Modernized energy e-commerce platform powers stellar experiences
Industries
GenAI for good: The Ascendion Approach to Empowering People and Machines
NJBIZ Conversations: Ascendion CEO Karthik Krishnamurthy
Ascendion Pathfinder: Pioneering AI-Driven IT Cost Optimization and Innovation
Ascendion soars as a Rising star in ISG Provider Lens for digital engineering!
Ascendion, Inc. and Ascendion Engineering Solutions LLC henceforth referred to as (‘Ascendion’) strives to comply with applicable laws and regulations related to personal data protection in countries where the company operates. This policy sets forth the basic principles by which the company processes the personal data of customers/clients, candidates, contractors, employees and other individuals, and indicates the responsibilities of its business departments and employees while processing personal data. The policy reflects Ascendion’s commitment to protect the personal information and handle it responsibly to meet business, legal and regulatory requirements related to personal data.
Ascendion complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Ascendion has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF. Ascendion has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit Home (dataprivacyframework.gov)
To establish a comprehensive privacy policy and Data Privacy Framework program. DPF program. EU-U.S. Data Privacy Framework (EU-U.S. DPF) and Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) program, Ascendion has adopted internationally-accepted principles of fair information practice as the basis for this policy. These principles were further aligned with concepts and requirements from the European Union’s General Data Protection Regulation (GDPR) 2016/679. They also follow the framework of the American Institute of Certified Public Accountants (AICPA) Generally Accepted Privacy Principles (GAPP) & the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF)
Ascendion shall notify individuals about the purposes for which it collects, processes, stores and/or discloses information about them. Notice should be communicated in a clear and easy-to- understand manner before it uses such information for a purpose other than that for which it was originally collected or processed by transferring organization or discloses it for the first time to the third party
a) At a minimum, the Notice statement should contain (unless it is evident from the context):
Ascendion shall obtain consent from individuals when required or appropriate. Ascendion should also clearly communicate any choices available when personal data is collected or used by a third party, or disclosed by Ascendion to such parties.
Specifically, when consent is required or appropriate, Ascendion shall:
Consent should be obtained in accordance with EU-U.S Data Privacy Framework and Swiss-U.S Data Privacy Framework laws and regulations (e.g., explicit and/or implicit consent). Additional safeguards that may be required, along with the definition of sensitive or special category of personal data, may vary.
For sensitive information (i.e personal information specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union member-ship or information specifying the sex life of the individual), Ascendion shall obtain affirmative express consent (opt in) from individuals of such information is to be (i) disclosed to the third party or (ii) used for the purpose other than those for which it was originally collected or subsequently authorized by the individuals through the exercise of opt-in choice. In addition, Ascendion shall treat as sensitive any personal information received from a third party where the third party identifies and treats it as sensitive.
Ascendion should collect or obtain personal data only in a fair and lawful manner
Specifically, Ascendion shall
Ascendion shall use, process, store, and/or retain personal data only for legitimate business purposes or as authorized by the individual.
Specifically, Ascendion will use, store, and/or process personal data consistent with:
Ascendion shall retain Personal data in a form identifying or making identifiable the individual only for as long as it serves a purpose of processing within the meaning of 5a. This obligation does not prevent organizations from processing personal information for longer periods for the time and to extent such processing reasonably serves the purposes of archiving in the public interest, journalism, literature and art, scientific and historical research, and statistical analysis. In these cases such processing shall be subject to the other principles and provisions of the Framework and the personal information shall be destroyed according to applicable Ascendion data retention policies and procedures.
Monitoring, security, and compliance:
Individual’s (PII principal’s / data subject’s) rights
Where required by applicable law, Ascendion shall follow applicable procedures to notify individuals, in a timely manner, when a data security incident has occurred, and has resulted or could result in unauthorized access or acquisition of personal information. Colleagues who suspect such an incident should immediately contact the privacy office.
All employees must inform their immediate supervisor, functional head or the Privacy Team (privacy@ascendion.com) immediately about potential or actual instances of violation of the terms of this policy. The Privacy Team will work with the functional head to minimize the impact of data loss, and jointly work out a communication plan. Depending on the classification of the data breach, e.g. whether sensitive data was lost or not, incident information will be shared with the data subject, customers and business partners as appropriate.
All Ascendion businesses, functions, and regions not only internally by employees, but also by all Ascendion temporary staff, contractors, service providers and consultants are expected to fully comply with this policy.
Under certain limited or exceptional circumstances, Ascendion may, as permitted or required by applicable laws and obligations, process personal data without providing notice or seeking consent.
