Data Retention Policy
This Data Retention Policy sets out the obligations of Fortified Sparkline Pvt. Ltd. (“We”, “Us”, “Our”) regarding the collection, retention, and processing of personal data. This policy applies to all personal data collected through our website, services, or other interactions and is incorporated into our Terms of Use.
The purpose of this policy is to safeguard user records, define retention periods, and ensure the protection of personal data. Personal data will only be kept in a form that permits identification of users for as long as necessary for the purposes it was collected, unless longer retention is required for public interest, research, historical, or statistical purposes with appropriate safeguards.
Key Terms
- User: Any customer or individual who interacts with our services or website, whose personal data is collected or processed.
- Service Data: All electronic data, messages, or materials submitted by Users in connection with the use of our services.
- Personal Data: Any data relating to a living individual that can identify them either directly or in combination with other information in our possession.
Purpose and Objectives
- Establish limits on retention of Service Data and Personal Data.
- Protect users’ rights by ensuring unnecessary data is not retained.
- Improve efficiency in managing and processing data.
Scope
This policy applies to all personal data held by Fortified Sparkline Pvt. Ltd. across:
- Workstations, laptops, desktops, servers, and virtual machines.
- Physical forms, visitor logs, business cards, or any other collected material.
- Cloud servers and third-party service providers engaged in processing data.
Records
Records include any information provided by users, including during sign-up (name, email, address, phone, etc.). Records may exist in electronic or paper format, locally or on cloud servers, and are used as described in our Privacy Policy.
Data Retention
- Personal data will not be retained longer than necessary for the purposes it was collected unless required by law.
- Different types of data may have different retention periods, which are periodically reviewed.
- When reviewing retention periods, we consider:
-
Objectives and requirements of Fortified Sparkline Pvt. Ltd.
-
Type of personal data.
-
Purpose for which data is collected and processed.
-
- If a precise retention period cannot be fixed, criteria will be established for regular review.
- Some data may be deleted prior to its retention period if decided by the company or upon user request.
- Unless otherwise stated, the default retention period is 12 months from the date of creation of the record.
Storage and Transfer of Data
Personal data is stored on our servers and those of third-party service providers. While our servers are located in India, data may be transferred across borders. Transmission over the internet is not completely secure; while we implement strict security measures, any transmission is at your own risk.
Security of Information
Sensitive data exchanged with our site is encrypted via SSL and protected with digital signatures. Our systems comply with PCI vulnerability standards. Users are responsible for protecting access to their accounts and devices. Despite these measures, we cannot guarantee complete security.
Data Disposal
Upon expiration of retention periods, personal data will be deleted, destroyed, or otherwise disposed of, unless legally required to retain it longer.
Roles and Responsibilities
- The grievance officer oversees the implementation of this policy, monitors compliance with applicable laws (including the IT Act 2008), and ensures proper data management practices.
- Users with questions about data retention or compliance should contact the grievance officer at info@fortifiedsparkline.in