Website Privacy Statement

1. Milestone Technologies Privacy Commitment 

At Milestone Technologies, we are deeply committed to protecting your privacy and ensuring the security of your personal information. Our dedication to privacy extends across all aspects of our operations, from the collection and processing of data to its storage and disposal. We adhere to stringent data protection standards and comply with applicable laws and regulations to safeguard your information. This Privacy Statement undergoes through regular reviews and updates.  

Our practices are designed to ensure transparency, providing you with clear information about how your data is used, and giving you control over your personal information. We continuously review and enhance our privacy measures to adapt to evolving legal requirements and technological advancements, reinforcing our commitment to maintaining the trust you place in us.


2. Who are we? 

At Milestone Technologies, we collaborate with leading organisations to deliver technological services at large scale, accelerate digital operations, develop innovative applications and drive organisational efficiencies. As the data controller responsible for processing your personal data, we prioritise the protection and privacy of your information. This Privacy Statement applies to individuals who are clients, prospective clients, job applicants, and all other external stakeholders, who are visiting the website. 

This Privacy Statement outlines how we collect, use, and protect your information when you visit or interact with our website “milestone.tech”. As a US-based company serving clients all across the globe, we comply with the California Consumer Privacy Act of 2018 (‘CCPA’) and California Privacy Rights Act, 2020(‘CPRA’); EU General Data Protection Regulations, 2018 (‘EU GDPR’), United Kingdom General Data Protection Regulation, 2021  (‘UK GDPR’) and UK Data Protection Act, 2018 (‘UK DPA’), India Digital Personal Data Protection Act, 2023 (‘DPDPA’), Singapore Personal Data Protection Act, 2012 (‘PDPA’) and Philippines Data Privacy Act, 2012 (‘DPA’).


3. How and when we collect the Personal Data 

We collect and process Personal Data in accordance with but not limited to: 

  • When you reach out with a query for the services provided by Milestone via the “contact us” page on the website; 
  • When you apply for the available job vacancies and apprenticeship vacancies using our job portal; 
  • When you subscribe to our updates on the website; 
  • When you register for our marketing activities such as newsletters, events and seminars.

4. Children Data

We do not intend to collect Personal Data from minors (the applicable age thresholds are subject to the laws and regulations of the country from which you are accessing the website) .  If you are a minor, please refrain from using the services, providing information, registering an account, or engaging in interactive features on our website.   

If you believe that we may have unknowingly collected and processed personal data from minors without parental consent , please contact us at privacy@milestone.tech so that we may adopt immediate measures to remove the information from our servers.


5. Use of your Information

5.1 Information you provide to us directly

5.2 Information we automatically collect from you

We only process your personal data for the purposes described above and ensure that the processing is necessary, proportionate, and limited to what is necessary for the purposes for which it was collected. If we use your personal data for other purposes than for what it has been collected for, it shall be done with your express and implied consent.

 

6. Lawful Bases for Collection and Processing of the Data 

Personal data is processed lawfully based on valid legal grounds, including consent (e.g., marketing, withdrawable anytime), contractual obligations (e.g., queries and support), legal compliance (e.g., tax, records), vital interests (e.g., emergencies), public interest, or legitimate interests (e.g., service improvements). We uphold these principles while safeguarding your rights. For privacy inquiries, contact us at privacy@milestone.tech.

