Purpose:
Bongchie India Private Limited (“company”) must restrict access to all the confidential and sensitive data to protect it from being lost or compromised in order to avoid adversely impacting our customers, incurring penalties for non-compliance and suffering damage to our reputation. At the same time, we must ensure users can access data as required for them to use the resources made available by the bongchie.com (“website”) effectively.
It is not anticipated that this policy can eliminate all malicious data theft. Rather, its primary objective is to increase user awareness and avoid accidental loss scenarios, so it outlines the requirements for data breach prevention.
Scope:
In Scope
This data security policy applies to all customer data, personal data, or other company data defined as sensitive in nature. Therefore, it applies to every server, database and IT system that handles such data, including any device that is regularly used for email, web access or other work-related tasks. Every user who interacts with the website is also subject to this policy.
Out of Scope
Information that is classified as Public is not subject to this policy. Other data can be excluded from the policy by company management based on specific business needs, such as that protecting the data is too costly or too complex.
Policy:
The website takes the secure precautions to keep your personal information safe. The website is based on a secure server using the industry standard encryption technology, SSL (Secure Sockets Layer) and HTTPS (Hypertext Transfer Protocol Secure), which establishes a secure connection to encrypt communications between your device(s) and our servers.
Whenever your payment information (“credit card number, debit card number, net banking details or e-wallet details”) is displayed, you will notice that our URL address begins with “https”, instead of “http” and a locked padlock icon will show up in your status bar ensuring you that there is a secure connection and encryption is being performed using the SSL. Your payment information will be transferred to your respective financial organization during the processing of the order. Our website has been authenticated with an SSL certificate so you can be ensured that our identity has been verified and we are protecting your information.
In the process of making a purchase through website, you will be asked to provide contact and billing information. If you opt not to create an account with website, this information will only be used to process your order(s).
After you place an order using website, you will receive an order confirmation email & SMS. The order confirmation email & SMS will display all the relevant information (“name, billing address, phone number and email address”) provided at the time of checkout from website. We ask that you never reply or send any of our sales associates your payment details via email or SMS which is not secure.
Definitions
- Database — An organized collection of data, generally stored and accessed electronically from a computer system.
- Encryption—The process of encoding a message or other information so that only authorized parties can access it.
- Server — A computer program or a device that provides functionality for other programs or devices, called clients.