INDIA presently does not have any express legislation governing data protection or privacy. However, our country data protection laws are mainly collectively deal by the Information Technology Act 2000, Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011 and the Indian Contract Act 1872. Hence, we are bound by the above mention laws and rules.
Under Section 43A of the Information Technology Act 2000 - Where a body corporate who is Possessing, Dealing or Handling any sensitive personal data or information, and is negligent in implementing and maintaining reasonable security practices resulting in wrongful loss or wrongful gain to any person, then such body corporate may be held liable to pay damages to the person affected.
Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011 deals with protection of “ Sensitive Personal Data or Information of a Person ", which includes such personal information which consists of information relating to: -
The Rules provide the reasonable security practices and procedures, which the body corporate or any person who on behalf of body corporate Collects, Receives, Possess, Store, Deals or Handle information require to follow while dealing with “Personal sensitive data or information". In case of any breach, the body corporate or any other person acting on behalf of body corporate, the body corporate may be held liable to pay damages to the person affected.
*Personal Data Protection Bill 2019 (PDP Bill) has also been introduce in the Parliament on 12th December 2019 and yet to passed in 2020 Parliament Session. Once it is passed in the Parliament, we will also comply with the above mention law.
MAYOL understands your desire to protect your personal information. MAYOL intend to inform you how your personal information will be gathered, tracked or used, and to give you choices. If choices are not offered on MAYOL where your personal information is obtained, please select one of the communication channels to indicate your communication preferences.
We may collect the following types of personal information:
We request personal information when you create an account. If you request technical support online, we will ask you for information necessary to complete the process such as your name, address and information about your device hardware, software and the nature of the problem you are experiencing. You make the decision whether to proceed with any activity that requests personal information. If you do not wish to provide the requested information, however, you may not be able to complete the technical issue.
MAYOL will disclose your personal information, without notice, only if required to do so by law or in the good faith belief that such action is necessary to:
Under Section 69 of the Information Technology Act 2000, any person, authorized by the Government or any of its officer specially authorized by the Government, if satisfied that it is necessary or expedient so to do in the interest of sovereignty or integrity of India, defence of India, security of the State, friendly relations with foreign States or public order or for preventing incitement to the commission of any cognizable offence relating to above or for investigation of any offence, for reasons to be recorded in writing, by order, can direct any agency of the Government to intercept, monitor or decrypt or cause to be intercepted or monitored or decrypted any information generated, transmitted, received or stored in any computer resource.
It is in order to includes both the interception and monitoring along with decryption for the purpose of investigation of Cyber - Crimes. (The Government has also notified the Information Technology Procedures and Safeguards for Interception, Monitoring and Decryption of Information Rules 2009 under the above section).
We will store your personal data till we provide our services to you. It is in order to the extent that it may be required by any law applicable to our business or for compliance and risk management purposes. We will delete your personal data when it is no longer necessary or required to be kept. We do not store images or videos of your face for any period of time, this information is processed locally on your own device and is not retained by us.
We may hold your personal information in either electronic or hard copy form. We take reasonable steps to protect your personal information from misuse, interference and loss, as well as unauthorized access, modification or disclosure and we use a number of physical, administrative, personnel and technical measures to protect your personal information.
If you think we have breached any Laws or Act or you wish to make a complaint about the way we handle your personal information, you can contact us at our contact information given in the or through our email address firstname.lastname@example.org. Please include your complete personal details and clearly describe your complaint while making the complaint. We will acknowledge your complaint and respond to you regarding your complaint within the time required by law or otherwise within a reasonable period of time, say 30 days. If you think that we have failed to resolve the complaint satisfactorily, we will provide you with information about the further steps you can take.