Data Security Policy

Home / Data Rentation Policy

  1. Introduction
  2. The Apex Consultancy Services Private Limited ("Apex", "We", "Us" or "Our") information security arrangement covers our Services and Websites situated at www.shopact.org(hereinafter, all in all, alluded to as "Service(s)").

    We esteem the unfaltering trust that our clients place in us as overseers of their information. We comprehend our duty and take proper consideration to ensure and verify your data truly as portrayed in our security rehearses beneath.

    The expressions "client" "you" "your" "client" and "clients" allude to all people and different people who access or utilize our administrations, including, without confinement, any organizations, associations, or other legitimate elements that register accounts or in any case access or utilize the Services through their workers, operators, or agents.

  3. Compliance
  4. Apex is consistent with the Payment Data Security Standards through the outsider installment suppliers we utilize and can consequently acknowledge or process charge card data safely as per these principles.

  5. Access Control
  6. Access to our innovation assets is just allowed through the secure network (for e. g. Https) and requires validation. Our secret phrase strategy requires unpredictability, lapse, lockout and forbids reuse. We award access on a need to know based on least benefit rules, surveys authorizations quarterly, and repudiate get to following worker end.

  7. Security Policies
  8. We audit and update our security strategies, at any rate, every year. Our workers are committed to recognizing arrangements on a yearly premise and are given preparing to guarantee information security and occupation explicit security and expertise advancement for key employment capacities.

  9. Physical Security
  10. Our data frameworks and specialized foundation are facilitated inside a world-class Data Center situated in India. Physical security controls at our server farms incorporate camera reconnaissance, guest logs, security faculty.

  11. Personnel Screening
  12. We lead the foundation to look into the hour of contract (to the degree allowed or encouraged by relevant laws and nations). What's more, we impart our information security arrangements to all faculty (who must recognize this) and require new representatives to consent to non-revelation arrangements and give progressing protection and security preparing.

  13. Penetration Testing and System Vulnerability Assessments
  14. We have a helpless appraisal program that incorporates intermittent outputs, distinguishing proof, and remediation of security vulnerabilities on servers, organize hardware, and applications. All systems, including test and generation conditions, are routinely filtered utilizing confided in outsider sellers.

    We additionally direct standard interior and outside infiltration tests and remediate as indicated by seriousness for any outcomes found.

  15. Data Transit Encryption
  16. We scramble information in travel utilizing Industry Standard SSL

  17. Asset Management
  18. We keep up electronic records for recognizable proof, order, maintenance, and removal of benefits. The proprietor of such a record is the Information Security Officer. The Information Security Officer must guarantee the exact, convenient and intermittent modification of the advantage of the board records. The organization gave gadgets that are outfitted with hard plate encryption and cutting-edge antivirus programming. Just organizations gave gadgets are allowed to get to corporate and creation systems.

  19. Product Development
  20. Our improvement group utilizes secure coding procedures and best practices. Our Developers are officially prepared insecure web application improvement rehearses upon enlisting and at any rate once like clockwork.

  21. Information Security Incident Response Management
  22. We keep up security episode reaction arrangements and methods covering the underlying reaction, examination, open correspondence, and remediation. These arrangements are inspected consistently and tried bi-yearly.

  23. Notification of Breach
  24. Regardless of all the best endeavors, no strategy for transmission over the Internet, or technique for electronic stockpiling, is flawlessly secure. Along these lines, we can't ensure total security. In any case, if we learn of a security rupture, we will inform influenced clients with the goal that they can make suitable defensive strides. We are focused on keeping our clients completely educated regarding any issues applicable to the security of their record and to giving clients all data important to them to meet their administrative detailing commitments.

  25. Business Continuity
  26. Our databases are upheld up all the time and are confirmed routinely. Reinforcements are scrambled and put away inside the creation condition to protect their classification and respectability and are tried routinely to guarantee accessibility.

  27. Customer Responsibilities
  28. Keeping your information secure additionally necessitates that the client keeps up the security of his record by utilizing adequately confused passwords and putting away them securely. You ought to likewise guarantee that you have adequate security all alone frameworks.

  29. Logging and Monitoring
  30. Our frameworks log data to a midway oversaw log storehouse for investigating, security audits, and examination by the approved workforce. We will give clients sensible help with the occasion of a security occurrence affecting their record.

  31. Contact
  32. If there should be an occurrence of any inquiries that you may have please reach to our Information Security Officer at support@shopact.org.