Privacy Policy

Effective: November 5, 2025 | Version 1 | Updated: Nov 5, 2025 at 6:07 AM | Active

1. Introduction & Scope

This Privacy Policy explains how Learning Everest Private Limited (trading as "Global HR World") collects, uses, discloses, stores, and protects personal data through the Global HR World Awards Platform (the "Platform"). This Policy applies to all users including entrants, nominators, team members, judges, sponsors, partners, administrators, and visitors.

By accessing or using the Platform, you accept this Policy. If you do not agree, do not use the Platform.

2. Controller & Roles

Data Fiduciary/Controller: Learning Everest Private Limited (trading as "Global HR World") determines the purposes and means of processing personal data for awards programs we operate.

Processors: We engage service providers (hosting, payments, analytics, messaging, support) who process data under our instructions and are bound by confidentiality and security obligations.

Third-Party Programs: If we host an awards program on behalf of a third-party sponsor who controls processing, that third party acts as controller and we act as processor. This Policy governs our handling of all personal data on the Platform.

3. Key Definitions

  • Personal data: Information relating to an identified or identifiable individual.
  • Sensitive data: Government identifiers, health/disability data, racial/ethnic origin, sexual orientation, biometric data, financial account numbers.
  • Processing: Collection, storage, use, sharing, deletion, or any operation on personal data.
  • Automated decision-making: Rule-based pre-screening, score aggregation, or profiling that may affect individuals.

4. Data We Collect

4.1 Data You Provide

  • Account & Profile: Name, email, password (hashed), organization, job title, phone, country, preferences, consent records.
  • Applications: Organization details, team member information, referees, narratives, metrics, attachments (documents, images, videos), category selections, eligibility declarations.
  • Judging: Biography, expertise, affiliations, conflict disclosures, scores, rubric responses, review comments.
  • Sponsor/Partner: Organization contacts, billing information, tax identifiers, brand assets.
  • Communications: Inquiries, feedback, survey responses, testimonials (with consent).

4.2 Data Collected Automatically

  • Device/browser/OS information, IP address, approximate location (city/country), language, referrer URL, session identifiers, page views, timestamps, error logs, performance metrics.
  • Security telemetry: Login attempts, MFA events, unusual activity flags.

4.3 Payment Data

Payments are processed via PCI DSS-compliant processors. We do not store full card numbers. We retain minimal transaction metadata: amount, currency, status, masked card number (last four digits), invoice details, tax information where required.

4.4 Data From Third Parties

  • Nominators or referees may submit information on your behalf.
  • Publicly available sources (company websites, public registers) may be used to verify claims.
  • Event partners may provide limited business contact data (with consent).

4.5 Sensitive Data

We minimize collection of sensitive data. We may collect government tax identifiers for invoicing or disability accommodation information when requested. Where collected, we provide explicit notice, obtain consent where required, and apply enhanced safeguards. Do not upload sensitive data unless specifically requested.

5. Purposes & Legal Basis

We process personal data for:

  • Service Delivery / Contract Performance: Account creation, application processing, judging, award fulfillment, communications, support, billing.
  • Legitimate Interests: Platform security and fraud prevention; analytics to improve the Platform; judging integrity; preventing duplicate or abusive entries; business contact management; aggregated reporting.
  • Legal Compliance: Tax/invoice retention, responding to lawful requests, regulatory compliance.
  • Consent: Marketing communications; cookies/analytics (where required); publication of testimonials/case studies; use of logos or submission excerpts for publicity; processing sensitive data beyond legal requirements.

Under India's Digital Personal Data Protection Act 2023 (DPDP Act), we process data based on consent or permissible legitimate uses. For other jurisdictions, we rely on applicable legal bases (consent, contract, legitimate interest, legal obligation).

6. Judging, Scoring & Automated Decision-Making

We may use rule-based eligibility checks and automated score tallying to assist in the judging process. Final award decisions are reviewed and approved by human judges. No final decision is based solely on automated processing. If you believe an automated process adversely affected you, contact us for review.

