Sand Tech Holdings Limited (“Sand”, “we”, “us”) is a company registered in Mauritius.
Sand Technologies is a community of passionate, courageous ‘doers’ where we help the world’s top talent to fulfil their potential and get connected with customers or employers all over the world. At Sand Technologies, people find employment and business opportunities, co-founders, investors, and a thriving community to connect with others and find information.
Our privacy policy applies to any customer, potential customer and their representatives or contact persons of Sand Technologies and generally to any visitor to the Website or applications operated by Sand Technologies, for any related services, sales, marketing or events (we refer to them collectively in this privacy policy as the “Services”). We detail below the purposes of processing, type of personal data and legal basis for the processing.
We never sell personal data to anyone for any purpose. We do not give personal data to others for their own use.
WE HOPE YOU TAKE SOME TIME TO READ THROUGH THIS PRIVACY POLICY CAREFULLY, AS IT IS IMPORTANT. IF THERE ARE ANY TERMS IN THIS PRIVACY POLICY THAT YOU DO NOT AGREE WITH, PLEASE DISCONTINUE USE OF OUR WEBSITE AND OUR SERVICES.
Why we process it | Type of personal data | Our legal basis |
Providing the Services, including related communication | Identification details of the customers/prospective customers and their representatives and contact persons (e.g. full name, business e-mail, phone number, country of residence, company represented and company website) Publicly available personal information (such as maiden name, nickname; current and former address; phone numbers; email addresses; business email; business phone number; information available on the LinkedIn profile (including data available after initial data) and other similar data | to perform our contract with you (tailoring our offer and providing the Services) |
Providing and managing the Website (www.sandtech.com), including user support/inquiries and related communication | Identification details of customers/prospective customers and their representatives and contact persons (e.g. full name, business e-mail, phone number, country of residence, company represented and company website) IP address and referral IP addresses and usage data, for all visitors payment data (your payment instrument number (such as a credit card number), and the security code associated with your payment instrument) | to perform our contract with you (providing the Website) |
Why we process it | Type of personal data | Our legal basis |
Commercial communication with you (marketing) (e.g. sending commercial communications, including promoting events, newsletters or other commercial information, awarding) and Organising marketing events and webinars | Identification details of customers/prospective customers and their representatives and contact persons (e.g. full name, business e-mail, phone number, country of residence, company represented and company website) For communication via social media (e.g. Telegram, WhatsApp, Instagram, or Facebook/Meta, Tiktok, LinkedIn), relevant profiles Data on outreach and deliverability of communications: – advert engagement data (e.g. views, clicks, keywords used, posts engaged with, sentiment reports) – Website Conversion Actions (e.g. form fills, link clicks) and user traffic source. – browsing patterns (e.g. , device type, operation system, number of sessions, pages viewed, time spent on website, link engagement, bounce rate) Image (for marketing of events; photos/videos) IP (for webinars), user logs (e.g. for e-mail communications, for webinars) | Consent for direct marketing Legitimate interest for existing customers |
Feedback and Surveys | Identification details of the individual (e.g. name, address, country of origin, country of residence, age, gender, photo) Contact data (email, phone number) | Your consent |
Data analysis, statistics and reporting (including to identify usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our services, products, marketing and your experience, business intelligence, market research) | For any individual, name, e-mail, location, age, IP address and referral IP addresses, referral URLs, user activity logs, device type, operating system Data on outreach and deliverability of communications: – advert engagement data (e.g. views, clicks, keywords used, posts engaged with, sentiment reports) – Website Conversion Actions (e.g. form fills, link clicks) and user traffic source. – browsing patterns (e.g. , device type, operation system, number of sessions, pages viewed, time spent on website, link engagement, bounce rate) – user behaviour (e.g., browsing history, preferences) Data is aggregated for this purpose. | Legitimate interest |
Why we process it | Type of personal data | Our legal basis |
For our IT operations management, security purposes and to diagnose technical issues | all the personal data we collect for the Services | To comply with the law (securing personal data from unauthorised access) and for our legitimate interest |
Compliance with legal requests from public authorities, with our legal obligations, or for the establishment, exercise, or defence of legal claims | all the personal data we collect for the Services | To comply with the law and for our legitimate interest |
For reorganisation of our business (such as transfers, mergers, spin-off) | all the personal data we collect for the Services | Our legitimate interest |
For our internal collaboration and communication | all the personal data we collect for the Services | Performance of a contract and our legitimate interest to improve our product and your experience |
We collect personal information that you provide to us.
