POLICY ON SENSITIVE INFORMATION PROTECTION POLICY
Overview
The "Herboking wellness Pvt Ltd" acknowledges the importance of protecting the sensitive information of its consumers, employees, C&F, and direct sellers. Therefore, the company has implemented this policy to ensure the protection of confidential data provided by the concerned parties.
Applicability
This policy applies to all sensitive personal data and information provided by the concerned persons and shall be called the "Information Technology (Reasonable security practices which must be followed on for protecting the sensitive personal data and information)".
Objective
The objective of this policy is to protect the personal information, data, and other sensitive information that relates directly or indirectly to the concerned person.
Applicable laws
This policy is in accordance with the Consumer Protection (Direct Selling) Rules, 2021, Consumer Protection Act, 2019, Consumer Protection (E-Commerce) Rules, 2020, and Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011.
Definitions
- (a) "Act" means the Information Technology Act, 2000 (21 of 2000);
- (b) “Company” means Herboking Wellness Pvt Ltd;
- (c) “Concerned person” means Direct sellers, customers, C&F, and employees of the Company;
- (d) "Cyber incidents" means any real or suspected adverse event in relation to cyber security that violates an explicitly or implicitly applicable security policy resulting in unauthorized access, denial of service or disruption, unauthorized use of a computer resource for processing or storage of information or changes to data, information without authorization;
- (e) "Data" means representation of information, knowledge, facts, concepts, or instructions that are being prepared or have been prepared in a formalized manner and is intended to be processed, is being processed or has been processed in a computer system or computer network and may be in any form or stored internally in the memory of the computer;
- (f) "Information” includes data, message, text, images, sound, voice, codes, computer programs, software and databases, microfilm, or computer-generated microfiche;
- (g) "Intermediary with respect to any particular electronic records means any person who, on behalf of another person, receives, stores, or transmits that record or provides any service with respect to that record and includes telecom service providers, network service providers, internet service providers, web- hosting service providers, search engines, online payment sites, online-auction sites, online-market places and cyber cafes;
- (h) "Password" means a secret word or phrase or code or passphrase or secret key, or encryption or decryption keys that one uses to gain admittance or access to information;
- (i) "Personal information" means any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available with a Company, is capable of identifying such person.
Sensitive personal data and information
Sensitive personal data and information of a person means such personal information that consists of information relating to:
- (i) Password;
- (ii) Financial information such as Bank account or credit card or debit card or other payment instrument details;
- (iii) Physical, physiological, and mental health condition
- (iv) Sexual orientation;
- (v) Medical records and history;
- (vi) Any detail relating to the above clauses as provided to Company for providing service; and
- (vii) Any of the information received under the above clauses by Company for processing, stored, or processed under lawful contract or otherwise.
Copyright
All material in this policy is the property of "Herboking wellness Pvt Ltd." Any reproduction or publication thereof in any form or by any means whether electronic, mechanical, photocopying, cyclostyle, recording or usage in any manner
