Data Protection and Security Policy
Last Updated: 29 May 2023
At Rosnil Technology Private Limited (“APELABS”), we are committed to protecting the privacy and security of personal data entrusted to us. This Data Protection and Security Policy outlines our practices and procedures to ensure compliance with applicable data protection laws and safeguard the confidentiality, integrity, and availability of personal and sensitive data.
This policy applies to all employees, contractors, and third-party service providers who handle personal or sensitive data on behalf of APELABS. It covers all data processing activities conducted within our organization, including the collection, storage, use, disclosure, and disposal of personal data.
We are committed to complying with all applicable data protection laws, regulations, and standards, including but not limited to the General Data Protection Regulation (GDPR) and any other applicable national or regional data protection laws. We will take all necessary measures to ensure that personal data is processed lawfully, transparently, and for legitimate purposes.
We will collect and process personal data only for specified, legitimate purposes and will ensure transparency in data collection practices.
We will only collect and process personal data that is necessary for the specified purposes. We will avoid collecting excessive or irrelevant data.
We will ensure that personal data is processed based on a lawful basis, such as consent, contractual necessity, legal obligation, vital interests, legitimate interests, or other applicable legal grounds.
Personal data will only be processed for the purposes for which it was collected, unless we obtain explicit consent or as required by law.
We will take reasonable steps to ensure that personal data is accurate, complete, and up to date. Data subjects have the right to request correction of any inaccurate or incomplete data.
Personal data will be retained for no longer than necessary to fulfill the purposes for which it was collected, unless a longer retention period is required by law or for legitimate business purposes.
We will implement appropriate technical and organizational measures to protect personal data against unauthorized access, disclosure, alteration, or destruction. These measures may include encryption, access controls, secure storage, regular backups, and staff training.
We will ensure that personal data is treated as confidential and access is limited to authorized personnel on a need-to-know basis.
In the event of a data breach or security incident, we will promptly assess and mitigate the impact, notify affected individuals and relevant authorities as required by law, and take steps to prevent similar incidents in the future.
We respect the rights of data subjects and will provide them with the necessary means to exercise their rights under applicable data protection laws. This includes the right to access, rectify, erase, restrict processing, data portability, and object to the processing of their personal data.
When engaging third-party service providers to process personal data on our behalf, we will conduct due diligence to ensure their ability to provide sufficient data protection measures. We will establish appropriate data processing agreements and monitor their compliance with this Policy and applicable data protection laws.
We will provide regular training and awareness programs to ensure that employees and relevant stakeholders are knowledgeable about data protection principles, their roles and responsibilities, and the importance of maintaining data security and confidentiality.
This Data Protection and Security Policy will be reviewed periodically and updated as necessary to reflect changes in our data processing activities, legal requirements, and best practices in data protection and security.
For inquiries or concerns regarding data protection and security, data subjects and stakeholders can contact our designated Data Protection Officer:
Data Protection Officer:
Name: Nilesh Jagtap
Email: Nilesh.jagtap@apeitnow.com
Phone: +91 8691903999
APELABS management is responsible for establishing and implementing data protection policies, procedures, and controls to ensure compliance with applicable data protection laws.
All employees and contractors are responsible for handling personal data in accordance with this policy, attending data protection training, and reporting any data protection concerns or incidents to the appropriate channels.
Third-party service providers that process personal data on behalf of APELABS are responsible for adhering to the data protection requirements set out in their agreements and complying with applicable data protection laws.
By using APELABS services or accessing the APELABS website, individuals acknowledge that they have read, understood, and agree to comply with this Data Protection and Security Policy. Failure to comply with this policy may result in disciplinary action, including termination of employment or contractual relationships.
This Data Protection and Security Policy is effective as of the last updated date mentioned at the beginning of this document and supersedes any previous versions. Any updates or modifications to this policy will be communicated through appropriate channels and made available to all relevant stakeholders. This policy is subject to the laws and regulations of the jurisdiction in which APELABS operates. In case of any conflict between this policy and applicable laws, the provisions of the relevant laws shall prevail.
Authorized Representative of APELABS