1. Objective:

National E-Governance Services Limited (NeSL) has adopted this privacy policy aimed at protecting Information, including the individual’s / user’s Sensitive personal data or information as disclosed and/or submitted to NeSL. The privacy policy is in compliance with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information), Rules 2011 (the “IT Rules”) framed under Information Technology Act 2000 (“IT Act”). NeSL is committed to protect its user’s personal information and/or Sensitive Personal Data and strives to maintain the privacy of Information submitted by a user. It is to be noted that, for the purpose of this privacy policy, sensitive personal data or information has been considered as a part of personal information. NeSL collects personal information for a variety of regulatory and business purposes. These include, but are not limited to,:

  • Verify identity of its users / customers.
  • Complete transactions effectively and bill for products and services.
  • Respond to the request for service or assistance.
  • Provide, maintain and improve NeSL products and services.
  • Anticipate and resolve issues and concerns with NeSL products and services.
  • Ensure adherence to legal and regulatory requirements for prevention and detection of frauds and crimes.

 

2. Definitions:

In this privacy policy, unless the context otherwise requires, following expressions shall have the meanings as assigned to them below:

  • “Information” shall have the meaning as assigned to it under [clause (v) of sub-section (1) of section 2][1] of the IT Act or as may be amended from time to time;
  • “Personal Information” shall have the meaning as assigned to it under [sub-clause (i) of clause (1) of Rule 2][2] of the ITRulesor as may be amended from time to time;
  • “Sensitive personal data or information”shall mean and include the information prescribed under [Rule 3][3] of the IT Rules or as may be amended from time to time;

3. Confidentiality of Personal Information:

NeSL preserves the confidentiality of all information provided, by adhering to the following principles:

  1. NeSL collects the Personal Information that it is required to be collected as per the regulatory guidelines relevant for the conduct of business.
  2. NeSL will not disclose Personal Information to any external organization without the consent of the customer, unless required by statutory laws and regulations, or required to be disclosed to Governmental or judicial bodies or quasi-government or agencies or regulators from time to time under proper authority.
  3. NeSL has put in place reasonable security practices and procedures designed to prevent unauthorized access to the personal information by anyone, including its own staff as per IT Rules.
[1]Section 2(1)(v): “information” includes data, text, images, sound, voice, codes, computer programmes, software and databases or micro film or computer generated micro fiche
[2]Rule2(1)(i):”Personal information” means any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available with a body corporate, is capable of identifying such person.
[3]3. Sensitive personal data or information.— Sensitive personal data or information of a person means such personal information which consists of information relating to;—

(i) password;
(ii) financial information such as Bank account or credit card or debit card or other payment instrument details ;
(iii) physical, physiological and mental health condition;
(iv) sexual orientation; (v) medical records and history;
(vi) Biometric information;
(vii) any detail relating to the above clauses as provided to body corporate for providing service; and
(viii) any of the information received under above clauses by body corporate for processing, stored or processed under lawful contract or otherwise: provided that, any information that is freely available or accessible in public domain or furnished under the Right to Information Act, 2005 or any other law for the time being in force shall not be regarded as sensitive personal data or information for the purposes of these rules.

  1. NeSL, its staff and any agent or third party service provider does not have access to customer information and in the event of being directed to access such information, they shall observe their confidentiality obligations.

4. Collection of Personal Information

NeSL will collect information pertaining to identity, demographics, and related evidentiary documentation. Personal information collected and held by NeSL may include name, father’s name, mother’s name, spouse’s name, date of birth, current and previous addresses, telephone number, mobile phone number, email address, and information contained in the documents used as proof of identity and proof of address such as Aadhaar, PANetc.. NeSL collects, stores and processes following types of sensitive personal information such as password, financial information and physiological information for providing products, services and use of website. NeSL may keep a log of the activities performed by the customers/users on NeSL network and websites by using various internet techniques such as web cookies, server log files, etc., for analytical purposes and for analysis of the amiability of various features of NeSL Website. This information may be used to provide a better experience at NeSL portal and for evidentiary purposes. At any time while surfing NeSL website, if customers do not wish to share surfing information, they may opt out of receiving the cookies from NeSL web site by making appropriate changes to their browser privacy settings.

5. Security Practices and Procedures

  • NeSL adopts reasonable security practices and procedures, to include technical, operational, managerial and physical security controls in order to protect all Information from unauthorized access, or disclosure while it is under NeSL control.
  • NeSL’s security practices and procedures limit access to Information on a directed-only basis. Further, NeSL employees are bound by Code of Conduct which obligates them to protect the confidentiality of personal information.
  • Necessary steps are taken to ensure that NeSL’s third parties adopt reasonable level of security practices and procedures to ensure security of the Information.
  • NeSL may retain the Information so collected as long as required to provide customers/users with its services or if otherwise required under any law for the time being in force.
  • While disposing of the Information, NeSL uses reasonable procedures to erase it or render it unreadable (for example, shredding documents and wiping electronic media).
  • Internet use – NeSL maintains the security of internet connections, however for reasons outside the control of NeSL, security risks may still arise. Any personal information transmitted to NeSL will therefore be customer risk. However, NeSL will strive to ensure the security of customer information. NeSL observes reasonable security measures to protect the personal information against hacking and virus dissemination.

6. Feedback and grievances

NeSL is committed to safeguard all Information, collected and handled by NeSL. In case of any feedback or concern regarding protection of such Information, customers/users can contact NeSL through Emailhelpdesk@nesl.co.in. Alternatively, customers may also direct privacy-related feedback or concerns to the Grievance Officer whose details are as mentioned below:

Email: grievances@nesl.co.in

Working Days: Monday to Saturday (Other than weekly holidays, declared holidays and public holidays)

Working hours: 9.00 AM to 6.00 PM