Tata Motors Limited (henceforth referred as “TML”) is committed to protecting the privacy and security of your personal data. The protection of your privacy in the processing of your personal data is an important concern to which we pay special attention in our business processes. We process personal data collected during visits to our websites according to the legal provisions valid for the countries in which the websites are maintained.
1. Personal data that we collect
Personal data refers to data that lets TML know the specifics of who you are and which may be used to identify, contact or locate you (e.g. name, age, gender, mailing address, telephone number and e-mail address). We collect your personal data when you provide us in scenarios such as in response to a survey, in case you register for events, when registering for personalised services, request information about product or use our services or request customer support. We may ask you to provide your personal data relevant for the scenarios such as your name, address, zip code, phone number, email address, IP Address, location data, information about your device, etc. Not all of the personal data TML holds about you, will always come directly from you. It may, for example, come from your employer or other organizations to which you belong. However, TML collects personal data about you when you interact with this site and/or utilize services offered on this site. For example:
- If you apply for a job or other staffing opportunity through this site, you will be asked to submit your resume and as well as other contact information such as your email address, phone number and mailing address. We will use this information to consider you for the job opening that you specify. We may also use this information to contact you regarding other staffing opportunities, both opportunities advertised on this site.
- We may use a third party service provider to assist us with some features of our site. Our service provider will receive your information on our behalf and will not be permitted to use it for any other purpose.
- We may also ask you for personal data in connection with other interactions you have with this website, including when you answer a survey and when you report a problem with this site or services offered on this site.
- We collect your personal data if you wish to do business with us in the form of dealership / distributorship (through dealer / distributor applications)
- We also collect personal data from third parties such as our partners, service providers, and publicly available websites, to offer services we think may be of interest and to help us maintain data accuracy, provide, and enhance the services.
- Payment information including credit/ debit card details, Bank account number, Bank account type, Bank names, etc. may be collected by our associated payment gateways. Such data shall be used solely for processing your transactions.
- Vehicle details including model, year, colour, RTO registration number and selling details which includes Invoice particulars, warranty details, dealer name and year of purchase.
- Details of how you used our website.
- Device event information such as caches, system activity, hardware settings, browser type, browser language, the date and time of your visit, time spent on those pages and other statistics and referral URL.
Community Discussion Boards.
TML websites may contain links to other websites. TML shall not be responsible for the privacy or the content of such websites even if:
- You accessed the third party website using links from our website; or
- You linked to our website from a third party website.
2. How we use your personal data
We can only use your personal data if we have a proper reason for doing so. We only use your data for one or more of these reasons:
- To fulfil a contract we have with you, or
- If we have a legal duty to use your data for a particular reason, or
- When we get your consent to use it, or
- When it is in our legitimate interests which are our business or commercial reasons for using your data, but even so, we will not unfairly put our legitimate interests above what is best for you.
The use of your information is subject to the privacy notice in effect at the time of our use. TML uses information provided to us for our general business use. This may include the following purposes:
- To respond to your requests;
- To provide services to you including customer services issues;
- To send communications to you about our or our affiliates’ current services, new services or promotions that we are developing, and opportunities that may be available to you;
- To alert you to new features or enhancements to our services
- To communicate with you about job or career opportunities about which you have inquired;
- To ensure that our site and our services function in an effective manner for you;
- To measure or understand the effectiveness of advertising and outreach.
- To send you important information regarding the Websites, changes in terms and conditions, user agreements, and policies and/ or other administrative information.
- Marketing and events: We use personal information to deliver marketing and event communications to you across various platforms, such as email, telephone, text messaging, direct mail, and online. If we send you a marketing email, it will include instructions on how to opt out of receiving these emails in the future. We also maintain email preference centres for you to manage your information and marketing preferences. Please remember that even if you opt out of receiving marketing emails, we may still send you important service information related to your accounts and subscriptions.
- To investigate potential breaches, or to protect the rights, property or safety of TML and the Users of our website.
- Legal obligations: We may be required to use and retain personal information for legal and compliance reasons, such as the prevention, detection, or investigation of a crime; loss prevention; or fraud. We may also use personal information to meet our internal and external audit requirements, information security purposes, and as we otherwise believe to be necessary or appropriate:
- Under applicable law, which may include laws outside your country of residence;
- To respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include such authorities outside your country of residence;
We endeavour to collect only such information that is reasonably necessary to perform services for you or to respond to your inquiries. You are responsible for ensuring that the information you provide is accurate, complete and current.
By giving your contact details on our Website, Mobile Application or any other mode, you agree to receive communication from TML or any of its associate/ affiliate over email, SMS, phone call and/ or WhatsApp.