7. Cookies & Analytics

We use strictly necessary cookies for login/session, fraud prevention, and security. With your consent (where required), we use analytics cookies to understand usage and improve the Platform. We do not use cookies for behavioral advertising. Manage preferences via the cookie banner or browser settings.

8. How We Share Data

We share personal data only as necessary:

  • Service Providers (Processors): Hosting, email/messaging, analytics, customer support, payment processing, CDN, security vendors — under contract requiring confidentiality and data protection.
  • Judges: Application content and minimal contact details required for evaluation, subject to confidentiality.
  • Sponsors/Partners/Media: Only with explicit consent, for prize fulfillment/promotional activity you requested, or in aggregated/de-identified form.
  • Public Disclosures: Winner and finalist names, organizations, and project descriptions may be publicly announced. Personal contact details will not be published without consent. Separate consent obtained for case studies or media use.
  • Legal & Compliance: Where required by law, to protect rights/safety/security, or in business restructure (merger/acquisition) under equivalent protection.

We do not sell personal information or share it for cross-context behavioral advertising.

9. International Data Transfers

Personal data may be transferred to servers or personnel outside your country to enable Platform operations (cloud hosting, support). Where required, we implement safeguards (Standard Contractual Clauses, data transfer agreements, regional hosting) and provide notice of material changes.

10. Data Retention

We retain personal data only as long as necessary:

  • Account/profile data: While active plus 3 years of inactivity, then deletion or anonymization.
  • Applications & judging: Awards cycle plus 2 years for audit/dispute resolution; may be archived in de-identified form thereafter.
  • Financial records: 7 years (or as required by law), then anonymization or deletion.
  • Consent/opt-out records: 7 years for compliance.
  • Security logs/backups: Backups up to 90 days; security logs 12–24 months.

If you request deletion, we will comply unless legal/regulatory obligations require retention.

11. Security

We implement technical and organizational security measures including encryption in transit (TLS), secure password hashing (bcrypt/argon2), role-based access, multi-factor authentication for administrators, least-privilege access, audit logging, network segmentation, firewall/WAF protections, DDoS mitigation, vulnerability scanning, and incident response protocols.

No system is perfectly secure. Users share responsibility: use strong passwords, enable MFA, keep devices updated, report suspected misuse. We are not liable for unauthorized access resulting from your failure to secure your credentials or devices.

12. Your Rights

Depending on your jurisdiction, you may have rights including: access, correction, deletion (erasure), restriction/objection to processing, data portability, withdrawal of consent, and rights regarding automated decision-making.

Exercise your rights: Log into your account → Privacy/Settings, or email awards@globalhrworld.com (include your account email and request type). We respond within applicable timeframes (typically 30 days). We may require proof of identity. We may refuse manifestly unfounded or excessive requests and will explain why.

13. Regional Addenda

13.1 India (DPDP Act, 2023)

You are a "data principal" and we are a "data fiduciary" under the DPDP Act. You have rights including access to processing summary, correction, erasure (in certain circumstances), withdrawal of consent, and lodging grievances. We will appoint a Grievance Officer when required and adhere to statutory timelines.

13.2 European Economic Area & United Kingdom (GDPR / UK GDPR)

We rely on lawful bases under GDPR/UK GDPR. You have rights of access, rectification, erasure, restriction, portability, objection, and to lodge complaints with supervisory authorities. We do not carry out solely automated decision-making with legal or significant effect.

13.3 United States (including California CPRA)

We do not "sell" personal information or share it for cross-context behavioral advertising. California residents may request to know, delete, correct, or limit use of sensitive personal information (subject to verification and legal exceptions).

13.4 Other Jurisdictions

For users in Brazil (LGPD), Canada (PIPEDA), Australia/New Zealand (Privacy Acts), South Africa (POPIA), UAE/GCC (data protection laws), we honor local rights and comply with applicable transfer/processing restrictions.

14. Children's Privacy

The Platform is intended for users 18 years or older. We do not knowingly collect data from minors under 18. If we discover a child's data has been submitted without parental consent, we will delete it and terminate the account. Parents/guardians may contact awards@globalhrworld.com to request deletion.

