FiCoVision Pvt. Ltd. (“FiCoVision”, “we”, “us”, “our”) is committed to protecting personal data and processing it in a lawful, fair, and transparent manner in line with applicable Indian law, including the Information Technology Act, 2000, and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, as amended, and, where applicable, foreign data protection laws such as the EU General Data Protection Regulation (GDPR).

This Privacy Notice explains how FiCoVision processes personal data in connection with its website, recruitment and talent pool activities, and its business relationships with corporate clients and partners.

Controller and contact
For processing operations described in this Privacy Notice, the controller is:
FiCoVision Pvt. Ltd.
No.224, NVR Sunpearl, Block A
Kadugodi, Bengaluru, 560067
India

Email: info@ficovision.com
Phone: +91 8917267399

For certain services, particularly where FiCoVision processes personal data strictly on behalf of a corporate client (for example, in operational finance BPO services), the client typically acts as the data controller and FiCoVision acts as a processor or service provider. In such cases, the client’s data protection notices and instructions prevail.

Categories of personal data
Depending on the interaction, FiCoVision may process the following categories of personal data:

• Website usage data, such as IP address in shortened form, date and time of access, URL and resources accessed, referrer URL, browser type and version, device information, and operating system.
• Contact and communication data, such as name, business contact details, role, company name, and the content of communications when users contact FiCoVision via email, contact forms, or other channels.
• Applicant and talent pool data, such as personal and contact details, education and qualification information, employment history, skills, language abilities, certifications, compensation details where provided, availability and notice period, preferred work schedule, work authorization, and any other information supplied in a CV or supporting documentation.
• Business partner data, such as contact details, professional role, and communications in the context of partnerships with tax advisory firms, audit firms, staffing agencies, and other service providers.
• Log and security data, such as system logs, access logs, usage logs, and incident documentation generated by IT and security systems to maintain the integrity and security of systems and services.

FiCoVision does not intentionally collect or process personal data of children via this website.

Sources of personal data
Personal data is typically obtained directly from the data subject (for example, when a candidate submits a CV or a user fills in a contact form). In a business context, data may also be provided by corporate clients, partners, or other third parties who are authorized to share such information, or may be obtained from publicly available sources (such as professional networking platforms) to a limited extent in the context of recruitment or business development.

Purposes and legal bases of processing
FiCoVision processes personal data for the following purposes:

• To make the website available, ensure its technical operation, and improve its content and usability.
• To maintain IT security and prevent misuse, including monitoring and analyzing logs for security and performance purposes.
• To respond to inquiries, manage communications, and handle pre-contractual or contractual relationships with corporate clients and partners.
• To process applications, maintain a talent pool, assess suitability for current or future roles, and conduct recruitment steps such as screenings and interviews.
• To perform and document finance BPO services in accordance with contractual obligations towards corporate clients.
• To comply with legal obligations, including record-keeping, tax and accounting obligations, and regulatory requirements.
• To defend legal claims and manage disputes where necessary.

Where applicable law requires consent (for example, for certain cookies, specific forms of marketing communication, or processing outside the scope of legitimate interests or contractual necessity), FiCoVision will request and record such consent and respect withdrawal of consent going forward.

Where GDPR applies, the primary legal bases are Article 6(1)(b) (performance of a contract or pre-contractual steps), Article 6(1)(c) (legal obligations), and Article 6(1)(f) (legitimate interests such as IT security, service improvement, recruitment, and business development). In cases where consent is required, processing is based on Article 6(1)(a) GDPR.

Recipients and data transfers
Within FiCoVision, access to personal data is restricted to those employees and teams that need the data to fulfill their tasks in line with the purposes set out above. FiCoVision may share personal data with the following categories of recipients:

• Corporate clients and group entities where required for service delivery.
• Service providers and vendors acting on behalf of FiCoVision, such as hosting providers, IT support, communication and collaboration platforms, applicant tracking tools, and professional advisors, based on appropriate contractual arrangements.
• FiCoVision UG (limited liability) and other group entities, where necessary for coordination of cross-border services or group-level management, subject to appropriate safeguards.
• Public authorities, regulators, courts, or law enforcement agencies where required by applicable law or to assert, exercise, or defend legal claims.

Personal data may be transferred to countries outside India, particularly to Germany and other jurisdictions where corporate clients or FiCoVision group entities are located. FiCoVision will implement appropriate safeguards for such transfers, taking into account contractual protections and instructions agreed with clients.

Retention of personal data
Personal data is stored only as long as necessary to fulfill the purposes described in this Privacy Notice or as required by applicable statutory retention obligations (for example, under tax or commercial laws). After the relevant retention period has expired, personal data is deleted or anonymized in accordance with FiCoVision’s internal policies, unless longer storage is justified to establish, exercise, or defend legal claims.

For applicants and talent pool members, FiCoVision generally retains data for a period that reflects the recruitment cycle and foreseeable future opportunities. Where required by law or recommended as a best practice, FiCoVision may request consent to keep data in the talent pool for an extended period and will delete it earlier upon justified request, subject to legal obligations.

Data subject rights
Rights available to individuals under applicable law may include the right to request access to personal data, rectification of inaccurate or incomplete data, deletion, restriction of processing, objection to certain types of processing, and data portability. The scope of these rights and the conditions under which they can be exercised depend on the applicable legal framework.

Where GDPR applies, data subjects have the rights defined in Articles 15 to 21 GDPR, including the right to lodge a complaint with a supervisory authority.

Individuals who wish to exercise their rights or have questions about the processing of their personal data can contact FiCoVision using the contact details provided above. FiCoVision will review each request in accordance with the applicable legal requirements and respond within the legally prescribed timeframes.

Updates to this Privacy Notice
FiCoVision may update this Privacy Notice from time to time to reflect legal developments, changes in our processing activities, or adjustments in our corporate structure. The most current version will always be published on this website. Continued use of the website or services after publication of an updated version constitutes acknowledgement of the updated terms, subject to any legal requirements for obtaining consent.