We collect personal information that you voluntarily provide to us when contacting us on the Website, expressing an interest in obtaining information about us or our products and Services, when participating in activities initiated by us (such as events, webinars or entering competitions, contests, giveaways, other activities) or otherwise contacting us.
All personal information that you provide to us must be true, complete and accurate, and you must notify us of any changes to such personal information.
The personal information that we collect depends on the context of your interactions with us, the choices you make and the products and features you use, including publicly available personal information as detailed above.
If you are an existing or previous member of part of the Sand ecosystem, we may send you promotional emails about initiatives or Services that are similar to what you have done with us before. You have the right to opt out of receiving these emails at any time by:
However, we will still need to send you service-related emails that are necessary for the administration and use of the Services.
In all other circumstances, we will only send marketing emails to your individual email if you have explicitly opted in to our marketing list in advance.
We never sell personal data to anyone for any purpose. Also, we will not give your data to others for their own use without your permission.
We may need to process your data or share your personal information in the following situations:
I. We may share your data with third-party vendors, service providers, consultants, contractors or agents who perform services for us or on our behalf and require access to such information to do that work, such as:
Such third-party service providers are also not allowed to reuse your personal data for their own purposes.
II. We sometimes share personal data with third parties as part of providing our services or to comply with our legal duties. These third parties can include:
The Services data is held in AWS cloud, and hosted in the United States of America. Generally, we only store data with a provider if we are satisfied they protect it with robust policies and cybersecurity measures.
We have implemented appropriate technical and organisational security measures designed to protect the security of any personal information we process. However, please also remember that we cannot guarantee that the internet itself is 100% secure. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the services within a secure environment.
All external processors have contracts with us. They are required not to reuse your personal data for their own purposes unless they observe the applicable privacy requirements.
The Services data is transferred to the United State of America (by using several service providers which host data in the United State of America, such as AWS, HubSpot, SuperSet, SalesForce, Google suite). Also, sometimes we need to send personal data to other countries, such as when we send data to another office / local hub in our corporate group (Egypt, Kenya, South Africa, Malawi, Nigeria, Ghana, Ethiopia, Morocco, Rwanda, Romania, UK, Estonia).
We take note here of the adequacy decision of the European Commission for the EU-U.S. Data Privacy Framework, which concludes that the United States ensures an adequate level of protection – comparable to that of the European Union – for personal data transferred to US companies under the new framework. AWS, HubSpot, SalesForce, Google are already part of the EU-U.S. Data Privacy Framework.
When we send data to a country that does not have “adequate” data protection laws according to the European Commission, we will only send the data after agreeing to the standard data protection contract clauses approved by the EC. You can see a copy of these standard clauses on the EC website here: Standard Contractual Clauses (SCC) (europa.eu). We will also take supplementary measures, if necessary, to compensate for any lack of protection afforded by the laws of the recipient country.
If you would like further information about data transfers to other countries please contact us.
We keep your information for as long as necessary to fulfil the purposes outlined in this privacy policy unless otherwise required by law (such as tax, accounting or other legal requirements).
No purpose in this policy will require us keeping your personal information for longer than 90 days past the termination of you contacting us on the Website, without entering into further negotiations or concluding an agreement with us.
Generally, when we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
If you have any questions in this regard, or any concerns about how long we keep your information for, please contact us using the details below.
You can ask us to:
You can object:
If we are relying on your consent (permission) to use your personal data, you can withdraw your consent any time. However, in some cases if you withdraw consent:
For further information on your rights, please contact us by email or post:
Sand Tech Holdings Limited
6th Floor, Tower A
1 Cybercity
Ebène
Mauritius
legal@sandtech.com.
Yes, if you are a resident of California, you are granted specific rights regarding access to your personal information.
California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to us using the contact information provided below.
If you are under 18 years of age, reside in California, and have contacted us on the Website or for the Services, you have the right to request removal of unwanted data that you shared with us. To request removal of such data, please contact us using the contact information provided below, and include the email address associated with your correspondence and a statement that you reside in California. We will make sure the data is not publicly displayed, but please be aware that the data may not be completely or comprehensively removed from our systems.
If you wish to complain about our use of personal data, we would appreciate the chance to deal with your concerns first. If you still wish to complain, please consult the Mauritius Data Protection Office website at https://dataprotection.govmu.org/
If you are resident in the EEA (which includes the EU), the GDPR also gives you right to lodge a complaint with your local data protection regulator.
This privacy policy was published on 20 October 2023. We periodically review this policy, and we will publish any changes on this Website which will be effective as soon as it is accessible. If we make material changes to this privacy policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy policy frequently to be informed of how we are protecting your information.
Please contact us by post, email, or telephone if you have any questions about either this policy or the information that we hold about you: