PhonePe Privacy Notice for California PhonePe Personnel

Introduction

This Privacy Notice for California PhonePe Personnel (the “California Personnel Privacy Notice”) applies solely to all job applicants to, and current or former employees of, owners of, directors of, officers of, and contractors of PhonePe Private Limited and its affiliates (“PhonePe,” “we,” “us,” or “our”) who reside in the State of California (“Personnel” or “you”). We adopt this California Personnel Privacy Notice to comply with the California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act of 2020 (collectively, the “CPRA”) and any terms defined in the CPRA have the same meaning when used in this California Personnel Privacy Notice.

Scope of this California Personnel Privacy Notice

This California Personnel Privacy Notice applies to information that we collect about PhonePe Personnel that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with you or your device (“Personal Information”). “Personal Information” includes all “Sensitive Personal Information” as defined below. However, publicly available information that we collect from government records and deidentified or aggregated information (when deidentified or aggregated as required under the CPRA) are not considered Personal Information and this California Personnel Privacy Notice does not apply.

This California Personnel Privacy Notice does not apply to outside of the context of your relationship with PhonePe as PhonePe Personnel or to certain Personal Information that is excluded from the scope of the CPRA, like: (a) health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA); and (b) Personal Information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994. Some of these exclusions may be applicable to the Personal Information we collect about you as part of background checks. If you have any questions on whether one of these exceptions apply to your Personal Information, please contact your local Human Resources personnel.

Information We Collect About You and How We Collect It

PhonePe collects, and over the prior twelve (12) months has collected, the following categories of Personal Information about PhonePe Personnel:

CategoryApplicable Pieces of Personal Information Collected
A. Identifiers.

A real name; alias; postal address; unique personal identifier; online identifier; Internet Protocol address (when you access our network resources); email address; phone number, username; Social Security number; and other similar identifiers.

If provided by you as proof of eligibility to work or as part of your business travel profile, driver’s license number and passport number.

B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

A name; signature; Social Security number; physical characteristics or description; address; telephone number; insurance policy number; education; employment; employment history; bank account number; credit card number; and health insurance information.

If provided by you as proof of eligibility to work or as part of your business travel profile, passport number, driver’s license or state identification card number.

NOTE: Some Personal Information included in this category may overlap with other categories.

C. Protected classification characteristics under California or federal law.

Required: Age (40 years or older); national origin; or citizenship.
Note: We require your age to verify your identity, run background checks, and to provide you with health and retirement benefits. We require your national origin and citizenship to verify your eligibility to work in the United States. You are not required to provide us with this information for any other uses.

Optional: Race; color; ancestry; religion or creed; marital status; medical condition; physical or mental disability; sex (including gender; gender identity; gender expression; pregnancy or childbirth and related medical conditions); sexual orientation; and veteran or military status. NOTE: Providing this information is completely optional at your discretion, and we will collect this information only to the extent you choose to provide it in your resume, as part of the equal opportunity forms you fill out when you are hired, or as may be provided by a reference or other third party during reference and background checks.

D. Internet or other similar network activity.Browsing history; search history; file access history; information on your interaction that occurs on our networks (including via VPN) with a website or application.
E. Geolocation data.IP-based geolocation. This information allows us to determine your current general location when you access and use our IT infrastructure (i.e., town, city, and state). We use this information to help secure our IT infrastructure, networks, and other systems. This information does not allow us to determine your precise location or track your movements.
F. Sensory data.Audio; electronic; visual; or similar information.
G. Professional or employment-related information.Current or past job history or performance evaluations.
H. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades; transcripts; class lists; student schedules; student identification codes; student financial information; or student disciplinary records.
I. Inferences drawn from other Personal Information.Profile reflecting a person’s preferences; characteristics; psychological trends; predispositions; behavior; attitudes; intelligence; abilities, and aptitudes.
J. Sensitive Personal Information (“Sensitive Personal Information”)
  • Government identifiers (social security; driver’s license; state identification card; or passport number). This may be provided by you as proof of eligibility to work or as part of your travel profile.
  • Complete account access credentials (user names or account numbers combined with required access/security code or password);
  • Racial or ethnic origin (see note below);
  • Religious or philosophical beliefs (see note below);
  • Mail, email; or text messages contents not directed to us;
  • Health; sex life; or sexual orientation information (see note below).

