Data Retention Policy
1. Intent of the Policy
This Policy is intended to safeguard user records collected and retained by https://msmeudyogadhar.org. This policy details out what is expected of https://msmeudyogadhar.org employees and other stakeholders involved in retention of data and its protection.
Personal data shall be kept in a form which permits the identification of users for no longer than is necessary for the reasons why the personal data is processed. In certain cases, personal data may be stored for longer periods where that data is to be processed for archiving purposes that are in the public interest, for scientific or historical research, or for statistical purposes, subject to the implementation of the appropriate technical and organisational measures required to protect that data.
This Policy sets out the types of personal data held by https://msmeudyogadhar.org, the duration of its retention, the criteria for establishing and reviewing the length of such duration and when it is to be deleted or otherwise disposed of.
2. Some Key Terms
a. “User” (hereinafter collectively referred to as “You”, “Your”,), mean our customers who use our Service(s) or any other natural person who visit our website(s) and whose personal data is being collected, held or processed by https://msmeudyogadhar.org.
b. “Service Data” means all electronic data, text, messages or other materials, including personal data of Users, submitted to the service(s) by You in connection with Your use of the service(s), including, without limitation, to Personal Data.
c. “Personal Data” means data relating to a living individual who is or can be identified either from the data or from the data in conjunction with other information that is in, or is likely to come into, the possession of the https://msmeudyogadhar.org.
3. Aims and Objectives
a. The primary aim of this Policy is to set out limits for the retention of Service Data or personal data.
b. In addition to safeguarding the rights of users by ensuring that excessive amounts of data are not retained by https://msmeudyogadhar.org, this Policy also aims to improve the speed and efficiency of managing data.
a. This Policy applies to all personal data and information held by https://msmeudyogadhar.org for the sole purpose of processing and fulfilling requests made by users.
b. This policy applies on all https://msmeudyogadhar.org workstations – desktops, laptops, servers, physical modes of personal data collection including but not limited to physical forms, visitor logs, visiting cards collected etc, this policy also covers all virtual machines including cloud servers under control of https://msmeudyogadhar.org.
5. What Are Records?
b. Such records may be of one person or may be of several persons. Such records may be present in electronic format or as a paper copy. Such records may be present inside the local machines or on a cloud or simply as a printout on a paper.
6. Data Retention
a. https://msmeudyogadhar.org shall not retain any personal details for longer than is necessary considering the purpose(s) for which that data is collected, held, and processed, unless required by the law.
b. Different types of personal data, used for different purposes, will necessarily be retained for different periods (and its retention periodically reviewed).
c. When establishing and/or reviewing retention periods, the following points shall be considered:
- i. The objectives and requirements of https://msmeudyogadhar.org; ii. The type of personal data in question; iii. The purposes for which the data in question is collected, held, and processed;
d. If a precise retention period cannot be fixed for a particular type of data, criteria shall be established by which the retention of the data will be determined, thereby ensuring that the data in question, and the retention of that data, can be regularly reviewed against those criteria.
e. Certain personal data and details may be deleted or otherwise disposed of prior to the expiry of its defined retention period where a decision is made within https://msmeudyogadhar.org to do so whether in response to a request by a user or otherwise.
f. The required retention period for any category of documents not specifically defined elsewhere in this Policy including the Data Retention Schedule covered under Annexure 1, unless otherwise mandated differently in accordance with applicable law, will be deemed to be 12 months from the date of creation of the document.
7. Storage and Transfer of Data
Your Personal Details and files are stored on https://msmeudyogadhar.org servers and the servers of companies hired by us to provide services to us. Our servers located in India; however, your personal information may be transferred across national borders as the companies we hire to help us run our business may be located in different countries around the world. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
8. Security of Information
We understand that the security of your personal information is very important. Sensitive and private data exchange between the Site and its Users happens over an SSL secured communication channel and is encrypted and protected with digital signatures. Our Site is also in compliance with PCI vulnerability standards in order to create as secure of an environment as possible for you to protect data. While we provide administrative, technical, and physical security controls to protect your personal information. At the same time, it is important for you to protect against unauthorized access to your password and to your computer. Be sure to logged out when finished using a shared computer. However, despite our efforts, no security controls are 100% effective and we cannot ensure or warrant the security of your personal information.
9. Data Disposal
Upon the expiry of the data retention periods set out in our Policy, personal data shall be deleted, destroyed, or otherwise disposed unless as required by the law.
10. Roles and Responsibilities
a. The grievance officer shall be responsible for overseeing the implementation of this Policy and for monitoring compliance with this Policy, https://msmeudyogadhar.org other data management policies, with the Information Technology Act 2008(Amended) and other applicable data protection rules and legislations.
b. Any questions regarding this Policy, the retention of personal data, or any other aspect of compliance with IT Act 2008 should be referred to the grievance officer.
Exemptions for prolonging of retention periods covered in this Policy in view of special circumstances are mentioned below:
- Ongoing investigations from any competent authorities under Indian law, if there is a chance records of personal data are needed by us to prove compliance with any legal requirements; or
- When exercising legal rights in cases of lawsuits or similar court proceeding.
11. Implementation of Policy
https://msmeudyogadhar.org expects that its Users read and understand this policy mentioned on the website and in case you are unable to understand anything, you are required to contact the grievance officer of this Policy who is available at support@ msmeudyogadhar.org
This Policy has been approved and authorised by the Partners of https://msmeudyogadhar.org.