If you fail to provide certain information when requested, we shall not be able to serve the purpose(s) for which we process your personal data, or we may be prevented from complying with our legal obligations also.

Change of purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the lawful basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

Do we need your consent?

In limited circumstances, we may approach you for your written consent to allow us to process certain personal data. If we do so, we will provide you with full details of the information that we would like and the reason we need it, so that you can carefully consider whether you wish to consent. You should be aware that it is not a condition of your contract with us that you agree to any request for consent from us.

For instance, we may share your data with Third party cloud service providers on which the application is hosted

Why might you share my personal data with third parties?

In limited circumstances, we may approach you for your written consent to allow us to process certain personal data. If we do so, we will provide you with full details of the information that we would like and the reason we need it, so that you can carefully consider whether you wish to consent. You should be aware that it is not a condition of your contract with us that you agree to any request for consent from us.

Which third-party service providers process my personal data?

"Third parties" includes third-party service providers (including contractors and designated agents) and other entities within our group. The following activities may be carried out by third-party service providers: hosting and other internet services, Ticket Management, data storage and analytics, marketing research and campaign management, event organizers and caterers. All our third-party service providers are required to take appropriate security measures to protect your personal data in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions and applicable law. We may also need to share your personal data with regulators or to otherwise comply with the law.

How secure is my information with third-party service providers and other entities?

All our third-party service providers and other entities in the group are required to take appropriate security measures to protect your personal data in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.

When might you share my personal data with other entities in the group?

We may share your personal data with other entities in our group as part of our regular sales activities, for web application maintenance support and hosting of data.

What about other regulatory and/or government authorities?

We may disclose your personal data with regulatory and/or government authorities when asked and in order to comply with the applicable law(s).

Transferring personal data outside the country:

We may transfer the personal data we collect about you to one or more countries to provide you access to the ENERUNI application and its associated services

• Where ENERUNI or its Affiliates or their respective service providers maintain their facilities; or
• in order to comply with our contract obligations established in the contract in place with you or your employer/organization. Some geography/countries, where we transfer your personal data might not have appropriate (or adequate) privacy regulation and requirements, but ENERUNI, as a global company, ensures that our global privacy policy is complied across globe.
• by accessing this application, you hereby consent to such transfer of data outside the country of your residence

We undertake all measures required to comply with cross-border personal data transfers, before transferring any of your personal data overseas. In case you want to know the complete list of data recipients, please contact Data Protection Authority DPO contact details mentioned in below section or enerUni.cpo@enerUni.com

How we will keep your information safe?

We have put in place appropriate technical, organizational and security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

How long we will keep your information?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Details of retention periods for different aspects of your personal data are available in our retention policy upon request from our Data Protection Officers (see contact details below). To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances we may anonymize your personal data so that it can no longer be associated with you, in which case we may use such information without further notice to you