Note: Providing information about your racial or ethnic origin, religious or philosophical beliefs, and health, sex life, or sexual orientation is completely optional at your discretion, and we will collect this information only to the extent you choose to provide it in your resume, as part of the equal opportunity forms you fill out when you are hired, or as may be provided by a reference or other third party during reference and background checks.

PhonePe will not collect additional categories of Personal Information without providing you notice. We do not “sell” any categories of Personal Information for monetary or other valuable consideration and we do not “share” any categories of Personal Information for cross-context behavioral advertising.

Sources of Personal Information

We collect this Personal Information:

  • Directly from you when you provide it to us;
  • From third parties, such as prior employers, references, recruiters, and job-related social-media platforms, background check companies, drug testing facilities (if you are required to submit to a drug test as a condition of your employment or continued employment), and other similar entities;
  • When you use our information technology systems or access our facilities; and
  • We also create this information during the course of your employment relationship with PhonePe.

Information You Provide to Us

We collect information directly from you before, after, and during relationship with PhonePe as part of PhonePe Personnel. Depending on nature of your role or relationship with PhonePe as PhonePe Personnel, we may collect Personal Information from you such as your name, address, social security number (or national ID number), a list of your beneficiaries, work history, educational history, personal and work preferences (and any other information you may voluntarily disclose on your application or resume), date of birth, marital status, picture, dependents (and their dates of births, social security numbers or other national ID numbers), immigration status, gender, ethnicity, veteran status, disabilities, personal email, banking information (in order to pay you your salary or other compensation and to reimburse you for expenses in accordance with PhonePe’s expense reimbursement policies), number of tax exemptions (where applicable), emergency contact information, and personal phone number. We may also collect your passport number, driver’s license number or image, and vehicle registration or license plate number when required or when you provide it for your travel profile. We may also collect your nationality, tax ID number, criminal history, and information for background checks.

Some of the Personal Information we collect from you is required to enter into an agreement with PhonePe related to your position as PhonePe Personnel, and for PhonePe to perform under such an agreement. If you refuse to provide such Personal Information, then in some cases we may not be able to enter into such an agreement for you to be PhonePe Personnel or fulfill our obligations to you under it.

Information We Collect Through Automatic Data Collection Technologies

As you use PhonePe’s information technology systems, we may collect information about your use necessary to protect our information technology and infrastructure. We may collect time, date, and location information of access to our information technology systems and the data contained on those systems. We may also monitor, intercept, and review your activities when you use our information technology resources and communications systems, including but not limited to email (both outgoing and incoming), telephone conversations, and voice mail recordings, and instant messages. Our facilities may also deploy video and other similar recording technologies which may be operated by a third party owner or operator of the buildings where our facilities are located.

Information We Collect from Third Parties

PhonePe also collects Personal Information about you from third parties, such as prior employers, references, recruiters, and job-related social-media platforms, background check companies, drug testing facilities (if you are required to submit to a drug test as a condition of your employment or continued employment), and other similar entities. This may include Personal Information that is disclosed in background checks, which may include criminal convictions, drug testing, and any information that is disclosed from your former employers, educational institutions, and other references you list on your application materials or that are referred to us. We may also collect Personal Information provided from recruiters and job-related social media platforms that you may use to submit your application, such as information on your resume or other information related to your previous or desired employment, if your application to use is provided through a recruiter or a job-related social media platform. If you apply through a recruiter or a job-related social media platform, your Personal Information will be processed by them in accordance with their own privacy notice. To the extent permitted by applicable law, we may also collect Personal Information from general social media platforms.

Information We Create About You

In addition to the Personal Information that you may provide to PhonePe, PhonePe also creates certain Personal Information about you and associates it with you. PhonePe creates the following types of Personal Information about you: job title, employee number, badge number, salary, expense, and other related compensation details, employment status, information regarding mandatory training, vacation/holiday pay and other paid time off, disciplinary and grievance information, tax records, performance history, office access records and video surveillance records (where applicable) system access information such as your PhonePe username to access our technology systems, email address, telephone number, and password (which you may change). We may also collect and process information specifically related to your job function, such as sales and production volumes. We may also photograph you to include in the employee directory and/or to issue you a badge to access and be identified at PhonePe’s facilities.

