CNOI Ltd (« CNOI », « we », « us », « our », “the Company”) respects your privacy, and is committed to protecting the privacy, confidentiality and security of the personal data you provide us when you use our website, when you contact our office, or when you otherwise interact with us.
Please read this privacy notice carefully as it contains important information on how CNOI, as a registered data controller, treat the personal data that you provide us.
- Who are we?
CNOI is a public company incorporated in Mauritius. Our registered office and principal place of business is situated at FREEPORT ZONE 11, Mer Rouge, Port Louis, Mauritius.
- Which personal data we collect?
When interacting with you, we may collect the following personal data for the purposes of our business activities (refer to section 3 below) or when you make a job application through CNOI’s website:
your name and surname;
your national identity card number;
your passport details;
your residential address;
your contact details (phone and fax numbers, email addresses);
CV, pictures and qualifications details when you either spontaneously apply for a job at CNOI or respond to a vacancy notice;
your name, surname, signature and national identity card details in our visitors’ log book when you visit us;
any other personal data necessary to fulfil your special requests; and
any other personal data that you choose to provide to us.
Also, when you choose to receive our marketing communications (including newsletters, promotional and special offers), we ask that you provide us with your email address. The provision of this information is purely voluntary, and you may opt out of receiving our marketing communications at any time by unsubscribing to these communications.
- How and why we use your personal data?
We use your personal data in the course of our business activities and interaction with you for the following purposes:
performing our agreement with you;
promoting eventual business relationships;
assisting you with your queries or concerns;
treating your applications for specific job vacancies or on a spontaneous basis;
Performing recruitment analytics with CVs received;
ensuring security of our offices and people;
keeping an accurate evacuation list in case of emergency;
complying with any legal or regulatory obligations imposed on us;
promoting our corporate initiatives (events, etc) on CNOI social medias;
fulfilling our legitimate commercial interests; and
sending you communications if you have consented to receiving the same, and for any other purposes for which we have your consent.
- To whom do we disclose personal data?
Your personal data may be shared as follows:
between and among subsidiaries and affiliates of the CNOI Group as may be relevant for the purposes set out in section 3 above and to facilitate our business activities or relationship, but we shall only do so on a strictly need to know basis;
with our employees for purposes of fulfilling our business activities, treating job applications or conducting internal analysis with a view to improving our company and services; and
with our agents, advisers, accountants, auditors, lawyers, other professional advisors, contractors or third-party service providers for the purpose of assisting us to better manage, support or develop our business and comply with our legal and regulatory obligations.
We will ensure that your personal data is kept safely. Only designated persons will have access to your personal data on a strictly need-to-know basis for the purposes of fulfilling our agreement, treating job applications or promoting our business relationship with you. In addition, third parties with whom we share your personal data will be contractually obliged to safeguard all personal data to which they have access.
Some disclosures do not require your consent. This happens when we share your personal data with (i) law enforcement bodies/agencies and other statutory authorities, if required by law and (ii) if required or authorized by law or if we suspect any unlawful activities on your part.
- Overseas transfers of your personal data
In some cases, we may need to transfer your personal data with organisations located in countries outside our territorial limits in order to provide our services to you. We will take appropriate safeguards in order to secure the personal data being transferred.
Please note that:
The anti-spam and anti-virus filtering are done by a service provider located in South Africa.
E-mails servers and e-filling system servers are transferred on Microsoft data cloud based in Ireland.
Personal data collected through our website is transferred to servers based in France.
- Direct Marketing
From time to time, we could use your name and contact information to send you either via emails, post, or social media information that we think may be of interest to you, including stories, events, products and services offered by CNOI, its subsidiaries and affiliates as well as special offers and promotions and surveys but we can only do so with your consent.
You will also be able to opt-out from receiving marketing communications at any time, free of charge, by following the unsubscribe instructions contained in each of our marketing communications or by contacting us in accordance with the section “Contact Us” below.
- How long do we keep your information?
Your personal data will be stored for as long as required to fulfil our business purposes and for the period of time required by law. To the extent required by law, we will take reasonable steps to destroy or anonymise personal data in a secure manner when we no longer need it for the purposes for which it was collected (as set out in section 3 of this notice) and retention is no longer necessary for legal or business purposes.
- Processing of personal data must be justified
We will only process your personal data where we are satisfied that we have an appropriate legal basis to do so, such as (i) for the performance of a contract between us; (ii) where you have provided us with your express consent to process your personal data for a specific purpose; (iii) our use of your personal data is necessary to fulfill our statutory obligations with relevant authorities (regulators, tax officials, law enforcement bodies) or otherwise meet our legal responsibilities; (iv) our use of your personal data is in our legitimate interest as a commercial organisation.
