Policy for Information Security and Data Protection

This Data Protection Policy outlines how Networked Energy Services Technologies Pvt. Ltd. ("NES Technology")" gathers, processes, stores, safeguards, and maintains personal and business data via its website www.nesindia.co, software platforms, digital services, and IT solutions.

In accordance with existing data protection laws, cybersecurity regulations, and international best practices, NES Technology is dedicated to guaranteeing the confidentiality, integrity, and availability of all personal and sensitive data.

1. Purpose of This Policy

This policy's goal is to outline the standards, guidelines, and obligations for safeguarding client, employee, personal, and commercial data that NES Technology handles.

2. Scope of Policy

• Website visitors and users
• Clients and business partners
• Employees and job applicants
• Vendors and service providers
• All digital platforms, applications, and IT systems

3. Types of Data Covered

• Personal identification data
• Contact and communication information
• Business and contractual data
• Technical and usage data
• Employment and HR-related information
• System logs and security records

4. Data Protection Principles

• Lawful, fair, and transparent processing
• Purpose limitation
• Data minimization
• Accuracy and data integrity
• Storage limitation
• Confidentiality and security
• Accountability and compliance

5. Data Security Measures

• Secure servers and encrypted storage
• SSL encryption and secure communication
• Access control and role-based permissions
• Authentication and authorization systems
• Firewall and intrusion detection systems
• Regular system audits and vulnerability assessments
• Data backup and disaster recovery mechanisms

6. Data Processing & Usage

NES Technology processes data strictly for legitimate business purposes including: service delivery, client support, system operations, recruitment, compliance, communication, and service improvement.

7. Data Sharing & Disclosure

Data may be shared only with authorized third parties such as hosting providers, cloud service providers, IT infrastructure partners, and legal authorities where required by law. NES Technology does not sell or trade personal data.

8. Data Retention Policy

Data is retained only for as long as necessary to fulfill business, legal, contractual, and regulatory obligations. Secure deletion and disposal procedures are followed once data is no longer required.

9. User & Data Subject Rights

• Right to access personal data
• Right to rectification
• Right to erasure (where applicable)
• Right to restrict processing
• Right to data portability
• Right to withdraw consent

10. Breach Management

NES Technology has defined procedures for identifying, reporting, managing, and mitigating data breaches, including incident response, containment, investigation, and notification where required by law.

11. Employee Responsibility

All employees, contractors, and authorized personnel are responsible for maintaining data confidentiality and complying with this policy. Regular training and awareness programs are conducted to ensure compliance.

12. Policy Updates

NES Technology reserves the right to update this Data Protection Policy at any time. Changes will be published on the website, and continued use of services indicates acceptance of the updated policy.

13. Contact Information

For any data protection or privacy-related queries, contact:

14. Acceptance of Policy

By using this website, platforms, and services of NES Technology, you acknowledge that you have read, understood, and agreed to this Data Protection Policy.