 

7. Data Subject Rights

Under Applicable Data Protection Laws, and depending on your jurisdiction, you have a number of rights when it comes to your Personal Data. Following section explains the different rights you have under different jurisdictions:

Explanation of the Rights 

  • Right to Information: You have the right to receive clear and transparent information about the processing of your Personal Data. 
  • Right to Access: You have the right to request and obtain a copy of your Personal Data held by Milestone Technologies. 
  • Right to Rectify: You can request the correction of inaccurate or incomplete Personal Data without undue delay. 
  • Right to Erasure: You have the right to request the deletion of your Personal Data. 
  • Right to Restrict Processing: You have the right to limit the processing of your Personal Data by Milestone Technologies 
  • Right to Data Portability: You have the right to transfer of your data to another Controller, where technically feasible. 
  • Right to Object: You have the right to object to the processing of your Personal Data. 
  • Right to Object to Automated Processing: You have the right to object to decisions made solely through automated processing, including profiling. 
  • Right to Grievance Redressal: You have the right to raise a complaint if you believe your personal data is not handled as stated in this privacy statement. 
  • Right to Nominate or Transmission Rights of Data Subject: You have the right to nominate another individual to exercise your rights in case of death or incapacity due to unsoundness of mind or infirmity of the body. 
  • Right to Claim Damages: You have the right to seek compensation for damages resulting from the unauthorized processing, disclosure, or mishandling of your personal data. 
  • Right to Withdraw Consent: You can withdraw your previously given consent for data collection, use, or disclosure at any time. 
  • Right to Accuracy: You have the right to request accurate information where the data controller must use reasonable efforts to ensure accuracy and completeness of the data.   
  • Right to Protection: You have the right to protection where Milestone is collecting and processing the data must take reasonable security measures to protect the data. 
  • Right to Private Action: You have the right to seek redress through civil proceedings in court if you suffer direct loss or damage due to Milestone’s violation of provisions in the act. 
  • Right to Know about the personal information collected, disclosed or sold: You have the right to request Milestone to disclose the categories and specific pieces of personal information collected, disclosed and sold to third parties. 
  • Right to Opt out of Sale of Personal Information: You have the right to opt-out of the sale or sharing of your personal information by Milestone to third parties. 
  • Right to Limit Use and Disclosure of Sensitive Personal Data: You have the right to request to limit the use and disclosure of your sensitive personal information.  
  • Right to Non-Discrimination for exercising CCPA Rights: You have the right to seek non-discrimination against the services provided by Milestone upon exercising any of the rights.
 

On receipt of a request for the exercise of any of the rights stated under this Privacy Statement, we shall make our best efforts to respond to and resolve the same without undue delay within a period as per the governing laws. If the requests received are complex or numerous we may, by giving you notice, extend this period. We reserve the right to charge you an administrative fee to process your request, we shall notify you of such fee before proceeding with your request.

To exercise your rights under the applicable laws, you can reach out to us via email at  privacy@milestone.tech.

 

8. Information Shared with Third Parties 

Milestone does not sell, rent or lease your Personal Data to third parties without your consent. To provide you with our services and improve your experience, we may need to share your data with trusted third parties. We ensure that we enter into binding confidentiality agreements with such Processors and that they are compliant with data protection standards of all the applicable jurisdictions.

 

9. International Data Transfer:

Milestone Technologies may transfer your personal data to recipients in countries outside the jurisdiction where it was originally collected. Such transfers will only take place where the recipient jurisdiction provides an adequate level of protection for personal data under applicable law, or where Milestone Technologies implements one or more of the following safeguards:

 

Adequacy Decisions:
Transfers to countries or territories recognized by the European Commission as providing an adequate level of data protection under EU law.

 

Standard Contractual Clauses and Binding Corporate Rules:
Where no adequacy decision exists, Milestone Technologies relies on the European Commission’s Standard Contractual Clauses (SCCs) or approved Binding Corporate Rules (BCRs), under which both Milestone Technologies and its service providers are contractually bound to implement appropriate safeguards to protect the personal data equivalent to EU GDPR.

 

Local Transfer Mechanisms:
For data transfers governed by non-EU frameworks, Milestone Technologies uses any government-approved transfer instruments or contractual clauses as required by:  

  1. India’s Digital Personal Data Protection Act, 2023;
  2. Singapore’s Personal Data Protection Act, 2012;
  3. Philippines’ Data Privacy Act, 2012; and
  4. California’s Consumer Privacy Act, 2018 (CCPA) and California Privacy Rights Act, 2020 (CPRA).
 

