Privacy Policy

1. Overview:

We at Dr CBS Cyber Security Services LLP, Jaipur value your trust and respect your privacy. Your privacy is our priority. This Privacy Policy provides you details about the manner in which your data is collected, received possessed, stored, deal and handled by us. You are advised to read this Privacy Policy carefully. you expressly use & disclose your personal information in accordance with this Privacy policy.

2. Purpose:


The purpose of this privacy policy is to ensure the reasonable security practices and procedures to information collected, received, possessed, stored, deal and handled through any of services of Dr CBS Cyber Security Services i.e. Information Technology Security Audit, Prevention of Cyber Crime through Awareness, Training of Cyber Crime Investigation and Secure Software Development and make users aware about it. The policy should maintain the adequate security of the confidentiality, integrity and availability of organization’s information.

3. Scope:


This policy covers safe use of sensitive information (passwords, financial information such as bank account, biometric information, IT security audit information & outcomes, cyber crime issues shared by people to us, employees information etc.) collected, received, possessed, stored, deal and handled by Dr CBS Cyber Security Services and applies to all employees, vendors, clients and stakeholders operating and using computer, computer system & computer resources on behalf of the organization..

4. Policy:


i). Personal sensitive information for us :
       a. Passwords and other credentials like license keys of software.
       b. Financial information like bank account number, credit debit card no. or other payment instrument details.
       c. Biometric information
   d. IT security audit information (like IT infrastructure details, audit outcomes, reports and other business            information) of auditee organization.
   e. Personal information (like name, parents name, address, email, mobile no., chats, snapshots and other            evidences) shared by people on official mail of organization or written documents to get help in case of cyber            emergency.
     f. Personal details like name, parents name, mobile no., email, address etc. of participants collected in training             and awareness programs and
       g. Any other business communication and information through mail and other communication medium.

ii.) The purpose of collect, receive possess, store, deal and handle the personal sensitive data or information of       any person, stakeholders or organization is for following organization’s services:
       a. Information Technology (IT) Audit
       b. Cybercrime Prevention Through Awareness
       c. Training Regarding Investigation of Cyber Crimes
       d. Secure Software Development

iii.) We may retain your personal sensitive Information as long as there is a business requirement, or if       otherwise required under applicable lawful contract.

iv.) We at Dr CBS Cyber Security Services do not sell & share your Personal sensitive Information with any of       third parties without seeking your prior permission.

v.) Disclosure: When required, Dr CBS Cyber Security Services may disclose Personal sensitive Information to     external law enforcement bodies or regulatory authorities, in order to comply with legal obligations. For it,     law enforcement bodies or regulatory authorities shall send a request in writing to Dr CBS Cyber Security     Services LLP, stating clearly the purpose of seeking such information. The agency shall also state that the     information so obtained shall not be published or shared with any other person.

vi.) We adopt appropriate and reasonable security practices and procedures that include administrative,      physical security and technical controls in order to safeguard your personal sensitive Information as per     guidelines and various security controls enumerated in different Information Security Management         Standards (ISMS).

vii.) We maintain non disclosure agreements (NDA) from employee to maintain confidentiality, integrity and        availability of sensitive information of our stakeholders.

viii.) Dr CBS Cyber Security Services may change and review periodically or when the need arises, and the same        will be made available on the website (www.drcbscyber.com). But our commitment to protect the privacy of         stakeholders will continue to remain.

5. Policy Compliance:
       i.) Compliance Measurement:
            The management will verify compliance to this policy through various methods.
       ii.) Non-Compliance:
            An employee found to have violated this policy may be subject to stricted disciplinary action.


Reference:
       (1) ISO 27001:2013: Cl.5.2, Cl.7.4
            ISO 27001:2013; A.8.2, A.13.2.1, A.13.2.2, A.13.2.4, A.18.1.1, A.18.2.1, A.18.2.2
       (2) Information Technology (I.T. Act) Security Guidelines: 2.a, 3, 5.2, 5.3, 7
       (3) The Information technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011, IT Act            2000
       (4) Cyber security Framework: RS.CO
       (5) COBIT 5: PO6.5
       (6) ITIL (As per ISO 27001 standards)

Requirements:-
       (1) ISO 27001:2013:Cl.5.2, A.18.2.1, A.18.2.2, Sch. II.2. IT Act, Policy should be documented, reviewed, communicated and available to all employees              and interested parties.
       (2) The Information technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011, IT Act 2000,             collect, receive possess, store, deal and handle private sensitive information and reasonable security practices to it.
       (3) Information Technology (I.T. Act) Security Guidelines: Security and Control to sensitive information
       (4) The Information technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011, IT Act 2000:             Disclosure of sensitive information to law enforcement agencies and government agencies, ISO 27001:2013: A.18.1.1




In Case of Any Cyber Emergency !

Your privacy is our priority. If you are the victim of any kind of cybercrime or part of it then feel free to discuss it with us at help@drcbscyber.com or call us on +91 8829 077 770 . Our team is ready to help you 24*7.

Organisation

Get In Touch

  •  contact@drcbscyber.com
  • +91 141 222 9475
  • +91 9887 533 721