Privacy and data handling policies

What data we collect and how we manage it

Our company is committed to processing data in accordance with its responsibilities under amazon data protection regulations.

a) Amazon data shall be collected under lawful, fair and secure manners.

b) Data will be collected for specified, explicit and legitimate purposes only and not further processed in a manner that incompatible with those purposes.

c) The process of collecting data should use completely latest secure practices like encryption or decryption, so every rest will be encrypted with AES-128 or RSA with 2048-bit key size or higher,
Further processing of data in our premises shall not be considered to be incompatible with initial 30 days.

d) adequate, relevant and limited to what is necessary in relation to the purpose of which the Amazon Data is processed.

e) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that important data is stored in encrypted shape, having regards to the purpose for which the data is processed, stored, used and shared, is erased or rectified within the given time.

f) data processed in a manner that ensures appropriate security of important data, including protection against unauthorized access, unlawful processing and against accidental loss, destruction or damage.

g) To ensure the collection, processing, storing, using and disposing of amazon data is lawful, company’s Data Protection department should audit every relevant system every 90 days with required tools and provided steps along with data protection guidebook.

h) to ensure data protection, company will implement data valid protection like secure locks, data encryption and access authorizations.

i) Individuals have the roles to access the amazon data and any request to the data shall be made in given timely manners.

j) to ensure that Amazon data is kept in a completely safe and secure place, every access is monitored of the database system.

k) to ensure that Amazon data is kept no longer than necessary, the company will remove it from database system.

l) All described principles must be followed strictly by every employee of the company; A breach of data protection guidelines will invoke disciplinary and consequences.