15. Marketing Communications

We send marketing emails only with your explicit opt-in. You may withdraw consent anytime by clicking "Unsubscribe" in emails or via Account → Preferences → Marketing Emails. Essential service emails (confirmations, invoices, password resets, system alerts) cannot be opted out.

16. AI & Machine Learning

We may use limited machine learning (duplicate-entry detection, text summarization for judges, internal search/analytics). We do not use AI to determine final award decisions. Third-party AI tools are bound by contractual confidentiality; your content is not used to train public models without separate consent. Material changes to AI usage will be notified.

17. Cookies & Similar Technologies

  • Strictly necessary cookies: Login/session, fraud prevention, security.
  • Preferences cookies (optional): Language, display settings.
  • Analytics cookies (optional, consent-based): Usage analysis, Platform improvement.

We do not use behavioral advertising cookies. Manage preferences via cookie banner or browser settings. Disabling necessary cookies may impair login or functionality.

18. Data Subject Request Workflow

Self-service: Download your data (JSON/CSV), update profile, manage consents, request deletion via account settings.

Email request: Send to awards@globalhrworld.com (subject: "Data Subject Request – [type]"), include your account email and details.

Response timeframe: Typically within 30 days (or shorter if required).

Verification: We may require identity verification.

Denial: If we decline, we provide reasons and, where required, appeal options.

19. Third-Party Links & Social Features

The Platform may include links to external websites or embedded media. We are not responsible for their privacy practices. Review their policies before submitting personal data.

20. Changes to This Policy

We may update this Policy from time to time. Material changes (new data sharing categories, processing purposes, external partners) will be notified by email or Platform banner at least 30 days before taking effect. Non-material changes take effect immediately upon posting. Continued use after the effective date constitutes acceptance.

21. Limitation of Liability

We implement reasonable security measures, but we are not liable for:

  • Unauthorized access resulting from your failure to secure credentials or devices.
  • Data breaches caused by third-party service providers beyond our reasonable control (subject to our processor agreements).
  • Losses arising from your violation of this Policy or providing false/misleading information.
  • Force majeure events or circumstances beyond our reasonable control.

Our total liability for any privacy-related claims is limited to the amount you paid us in the 12 months preceding the claim, or INR 10,000, whichever is lower, except where prohibited by law or in cases of gross negligence or willful misconduct.

22. Indemnification

You agree to indemnify and hold harmless Learning Everest Private Limited, its directors, officers, employees, agents, and affiliates from any claims, losses, damages, liabilities, and expenses (including reasonable legal fees) arising from:

  • Your violation of this Privacy Policy or applicable data protection laws.
  • Your submission of false, misleading, or unlawful information.
  • Your unauthorized disclosure of other users' personal data.
  • Your breach of any third-party rights, including intellectual property or privacy rights.

23. Contact & Grievance Officer

Controller contact: awards@globalhrworld.com

Postal address:
Learning Everest Private Limited
Global HR World Awards
Office 1022, 10th Floor
Gera's Imperium Rise
Hinjawadi Phase 2
Pune 411057
Maharashtra, India

For residents in India: Once required under the DPDP Act, we will publish details of our appointed Grievance Officer.

For EEA/UK residents: We will publish contact of our EU/UK Representative if required by law.

24. Dispute Resolution & Jurisdiction

Governing Law: This Privacy Policy is governed by the laws of India.

Jurisdiction: Any disputes arising from this Policy shall be subject to the exclusive jurisdiction of the courts in Pune, Maharashtra, India.

Arbitration (Optional): Parties may mutually agree to resolve disputes through arbitration under the Indian Arbitration and Conciliation Act, 1996, with the seat of arbitration in Pune, Maharashtra.

25. Summary of Key User Choices

  • Download your data: Account → Privacy tools
  • Delete your account: Account → Delete account
  • Manage cookies: Cookie banner → Preferences
  • Opt-out of marketing: Unsubscribe link or Account → Preferences
  • Report security concerns: Email awards@globalhrworld.com (subject: "Security Concern")
Privacy Policy | Terms and Conditions
2025 Global HR World Awards. All Rights Reserved.
Powered by Awards Flow Platform