TML reserve the right, in its sole discretion, to terminate your access to whole or any part of TML website and the related services or any portion thereof at any time without notice.
3. When we share personal data
TML shares or discloses personal data when necessary to provide services or conduct our business operations. If TML intends to transfer your personal data outside, TML shall take steps to ensure that your privacy rights continue to be protected and shall ensure that adequate safeguards are in place. We do not collect any Special Categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
TML may, with your consent, disclose information about you to unaffiliated third-party customers of TML in connection with your application for staffing opportunities advertised on this site, or in connection with opportunities advertised on a website of one of our affiliates. For example-
- Within TML: Our businesses around the world are supported by a variety of TML teams and functions, and personal information will be made available to them if necessary for the provision of services, account administration, sales and marketing, customer and technical support, and business and product development. All of our employees and contractors are required to follow our data protection and security policies when handling personal data.
- Affiliates: Our parent company, subsidiaries, joint ventures, group and associate companies. These entities may use this information for the purposes outlined above.
- Dealers: Our Authorized Dealers which are independently owned and operated. They may use this information for their everyday business purposes, including marketing, customer service, fulfilment and related purposes.
- Distributors: Our Authorized Distributors which are independently owned and operated. They may use this information for their everyday business purposes, including marketing, customer service, fulfilment and related purposes.
- Our business partners: We occasionally collaborate with other organizations to deliver co-branded Services, provide content, or to host events, conferences, and seminars. As part of these arrangements, you may be a customer of both TML and our partners, and our partners and we may collect and share information about you. TML will handle personal data in accordance with the privacy notice.
- Our third-party service providers: We collaborate with service providers around the world for any support needed. Personal data may be made available to these parties only when necessary to fulfil the services they provide to us, such as software, system, and platform support; direct marketing services; cloud hosting services; advertising; and order fulfilment and delivery. Our third-party service providers are not permitted to share or use personal data we make available to them for any other purpose than to provide services to us. Further, in case that we entrust the processing of your personal details to the third-party service providers, we select the third-party service providers who can maintain the appropriate or suitable technical and physical safeguards, and control and supervise such third-party service providers. We do not sell or rent your personal details to third parties for marketing purposes. However, for data aggregation purposes we may use your personal data, which might be sold to other parties at our discretion. Any such data aggregation would not contain any of your personal details. We may provide any kind of your personal details, which are described in PURPOSE OF COLLECTING THE DATA stated above and except the "special care-required personal information", such as your first name, last name, email address, phone number, street address, city, state, province region, cookies, and IP address to third-party service providers we hire to provide services to us by emails, internet, etc. without your consent. These third-party service providers may include but are not limited to: payment processors, all centres, data management services, help desk providers, accountants, law firms, auditors, shopping cart and email service providers, and shipping companies. We maintain the appropriate or suitable technical and physical safeguards in relation to the provision of your personal data to such third-party service providers. Whenever you request us the discontinuance of the provision of your personal data to such third-party service providers, we shall discontinue the provision of your personal data to such third-party service providers. If you want to obtain a copy of such safeguards or discontinue the provision of your personal details to third-party service providers, send us an email with your request to firstname.lastname@example.org. When we provide your personal details to any third-party service providers, or receive personal details from any third-party, we make a record of such provision or receipt. Further, when we receive personal details from any third-party, we shall check the circumstances of obtaining such personal details.
- Third parties for legal reasons: We will share personal data when we believe it is required, such as:
- - To comply with legal obligations and respond to requests from government agencies, including law enforcement and other public authorities, which may include such authorities outside your country of residence.
- - In the event of a merger, sale, restructure, acquisition, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings)
- - To protect our rights, users, systems, and services.
4. Where we store and process personal data
TML as a global organization, we take steps to ensure that the information we collect is processed according to this privacy notice and the requirements of applicable law wherever the data is located. TML has networks, databases, servers, systems, support, and help desks located throughout our offices around the world. We collaborate with third parties such as cloud hosting services, suppliers, and technology support located around the world to serve the needs of our business, workforce, and customers. We take appropriate steps to ensure that personal data is processed, secured, and transferred according to applicable law.
TML will not sell or rent your personal data to anyone. In some cases such as to provide the product or service you have requested, we may need to disclose or transfer your personal data within TML or to third parties if required. When we transfer personal information to other countries in which applicable laws do not offer the same level of data privacy protection as in your home country, we take measures to provide an appropriate level of data privacy protection. For example, we use approved contractual clauses, multiparty data transfer agreements, intragroup agreements, and other measures designed to ensure that the recipients of your personal information protect it.
