Privacy Policy

Job offer letters also serve as the legal basis for employment. Before you send the job offer letter to the chosen candidate, make sure that you can stand behind its contents. Check with colleagues or consult a lawyer if you have questions. The letter is, after all, legally binding.

GET FREE CONSUTATION

What is Privacy Policy?

A privacy policy is a statement or a legal document (in privacy law) that discloses some or all of the ways a party gathers, uses, discloses, and manages a customer or client’s data. It fulfills a legal requirement to protect a customer or client’s privacy. Personal information can be anything that can be used to identify an individual, not limited to the person’s name, address, date of birth, marital status, contact information, ID issue and expiry date, financial records, credit information, medical history, where one travels, and intentions to acquire goods and services.

Applicable law India

The Information Technology (Amendment) Act, 2008, made significant changes to the Information Technology Act, 2000, introducing Section 43A. This section provides compensation in the case where a body corporate that possesses, deals with, or handles any sensitive personal data or information in a computer resource that it owns, controls, or operates, is negligent in implementing and maintaining reasonable security practices and procedures, and thereby causes wrongful loss or wrongful gain to any person.

In 2011, the Government of India prescribed the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, by publishing them in the Official Gazette. These rules require a body corporate to provide a privacy policy for handling or dealing with personal information, including sensitive personal data or information. Such a privacy policy should consist of the following information in accordance with the rules:

  • Clear and easily accessible statements of its practices and policies.
  • Personal or sensitive personal data or information is collected.
  • Purpose of collection and usage of such information.
  • Disclosure of information, including sensitive personal data or information.
  • Reasonable security practices and procedures.

The privacy policy should be published on the body corporate’s website and made available for viewing by providers of information who have provided personal information under a lawful contract.

GET FREE CONSUTATION