Purposes for Our Collection of Your Personal Information

Depending on your role or relationship with PhonePe, we may use the Personal Information we collect for one or more of the following purposes:

  • recruiting, including identifying and evaluating job applicants, including assessing skills, qualifications, and interests for the purposes of determining suitability for the position for which you have applied;
  • if you are an employee of PhonePe, delivering or administering your salary and benefits, including insurance and retirement benefits;
  • if you are a contractor of PhonePe, providing you with your agreed upon compensation;
  • managing our workforce and, if you are an employee of PhonePe, your career;
  • delivering training programs, and measuring and recording the results of training;
  • communicating with you and for you to communicate with other PhonePe Personnel and other third parties;
  • collecting and maintaining information about your work history and work performance;
  • investigating accidents and claims of wrongdoing, including to collect evidence for possible grievance or disciplinary actions or legal disputes;
  • to run and manage business operations, including to schedule work, manage the business organization, business assets, travel and expense reimbursement, managing corporate credit cards and card payment history, maintaining corporate contact directories and organizational charts, managing and storing records;
  • processing IT infrastructure, including email, internet, social media systems, and file shares;
  • maintaining the security and safety of our facilities, personnel, and other assets, including to authenticate personnel to access PhonePe’s IT resources and facilities, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity;
  • to conduct screening and background and compliance checks before and during the time you are considered PhonePe Personnel and maintaining records on such screening and checks;
  • if you are an employee, providing employee programs such as on-site health services, company cars, pension schemes, stock options, and other similar benefits;
  • to comply with legal requirements, including to withhold taxes, and to report accidents, salary, and tax information to regulatory authorities;
  • to respond to law enforcement requests and as required by applicable law, court order, or governmental regulations;
  • to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of PhonePe’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by PhonePe about PhonePe Personnel is among the assets transferred;
  • in order to publish your name, picture, and contact information in our internal employee directory and, for leadership positions, to publish your online biography and for similar marketing efforts in accordance with PhonePe’s policies;
  • for our diversity, equity, and inclusion initiatives (if you provide such information); and
  • as described to you when collecting your Personal Information or as otherwise set forth in applicable law.

PhonePe will not use the Personal Information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

Third Parties to Whom Do We Disclose Your Personal Information for Business Purposes

PhonePe may disclose your Personal Information to third parties for one or more business purposes related to your role as PhonePe Personnel. When we disclose Personal Information to non-affiliated third parties for a business purpose, we enter a contract that describes the purpose, requires the recipient to both keep that Personal Information confidential and not use it for any purpose except for the purposes for which the Personal Information was disclosed and requires the recipient to otherwise comply with the requirements of applicable laws, including the CPRA.

PhonePe discloses and, in the preceding twelve (12) months, PhonePe has disclosed the following categories of Personal Information of its PhonePe Personnel to the following categories of third parties for one or more of the business purposes described below:

Personal Information CategoryCategories of Third Party Recipients
A. Identifiers.Service providers (who manage our employee data, such as our enterprise resource planning systems and other systems that we use to manage our workforce); benefits providers; building or property management and security personnel; affiliates, parents, and subsidiary organizations of PhonePe; government entities (for taxes and other similar purposes that require us to provide Personal Information to government entities); business partners; credit reporting agencies (for background checks).
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).Service providers (who manage our employee data, such as our enterprise resource planning systems and other systems that we use to manage our workforce); benefits providers; building or property management and security personnel; affiliates, parents, and subsidiary organizations of PhonePe; government entities (for taxes and other similar purposes that require us to provide Personal Information to government entities); business partners; credit reporting agencies (for background checks).
C. Protected classification characteristics under California or federal law.Service providers (who manage our employee data, such as our enterprise resource planning systems and other systems that we use to manage our workforce); benefits providers; building or property management and security personnel; affiliates, parents, and subsidiary organizations of PhonePe; government entities (for taxes and other similar purposes that require us to provide Personal Information to government entities); business partners; credit reporting agencies (for background checks).
F. Internet or other similar network activity.Service providers (who manage our IT systems, such as security providers and IT providers); affiliates, parents, and subsidiary organizations of PhonePe.
G. Geolocation data.Service providers; affiliates, parents, and subsidiary organizations of PhonePe.
H. Sensory data.Service providers (who manage our employee data, such as our enterprise resource planning systems and other systems that we use to manage our workforce as well as our email providers); affiliates, parents, and subsidiary organizations of PhonePe. This may also be disclosed with the general public if you appear on our websites.
I. Professional or employment-related information.Service providers (who manage our employee data, such as our enterprise resource planning systems and other systems that we use to manage our workforce); affiliates, parents, and subsidiary organizations of PhonePe.
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).Service providers (who manage our employee data, such as our enterprise resource planning systems and other systems that we use to manage our workforce); affiliates, parents, and subsidiary organizations of PhonePe.
K. Inferences drawn from other Personal Information.Service providers (who manage our employee data, such as our enterprise resource planning systems and other systems that we use to manage our workforce); affiliates, parents, and subsidiary organizations of PhonePe.