5. How we secure personal data
TML uses appropriate technologies and procedures to protect your personal data. Our information security policies and procedures are closely aligned with widely accepted international standards and are reviewed regularly and updated as necessary to meet our business needs, changes in technology, and regulatory requirements. For example,
- Policies and procedures: TML employs reasonable technological, physical and operational security procedures intended to protect your personal data from loss, misuse, alteration, or unintentional destruction. Our security measures are periodically reviewed and updated in an effort to provide appropriate security for all the data collected about you.
- We place appropriate restrictions on access to your personal data.
- We implement appropriate security measures and controls, including monitoring and physical measures, to store and transfer data securely
- We require privacy, information security, and other applicable training on a regular basis for our employees and contractors who have access to personal data
- We take steps to ensure that our employees and contractors operate in accordance with our information security policies and procedures and any applicable contractual conditions.
- We require, with contracts and security reviews, our third-party vendors and providers to protect any personal data with which they are entrusted in accordance with our security policies and procedures
Strictly Necessary Cookies
We do not provide services directly to children or proactively collect their personal information. Parents or guardians may authorize children to use our website provided they assume all responsibility and legal liability for the conduct of such child including, without limitation, monitoring the child’s access and use of the TML site.
If TML learns that personal data of a child has been collected without verifiable parental consent, then TML may take the appropriate steps to delete such information. However, if you discover your child has submitted his/ her data to TML, you may request to have such data deleted from TML’s database by sending an e-mail request. Upon receiving the request, TML shall ensure to delete such information from its database.
8. Your rights and your personal data
We respect your right to access and control your information, and we will respond to requests for information and, where applicable, will correct, amend, or delete your personal information.
In such cases, we will need you to respond with proof of your identity before you can exercise these rights.
- The right to access information: At any point you can contact us to request the information we hold on you as well as why we have that information, who has access to the information and where we obtained the information from. Once we have received your request we will respond within one month. There are no fees or charges for the first request but additional requests for the same data may be subject to an administrative fee. You do not have to provide a reason for requesting access, but you will need to provide some reasonable proof of your identity.
- The right to correct and update the information: If the data we hold on you is out of date, incomplete or incorrect, you can inform us and your data will be updated.
- The right to have your information erased: If you feel that we should no longer be using your data or that we are illegally using your data, you can request that we erase the data we hold. When we receive your request we will confirm whether the data has been deleted or the reason why it cannot be deleted (for example because we need it for our legitimate interests or regulatory purpose(s).
- The right to object to processing: You have the right to request that we stop processing your data. Upon receiving the request, we will contact you and let you know if we are able to comply or if we have legitimate grounds to continue to process your data. Even after you exercise your right to object, we may continue to hold your data to comply with your other rights or to bring or defend legal claims.
- The right to data portability: You have the right to request that we transfer some of your data to another controller. We will comply with your request, where it is feasible to do so, within one month of receiving your request.
- The right to withdraw your consent to the processing at any time for any processing of data to which consent was sought. You can withdraw your consent easily by telephone, email, or by post (refer to consent withdrawal form).
- The right to object to the processing of personal data where applicable.
- The right to lodge a complaint with the Data Protection Representative.
- You can ask us or third parties to stop sending you marketing messages at any time by contacting us at any time. Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a product/service purchase, warranty registration, product/service experience or other transactions.
- You can always opt out of receiving further email correspondence from us or our affiliates. We will not sell, rent, or trade your email address to any unaffiliated third party without your permission except in the sale or transfer of our business, or if our company files for bankruptcy.
9. How long do we keep your personal data?
We retain personal information for as long as we reasonably require it for legal or business purposes. In determining data retention periods, TML takes into consideration local laws, contractual obligations, and the expectations and requirements of our customers. When we no longer need personal information, we securely delete or destroy it.
11. Protection of Data Provided
TML may disclose your personal data in good faith or whenever necessary to comply with a legal obligation or if disclosure was required by any law or by order of any competent court or statutory authority, to protect and defend the legal rights or Intellectual Property Rights of TML.
12. Your Obligations
You shall not modify, copy, distribute, transmit, display, reproduce, publish, license, create derivative works from, transfer, or sell any data, services obtained from TML website without our prior consent, directly or indirectly in any medium. Neither these materials nor any portion thereof may be stored in a computer except for personal and non-commercial use.
13. Governing Law/ Jurisdiction
14. Questions/ Contact Information
- Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011.
- EU GDPR 2016/679 (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC).
- American Institute of Certified Public Accountants (AICPA) Generally Accepted Privacy Principles (GAPP).