PRIVACY POLICY

RNIT Solutions and Services Limited is committed to protecting any personal information that we may receive while you access our website and mobile application and strive to maintain the privacy of your Personal Information. We believe it is important for you to know how we treat information about you that we may receive when you engage with us. This Privacy Policy is devised to help you feel more confident about the privacy and security of your personal details. 'You' shall mean You, the User of the Website/ Application and ‘Yourself’ interpreted accordingly. 'We' / 'Us' means RNIT Solutions and Services Limited and 'Our' interpreted accordingly. 'Users' means the Users of the Website/ application collectively and/or individually as the context allows.

“Personal information” is any information that can be used by itself to uniquely identify, contact, or locate a person, or can be used with information available from other sources to uniquely identify an individual.

Personal Information collected and/or held by us may include but is not limited to your name, father's name, mother's name, spouse's name, date of birth, current and previous addresses, telephone number, mobile phone number, email address, occupation, and information contained in the documents or images used as proof of identity and proof of address.

For the purpose of this policy, sensitive personal data or information like financial information (such as bank account or credit card or debit card or other payment instrument details), passwords or authentication information for any of our products or services etc. has been considered as a part of Personal Information.

We may collect, store, process and transfer your Personal Information well in accordance with the applicable laws and regulations for a variety of regulatory and business purposes. These may include, but are not limited to:

This Privacy Policy describes the Personal Information which we may collect and provides our approach towards handling and usage of or dealing with the same in compliance with the applicable laws and regulations.

Please read the terms of this Privacy Policy carefully. By using and continuing to use our products and services, you are deemed to have accepted and consented to the terms of this Policy.

This Privacy Policy applies to your “Personal Data,” that is either processed by us as Data Controller as per the instructions received by the customers or as Data Processors for processing on behalf of our customers, data of beneficiaries in accordance with applicable laws. This privacy policy describes the information collected by us as Data Controller for our customers through our applications as well as data/information processed by us as Data Processor on behalf of our your Data Controllers for beneficiaries through our applications. It also describes the purposes for which we collect that personal information, the parties with whom we may share it and the measures we take to protect the security of your data. It also tells you about your rights and choices with respect to your personal information, and how you can contact us about our privacy practices.

PRINCIPLES

We will endeavor to handle your personal information collected by us, processed by us i.e., any data about a user who is identifiable by or in relation to such data in accordance with the principles of purpose limitation, data minimization, accuracy, storage limitation, and accountability as broadly outlined in all prominent privacy frameworks. When processing your personal information collected by us, we do so based on your consent or for the purpose of providing our application(s), managing our business operations, fulfilling contractual and legal obligations, ensuring the security of our systems and customers and their beneficiaries whose data is processed by us, and pursuing our other legitimate interests as described in this Privacy Policy.

The applications provide (i) eGovernance Services delivery intending to provide better citizen services by the government and (ii) The contents published on our applications were provided by the concerned Ministries/Departments of Government of India or allied government establishment or private entities who engage/engaged us. This information provided through these applications may not have any legal sanctity and are for general reference only, unless otherwise specified. However, every effort has been made to provide accurate and reliable information through these applications. Users are advised to verify the correctness of the facts published here from the concerned authorities. We will not be responsible for the accuracy and correctness of the contents available in these applications.

DATA SUBJECTS

You as Data Subjects in India have certain rights regarding the processing of your Personal Data. You can obtain information about the applicable rights and how to exercise them from the relevant Data Controller of your Personal Data.

Within the scope of our authorization to do so, we as Data Processor will work with our customers, the Data Controllers, to support them in providing their Data Subjects access to their Personal Data that we hold on behalf of our Data Controllers.

If you have further questions about the collection, retention and use of your Personal Data, and about your choices and rights regarding such collection, retention and use, or wish to exercise your rights under applicable law, you should contact the Data Controller of your Personal Data, as the Data Controller may be in the best position to resolve your issue. However if we directly receive any complaint, communication from you in this regard, we will forward such complaints, communications to your relevant Data Controller of that Personal Data.

We will take reasonable steps to correct, amend, or delete Personal Data that is demonstrated to be inaccurate by Data Controllers who have submitted your personal data to us for processing on their behalf for correcting, amending, or deleting Personal Data.

USER PROVIDED INFORMATION

The Applications may obtain the information you provide when you download and register the Application. When you register and use the application, you generally provide:

When you register and use the Application, you generally provide

The information you provided may be used to contact you from time to time to provide you with important information and required notices. However, please keep in mind that you may not be able to use some of the features offered by an Application unless you register.

