policy and data protection and privacy policies
In addition, Employers can opt to use either HTTPS or HTTP for data transmission and web access to the Digital Blanket® Server hosted in the Employer’s premises

Amendment

We reserve the right to change, modify, add or remove portions of this Policy at any time, but will alert you of the changes the next time you access the digital blanket® user interface.

Grievance Officers

If you have any questions, concerns or complaints about our Policy, practices or Services, you may contact by email : Balasubramaniam C.R – bala@flamencotech.com

Privacy Policy!