Foreword

We at BANDURA TECH PRIVATE LIMITED are committed to protecting the information that you share with us and explaining how we collect, process, and share that information online. When you use our services, you’re trusting us with your information. We understand this is a big responsibility and work hard to protect your information and keep it secure.

We provide you with insight into the privacy practices employed here at BANDURA TECH PRIVATE LIMITED.

Background

This Policy provides an overview of how BANDURA TECH PRIVATE LIMITED’s information of “data subjects” (hereinafter referred to as “You or your”) personal data is collected, handled, and protected. In this policy, “we”, “us” and “our” may refer to BANDURA TECH PRIVATE LIMITED. or its subsidiaries and affiliates.

Services Provided by BANDURA TECH PRIVATE LIMITED

BANDURA TECH PRIVATE LIMITED platform is designed to help you consistently with our services. We offer the capacity to provide a platform for all the services required by small and medium enterprises, providing an end-to-end solution enabling businesses.

What data do we collect?

Our Company collects the following data:

• Personal identification information (First Name, Last Name, email address and profile picture which is optional)

• Any other type of personal data collected from auditors for auditing purposes will be obtained with the individual’s consent.

How do we collect your data?

You or your employer directly provide BANDURA TECH PRIVATE LIMITED with the data we intend to collect. We collect data and process data when you:

• Signup using your organisation's integrated Single Sign On (SSO) or using our Signup process with your registered organisation's email address.

Our Company may also receive your data indirectly from the following sources:

• None

How will we use your data?

Our Company collects your data so that we can:

• Provide your service, and manage your account to provide the service.

• Email you with real-time alerts of your organization.

If you agree, BANDURA TECH PRIVATE LIMITED will share your data with our partners who are also an essential part of the service we intend to provide.

How do we store your data? (If you are located in the EU)

BANDURA TECH PRIVATE LIMITED securely stores your data at a Secure storage location in Europe. BANDURA TECH PRIVATE LIMITED will keep your PII data for as long as our service is availed. Once this period has expired, we will delete your data by scrubbing off all PII within a month of Service Termination.

How do we store your data? (If you are located outside the EU)

BANDURA TECH PRIVATE LIMITED securely stores your data at a Secure storage location in India.

Marketing

BANDURA TECH PRIVATE LIMITED would not use your name and or your organisation registered email address for marketing purposes without your consent and approval.

BANDURA TECH PRIVATE LIMITED would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

The right to access – You have the right to request BANDURA TECH PRIVATE LIMITED for copies of your personal data.

The right to rectification – You have the right to request that BANDURA TECH PRIVATE LIMITED correct any information you believe is inaccurate. You also have the right to request BANDURA TECH PRIVATE LIMITED to complete information you believe is incomplete.

The right to erasure – You have the right to request that BANDURA TECH PRIVATE LIMITED erase your personal data, under certain conditions.

The right to restrict processing – You have the right to request that BANDURA TECH PRIVATE LIMITED restrict the processing of your personal data, under certain conditions.

The right to object to processing – You have the right to object to BANDURA TECH PRIVATE LIMITED’s processing of your personal data, under certain conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact our Chief Technology Officer or

Email us at: support@bhyve.io

Call us: +919930308115

Chief Technology Officer(DPO) and their responsibilities:

DPO Contact Info

• Name: Vihang Mirkhelkar

• Email us at: vihang@bhyve.io

• Call us: +9493211010

DPO Roles and Responsibilities:

• Create, implement, and supervise the organization's privacy policies and processes, ensuring compliance with applicable data protection regulations.

• Ensure compliance with data protection laws and regulations.

• Act as the organization's primary point of contact for personal data processing issues.

• To ensure that the various audits are performed within the required time range.

• Conduct frequent audits to monitor data processing processes, identify risks, and conduct Data Protection Impact Assessments (DPIAs) to evaluate and reduce data protection risks.

• To ensure that the records of processing activities (RoPA) are completed whenever the organization collects and processes personal data.

• To inform and advise the organization and its personnel who process personal data on their obligations under the GDPR or local data protection regulations.

• Educate and train employees on data protection policies and practices, fostering a culture of awareness and compliance within the organization.

• DPO conducts risk assessments related to data processing activities and factors such as the nature, scope, circumstances, and purposes.

• To provide quick responses to individuals whose data is processed (workers, clients, or any other data subject) on any problems concerning the processing of their personal data and the exercise of their rights as outlined in the Regulation.

Data Breach Procedure and Reporting Time Period:

• In the event of a data breach, we follow a stringent procedure to mitigate and address the incident promptly.
• Our response includes:
  • Identifying the breach
  • Containing its impact
  • Assessing affected data
  • Notifying relevant authorities
  • Communicating transparently with affected individuals
• We conduct thorough investigations to understand the extent of the breach and implement corrective measures to prevent recurrence.
• Any detected data breach will be reported to relevant authorities and affected individuals within 72 hours of its identification, in compliance with applicable data protection regulations.

Consent Management

• Obtaining Consent:

• Our privacy policy details transparently the purposes of data processing, the affirmative actions required for consent, and the granularity of choices, ensuring individuals have clear control over their data.

• Modification of Consent:

• Users can conveniently modify consent preferences through accessible settings, with notifications for changes, and comprehensive documentation maintained for all modifications.

• Withdrawal of Consent:

• Clear instructions on withdrawing consent are provided in our privacy policy, ensuring no negative consequences, and a detailed record-keeping process is outlined for transparency and compliance.

What are cookies?

Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our websites, we may collect information from you automatically through cookies or similar technology. For further information, visit the cookie link (wiki).

How do we use cookies?

Our Company does not use cookies. We only use a session tokens that is to

• Keeping you signed in to our application

Privacy policies of other websites

BANDURA TECH PRIVATE LIMITED website may contain links to other websites. Our privacy policy applies only to our website, so if you click on a link to another website, you should read their privacy policy.

Changes to our privacy policy

Our Company keeps its privacy policy under regular review and places any updates on this web page. This privacy policy was last updated on 29-08-2024.

How to contact us?

If you have any questions about BANDURA TECH PRIVATE LIMITED's privacy policy or the data we hold on you or if you would like to exercise one of your data protection rights, please do not hesitate to contact us.

Email us at: support@bhyve.io

Call us: +919930308115

How to contact the appropriate authority?

Should you wish to report a complaint or if you feel that Our Company has not addressed your concern satisfactorily, you may contact the Information Commissioner's Office.

ENFORCEMENT

We expect all employees to comply with this policy and any related policies, standards, processes, procedures, and guidelines. Failure and/or refusal to abide by this policy may be deemed a violation. Compliance with the policies will be a matter of periodic review by the Chief Technology Officer / Information Security Team. Any employee found to have violated this policy may be subject to disciplinary action, as deemed appropriate by management and Human Resources policies.

• Monitoring: The company employs appropriate technology solutions to monitor policy/ procedure compliance.

• Self-Assessment: The CEO/CTO are required to conduct self-assessment within their areas of control to verify compliance with this policy/ procedure.

SPECIAL CIRCUMSTANCES AND EXCEPTIONS

All exceptions to this policy/ procedure will require a waiver explicitly approved by one of BANDURA TECH PRIVATE LIMITED's CEO/CTO.