HOW WE MAY USE THE USER INFORMATION

By entering your User Information, you accept that we may retain your Information and that it may be held by us or any entity that processes it on our behalf. We shall be entitled to use your user Information for the following non-exhaustive purposes:

THE INFORMATION WE COLLECT

Our website, applications and any other related links, do not automatically capture any specific personal information from you, (like name, phone number or e-mail address), that allows us to identify you individually. If the application, website requests you to provide personal information, you will be informed for the particular purposes for which the information is gathered and adequate security measures will be taken to protect your personal information.

We do not automatically capture any specific personal information from you, (like name, phone number or e-mail address), that allows us to identify you individually.

We make no attempt to link these addresses with the identity of individuals visiting our site unless an attempt to damage the site has been detected.

INFORMATION THAT YOU SHARE WITH OTHER USER(S) ON THE MOBILE APPLICATION:

Our mobile applications allows viewing and sharing information including through blogs, rating, comments/messages and chat etc. You should consider who you choose to share with and what you share, because people who can see your activity through our website can choose to share it with others on and off our website, including people and businesses outside the audience that you shared with. We are not responsible for any information/data, personal and/or commercial shared by you with any other user or third-party on the Mobile Application.

Usage of your Information:
AUTOMATICALLY COLLECTED INFORMATION

In addition, the Application may collect certain information automatically, including, but not limited to, the type of mobile device you use, your mobile devices unique device ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browsers you use, and information about the way you use the Application, network or Internet protocol address and type of browser you are using, the type of operating system you are using, mobile network, device identifiers, device settings, browser settings, the web pages of the Website you have visited, website visited before and after you visited our Website, the type of handheld or mobile device used to view the Website location information. When you visit the application, it may use GPS technology (or other similar technology) to determine your current location. The location information may be sent to authorities for taking necessary actions and making policy decisions. If you do not want the app to use your location for the purposes set forth above, you should turn off the location services for the mobile application located in your account settings or in your mobile phone settings and/or within the mobile application. However, if the service provided by the Application requires the location services using GPS technology, such services offered by the application will not be available for you.

We may disclose user provided and Automatically Collected Information in the following circumstances:

We do not automatically capture any specific personal information from you, (like name, phone number or e-mail address), that allows us to identify you individually. If the Portal requests you to provide personal information, you will be informed for the particular purposes for which the information is gathered and adequate security measures will be taken to protect your personal information.

We gather certain information about the User, such as Internet protocol (IP) addresses, domain name, browser type, operating system, the date and time of the visit and the pages visited. We make no attempt to link these addresses with the identity of individuals visiting our site unless an attempt to damage the site has been detected.

DATA COLLECTED AS A DATA CONTROLLER

We collect only the information needed for legitimate business purposes.

Personal data refers to information such as but not limited to Name, Age, Address, Phone number, Country of residence, Blood Group etc., that can be used to confirm the identity of individuals when being used separately or in combination with other information. Such data collected shall be collected by us directly after obtaining your consent for the same, viz., upon creating an account by you or contacting us to get support; or might be obtained by us from your interaction with our website, products or services. When permitted by law, we might also obtain related data from third-party public and commercial sources. You have the right to refuse to provide personal data. But if you refuse to provide certain personal data, you might not be able to use our products or services, or your refusal might have certain impact on your use of our products or services.

As a Data Controller, we collect data from employees, contractors, vendors, interns and customers for various reasons, such as, product demonstrations, marketing purposes or for job vacancies/ career applications or perform it’s activities and achieve the purpose of Services to the customers or for other purpose(s). However, it is clarified that as a Data Controller we do not collect any sensitive personal data.

This information would be collected by us in a number of ways through multiple channels while joining our organization and over time during our relationship with you.

DATA COLLECTED AS A DATA PROCESSOR AND PROCESSING OF PERSONAL DATA & SENSITIVE PERSONAL DATA

We act as a Data Processor with respect to any Personal Data comprised in our Customer(Data Controller) Data. By “Customer Data” we mean the content or information which our customers submit to us or personal data of beneficiaries submitted to us for processing by the Data Controller.

Depending on your use/interaction with us, we may collect/store/transfer/analyze/delete the following categories of Personal Information from you including but not limited to Name, Email ID, Phone Number, etc.

