Privacy policy

ExlService Holdings, Inc. and its subsidiaries (“Company”, “we” or “us”) have a long-standing commitment to safeguard the privacy of information entrusted to us. The privacy principles and procedures which we have set out below are intended to tell you how we collect, use, distribute and erase personal information using our primary public website (the “Web site”). This statement also applies generally to all websites operated by the Company (collectively, the “Websites”) or when you interact with us using social media channels.

Information collection

We collect, use, and distribute information from and about you and any devices you use to interact with us in different ways while you are using our services. If you use this website, personal information about you may be collected and processed by the Company, its employees and affiliates, and any relevant service providers.

Information you give us

We collect information that you provide when you communicate with us through different methods. When you interact with us using social media, we collect your social media handle and basic account information. For example, if you contact us through our “Contact us” page we will collect your name, contact details, and place of work. Then we use this information to respond to you. We limit access to personal information about you (except as otherwise disclosed in this privacy statement) to employees who need to come into contact with that information to provide products or services to you or in order to do their jobs. If you access the restricted access portions of our Websites, you may be required to provide additional information (see below).

If you use restricted access or password protected portions of the websites, we collect certain additional information from you (“Registration information”). Registration information includes your name, title, street address, city, state, country, postal code, telephone number, and e-mail address, and any other information useful to our products and services. We will use this information in order to comply with our contractual obligations to you, communicate with you, maintain our internal records, comply with any legal or regulatory obligations we are subject to under local laws, and to enforce and protect our rights. In addition, in the restricted access or password protected portions of company’s websites, information (including Registration information) you provide may be shared with other customers with access to restricted access or password protected portions of Company’s websites. We provide this information to enable our customers to directly contact each other.

Our legal basis for processing personal information that you provide to us via our websites is that it is necessary for our legitimate interests in conducting and developing our business, and meeting and anticipating the requirements of our current and prospective customers.

Information that is automatically collected

The Company automatically collects or processes personal information such as your Internet domain, IP address, browser type, type of operating system you use, the domain name of your internet service provider, and pages visited on the website, as part of the operation of this site or during the course of your activities on this website.

Information that we collect using cookies

The Company uses “cookies” in connection with the operation of its websites. If you visit any restricted access or password protected portions of Company’s websites, cookies will be placed on your device, which may include or be linked to personal information. The Company uses cookies to allow authentication in restricted access or password protected portions of Company’s web sites. Cookies are small pieces of information that are stored on your computer by company’s web site server. Cookies are used for record-keeping purposes: the stored information can be retrieved by the Company’s web site server when you return to the Web site. This allows Company to personalize or regulate the use of the site, and also permits Company to automate the access and data-entry functions of the site (e.g., login information) and to tailor the appearance or presentation of the site to your preferences or interests.

You may wish to adjust your web browser to inform you whenever a cookie is to be used, or to reject all cookies automatically. However, if you elect not to accept cookies, some parts of the Website may not function properly or permit access. For more information on how we use cookies, see

International transfers of your information

In nearly all cases, the above described data may be collected or processed by, and transferred to, the Company’s facilities in the United States and in other jurisdictions where the Company performs its business activities, such as India, South Africa, Australia, the Philippines, Colombia, and Europe; the data may then be subject to the legal systems of those countries. This may be done through the website’s internet service provider (ISP) or through the use of such tools as google analytics. This information is gathered to improve the quality of our services and our ability to market those products and services to specific individuals and organizations that could benefit from them.

You may contact us to find out more about the relevant safeguards in place for cross-border transfers (see “Contact information” below).

Information disclosure

Sharing with affiliates, parties and suppliers of services

We share data, including information about you, with our affiliates, partners, subsidiaries and companies or individuals who provide services to or on behalf of the Company throughout the world, such as service providers assisting us in carrying out transactions or providing services for you

How personal information is shared with third-parties

The Company may disclose information to third parties in connection with mergers and acquisitions, when required by regulatory authorities, law enforcement agencies or other legal process, or to protect and defend the rights or property of Company.


