Privacy Policy

Pattem Digital Pvt Ltd is committed to protecting the privacy and personal data of its website visitors, customers, prospective customers, partners, job applicants, employees, contractors and other stakeholders. This Privacy Policy explains how Pattem Digital collects, uses, stores, shares, protects and otherwise processes personal data when individuals interact with Pattem Digital through its website, business communications, services, platforms, applications, support channels or other digital and offline. Pattem Digital publicly presents itself as a provider of Gen AI, AI, ML, enterprise solutions, cloud engineering, consulting services, managed services, professional services, development, audit, migration, management, and support services, and this policy is designed to reflect the nature of those activities and the business relationships that arise from them. Pattem Digital also states that it is compliant with ISO/IEC 27001. This policy is drafted to align with that compliance posture, while recognizing that compliance requirements may also be addressed through internal policies, contracts, technical standards, and information security controls beyond this public-facing notice.

1. Scope

This Privacy Policy applies to personal data collected or processed by Pattem Digital through:

● The Pattem Digital website and related web pages;

● Contact forms, enquiry forms, demo requests, newsletter subscriptions, events, webinars, and other marketing interactions;

● Recruitment channels, including resume uploads and job applications;

● Customer on boarding, project delivery, consulting engagements, managed services, support, maintenance, and professional services;

● Email, telephone, messaging, collaboration tools, meetings, and business relationship management; and

● Any applications, portals, systems, or digital services operated by or on behalf of Pattem Digital where this Privacy Policy is made available or referenced.

This Privacy Policy does not automatically apply to third-party websites, applications, services or platforms that are not owned or controlled by Pattem Digital, even if they are linked from the Pattem Digital website.

2. Categories of Information Collected

Pattem Digital may collect personal data directly from individuals, automatically through digital interactions and from business partners, customers, service providers, publicly available sources, recruitment sources or other lawful third-party sources, depending on the context of the relationship and the services involved.

2.1 Information provided directly

Pattem Digital may collect information such as:

● name, job title, employer name, department, and business contact details;

● email address, telephone number, postal address, city, state, pin code, and country;

● account registration information, credentials, and profile details where applicable;

● correspondence, meeting notes, support requests, and enquiry details;

● recruitment information, including resume/CV, educational background, work experience, certifications, references, and related information uploaded through career or application channels;

● contractual, billing, invoicing, and payment-related contact information;

● information submitted for surveys, feedback, events, webinars, whitepaper downloads, or marketing requests; and

● any other information voluntarily submitted by an individual in connection with a legitimate business purpose.

2.2 Information collected automatically

When individuals access Pattem Digital's website or digital services, Pattem Digital may collect technical and usage-related information such as:

● IP address;

● browser type and version;

● device identifiers and operating system details;

● date, time, and duration of access;

● referring website or source;

● pages visited, clicks, downloads, and interaction patterns; and

● cookie, session, analytics, or similar technology data used to improve user experience, website performance, and service delivery;

2.3 Information processed in service delivery

Where Pattem Digital provides consulting, engineering, cloud, managed, support, data engineering, AI, ML, SAP, UX Research, Experience Design, Front-End Development (ReactJS, Vue.js, Angular, Next.js, TypeScript), Strategy & Consulting, Node.js, AEM, Sitecore, PHP, iOS, Android, React Native, Java, .NET, SAP, AI/ML, RPA (Blue Prism), Game Development, IoT, and end-to-end Software Product Development Solutions or other technology services, Pattem Digital may process customer-controlled information, which may include personal data made available by or on behalf of customers as part of project execution, managed service delivery, troubleshooting, migration, testing, analytics, support, or operational activities. In such cases, the customer may act as the controller or primary business owner of the data, and Pattem Digital may act as a processor, service provider, or authorized recipient, depending on the contractual and legal arrangement governing the engagement.