As a Data Processor, if the Data Controller collects any sensitive personal data and shares it with us for processing of the same, then it is up to the Data Controller’s discretion and they shall ensure to provide applicable safeguards in line with their privacy policy.

As far as beneficiaries are concerned we on behalf of the Data Controller process their personal data for analyzing and using this information to provide and improve the Controller’s Service. We collect information of beneficiaries for processing under the direction of our customers, i.e. your Data Controller, pursuant to the applicable data processing terms with those Data Controllers and have no direct relationship with the beneficiaries. If you are a beneficiary of one of our customers(your Data Controllers) and would no longer like to be contacted, please contact your relevant Data Controller directly.

As a Data Processor, we provide our applications and related services in order to enable our customers((your Data Controllers) on behalf of whom we are processing data, to understand how beneficiaries download, access and/or interact with our applications and related services.

STORAGE AND PROCESSING OF INFORMATION

1) Your Information will primarily be stored in electronic form.

2) We may store, collect, process, and use your data (except financial data) in countries other than the Republic of India to the extent permissible under applicable laws.

3) We may enter into agreements with third parties (in or outside of India) to store or process your information, subject to applicable law. These third parties may have their own security standards to safeguard your Information and we will, on commercially reasonable basis, require such third parties to adopt reasonable security standards to safeguard your information, as per the requirements of applicable laws.

USAGE OF PERSONAL DATA

We shall use your Personal Data to provide you a better service so as to:

SHARING AND DISCLOSING YOUR PERSONAL DATA

We do not disclose your Personal Data except where permitted or requested by our applicable customer(Data Controller), or where required by law.

We do not sell, rent, share, distribute, lease or otherwise provide your Personal Information to third parties, without your prior consent. Keeping this in mind, we will, to the extent required by law and the applicable customer contract, obtain assurances before disclosing Personal Data to a sub-processor or third-party agent that the recipient will:

Apart from this we in order to comply with our legal obligations/ court orders/ requests by Government authorities may disclose your Personal Information on a need to know basis.

INFORMATION SHARED WITH OUR DATA PROCESSORS OR DATA SUB-PROCESSORS

We may share your information with third parties for industry analysis, demographic profiling, and other similar purposes. We will not share the End User PII collected with third parties.

We may share and disclose Personal Data to the following types of third parties and for the following purposes:

INFORMATION DISCLOSED FOR OUR PROTECTION AND THE PROTECTION OF OTHERS

It is our policy to protect our Customers(your Data Controllers) or Beneficiaries from having their privacy violated through abuse of the legal systems, whether by individuals, entities or government and to contest claims that we believe to be invalid under applicable law. However, it is also our policy to cooperate with government and law enforcement officials and private parties. Accordingly, we reserve the right to disclose any information about our Customers( your Data Controllers) or Beneficiaries to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary:

ADDITIONAL DISCLOSURES

We do not sell the personal information we collect (and will not sell it without providing a right to opt out).

You have the right to request to know more details about the categories or specific pieces of personal information we collect (including how we use and disclose this information), to delete their personal information, to opt out, and to not be discriminated against for exercising these rights.

You may make a request pursuant to your rights under the applicable laws. We will verify your request and may request government identification or other information in order to do so. You can also designate an authorized agent to exercise these rights on their behalf.

ACCURACY OF INFORMATION

You shall be solely responsible for the accuracy, correctness, or truthfulness of your personal information and content shared with us whether of its of your own or of any third party and we shall not be responsible for verifying the same. The User understands and acknowledges that such personal information shall be subject to the terms and conditions of this privacy policy.

INDEMNIFICATION

You shall indemnify us and hold us harmless from and against any claims and demand, including reasonable attorneys’ fees, made by any third party due to or arising out of or relating to:

SECURITY OF YOUR PERSONAL DATA

We have established a process to proactively embed privacy at the initial planning/design stages and throughout the complete development process of new processes/ services/ technologies and/or platforms that involve processing of personal data. We have ensured that considerations have been made for technical and organizational measures to enhance privacy (e.g. optional data masking, optional data encryption, data minimization). In addition, we shall take appropriate technical and organizational measures to ensure that your personal data collected or processed is adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed. The security of your personal information is important to us and our applications and processes are designed with robust security features that provide ongoing protection for your data. Our systems are equipped with real-time checks and tests, actively identifying and preventing security threats before they can impact you.

