Nviron Consulting Pvt. Ltd. needs to gather and use certain information about individuals. These can include clients, suppliers, business contacts, employees and other people, the organisation has a relationship with or may need to contact. This policy describes how this personal data must be collected, handled and stored to meet the companyu2019s data protection standards u2014 and to comply with the law.
This data protection policy ensures that Nviron Consulting Pvt. Ltd.:
- Complies with data protection law and follows good practice
- Protects the rights of staff, customers and partners
- Protects the rights of staff, customers and partners
- Protects itself from the risks of a data breach
Our Commitments:
- The data must be processed fairly and lawfully.
- The data must be obtained only for specific, lawful purposes. It can be processed only for the purpose that was defined, before the data was collected. Subsequent changes to the purpose are only possible to a limited extent and require substantiation.
- The data must be adequate, relevant and not excessive. Before processing data, it must be determined, whether and to what extent, in proportion to the expenses involved, is the processing of data necessary in order to achieve the purpose for which it is undertaken.
- The data must be accurate and kept up to date. Suitable steps must be taken to ensure that inaccurate or incomplete data are deleted, corrected, supplemented or updated.
- The data must be processed in accordance with the rights of data subjects. The data subject must be informed of how his/her data is being handled. In general, personal data must be collected directly from the individual concerned. When the data is collected, the data subject must either be aware of, or informed of:
- The identity of the Data Controller
- The purpose of data processing
- Third parties or categories of third parties to whom the data might be transmitted
- The data must be protected in appropriate ways. i.e. be treated as confidential on a personal level and secured with suitable organizational and technical measures to prevent unauthorized access, illegal processing or distribution, as well as accidental loss, modification or destruction.