Occasionally, the Company may use the information that the Company collects on you to notify you about important changes to the website, new services and offers Company thinks you might find valuable.

Individuals and organizations who do not wish to receive those mailings or materials (whether e-mail or paper mail) or who believe they are receiving those mailings by mistake can contact Company (as described below under Contact information) and request their removal from our mailing list.

Special information for California residents

The California Consumer Privacy Act (“CCPA”) provides California residents with rights to receive certain disclosures regarding the collection, use, and sharing of “Personal information,” as well as rights to access and control personal information. The CCPA defines “Personal information” to mean “information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.” Certain information we collect may be exempt from the CCPA because it is considered public information (i.e., it is made available by a government entity) or covered by a federal privacy law, such as the Gramm–Leach–Bliley Act, the Health Insurance Portability and Accountability Act, or the Fair Credit Reporting Act.

To the extent that we collect personal information that is subject to the CCPA, that information, our practices, and your rights are described below.

Right to information regarding the categories of personal information collected, sold, and disclosed

Please see the notice of California consumer data collection and sharing practices, below.

Right to access information

You have the right to request access to personal information collected about you and information regarding the source of that information, the purposes for which we collect it, and the third parties and service providers with whom we share it. To protect your Personal Information, we are required to verify your identify before we can act on your request.

Right to request deletion of information

You have the right to request in certain circumstances that we delete any personal information that we have collected directly from you. We may have a reason under the law why we do not have to comply with your request, or why we may comply with it in a more limited way than you anticipated. If we do, we will explain that to you in our response.

Right to opt out of sale of personal information to third parties

You have the right to opt out of any sale of your personal information by the Company to third parties. To exercise this right, please visit our “Do not sell my personal information” webpage. Please note that your right to opt out does not apply to our sharing of personal information with service providers, who are parties we engage to perform a function on our behalf and are contractually obligated to use the personal information only for that function.

Your California privacy rights

Residents of the State of California also have the right to request information regarding third parties to whom the company has disclosed certain categories of Personal Information during the preceding year for the third parties’ direct marketing purposes.

How to submit a request

You may submit a request to exercise your rights through any one of three means:

  • By visiting the privacy page in your account portal, where you can request and download specific pieces of information we have collected. By logging in to your account to submit the request, you will be able to automatically verify your identity, which will result in faster processing of your request.
  • By filling out a consumer data request form available here.
  • By calling us at the applicable office or, if available, the designated 800 number.

Notice of California consumer data collection and sharing practices.

The following is a description of our data collection practices, including the personal information we collect, the sources of that information, the purposes for which we collect information, and whether we disclose that information to external parties. We may use any and all of the information for any of the purposes described in the privacy policy, unless limitations are listed. The categories we use to describe the information are those enumerated in the CCPA.

