CONTACT
341 ~ 342, Udyog Vihar, Phase - 2, Gurugram, Haryana 122 016, India 
+91-124-4736950 +91-124-4736951We recognize the importance of privacy and security of business and sensitive personal information. Our goal is to protect information in every way that we interact with you, whether on the Internet or otherwise.
This Data Privacy Policy is applicable with basic principles of data protection.
This Data Privacy Policy is applicable to Interface Microsystems for the information defined as PII under DPDP Act. The policy applies to information within the Company and extends to processing of personally identifiable data (if any). It complies with the IT Act 2000 for protection of sensitive personal information and DPDP Act India.
When processing personal data, the individual rights of the data subjects must be protected. Personal data collected shall be processed in a legal and fair manner and covered under the scope of the project with implicit/explicit consent.
Personal data to be processed only for the purpose that was defined before the data was collected in contract (Scope of Work) covering consent
Data must be collected directly from the individual/ concerned. When the data is collected, the data subject must either be aware of, or informed of:
Personal data(defined as confidential) is subject to data secrecy. It must be treated as confidential on a personal level and secured with suitable organizational and technical measures to prevent unauthorized access, illegal processing or distribution, as well as accidental loss, modification or destruction.
This policy comply to applicable provisions of The DIGITAL PERSONAL DATA PROTECTION (DPDP) ACT, 2023 and to comply with IT Act 2000 section 43A and any other Data Protection Legislation as applicable.
All processing (i.e. use) of data/information is justified by a "lawful basis" for processing. In the majority of cases, processing will be justified on the basis that:
Before collecting and/or using any special categories of data the Interface Microsystems will establish a lawful exemption which will allow us to use that information. This exemption will typically be: Customer’s explicit consent; a context specific exemption provided for under local laws and applicable regulatory.
Personal data of the relevant prospects, customers and partners to be processed in order to establish, execute and terminate a contract.
Data to be processed following consent by the data subject. Before giving consent, the data subject must be informed in accordance with the Data Privacy Policy.
Only the relevant teams must access the data to be processed and the same should be in an area restricted to registered users. The identification and authentication of the data subject is offered sufficient protection during access.
Transmission of data to recipients outside or inside the Company is subject to the authorization requirements for processing data. The data recipient must be required to use the data only for the defined purposes.
Classified data is subject to data secrecy. Any unauthorized collection, processing, or use of such data by employees is prohibited. Any data processing undertaken by an employee that he/she has not been authorized to carry out as part of his/her legitimate duties is unauthorized. The “need to know” principle applies. Employees may have access to personal information only as is appropriate for the type and scope of the task in question. This requires a careful breakdown and separation, as well as implementation, of roles and responsibilities. Employees are forbidden to use data for personal, private or commercial purposes, to disclose it to unauthorized persons, or to make it available in any other way. Supervisors must inform their employees at the start of the employment relationship about the obligation to protect data secrecy. This obligation shall remain in force even after employment has ended.
Data is safeguarded from unauthorized access and unlawful processing or disclosure, as well as accidental loss, modification or destruction. This applies regardless of whether data is processed electronically or in paper form.. The technical and organizational measures for protecting personal data are responsibility of Organization Information Security management team and must be updated continuously as per the advancement in technology and organizational changes.
Compliance with the Data Privacy Policy and the applicable data protection laws must be checked regularly through data protection audits and other controls as per the terms of the Contract.
In cases of unauthorized transmission of data to third parties, improper access by employees to data, or loss of data, shall be immediately report Interface Grievance Redressal E-mail Id provided in company website.
Defined and classified as sensitive personal identifiable data shall be protected under guideline of IT Act 2000 or as per the compliance requirements with user consent (including logs for data access).