PERSONAL INFORMATION MANAGEMENT SYSTEM POLICY

Aspire Systems is a global technology services firm orchestrating end-to-end IT transformation for Independent Service Vendors (ISVs) and Fortune 1000 enterprises through strategic IT services to actualize robust business outcomes across the value chain.

Aspire shall protect ‘personal’ data of all entities and individuals associated with it to prevent wrongful exposure, usage or processing for unintended purpose and shall ensure compliance to applicable legal, contractual, statutory and regulatory requirements.

To achieve the above, Aspire shall:

• Establish and implement policies, processes and the right organization structure (Personal Information management system) while processing the Personally identifiable information (PII) of Aspirians and its customers to protect from threats, both external as well as internal.
• Continually improve the personal information management System by adopting a life cycle approach through the establishment and regular monitoring of measurable PMS objectives.
• Commit to comply with business, legal, regulatory and contractual security obligations, as may be applicable from time to time.
• Ensure Lawfulness, fairness and transparency, Purpose limitation, Data minimization, Accuracy, Storage limitation, Integrity, confidentiality and accountability of the Personally identifiable information (PII) of its employees, customers and other data subjects
• Create mechanisms to identify and review the risk and impact of breaches in protected personal information
• Communicate all pertinent privacy policies to employees, customers and other interested parties as applicable.

This policy applies to all employees of Aspire Systems and other users of Aspire’s information processing facilities. The management and employees shall ensure that this policy is implemented, communicated, monitored and maintained at all levels of the organization and regularly reviewed for compliance and continual improvement.