preloader

Data Policy

Last Edited : Jan 14, 2023

Introduction

SaYukth Technologies Private limited (hereinafter referred to as “SaYukth”), through its Website (hereinafter referred to as “the Platform”) and Mobile Application called “Panchayat Seva” (hereinafter referred to as “the mobile application”) allows the customer or users to interact with the Company products.

In order to provide the key services, SaYukth stores processes and stores customer data in hosted environment secured within Virtual Private Cloud setup on Public Cloud viz Amazon AWS. Certain data points like email, phone number, address, age, gender, bank account number, PAN are collected in order to comply with the regulatory mandates.

Information and Data Classification

  • SaYukth shall define information classifications based on the sensitivity, criticality, confidentiality, privacy requirements and value of the information.

  • All information generated by or for SaYukth Tech in writing, electronic or any other form shall be classified based on the four level classifications i.e. Highly Confidential, Confidential, Internal, Public.

    • Highly Confidential - User private data (MySQL Database)
    • Confidential - Client contracts, employee contracts, financials (Cassandra Database)
    • Internal - Business Metrics, Process SOP (Google Drive)
    • Public - Organisation Structure, Privacy Policies (Website Hosted in AWS Cloud)

  • For all existing information types, the assigned owner shall be responsible for choosing an appropriate information classification level in accordance with SaYukth tech’s business requirements.

  • When the various sensitivity classifications of information are combined, the resulting collection of information shall be classified at the most restricted level among the sources.

  • All SaYukth Tech’s employees shall comply with the defined information classification scheme.

Data Strategy Overview

Building and driving businesses using data is of utmost necessity for every organisation. Building a Data strategy around the organisation will not only help to develop informed and mature data culture within the organisation, it will lead to intelligent decision making, better product and will help to serve clients and end users better. The important touch points are as follows:

  • Asking and addressing the key Business Questions/Use cases to obtain the clear and quantifiable impact on the results.

    • Does it make a significant impact in the outcome ?
    • Does it remove redundancy ? (No same report or data for two teams - Reusability)
    • Assess the Business Criticality / Priority.

  • Creating the technology and Data Infrastructure:

    • Defining, developing proper Sourcing, Collecting, Transforming and Processing the Data. Maintain a centralised Data Repository/DWH for the processing/analysing the Data generated/stored internally and externally.

  • To develop a detailed Data Strategy roadmap for SaYukth on the front of Data Engineering, Analytics and Science and track Data Maturity progression.

  • Defining and Implementing the right Data Governance.

Data Governance

Ensuring the data doesn’t become a Liability: Data Governance Businesses are collecting and analysing ever increasing amounts of data and trying to make better decisions, run their operations more efficiently and targeting for more profitability in the days to come. There are significant hurdles around data ownership, privacy and security to overcome, ignoring which can turn data from being a huge asset to a potentially liability. As regulations are being introduced to tighten up how companies collect, store and use data. Proper consideration of these issues comes under the umbrella of ‘Data Governance’.

Many businesses do brilliant things using third party data and the wealth of data providers can be beneficial to companies to an extent. However, in the case of SaYukth Tech, it is very important to own any data points trusted on us by our end users, clients and LMS/Banking partners.

Wherever possible we own the data that is crucial to SaYukth’s operations, revenue and critical decision making processes. It is easy enough for the internal data but it is admittedly less straightforward with the external data. To ensure the correct access is in place for the users as and when needed for the access control and defining the Metadata/Logs for the information/data collected from/transferred to third parties/end users/clients/lms or banking partners/internal stakeholders.

It is to ascertain data access(es) is/are provided to responsible individuals as per the business need and make them aware regarding its fair usage for the purpose of business operation/analytics/processing only.

When we’re talking about ‘big’ data, there is a great value in a ‘less is more’ approach. Sitting on vast amounts of un-utilised data is not only an expensive approach, it is also tedious to store and process/analyse them in an attempt to extract means without a purpose.

Addressing Privacy concerns

At SaYukth Tech we always have to be mindful/cognizant of these user Rights and take steps according to as/when/how/what consent the end users are providing/revoking/updating.

Also to make sure the full disclosure to the user is given in the mode of the Terms and Conditions, Publicly available Privacy Policy and timely ad hoc consents obtained by the users via OTP/Email/Voice Call Notification/CTA on app/Pop ups as and when required.

SaYukth Tech also has to ensure and draw up SOPs in case the user revokes any of the consents, the Data of the user to be processed/not-processed/erased accordingly.

The privacy policy of SaYukth Tech is detailed here .

Practising and Implementing Good Data Governance:

Data Governance refers to the overall management and caretaking of data, covering its usability, integrity and security. SaYukth Tech is cognizant of the moral and the legal requirements and regulations concerning every step of our data operations and have firm policies and procedures in place to govern every step. It goes beyond data security, ownership and privacy; it extends to having policies in place to determine exactly who has access to data, and who is responsible for maintaining the quality and accuracy of that data. A big part of enforcing this relies on building the informed and correct data culture within the organisation.

From time to time these best practices need to be conveyed (KT sessions) to the stakeholders including the Tech / Product (B2B & B2C) / Sales & Operations / Implementations / Customer Experience / Client engagements / Marketing etc to educate/remind them about its Benefits and Shortcomings if missed otherwise.

Data Retention and Purging Policies

SaYukth Tech has detailed retention and purging policies to ensure compliance with any change in statute / law; or changes in the policies and procedures of the company; or process improvements; or correct any errors or omissions in the manual; or potential or ongoing Litigation/ Preservation notice or any other reason that necessitates such deviation.

The data retention strategies are as per the Indian laws (Companies Act, 1956 / Companies Act, 2013, Depository Act, Others- Including Income & Other taxes). SaYukth Tech takes cognisance of alignment with SEBI (Listing Obligation and Disclosure Requirements) Regulations, 2015, Prevention of Money Laundering Act and rules made there under read with RBI circulars in respect thereof shall be preserved and maintained for a period of five years from the date of its event, unless specified under the any other Act or Rules, for longer duration.

Last reviewed on: 27 SEP 2023

Designed and Developed By SaYukth