Who we are

Suggested text: Our website address is: https://tmcltd.com

This privacy notice discloses the privacy practices for (www.tmcltd.com, www.tallymarksconsulting.com, www.old.tallymarks.co, www.mitracs.com, www.tallybiafo.com). This privacy notice applies solely to information collected by this website. It will notify you of the following:

• What personally identifiable information is collected from you through the website, how it is used, and with whom it may be shared with.
• What choices are available to you regarding the use of your data.
• Security procedures are in place to protect against the misuse of your information.
• How you can correct any inaccuracies in the information.

Information Collection, Use, and Sharing

We are the sole owners of the information collected on this site. We only have access to/collect information that you voluntarily give us via email, forms or other direct contacts from you. We will not sell or rent this information to anyone.

We will use your information to respond to you, regarding the reason you contacted us. We will not share your information with any third party outside of our organization, other than as necessary to fulfill your request, e.g. to ship an order.

Unless you ask us not to, we may contact you via email in the future to tell you about specials, new products or services, or changes to this privacy policy.

Your Access to and Control Over Information

You may opt-out of any future contacts from us at any time. You can do the following at any time by contacting us via the email address or phone number given on our website:

• Have us delete any data we have about you.
• Express any concern you have about our use of your data.

Security

We take precautions to protect your information. When you submit sensitive information via the website, your information is protected both online and offline.

Wherever we collect sensitive information (such as credit card data, and personal information), that information is encrypted and transmitted to us in a secure way. You can verify this by looking for a lock icon in the address bar and looking for “https” at the beginning of the address of the Web page.

While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example, billing or customer service) are granted access to personally identifiable information. The computers/servers in which we store personally identifiable information are kept in a secure environment.

This website contains links to other sites. Please be aware that we are not responsible for the content or privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of any other site that collects personally identifiable information.

Information Security Policy

TallyMarks Consulting is highly committed to protecting the confidentiality, integrity and availability of information hosted in its infrastructure from various threats whether deliberate or accidental that could potentially disrupt the cloud services continuity. TallyMarks Consulting shall ensure the effectiveness of the protection mechanisms in particular, business continuity and contingency planning, data backup procedures, avoidance of viruses and hackers, access control to systems hosting cloud services and information security incident reporting. It shall also be ensured that all possible countermeasures adhere to the applicable legal and regulatory requirements.
The Management shall actively support Information Security initiatives within the company by ensuring that:

• ISMS is established, implemented and managed through applicable policies, procedures, and guidelines,
• Adequate resources are provided for implementing the information security controls,
• Information security roles and responsibilities are clearly defined and documented,
• An effective Information security training and awareness program is established,
• Information Assets within the scope of ISMS are identified and their associated risks are identified, analyzed evaluated and appropriate mitigation measures are identified in risk treatment planning,
• Critical services are identified and their backup and recovery plans is established to allow continuity of cloud service business without disruption,
• The mechanism for reporting information security incidents is established for timely incident response and corrective actions,
• Regular assessments including a formal internal audit is conducted to ensure the effectiveness of the implemented ISMS,
• Access to Information Assets is controlled and access rights are reviewed on regular basis to align with changing business needs,
• Employees, contractors and external party users and clients adhere to the established policies and procedures of the organization,
• All IT Projects shall be assessed for Information security-related implications before finalization,
• Appropriate disciplinary actions are taken in case of any information security breach,

Cookies

We use “cookies” on this site. A cookie is a piece of data stored on a site visitor’s hard drive to help us improve your access to our site and identify repeat visitors to our site. For instance, when we use a cookie to identify you, you would not have to log in with a password more than once, thereby saving time while on our site. Cookies can also enable us to track and target the interests of our users to enhance the experience on our site. The usage of a cookie is in no way linked to any personally identifiable information on our site.

Some of our business partners may use cookies on our site (sap.com, hubspot.com). However, we have no access to or control over these cookies.

If you feel that we are not abiding by this privacy policy, you should contact us immediately via telephone at +92 42 35972010 or via email at info@tmcltd.com

__________________

IT Service Management Policy

1. Business Alignment

The provision of services shall be aligned to customer and user needs.

1. Services shall be delivered to a defined quality, sufficient to satisfy requirements identified by the business.
2. A clear service portfolio shall be developed and maintained as a basis for all service delivery and service management activities.
3. For all services, a corporate-level SLA and/or specific SLAs, which have been agreed upon with relevant stakeholders, shall be in place.

2. Process Approach

To effectively manage services and underlying components, a process-based approach to service management shall be adopted.

1. All required processes shall be defined, communicated and improved based on business needs and feedback from the people and parties involved.
2. All roles and responsibilities for managing services (including roles as part of service management processes) shall be clearly defined.

3. Continual Improvement

Service management processes shall be continually improved.

1. Feedback from business stakeholders shall be used to continually improve service quality. All proposals for improvements shall be recorded and evaluated.
2. Service management shall be improved based on continual monitoring of process performance and effectiveness.

4. Training & Awareness

Through training and awareness measures, it shall be ensured that staff involved in service management activities can perform effectively according to their assigned roles.

5. Leadership

Top management is committed to this policy and its implementation. It provides optimized criteria for the resource capacity requirement at the level where Value of Money (VoM) can be achieved.

6. Legal Adherence

The top management and services management implementation team shall ensure that all applicable legal requirements shall be abiding by the organization.

__________________

Location Information

Our app may collect and use your location information only for attendance and security–related features, such as:
Verifying that you are within an approved work location when marking check-in / check-out
Showing your current location on attendance or visit-related screens (where applicable)
We use device location (GPS, Wi-Fi, and network–based) only after you grant permission in your device settings. We do not use location data for advertising, marketing, or profiling.

Location data is:

Used strictly to provide core app functionality (e.g., location-based attendance)
Shared only with our backend systems and your organization, as necessary for attendance and HR records
Not sold to third parties
You can disable location permissions at any time in your device settings; however, certain features (such as location-based attendance) may not work correctly without access to your location.