- Security of personal data
CNOI has in place reasonable technical and organisational measures to prevent unauthorised or accidental access, processing, erasure, loss or use of your personal data and to keep your personal data confidential. These measures are subject to ongoing review and monitoring.
We cannot guarantee that our website will function without disruptions. We shall not be liable for damages that may result from the use of electronic means of communication, including, but not limited to, damages resulting from the failure or delay in delivery of electronic communications, interception or manipulation of electronic communications by third parties or by computer programs used for electronic communications and transmission of viruses.
- Children and Minors
Except where required by local laws, we do not knowingly collect personal data from minors. If you are a minor, you may only use our website and services with the permission of your parent or guardian.
- Links to other websites
- Access to your personal data
You have the right to request a copy of the personal data we hold about you. To do this, simply contact our Data Protection Officer and specify what data you would like. We will take all reasonable steps to confirm your identity before providing details of your personal data.
You will not have to pay a fee to access your personal data (or to exercise any of your other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
- Correction of your personal data
You have the right to ask us to update, correct or delete your personal data. We will take all reasonable steps to confirm your identity before making changes to personal data we may hold about you. We would appreciate it if you would take the necessary steps to keep your personal data accurate and up-to-date by notifying us of any changes we need to be aware of.
- Withdrawal of consent and request for deletion of personal data
You may also withdraw your consent to receiving direct marketing communications, or more generally to our processing of your personal data, at any time, and you may in certain circumstances ask us to delete your personal data. However, we may not be able to fulfil our contractual obligations to you if you entirely withdraw your consent or ask us to delete your personal data entirely. To protect your personal data, we shall require that you first prove your identity to us at the time the request is made, for instance by providing a copy of your national identification card, contact details or answering some other security questions to satisfy ourselves of your identity before we may proceed with your request(s).
Whenever reasonably possible and required, we will strive to grant these rights within 30 days, but our response time will depend on the complexity of your requests. We will generally respond to your requests free of charge unless if your request involves processing or retrieving a significant volume of data, or if we consider that your request is unfounded, excessive or repetitive in which case we reserve the right to charge a fee (as mentioned above regarding access).
There may be circumstances where we are not able to comply with your requests, typically in relation to a request to erase your personal data or where you object to the processing of your personal data for a specific purpose or where you request that we restrict the use of your personal data where we need to keep your personal data to comply with a legal obligation or where we need to use such information to establish, exercise or defend a legal claim. To make these requests, or if you have any questions or complaints about how we handle your personal data, or would like us to update the data we maintain about you and your preferences, please contact our Data Protection Officer at the address set out under section 18 below.
- Cookies policy
What is a cookie?
Cookies are small data files that your browser places on your computer or device. Cookies help your browser navigate a website and the cookies themselves cannot collect any data stored on your computer or your files. When a server uses a web browser to read cookies they can help a website deliver a more user-friendly service. To protect your privacy, your browser only gives a website access to the cookies it has already sent to you.
How are third party cookies used?
How do I reject and delete cookies?
- Amendments to this Privacy Notice
We may amend this privacy notice from time to time. Any amendment will be posted on our website so that you are always informed of the way we collect and use your personal data. Any changes to this privacy notice will become effective upon posting of the revised privacy notice on the website. Use of our website following such changes constitutes your acceptance of the revised privacy notice then in effect but, to the extent such changes have a material effect on your rights or obligations as regards our handling of your personal data, such changes will only apply to personal data after the changes are applied.
This privacy notice is governed by and shall be construed in accordance with the laws of the Republic of Mauritius. This privacy notice is written in the English language and may be translated into other languages. In the event of any inconsistency between the English version and the translated version of this privacy notice, the English version shall prevail.
- How to contact us?
We have appointed a Data Protection Officer to oversee compliance with and questions in relation to this notice. If you have any questions about this notice, including any requests to exercise your legal rights, please contact our Data Protection Officer using the details set out below:
The Data Protection Officer
Freeport Zone 11
Port Louis, Mauritius
If you believe we have not handled your request in an appropriate manner, you may lodge a complaint with the Data Protection Commissioner (DPC) (The Data Protection Office, 5th floor, SICOM Tower, Wall Street Ebène, Mauritius). However we ask that you please try to resolve any issues with us first before referring your complaint to the DPC.
Version dated 19 November 2020