Sensitive Personal Information CategoryCategories of Third Party Recipients
Government identifiers (social security, driver’s license, state identification card, or passport number)Service providers (who manage our employee data, such as our enterprise resource planning systems and other systems that we use to manage our workforce); benefits providers; building or property management and security personnel; affiliates, parents, and subsidiary organizations of PhonePe; government entities (for taxes and other similar purposes that require us to provide Personal Information to government entities); business partners; credit reporting agencies (for background checks).
Complete account access credentials (user names or account numbers combined with required access/security code or password)Service providers (who manage our employee data, such as our enterprise resource planning systems and other systems that we use to manage our workforce, including IT and other similar providers); and affiliates, parents, and subsidiary organizations of PhonePe.
Racial or ethnic originService providers (who manage our employee data, such as our enterprise resource planning systems and other systems that we use to manage our workforce); affiliates, parents, and subsidiary organizations of PhonePe; government entities (for employment reporting purposes).
Religious or philosophical beliefsWe do not disclose this type of Personal Information.
Mail, email, or text messages contents not directed to usWe generally do not know of the existence of any such mail, email, or text messages. However, there should be no expectation of privacy in any such messages received or transmitted using PhonePe IT systems. Such messages may be disclosed to service providers; affiliates, parents, and subsidiary organizations of PhonePe; and law enforcement personnel if appropriate.
Health, sex life, or sexual orientation informationService providers (who manage our employee data, such as our enterprise resource planning systems and other systems that we use to manage our workforce); and affiliates, parents, and subsidiary organizations of PhonePe (if you choose to provide it to us).

We disclose your Personal Information to the categories of third parties listed above for the following business purposes:

  • Helping to ensure security and integrity facilities and IT infrastructure to the extent the use of the Personal Information is reasonably necessary and proportionate for these purposes.
  • Performing services on behalf of us, including maintaining or servicing accounts; providing Human Resources services; processing or fulfilling payroll and other similar transactions; verifying PhonePe Personnel information; providing analytic services; providing storage; or providing similar services on behalf of us.
  • Providing retirement, health, and other benefits, services, or products to which Personnel and their dependents or beneficiaries receive through PhonePe.

In addition to the above, we may disclose any or all categories of Personal Information to any third party (including government entities and/or law enforcement entities) as necessary to:

  • comply with federal, state, or local laws, or to comply with a court order or subpoena to provide information;
  • comply with a civil, criminal, or regulatory inquiry, investigation, subpoena, or summons by federal, state, or local authorities;
  • cooperate with law enforcement agencies concerning conduct or activities that we (or one of our service providers’) believe may violate federal, state, or local law;
  • comply with certain government agency requests for emergency access to your Personal Information if you are at risk or danger of death or serious physical injury; or
  • exercise or defend legal claims.

To Whom Do We Sell or Share Your Personal Information

“Sale” of Your Personal Information

In the preceding twelve (12) months, PhonePe has not “sold” Personal Information for either monetary or other valuable consideration, and we have not “sold” any Personal Information about minors under the age of 16.

“Sharing” of Your Personal Information for Cross-Context Behavioral Advertising

In the preceding twelve (12) months, PhonePe has not “shared” Personal Information for the purpose of cross-context behavioral advertising, and we have not “shared” any Personal Information about minors under the age of 16.

Personnel Data Requests

The CPRA provides PhonePe Personnel with specific rights regarding their Personal Information. This section describes these rights and explains how to exercise those rights. You may exercise these rights yourself or through your Authorized Agent. For more information on how you or your Authorized Agent can exercise your rights, please see Exercising Your CPRA Privacy Rights.

