Privacy Policy
Effective starting: July 1, 2016
This legal document is an electronic record in terms of Information Technology Act, 2000, and rules there under as applicable and the amended provisions pertaining to electronic records in various statutes as amended by the Information Technology Act, 2000. This electronic record is generated by a computer system and does not require any physical or digital signatures.
This legal document is published in accordance with the provisions of Rule 4 of the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 of Information Technology Act, 2000 amended through Information Technology Amendment Act, 2008 that require publishing the privacy policy for access or usage of www.edusec.org (“EduSec” or “website”) .
This privacy policy applies to all users of website.
By using this website, or completing the contact registration process, you agree and acknowledge that you have carefully read this privacy policy and accepted this agreement.
References in these Terms to "we" or "us" or “website” or “company” or “EduSec” are references to www.edusec.org and “you” as subscriber/user of a website.
PRIVACY PREAMBLE
While providing information for various web development services, the issue of online privacy is extremely crucial for Rudra Softech which is committed for safeguarding the information provided by its users. We are dedicated to create a reasonably secured environment for our users.
Respecting privacy of its online users while providing top-of-the-line services have remained the core strategies for Rudra Softech. Our Privacy Policy gives users a view of the Privacy Practices followed by us and assures them of safe passage through the website.
At the same time, we would like to make it clear that our website may provide links to other web sites/apps that are governed by their own Privacy Policies and we do not take responsibility for the security and privacy provided by these sites/apps. This may include but not limited to payment gateway sites. Users are urged to familiarize themselves with its Privacy Policy as well the policies of the third party sites/apps that collect personally identifiable information.
When you provide us with your personal data, you are agreeing to the rules and regulations stipulated under our Privacy Policy and are bound by it. If you do not agree to our Policy then please do not use our website.
THE PRIVACY POLICY SHALL BE GOVERNED IN 4 FOLLOWING AREAS:
- Online processes & type of information collected through our website
- Use and Disclosure of personal information
- Choice or Opt out
- Security Practices
1. Online Processes & type of information collected through the website
-
Online Processes
User visiting our website may go through following processes:
- User access to SaaS (Software as a Service) Based Software
- User access to online materials
- Get in touch process or contact us process
- Payment through payment gateway
-
Personal Information
You are requested to provide some personally identifiable information (listed in Annexure-A & which may increase from time to time) during execution of above processes which becomes the property of our website and can be shared, disclosed or distributed to third parties only in accordance with this Privacy Policy.
2. Use and Disclosure of personal information
We will not sell or rent or publish such personally identifiable information collected. You hereby agree and acknowledge that all personally identifiable information is supplied by you voluntarily for some of the following purposes:
-
E-mail/chat information:
You agree and acknowledge that when we receive e-mails/chat messages from you, we may retain the content of any e-mail/chat messages sent to us, as well as details of your e-mail address. You further agree and acknowledge that we shall use your email id and mobile number information for sending promotional/informational messages. -
Data for analytics:
We collect small amounts of information/data contained in your device for data analytics. Data analytics help us track your navigation so that we can tailor our offerings to your specific needs. Therefore, you agree and acknowledge that you have given us permission to access below given data in addition to list of information annexed in Annexure-A. The kind of information that may be stored on our data analytics includes registration data so that a user does not need to re-enter the information every time he/she visits a particular area, user IP address, user ISP details, user browser, devices OS details. Also, we use google analytics services for more detailed analytics purposes. You allow us, agree and acknowledge for aforesaid data gathering and analytics so as that we may give you personalized offerings to your specific needs.
3. Choice/Opt-out
Once you are registered at the our site, you will have the option at any stage to inform us that you no longer wish to receive future services, e-mails and you may “unsubscribe” by sending unsubscribe request on info@rudrasoftech.com
Further, as per Rule 5(7) of the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 of Information Technology Act, 2000 amended through Information Technology Amendment Act, 2008, you have an option to withdraw your consent for use of your sensitive personal data given earlier to us. Such withdrawal of consent shall be sent in writing to our registered address.
4. Reasonable Security Practices As per I.T.Act, 2000 and its Rules
We have implemented reasonable security practices as per Rule 8 of the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 of Information Technology Act, 2000 amended through Information Technology Amendment Act, 2008.
We have implemented stringent, internationally acceptable standards of technology, managerial security, technical security, operational security and physical security in order to protect your personally identifiable information from loss, misuse, disclosure, alteration or destruction. The data resides behind a firewall, with access restricted to our authorized personnels only.
We have implemented “Reasonable Security Practices & Procedures” as required by the Information Technology Act, 2000 rules including any amendment in the said Act and its rules. By complying with such provisions, We assure you proper care and control over our I.T. and Security operations as required under relevant sections mainly section 43, 43A, 45, 66,72A & 85 of I.T.Act, 2000 and I.T.A.A, 2008 including related rules and therefore you agree that in any case we shall not be held responsible for any uncontrollable fraudulent/criminal activity with regards to your sensitive personal information stored in our website.
