By visiting this website, the visitor consents to the terms of this policy. By submitting his/her Information to the Trust, the visitor will be treated as having given his/her permission for processing the same in a manner provided in this policy.
Introduction
The Digital Fibre Infrastructure Trust (“Trust”) respects the privacy of individual/visitor and is committed to take reasonable precautions to protect information consisting of Personal information and `Sensitive Personal Data or Information’ (SPDI) (“Information”) of visitors of this website and comply with all legal, regulatory and/or contractual obligations related to privacy. The Trust has adopted the ‘Privacy by Default’ principles in its approach to data privacy i.e. privacy of data and information is upheld first by default.
This policy covers the processing, storage and access to Information as required under lawful and/or contractual activities with the Trust or otherwise required in the normal course of business. It describes the Trust’s policies and procedures on the collection, usage and disclosure of Information provided/received by natural persons and meets the requirements established under:
- The Information Technology Act, 2000 – Section 43A; and
- The Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011.
-
1. Scope
This policy applies to all visitors of this website.
-
2. Information covered by this Policy
This policy applies to Information collected and processed by RIL consisting of following:
- 2.1 - Personal information is information related to a visitor, or a combination of pieces of information that could reasonably allow him to be identified. Personal information may consist of full name, personal contact numbers, residential address, email address, gender or date of birth. While information such as date of birth in isolation may not be enough to uniquely identify the visitor, a combination of full name and date of birth may be sufficient to do so.
- 2.2 - Sensitive personal data or information (“SPDI”) is such personal information that is collected, received, stored, transmitted or processed by the Trust, consisting of:
- a) Password;
- b) Financial information such as bank account or credit card or debit card or other payment instrument details;
- c) Physical, physiological and mental health condition;
- d) Sexual orientation;
- e) Medical records and history;
- f) Biometric information;
- g) Any detail relating to the above personal information categories as provided to the Trust for providing service; and
- h) Any of the information received under above personal information categories by the Trust for processing, stored or processed under lawful contract or otherwise.
- 2.3 - Please note that any information that is freely available or accessible in public domain or furnished under the Right to Information Act, 2005 or any other law for the time being in force shall not be regarded as sensitive personal information.
-
3. Purpose
The Trust shall collect and use Information for legitimate business purposes in order:
- a) to provide information to the unitholders regarding any material updates related to the operations of the Trust
- b) that a visitor may download such information and take advantage of other features of the Trust’s website; [can financial information be downloaded from this site]
- d) to administer or otherwise carry out the Trust’s obligations in relation to any agreement that the visitor may have with the Trust;
- f) to process and respond to requests, improve the Trust’s operations, and communicate with visitor/s about the Trust’s business; and
-
4. Collection of Information
Only minimum Information required to meet the purposes mentioned in this policy shall be collected from the visitor/s. Neither the Trust nor its representatives shall be responsible for the authenticity of such Information provided by the visitor/s. As normal business practice, the Trust may collect Information in order to enable the secure online authentication, interaction and transaction with natural persons. This may include the installation of cookies and the collection of other session data.
-
6. Retention, Processing and storage of Information:
- 6.1 - The Trust shall retain Information for only as long as necessary to meet legal or regulatory requirements or for legitimate business purposes as mentioned in this policy.
- 6.2 - The Trust has implemented required security practices and standards in line with the global standards and have a comprehensive documented information security program and policy in place, which contains managerial, technical, operational and physical security control measures that commensurate with the information assets being protected with the Trust’s nature of business. It is being reviewed periodically to keep pace with business, technology and regulatory changes.
-
7. Disclosure of Information
- 7.1 - The Trust shall not use or disclose Information for purposes other than as mentioned in this policy, except with the consent of visitor providing such Information or as required by law. However, the Trust may be legally required to disclose the Information in the following cases:
- a) Where the disclosure is necessary for compliance of a legal obligation; or
- b) Where mandated under the law by government agencies to disclose such Information.
- 7.2 - Where necessary, the Trust may disclose Information to business partners or third parties during the normal course of business for the purposes mentioned in this policy. In such cases, the Trust will only share Information related data when the Trust is assured that:
- a) The Information is processed legitimately and appropriately by the business partner or third party in line with the established consent or in line with legal requirements; and
- b) The business partner or third party has adopted a reasonable and equivalent level of security practices and procedures to ensure security of the Information shared.
-
8. Feedback or Concern
For feedback or concern, if any, kindly contact: