Privacy Policy

  1. Home
  2. Privacy Policy

Privacy Policy

Five Frogs Technology Solutions Pvt. Ltd., together with its affiliates and subsidiaries (“Five Frogs,” “we,” “us,” or “our”), is committed to protecting your privacy. This Privacy Policy (“Policy”) outlines our practices for collecting, using, and safeguarding your personal data when you visit our website at www.fivefrogstech.com, contact us via email or forms, apply for a job, or engage with our services. This Policy complies with India’s Digital Personal Data Protection Act (DPDPA) 2023, the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable laws. It also explains our use of cookies and your rights as a data subject. Please read this Policy carefully and contact us at care@fivefrogstech.com with any questions.

1. Scope and Applicability

This Policy applies to personal data collected through our website, job applications, communications, and services provided to clients in India, Europe, the US, and beyond. We do not knowingly collect data from individuals under 18 without parental consent, as required by DPDPA. For GDPR purposes, Five Frogs acts as a data controller and processor. For CCPA, we are a “business” responsible for personal information. For DPDPA, we are a “data fiduciary” managing personal data of “data principals.”

2. Personal Data We Collect

We collect only the personal data necessary for the purposes outlined in this Policy, as follows:

2.1 Data You Provide

  • Contact Information: Name, email, phone number, and communication content when you contact us via email or forms.
  • Recruitment Data: Full name, email, phone number, location, CV, and other information you provide when applying for a job via our third-party processor, Workable.
  • Business Relations: Name, contact details, and professional information from clients, vendors, or partners for contractual purposes.
  • Other Data: Information from third parties (e.g., job boards) or referrals, with your consent or as permitted by law.

2.2 Data Collected Automatically

  • Device Information: Hardware model, operating system version.
  • Usage Data: IP address, browser type, referral source, page views, and navigation paths.
  • Cookies: See Section 7 for details on cookies and tracking technologies.

For CCPA purposes, we collect the following categories of personal information: identifiers (e.g., name, email, IP address), professional/employment-related information, and internet activity.

3. Purposes and Legal Basis for Processing

We process personal data for specific purposes, grounded in legal bases under DPDPA, GDPR, and CCPA:

  • Communications (Legitimate Interest, GDPR Art. 6(1)(f); DPDPA): To respond to inquiries, arrange meetings, or facilitate communications, which may be recorded in our systems.
  • Marketing (Consent, GDPR Art. 6(1)(a); DPDPA): With your explicit consent, we use cookies for marketing research, analytics, and personalized advertising. You may withdraw consent at any time.
  • Recruitment (Consent, GDPR Art. 6(1)(a); DPDPA): To process job applications or assess candidates for employment, including sharing CVs with clients upon request (Legitimate Interest, GDPR Art. 6(1)(f)).
  • Business Relations (Legitimate Interest, GDPR Art. 6(1)(f); DPDPA): To manage contracts, promote services, or comply with industry standards and anti-fraud regulations.
  • Corporate Obligations (Legal Obligation, GDPR Art. 6(1)(c); DPDPA): To fulfill corporate governance, audits, and legal disclosures for directors or affiliates.
  • Security (Legitimate Interest, GDPR Art. 6(1)(f); DPDPA): To secure our website, prevent fraud, and ensure office safety through access monitoring.

For CCPA, we do not “sell” or “share” personal information as defined by the law, but we disclose data to service providers (e.g., Workable) for business purposes.

4. Data Sharing and Transfers

We may share your data with:

  • Affiliates and Service Providers: Within Five Frogs’ global entities or with trusted providers like Workable, bound by data protection agreements.
  • Clients: CVs or professional details for business engagements, with your consent or as necessary.
  • Legal Obligations: To comply with laws, legal proceedings, or regulatory requirements (e.g., anti-money laundering checks).

As an international company, we may transfer data across borders, including to the EU, US, and other regions. For GDPR, transfers outside the EEA are protected by Standard Contractual Clauses or adequacy decisions. For DPDPA, we ensure compliance with cross-border data transfer rules as per the Draft Rules 2025. For CCPA, we disclose categories of personal information shared with third parties for business purposes.

5. Your Rights

You have the following rights, subject to applicable laws:

  • Access: Request a copy of your personal data.
  • Rectification: Correct inaccurate or incomplete data.
  • Erasure: Request deletion of data when no longer needed or upon withdrawal of consent (DPDPA, GDPR, CCPA).
  • Restriction: Limit processing under certain conditions (GDPR, DPDPA).
  • Objection: Object to processing based on legitimate interests or for direct marketing (GDPR, DPDPA).
  • Data Portability: Receive your data in a structured, electronic format (GDPR, DPDPA).
  • Opt-Out (CCPA): Opt-out of the sale or sharing of personal information (not applicable as we do not sell/share data).
  • Non-Discrimination (CCPA): We will not discriminate against you for exercising your rights.
  • Withdraw Consent: Revoke consent at any time without affecting prior processing (GDPR, DPDPA).

To exercise these rights, contact us at care@fivefrogstech.com. We will respond within one month (GDPR/DPDPA) or 45 days (CCPA), subject to extensions where permitted. For DPDPA, you may also file complaints with the Data Protection Board of India once established. For GDPR, you may contact your local EU supervisory authority. For CCPA, contact the California Privacy Protection Agency.

6. Data Retention

We retain personal data only as long as necessary for the purposes outlined, or as required by law:

  • Contact Data: Retained for 1 year after last communication unless further engagement occurs.
  • Recruitment Data: Retained for 2 years post-application, or longer with consent for future opportunities.
  • Business Data: Retained for the duration of the contract plus 7 years for legal compliance.
  • Usage/Cookies: Retained for up to 13 months unless you opt-out.

Data is securely deleted when no longer needed, per DPDPA’s prescriptive approach and GDPR/CCPA requirements.

7. Cookies and Tracking

We use cookies to enhance your experience, analyze usage, and secure our website. Categories include:

  • Essential Cookies: Enable website functionality (e.g., SID, PHPSESSID).
  • Analytical Cookies: Collect anonymous usage data (e.g., _ga, _gid).
  • Third-Party Cookies: Support analytics or advertising by third parties (e.g., bcookie).

For GDPR and DPDPA, we obtain explicit consent for non-essential cookies via a consent banner. For CCPA, California residents can opt-out of non-essential cookies via our website’s cookie settings. You may also adjust browser settings to block cookies, though this may affect website functionality. Contact us for more details.

8. Data Security

We implement robust technical and organizational measures, including encryption, access controls, and secure servers, to protect your data from unauthorized access, loss, or alteration. Our cloud-based providers, like Workable, adhere to equivalent standards.

9. Updates to This Policy

We may update this Policy to reflect legal or operational changes. Updates will be posted on our website with the effective date. For significant changes, we will notify you via email or website notice, as required by DPDPA, GDPR, and CCPA.

10. Contact Us

For questions, complaints, or to exercise your rights, contact our Data Protection Officer at care@fivefrogstech.com. For DPDPA-related grievances, you may contact the Data Protection Board of India (once established). For GDPR, reach out to your local EU supervisory authority. For CCPA, contact the California Privacy Protection Agency.

Effective Date: June 3, 2025