By using this website you agree that we shall not be held responsible for any uncontrollable security attacks and in such cases you agree that we shall not be held responsible for any type of financial losses, loss of opportunity, legal cost, attorney’s fees, business losses, reputation loss, direct and indirect losses that may occur to you as per the Provisions of Section 43, 43A and 45 of Information Technology Act, 2000 including any amendments in the said Act and any other laws of India for the time being in force.
You further agree that our management shall not be held responsible directly or indirectly for any cyber crime related criminal liabilities under I.T.Act,2000 relating to your information as you have agreed and acknowledged with our privacy policy which proves that our management complies with due diligence (care & controls) requirements of I.T.Act,2000 including its rules and amendments.
Our reasonable security controls, practices & procedures include but not limited to following:- Protect against unauthorized access.
- Authorization using Role-Based Access Control (RBAC).
- Protect against SQL injections.
- Provide secure connection via TLS.
- Protect against file exposure.
- Protect against cross site scripting (XSS) attacks.
- Preventing Cross-Site Request Forgery (CSRF) Vulnerabilities.
- User passwords stored in hash string (not in plain text). It’s protect against brute force attacks using bcrypt with crypt algorithm.
- SSL Secured
- Secured cloud platform as mentioned on the link https://aws.amazon.com/security
- Cyber Law & Security Awareness for our team
Further, you also agree and acknowledge that our management shall never be held responsible regarding privacy of your sensitive personal data in case of sharing your sensitive personal data to any authorized cyber investigation agency of appropriate government authorities as required under sections 67C, 69, 69A, 69B, 70B, 79 and 80 of I.T.Act,2000 including its amendments and rules.
Grievance RedressalIf you have any questions or grievances regarding the privacy statement, practices of the site, or any other transaction issue, please contact our grievance officer Mr. GirishKumar Prajapati on info@rudrasoftech.com
We have appointed our grievance officer as per Rule 5 (9) of the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 of Information Technology Act, 2000 amended through Information Technology Amendment Act, 2008 and you can contact him on above given email id.
Applicable Laws & JurisdictionYou agree and acknowledge that this privacy policy agreement shall be governed by Laws of India without any conflict of laws. Further, you agree and acknowledge that Indian courts located in city of Ahmedabad , State of Gujarat shall have jurisdiction for any matters relating to this privacy policy. If you don’t agree then you shall not use this website.
Annexure-A List of Information-
Student User
-
Personal Information :
name, email id/login id, phone numbers, gender, date of birth, nationality, religion, blood group, know languages, birthplace, profile image, user password, mobile device type (IOS, Android, etc for mobile app), admission category
-
Address (Current & Permanent) :
address line, city, state, country, house no, pincode, phone no
-
Academic Details :
general registration no (Gr.No), course, admission year, graduate year, graduate month, academic year, batch && section, admission date, any remarks
-
Guardian Information :
name, email/login id, phone number, mobile no, relation, income, qualification, occupation, home Address and office address
-
Document :
upload all file/document based on category (that category created by authorized user of institute)
-
Personal Information :
-
Employee User
-
Personal Information :
name, email/login id, mobile/phone number, gender, date of birth, profile image, password, mobile device type (IOS, Android, etc for mobile app), name alias, joining date, birthplace, department, designation, category, total experience, blood group, marital status, nationality, religion
-
Address (Current & Permanent) :
address line, city, state, country, house no, pincode, phone no
-
Guardian Information :
name, email/login id, phone number, mobile no, relation, income, qualification, occupation, home Address and office address
-
Some other Information :
attendance card ID, bank account no, mother name, specialization, reference name, languages, hobbies, qualification
-
Document :
upload all file/document based on category (that category created by authorized user of institute)
-
Leave related information :
number of days, start date && enddate, leave type
-
Salary related information
salary amount, working days
-
Personal Information :
-
Visitor/Non-personal identification information :
IP Address (Internet Protocol address), browser type, browser language, referring URL, files accessed, errors report, time zone, operating system and other visitor details collected in our log files for error handling.
-
Financial/Fees Related Information :
Amount of fees, Cheque No, Cheque Date, Bank Name, Bank Branch, Card Number, store banks list with name and alias., fees category
-
Store Google & Facebook authentication information for individual user :
Some Personal Information like name, email address etc.
-
System Setting :
-
Store Some Sensitive Information for sending mail into system :
username/email address, mail server hostname, mail server password, encryption type (TLS/SSL), port number, from email, from name.
-
Store Some Sensitive Information for Google SSO (single sign on) :
google client id, google client secret
-
Store Some Sensitive Information for Facebook SSO (single sign on) :
facebook client id, facebook client secret
-
Store Some Sensitive Information for Sending SMS :
SMS API with sensitive data like username, password, auth/access key, etc…
-
Store Some General Setting Info :
timezone, date format, time format, datetime format,
-
Notification Setting :
Store category wise notification template for SMS, EMAIl, Web/Mobile alert.
-
Store Some Sensitive Information for sending mail into system :