  • Personal identifiers:
    • We collect first name, last name, company name, email address, telephone number, location/country, and contact address when you contact us via the Website. If you use restricted access or password protected portions of the Website, you also will be asked to create a username, and we will assign one or more unique identifiers to your profile. We will also collect registration information such as your name, title, postal address, telephone number, e-mail address.
    • o We collect your social media handle and basic account information when you interact with our services through social media. We use this information to respond to your requests or complaints.
    • We do not collect your payment information.
    • We do not collect your social security number, driver’s license number, or passport number.
    • We do not collect any medical information or health information about you.
    • We collect your IP address automatically when you use our services.
    • We collect information about the type of device being used and your internet service provider automatically when you use our Services.
  • Protected classifications: We collect information related to your age and gender when you visit the website in order to assess the performance of the website and learn about our visitors. We also collect age information in order to comply with laws that restrict collection and disclosure of personal information belonging to minors. We do not collect information regarding race, religion, ethnic origin, or sexual orientation.
  • Commercial information: When you submit inquiries about our goods or services, we create records of goods or services considered, as well as purchasing or consuming histories or tendencies.
  • Biometric information: We do not collect information about your physiological, biological, or behavioral characteristics.
  • Internet or other electronic network activity information: When you navigate to and use the Website, we collect information such as your Internet domain, the domain of your Internet service provider, the date and time that you access the Website, the Internet address of the web site from which you linked directly to the website, and the pages you visit on Company’s websites. We do not collect information regarding the navigational habits of identified users without obtaining the users’ consent.
  • Geolocation data: As described above, we collect your IP address automatically when you visit the Web site. We may be able to determine your general location based on the IP address. We do not collect your precise location (e.g., your GPS coordinates).
  • Audio, electronic, visual, thermal, olfactory, or similar information: If you contact us via phone, we may record the call. We will notify you if a call is being recorded at the beginning of the call. We do not collect your image or any thermal, olfactory, or similar information.
  • Professional or employment-related information: We collect your place of work when you contact us via the website. If you use restricted access or password protected portions of the websites, your job title is among the registration information that we collect.
  • Education information: We may collect any information about the institutions you have attended or the level of education you have attained.
  • Inferences drawn to create a profile about a consumer reflecting the consumer’s preferences or characteristics: We do not analyze personal information collected via Company’s web sites to create consumer profiles.

We may share any of the above-listed information with service providers, which are external parties that we engage for business purposes. However, such service providers are restricted from using personal information for any purpose that is not related to our engagement. The categories of service providers with whom we share information and the services they provide are described in our privacy policy.

On certain occasions, we also sell information to third parties. An external party may be considered a third party either because the purpose of sharing is not an enumerated business purpose under California law, or because our contract does not restrict them from using personal information for other purposes. To “sell” information means to disclose it to an external party for monetary or other benefit. We sell the following information:

  • Personal identifiers:
    • If you use restricted access or password protected portions of the websites, we share certain registration information with third parties to enable our customers to directly contact each other.

We may also disclose information to other external parties who are not listed here when required by law or to protect Company or other persons, as described in our privacy policy.

Security measures

The Company has implemented technological and operational security processes to protect information from loss, misuse, alteration, or unintentional destruction. While no security measure can guarantee against compromise, the Company regularly reviews and updates its security measures in accordance with industry standards, in an effort to provide appropriate security for all information held by Company.

Modifications to statement

The Company reserves the right to change, modify, or update this statement at any time. We indicate the date of the current statement below, so you know when it was last updated. Continued use of the website after any such revision or modification constitutes your acceptance of the privacy statement as so revised or modified, where permitted by law.

Access and accuracy

Company wants to maintain only accurate information about users of the website. You can request access to your personal information by contacting Company in writing at Upon receipt of appropriate identification information, and where required by applicable data protection laws, the Company will provide you with access to the information that it maintains about you. If you find factual inaccuracies, please notify Company so that they may be corrected.

Your rights

In addition to your right to request access to your information and right to erasure you may have other rights under applicable data protection laws.

Please contact if you would like to make a request.

You may also have the right to complain about the use of your personal information to a applicable authority with oversight of applicable data protection laws.

Data retention

Company will not retain your personal information longer than is necessary for the purpose it was collected, and in order to comply with the requirements of any applicable law or regulation.

For example, if your personal information has been provided to us in connection with the ordering of a service, we will retain it for as long as is necessary to provide that service, and for as long any legal action could be brought in relation to it.

Linked web sites

We may provide links to third party sites. Since we do not control these web sites, we encourage you to review the privacy statement posted on these (and all) third party sites. The Company is not responsible for the privacy statements or practices of sites and services controlled by other companies or organizations.

Contact information

Customers should direct comments or questions regarding this statement, who can be contacted at


Consumer data request form*

Do not sell my personal information

DSR request form

* For California residents only

# For individuals from other geographies such as EU/UK, South Africa etc.