  • Right to Know. You have the right to request that PhonePe disclose certain information to you about our collection and use of your Personal Information over the past 12 months (a “Right to Know” request). This includes: (a) the categories of Personal Information we have collected about you; (b) the categories of sources from which that Personal Information came from; (c) our purposes for collecting this Personal Information; (d) the categories of third parties with whom we have shared your Personal Information; and (e) if we have “sold” or “shared” or disclosed your Personal Information, a list of categories of third parties to whom we “sold” or “shared” your Personal Information, and a separate list of the categories of third parties to whom we disclosed your Personal Information to. You must specifically describe if you are making a Right to Know request or a Data Portability Request. If you would like to make both a Right to Know Consumer Request and a Data Portability Consumer Request you must make both requests clear in your request. If it is not reasonably clear from your request, we will only process your request as a Right to Know request. You may make a Right to Know or a Data Portability Consumer Request a total of two (2) times within a 12-month period at no charge.
  • Access to Specific Pieces of Information (Data Portability). You also have the right to request that PhonePe provide you with a copy of the specific pieces of Personal Information that we have collected about you, including any Personal Information that we have created or otherwise received from a third party about you (a “Data Portability” request). If you make a Data Portability Consumer Request electronically, we will provide you with a copy of your Personal Information in a portable and, to the extent technically feasible, readily reusable format that allows you to transmit the Personal Information to another third party. You must specifically describe if you are making a Right to Know request or a Data Portability request. If you would like to make both a Right to Know Consumer Request and a Data Portability Consumer Request you must make both requests clear in your request. If it is not reasonably clear from your request, we will only process your request as a Right to Know request. We will not disclose your social security number, driver’s license number or other government-issued identification number, financial account number, health insurance or medical identification number, or your account password or security question or answers in response to a Data Portability Consumer Request. We will also not provide this information if the disclosure would create a substantial, articulable, and unreasonable risk to your Personal Information, your Personnel relationship with PhonePe, or the security of our systems or networks. We will also not disclose any Personal Information that may be subject to another exception under the CPRA. If we are unable to disclose certain pieces of your Personal Information, we will describe generally the types of Personal Information that we were unable to disclose and provide you a description of the reason we are unable to disclose it. You may make a Right to Know or a Data Portability Consumer Request a total of two (2) times within a 12-month period at no charge, although you may have other rights to access certain pieces of your Personal Information under applicable labor and employment laws.
  • Correction. You have the right to request that we correct any incorrect Personal Information about you to ensure that it is complete, accurate, and as current as possible. You may review and correct some Personal Information about yourself by logging into PhonePe’s intranet and accessing your human resources profile page. You may also request that we correct the Personal Information we have about you as described below under Exercising Your CPRA Privacy Rights. In some cases, we may require you to provide reasonable documentation to show that the Personal Information we have about you is incorrect and what the correct Personal Information may be. We may also not be able to accommodate your request if we believe it would violate any law or legal requirement or cause the information to be incorrect.
  • Deletion. You have the right to request that PhonePe delete any of your Personal Information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your Consumer Request (see Exercising Your CPRA Privacy Rights), we will delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies pursuant to the CPRA. Some exceptions to your right to delete include if we are required to retain your Personal Information to maintain your Personnel relationship with us, to detect security incidents or protect against other malicious activities, and to comply with legal obligations. We may also retain your Personal Information for other internal and lawful uses that are compatible with the context in which we collected it.
  • Non-Discrimination. We will not discriminate against you for exercising any of your CPRA rights. Unless permitted by the CPRA, we will not do any of the following as a result of you exercising your CPRA rights: (a) deny you employment or other similar relationship as PhonePe Personnel; (b) provide you with different compensation, benefits, work hours, or terms of employment or other similar relationship as PhonePe Personnel; or (c) suggest that you may receive different compensation, benefits, work hours, or terms of employment or other similar relationship as PhonePe Personnel or be denied employment or other similar relationship as PhonePe Personnel.

Exercising Your CPRA Privacy Rights

To exercise the rights described above, please submit a request (a “Consumer Request”) to us by either:

  • Submitting a request by writing to [email protected].
  • Contacting your Hiring Manager/ Reporting Manager
  • Accessing your human resources profile on PhonePe’s intranet (note that this may only provide limited abilities to update or access your Personal Information due to security reasons).