3. Purposes of Processing

Pattem Digital may collect and process personal data for one or more of the following purposes:

● to respond to enquiries, contact requests, demo requests, and other communications;

● to provide consulting, engineering, managed, professional, support, migration, audit, and related services;

● to manage customer and partner relationships, contractual performance, and account administration;

● to deliver, maintain, secure, monitor, and improve websites, platforms, applications, networks, and services;

● to authenticate users and control access to systems, applications, and support channels;

● to recruit, evaluate, and communicate with job applicants, including resume processing;

● to provide newsletters, event invitations, service updates, marketing communications, and relevant business information where permitted by law or consent;

● to conduct analytics, trend analysis, service improvement, quality assurance, and business planning;

● to comply with applicable laws, regulations, judicial processes, contractual obligations, audit requirements, and legitimate business continuity requirements;

● to establish, exercise, or defend legal claims;

● to investigate, prevent, detect, or respond to fraud, cyber threats, service misuse, policy

violations, or security incidents;

● to support information security, privacy, resilience, and governance obligations arising from ISO/IEC 27001, ISO 22301, SOC 2, GDPR, customer contracts, and internal control frameworks.

Pattem Digital will not process personal data for purposes that are incompatible with the original purpose of collection unless such further processing is permitted or required by applicable law, based on consent, or supported by another appropriate legal basis.

4. Legal Bases for Processing

To the extent applicable under laws such as the GDPR and similar privacy frameworks, Pattem Digital may rely on one or more of the following legal bases for processing personal data:

● consent, where an individual has clearly agreed to a specific use of personal data;

● performance of a contract or steps requested prior to entering into a contract;

● compliance with legal or regulatory obligations;

● legitimate interests pursued by Pattem Digital or a third party, provided such interests are not overridden by the rights and freedoms of the individual; and

● protection of vital interests or performance of tasks carried out in the public interest, where applicable under law.

Where consent is relied upon, individuals may withdraw consent at any time, subject to the lawfulness of processing carried out before withdrawal and any processing permitted on another lawful basis.

5. Cookies and Similar Technologies

Pattem Digital may use cookies, session identifiers, analytics tools, and similar technologies to operate its website, remember preferences, understand visitor behaviour, improve functionality, enhance security, and support website analytics and performance. These technologies may be used to understand which pages or services are most useful, improve navigation, remember user selections, and tailor website functionality. Individuals may manage cookies through browser settings or other consent mechanisms made available on the website, although disabling certain cookies may affect the availability or functionality of parts of the website or services.

6. Sharing and Disclosure of Personal Data

Pattem Digital may share personal data strictly on a need-to-know basis and only to the extent reasonably necessary for legitimate business, contractual, security, compliance, or legal purposes. Depending on the circumstances, personal data may be shared with

● Pattem Digital group entities, affiliates, and authorized internal teams involved in delivering services or managing business operations;

● cloud providers, hosting providers, collaboration tool providers, CRM providers, analytics providers, recruitment platforms, professional advisers, and other authorized service providers acting on Pattem Digital's behalf;

● partners, subcontractors, implementation resources, or specialists engaged to support customer projects or managed services under appropriate confidentiality and security obligations;

● auditors, assessors, certification bodies, legal counsel, insurers, and compliance advisers in connection with ISO/IEC 27001, ISO 22301, SOC 2, GDPR, or similar compliance, assurance, and governance requirements.

● regulators, law enforcement agencies, courts, tribunals, government authorities, or other parties where disclosure is required by law or is reasonably necessary to protect rights, safety, systems, or property.

● potential or actual investors, acquirers, successors, or assignees in connection with a merger, acquisition, financing, restructuring, sale of assets, or business transition, subject to appropriate confidentiality and lawful safeguards.

Pattem Digital does not sell personal data to third parties for monetary consideration. Where third-party processors are engaged, Pattem Digital expects them to maintain appropriate confidentiality, security, and data protection obligations consistent with applicable law & contract.

7. International Transfers

Given the nature of technology, cloud, support, consulting, and managed services, personal data may be accessed, stored, processed, or transferred across jurisdictions in which Pattem Digital, its affiliates, customers, or service providers operate. Where personal data is transferred internationally, Pattem Digital will seek to implement appropriate safeguards as required by applicable law, which may include contractual protections, internal control measures, access restrictions, encryption, transfer assessments, or other recognized mechanisms suitable to the transfer context.