We strive to ensure the security of your personal information and to protect your personal information against unauthorized access or unauthorized alteration, disclosure, or destruction. In furtherance of this, we adopt internal reviews of the data collection, storage and processing practices and security measures, including appropriate anonymization, encryption, and physical security measures to guard against unauthorized access to systems where we store your personal information. We have implemented appropriate administrative, physical, and technical safeguards for the security and confidentiality of your information, and use reasonable efforts to maintain physical and information security management programs to protect your information from loss, misuse, alteration, unauthorized access, and disclosure. Although we provide appropriate firewalls, encryptions, and protections, we cannot warrant the security of any Personal Information transmitted as these systems are not hack proof. Data pilferage due to unauthorized hacking, virus attacks, technical issues is possible, and we assume no liability or responsibility for it. You hereby waive and release us from any claim of damages to the extent permissible under applicable laws.

Our commitment to safeguarding your data extends to preventing unauthorized access, disclosure, modifications, or any form of destruction for all the information under our care, encompassing:

1. Data Encryption:

All information transmitted in and out of our applications is encrypted and the encryption is used throughout the application for data in motion, and data is also encrypted at rest.

2. Server Security:

Information is stored on servers with robust firewalls. Access to servers requires multiple authentications, and unauthorized access is prohibited.

3. Information Collection and Storage:

Your company regularly reviews information collection, storage, and processing practices to prevent unauthorized access. Physical security measures are implemented to safeguard systems.

4. Access Control:

Access to personal information is restricted to authorized personnel and contractors. Employees with access are bound by strict confidentiality obligations.

5. Web Application Firewall (WAF):

All traffic goes through a WAF, which checks for malicious traffic to prevent attacks.

6. User Responsibility:

Users are responsible for maintaining the security of their account login credentials. Users are advised not to share their credentials with third parties.

7. Prompt Reporting:

Users are encouraged to report any suspected compromise of their account credentials promptly.

8. Liability Disclaimer:

While you strive to implement security measures, you acknowledge that data transmission over the internet carries inherent risks, and you assume no liability for potential breaches due to these risks.

We will take all reasonable efforts to ensure the confidentiality of personal data, uploaded information etc. and will take reasonable efforts to ensure that the information received from you is not misused. While we will take the above reasonable measures to guard against misuse of personal data/information submitted to it by you, we cannot guarantee that someone will not overcome our security measures, including, without limitation, the security measures implemented on our mobile application or website. Therefore, your posting of personal data/ information on our mobile application or web site constitutes your acceptance of this risk, and by posting of personal data/information, you waive any right to seek legal relief from this website due to any misuse of your information.

We shall not be responsible for any illicit, immoral, illegal and/or malicious content exchanged between one or more users and the knowledge of the same shall give our website/Mobile application Administrator the right to block and report such a User.

The administrator and managers shall not be responsible for any information/content being disseminated through live streaming/ broadcasting by a third party. In the event a user finds such content to be illegal, immoral, illicit, immoral and/or incorrect by nature of determined facts, such user may inform the website administrator to report the content.

DATA RETENTION AND ERASURE

We retain User Information while a User’s account is active on its Application and for a reasonable period of time afterwards which allows us to meet legal, compliance and business requirements pursuant to this Privacy Policy depending on the nature of application and thereafter may store it in aggregate. Please note that some or all of the User Provided Data may be required in order for the Application to function properly.

We may alter this practice according to legal and business requirements, and to fulfill the purposes described in this Privacy Policy. For example, it may lengthen the retention period for some data if needed to comply with applicable law or voluntary codes of conduct. Unless otherwise prohibited, it may shorten the retention period for some types of data if needed to free up storage space.

When we no longer need to use a User’s Information and there is no need for us to retain the Information for the abovementioned compliances, we either remove it from our systems or depersonalize it so that we cannot identify such User.

If you no longer want us to use your Personal Information to provide services/ access to the Application to you, you can request that we erase Your Personal Information and close your account. Provided, however, any requests for erasure will be acted upon in accordance with applicable law and may adversely impact the Company’s ability to provide Services to you.

You hereby agree and acknowledge that a mere request for erasure does not guarantee an erasure of Personal Information and all such requests will be acted upon in accordance with applicable law alone.

We may retain some of Your Personal Information as necessary for protecting our legitimate business interests, such as fraud detection and prevention and enhancing safety. For example, if we suspend an account for fraud or safety reasons, we may retain certain information from that account to prevent that User from opening a new account in the future.

Some copies of Your Information (e.g., log records) may remain in our database, but are disassociated from personal identifiers.