If you fail to make your Consumer Request in accordance with the ways described above, we may either treat your request as if it had been submitted with our methods described above or provide you with information on how to submit the request or remedy any deficiencies with your request.

Only you, or your Authorized Agent that you authorize to act on your behalf, may make a Consumer Request related to your Personal Information. To designate an Authorized Agent, see Authorized Agents below.

All Consumer Requests must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an Authorized Representative of such a person. This may include:
    • Employee Id and employee badge, Date of Birth.
    • Providing other information about you so that we can compare it against other Personal Information we have on file (like verifying the last digits of your SSN, bank account number, or other information).
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm which Personal Information relates to you or the individual for whom you are making the request as their Authorized Agent.

We will only use Personal Information provided in a Consumer Request to verify the requestor’s identity or authority to make the request.

Authorized Agents

You may authorize your agent to exercise your rights under the CPRA on your behalf by registering your agent with the California Secretary of State (an “Authorized Agent”). You may also provide your Authorized Agent with power of attorney to exercise your rights in accordance with applicable laws. We may request that your Authorized Agent submit proof of identity and that they have been authorized exercise your rights on your behalf. We may deny a request from your Authorized Agent to exercise your rights on your behalf if they fail to submit adequate proof of identity or adequate proof that they have the authority to exercise your rights.

Response Timing and Format

We will confirm our receipt of your Consumer Request within ten (10) business days of its receipt. We will generally process these requests within forty-five (45) calendar days of its receipt. If we require more time (up to an additional calendar 45 days), we will inform you of the reason and extension period in writing.

In response to a Right to Know or Data Portability Consumer Request, we will provide you with all relevant information we have collected or maintained about you on or after January 1, 2022, unless an exception applies. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For Data Portability Consumer Requests, we will select a format to provide your Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance

We do not charge a fee to process or respond to your Consumer Request unless it is excessive, repetitive, or manifestly unfounded. We reserve the right to consider more than two (2) total Right to Know or Data Portability Consumer Requests in a twelve (12) month period to be repetitive and/or excessive and require a fee. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Your Choices Regarding our Use and Disclosure of Your Sensitive Personal Information

We do not use or disclose your Sensitive Personal Information for any purpose other than the following:

  • To provide the employment relationship as reasonably expected by an average consumer who wishes to have a PhonePe Personnel relationship with us;
  • To detect security incidents that compromise the availability, authenticity, integrity, and confidentiality of stored or transmitted Personal Information, provided that our use of your Personal Information is reasonably necessary and proportionate for such purposes;
  • To resist malicious, deceptive, fraudulent, or illegal actions directed at PhonePe and to prosecute those responsible for those actions, provided that our use of your Personal Information is reasonably necessary and proportionate for this purpose;
  • To ensure the safety of natural persons, provided that our use of your Personal Information is reasonably necessary and proportionate for this purpose;
  • For short-term, transient use;
  • To perform services on behalf of us, such as maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services on behalf of us; and
  • To verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by us, and to improve, upgrade, or enhance the service or device that is owned, manufactured by, manufactured for, or controlled by us.

Personal Information Retention Periods

If you are an employee, we retain your Personal Information for the entire time you are considered PhonePe Personnel and thereafter for a period of [five (5) years] thereafter. If you are an applicant and do not become a member of PhonePe Personnel, we will retain your Personal Information after the final decision on your application for a period of [five (5) years] . However, we may also retain any or all categories of Personal Information when your information is subject to one of the following exceptions:

  • When stored in our backup and disaster recovery systems. Your Personal Information will be deleted when the backup media your Personal Information is stored on expires or when our disaster recovery systems are updated.
  • When necessary for us to exercise or defend legal claims.
  • When necessary to comply with a legal obligation.
  • When necessary to help ensure the security and integrity of our IT systems and to protect the rights, property, or safety of PhonePe, our facilities, our customers, or others.

Your Personal Information will be deleted when we no longer require your Personal Information for any of the above purposes.

Changes to This California Personnel Privacy Notice

PhonePe reserves the right to amend this California Personnel Privacy Notice at our discretion and at any time. When we make changes to this California Personnel Privacy Notice, we will notify you regarding the updated notice through PhonePe’s communication channels, including through email or paper notices, and update the addendum’s effective date.

Contact Information

If you have any questions or comments about this California Personnel Privacy Notice, the ways in which PhonePe collects and uses your information described above, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us by writing to [email protected].