8. Information Security and Business Continuity

Pattem Digital states that it is compliant with ISO/IEC 27001, ISO 22301, SOC 2, and GDPR, and accordingly maintains an organizational emphasis on information security, resilience, confidentiality, integrity, availability, and privacy governance. Pattem Digital may implement administrative, technical, physical, and contractual safeguards designed to protect personal data from unauthorized access, alteration, disclosure, destruction, loss, misuse, or accidental compromise. Such safeguards may include, where appropriate, access control, authentication, encryption, secure communication mechanisms, logging and monitoring, vulnerability management, backup and recovery practices, incident response procedures, confidentiality obligations, vendor oversight, employee awareness, and continuity measures aligned with the Company's risk posture and compliance commitments. No method of transmission over the Internet or method of electronic storage is completely secure, and therefore Pattem Digital cannot guarantee absolute security, even though reasonable and appropriate safeguards are applied.

9. Data Retention

Pattem Digital retains personal data only for as long as necessary for the purposes for which it was collected, including service delivery, legal compliance, contractual recordkeeping, dispute resolution, security monitoring, business continuity, audit support, and enforcement of legal rights and obligations. Retention periods may vary based on the category of data, the nature of the relationship, legal requirements, industry expectations, contractual commitments, regulatory obligations, limitation periods, and operational needs. When personal data is no longer required, Pattem Digital may delete, anonymize, aggregate, archive, or securely dispose of the information in accordance with applicable law and internal retention controls.

10. Individual Rights

Subject to applicable law and verification requirements, individuals may have rights relating to their personal data, which may include the right to:

● request access to personal data;

● request correction or update of inaccurate or incomplete data;

● request deletion or erasure in appropriate circumstances;

● object to or restrict certain processing;

● withdraw consent where processing is based on consent;

● request portability of data where legally applicable; and

● lodge a complaint with a competent supervisory authority, data protection authority, or

other regulator where permitted by law.

Where Pattem Digital processes data on behalf of a customer, requestors may be directed to the relevant customer or contracting party that determines the purpose and means of processing, unless Pattem Digital is independently required to respond under applicable law.

11. Recruitment and Candidate Privacy

Pattem Digital's website includes a resume upload function, indicating that personal data relating to candidates may be collected as part of recruitment and talent evaluation activities. Candidate information may be used to assess qualifications, communicate regarding current or future opportunities, conduct recruitment administration, verify information where lawfully appropriate, and support hiring and onboarding processes. Candidate data will be handled in accordance with applicable law, internal access restrictions, and legitimate business need. Additional candidate notices or employment-related privacy notices may apply where required.

12. Children's Privacy

Pattem Digital's website and business services are intended for business and professional audiences and are not directed to children. Pattem Digital does not knowingly collect personal data from children through its website for independent consumer purposes. If Pattem Digital becomes aware that personal data of a child has been collected inappropriately, reasonable steps may be taken to review and address the matter in accordance with applicable law.

13. Third-Party Links and External Services

The Pattem Digital website may contain links to third-party websites, products, services, social media pages, or external resources for convenience or informational purposes. Any such third-party websites or services operate under their own terms and privacy notices, and Pattem Digital is not responsible for the privacy, security, content, or data-handling practices of third parties that are not under its control. Individuals are encouraged to review the privacy notices of external websites or services before submitting personal data.

14. Policy Updates

Pattem Digital may revise, update, or modify this Privacy Policy from time to time to reflect changes in law, regulation, technology, security requirements, business operations, website functionality,certifications, or service offerings. The updated version will be posted on the relevant website or otherwise communicated through an appropriate channel, and the revised effective date will be reflected at the top of the policy.

15. Contact Information

Questions, requests, or concerns regarding this Privacy Policy or Pattem Digital's handling of personal data may be directed through the contact channels published on the Pattem Digital website. If Pattem Digital designates a privacy contact, grievance contact, or data protection point of contact, those details should be published on the website or communicated through the relevant contractual or compliance channel.