We maintain the Application to protect you from accidental or malicious loss and destruction, and residual copies of Your Personal Information may not be removed from our backup systems for a limited period of time.

We will not be required to delete any information which has been de-identified or disassociated with personal identifiers such that it can no longer be used to reasonably identify a particular individual.

Company will not be able to provide You with the Services (or any part thereof) and You should cease and desist from using the Services.

TRANSFER OF PERSONAL DATA

We will not transfer your personal information to any other company, organization or individual except for the following circumstances: transferring with your explicit consent: After obtaining your explicit consent, we may transfer your personal information to other parties;

In case of mergers, acquisitions or liquidation, if the transfer of personal information is involved, we will ask the new company or organization holding your personal information to continue to be bound by this privacy policy, or we will ask the said company or organization to seek your consent again.

ACCESS AND CORRECTION

To the extent feasible and subject to applicable laws we shall provide you access to the information that we hold about you as well as facilitate any correction and updation of information. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise other rights you may have under applicable law). This is a security measure to ensure that personal data is not disclosed to any person who does not have a right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. We use best efforts to respond to legitimate requests within a reasonable timeframe.

If you wish to opt-out from receiving any type of communications, you may turn them off in our apps, respective device’s settings at any time by changing the notification settings on your device.

MISUSE BY NON TARGETED USERS

All mobile apps are meant for use by the targeted audience only. Misuse by non-targeted users should be prevented by owner of the mobile.

Cookies and Web Becons :

You should be aware that information and data may be automatically collected through the Use of Cookies or web beacons or similar tracking technologies. "Cookies" are text files placed in your computer browser that store basic information that a Website can use to recognise repeat site visits and as an example, recall Your name if this has been previously supplied. We may use this to understand Your service and internet usage, observe behaviour and compile aggregate data in order to improve or customize our products, services offerings or the Website, target the advertising and assess general effectiveness of such advertising. Cookies do not attach to Your system and damage Your files. If You do not want information collected through the Use of Cookies, there is a simple procedure in most browsers that allows You to deny or accept the Cookie feature. Note, however, that "personalised" services may be affected if the cookie option is disabled.

For example, We may use Cookies to personalize Your experience at our Services (e.g., to recognize You by name when You return to Our Website), save your password in password-protected areas. We also may use Cookies or other tracking technologies to help Us offer You products, offerings or services that may be of interest to You when You visit this Website. We or a third party platform with whom We work may place or recognize a unique cookie on your browser to enable You to receive customized offers, services on this Website. These Cookies contain no information intended to identify You personally. The Cookies may be associated with de-identified demographic or other data linked to or derived from data You voluntarily have submitted to Us (e.g., your email address) that we may share with a service provider solely in hashed, non-human readable form.

We and our Partners may also use "web beacons" or clear GIFs, or similar technologies, which are small pieces of code placed on Our Website or in an email, to monitor the behaviour and collect data about the visitors viewing Our Website or email. For example, web beacons may be used to count the users who visit a web page or to deliver a cookie to the browser of a visitor viewing that Website. Web beacons may also be used to provide information on the effectiveness of our email campaigns (e.g., open rates, clicks, forwards, etc.).

GOVERNING LAW AND JURISDICTION

This Privacy Policy is governed by and operated in accordance with the laws of India. If any of the parties wish to seek legal recourse, they may do so by using the courts of law in New Delhi.

UPDATES

We reserve the right to amend or modify this Privacy Policy at any time, as and when the need arises. We request you to visit our website www.rnitss.com periodically for contemporary information and changes. We will notify you of any changes to our Privacy Policy by posting the new Privacy Policy here. You are advised to consult this Privacy Policy regularly for any changes to be informed of how we are committed to protecting your information and providing you with improved content, as continued use is deemed approval of all changes.

YOUR CONSENT

By using the Application, you are consenting to our processing of your information uploaded; as set forth in this Privacy Policy now and as amended by us.

ACCEPTANCE OF THE POLICY:

By visiting our website, mobile application signing up or logging into the application, uploading information on our website, mobile application; you acknowledge and unconditionally accept this Privacy Policy. If you do not agree with this Policy, do not use our mobile application(s) and services or provide here any of your personal data.

CONTACT US

If you have any questions regarding privacy while using the Application, or have questions about our privacy practices or in case of any feedback or concern regarding protection of your personal information , please contact us via email at grievances@rnitss.com. Also you can contact us at our above said e-mail address for any responsible disclosure of a security vulnerability in our website, mobile application or our services.