Technical and Organizational Safeguards:

In all cases, Milestone Technologies supplements contractual protections with additional measures—such as encryption in transit and at rest, pseudonymisation of personal data where feasible, strict role-based access controls, and periodic security audits to ensure the confidentiality, integrity, and availability of your personal data.

 

10. Data Security and Confidentiality

We uphold the confidentiality and security of your personal data through various technical and organisational measures as prescribed by the applicable regulations. Milestone Technologies maintain SOC Type 2 and ISO 22301:2019 certifications reflecting our commitment to maintain robust security standards to safeguard your data. Access to your personal data is allowed to restricted number of our personnel based on need-to-know basis.  

 

We implement security controls to prevent breaches and unauthorised access. Our data collection and processing are limited to only the necessary personal data for the intended purposes, minimising the risk of unauthorised access. 

 

We provide regular training to our employees on data protection and security best practices to ensure they understand their responsibilities in safeguarding your data. In the rare event of a data breach, we have a response plan ready to quickly assess the situation, mitigate any harm, and notify the necessary authorities and affected individuals.

 

11. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or to comply with applicable legal and contractual obligations. Upon expiration of the retention period, the data will be securely deleted. Where deletion is not technically feasible, we will implement appropriate safeguards to prevent any further processing or unauthorized access. 

 

For the data we process based on your consent, if you withdraw your consent at any time, we delete your information as soon as your request is verified.

 

12. Cookies

We use cookies and similar technologies on our Website and Services to help us collect personal data. These technologies help us to better understand user behaviour including for security and fraud prevention purposes, tell us which parts of our website people have visited, and facilitate and measure the effectiveness of web functions. For more details on how we process cookie data and your control over it, please refer to our Cookie Policy.

 

13. Additional Information to California Residents

If you are accessing our website from California, your personal information will be handled in accordance with the California Consumer Privacy Act of 2018 (CCPA) and the California Privacy Rights Act of 2020 (CPRA). 

 

We collect the following categories of personal information when you interact with our website: 

  • Identifiers – such as your name and phone number (phone number will be collected and processed only if you apply for job or apprenticeship vacancies); 
  • Geolocation Data – such as the location of your device; 
  • Internet or Network Activity – including browsing behaviour and usage patterns.
 

We do not sell or share your personal information for monetary or other valuable consideration without your consent. We have not disclosed/sold your information in the past twelve months (12 months) immediately preceding the last update of this Privacy Statement.

We may disclose your personal information to authorized third parties or service providers for limited business purposes under strict contractual obligations.

You hereby consent to the collection, use, and limited disclosure of your personal information for the business purposes outlined above. You further acknowledge and agree that such information may be disclosed within twelve (12) months following the latest update to this Privacy Statement, consistent with applicable law

For more details or to exercise your rights, please refer to section 7 of this Privacy statement.

 

14. Monitoring Review and Update

We may update this policy from time to time. In case of significant changes, this will be informed to you via notice on the website and revised the ‘Last Updated’ date. We request you to periodically review the website and continued use of the website and services indicate your consent to changed terms.  The policy has been last reviewed on 05/05/2025.

 

15. Dispute Resolution

Milestone welcomes your comments regarding this Privacy Statement. If you believe that we have not adhered to this Privacy Statement, you may convey the same to us by contacting us in the manner mentioned below. In your email, please describe in as much detail as possible ways in which you believe the Privacy Statement has not been complied with. In addition to the foregoing, any disputes arising under this Privacy Statement shall be governed by the laws of the State of California.

 

16. Contact Us

If you have questions or complaints regarding this Policy or the use of our services, you may contact us via email at privacy@milestone.tech. You may also contact us at our mailing address as provided below. Please mention “Data Privacy” as the Subject in your mail for convenience.  

Skip to content