Examples of such circumstances include investigation of specific allegations of wrong doing or criminal activity; protecting employees, the public or Ascendion from harm or wrongdoing; cooperating with law enforcement agencies; auditing financial results or compliance activities; responding to legal requirements or process; meeting legal or insurance requirements or defending legal claims or interests; satisfying labor laws or agreements or other legal obligations; in emergency situations, when vital interests of the individual, such as life or health, are at stake etc.
In addition, Ascendion may, as permitted or required by applicable law and obligations, process personal data without providing access, such as in the circumstances described above; when the privacy interests of others would be jeopardized; or where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy.
Ascendion is not required to obtain affirmative express consent (opt in) with respect to sensitive data where the processing is:
An organization may set reasonable limits on the number of times within a given period that access requests from a particular individual will be met. In setting such limitations, an organization should consider such factors as the frequency with which information is updated, the purpose for which the data are used, and the nature of the information.
The EU-U.S. DPF and Swiss-U.S. DPF principles. Data Privacy Framework principles are relevant only when individually identified or identifiable records are transferred or accessed. Statistical reporting relying on aggregate employment data and containing no personal data or the use of anonymized data does not raise privacy concerns.
The Data Protection Officer shall approve exemptions from adherence to particular provisions of this policy. Exemptions to this policy will only be considered if special circumstances do not allow for the practical implementation of a requirement, if a local or regional law or regulation supports a requested exemption, and if there are compensating controls in place to mitigate the risk.
Coverage by the Data Privacy Framework
Where Ascendion HR/ Ops / Delivery team members in the EU transfers personal information about its employees (past or present) collected in the context of the employment relationship, to a parent, affiliate, or unaffiliated service provider in the United States participating in the Data Privacy Framework, the transfer enjoys the benefits of the Data Privacy Framework. In such cases, the collection of the information and its processing prior to transfer shall be subjected to the national laws of the EU country where it was collected, and any conditions for or restrictions on its transfer according to those laws shall be respected.
Application of the notice and choice principles
Ascendion US receives employee information from the EU under the Data Privacy Framework may disclose it to third parties or use it for different purposes only in accordance with the Notice and Choice Principles. For example, where Ascendion intends to use personal information collected through the employment relationship for non-employment-related purposes, such as marketing communications, Ascendion shall provide the affected individuals with the requisite choice before doing so, unless they have already authorized the use of the information for such purposes. Such use must not be incompatible with the purposes for which the personal information has been collected or subsequently authorised by the individual. Moreover, such choices shall not be used to restrict employment opportunities or take any punitive action against such employees.
Application of the access principle
In compliance with the EU-U.S. DPF and Swiss-U.S. DPF principles. Data Privacy Framework principles, Ascendion commits to resolve complaints about our collection or use of your personal information. European Union and Swiss, individuals with inquiries or complaints regarding our Data Privacy Framework policy should first contact Ascendion at: privacy@ascendion.com
Ascendion has further committed to refer unresolved Data Privacy Framework complaints to International Centre for Dispute Resolution (ICDR), an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please visit at American Arbitration Association | ADR.org
Ascendion commits to cooperate with the panel established by the EU data protection authorities (DPAs) and/or the Swiss Federal Data Protection and Information Commissioner, as applicable and comply with the advice given by the panel and/or Commissioner, as applicable with regard to human resources data transferred from the EU and/or Switzerland, as applicable in the context of the employment relationship.
Elara Caring, a large provider of home-based care, works to ensure their 60,000 patients/clients receive the best possible care, in the comfort of their own homes. To continue enhancing the quality of their services, Elara Caring needed a digital engineering partner.
Elara Caring’s focus on providing excellent at-home healthcare service aligns well with Ascendion’s vision of impacting lives.
Ascendion utilized our AI-powered platform, Ascendion AVA, to transform Elara Caring’s IT support process. This transformation led to improved business productivity, reduced downtime, elevated customer satisfaction, and most importantly, it enabled their caregivers to spend more time with their patients.
Huron, a global consultancy, partners with Ascendion for software engineering in Huron’s product development organization including: sustained and core engineering, product development principles, software development, and quality assurance. We’re helping transform Huron’s legacy products into modern technologies, including cloud. The secret to success? Our cultures align well and center on collaboration and customer success. The shared goals and team approach have led to a true partnership. Huron’s clients in the education and healthcare industries experience benefits such as operational maximizations, strategies, digital transformation, and operational alignment with their people.
Golden 1, a credit union with one million members in California, had a big goal to launch new credit cards but needed help to stay on time and on target. Ascendion engineers developed quality assurance and testing plans for the new credit card product set. Working together, Ascendion and Golden 1 were able to deliver a critical component for a new set of financial products to consumers, ultimately giving members a means to achieve their personal dreams.