Data Protection Policy

Introduction:

Sazs Apps Private Limited ("Company") is committed to safeguarding the privacy and security of customer data within our ERP Billing Software. This Data Protection Policy outlines the principles and procedures for handling, storing, and securing data to protect customer information effectively.

Throughout this Data Protection Policy, "ERP Software" refers to the software products Quarry King, SAZS Bricks, and SAZS RMC provided by Sazs Apps Private Limited, including its affiliates and subsidiaries (also referred to as “we,” “us,” or “our”).

Scope:

This policy applies to all employees, contractors, vendors, and third-party service providers who handle customer data within the ERP Billing Software, including data collected, stored, processed, and transmitted through the system.

Data Collection & Processing

• We collect only necessary data required for billing, customer management, and operational purposes.
• Customer data is collected transparently, with explicit consent where required.
• Processing is restricted to lawful purposes as specified in agreements with customers.
• Sensitive Personal Data is handled with heightened security measures and is processed only with prior consent or as per business needs.

Data Security Measures

• All customer data is encrypted in transit and at rest using industry-standard encryption protocols.
• Secure access controls, including multi-factor authentication (MFA), are implemented to prevent unauthorized access.
• Regular security audits, vulnerability assessments, and penetration testing are conducted.
• Firewalls, anti-virus software, and intrusion detection systems are employed to protect against cyber threats.
• Employees and stakeholders handling sensitive data undergo regular security training and compliance checks.

Data Retention & Deletion

• Data is retained only for the period necessary for business and operational requirements.
• Upon the expiration of the retention period, data is securely deleted using industry-standard data sanitization techniques.
• Customers may request data deletion, subject to applicable business constraints.

Data Access & Sharing

• Data access is strictly limited to authorized personnel on a need-to-know basis.
• Third-party service providers handling data must adhere to security standards and sign confidentiality agreements.
• Data is never shared with unauthorized entities or used for purposes other than those agreed upon with customers.
• Any external request for customer data will be fulfilled only upon receiving proper authorization.

Incident Management & Breach Response

• Any suspected data breach is investigated immediately, and appropriate measures are taken to mitigate risks.
• In case of a breach involving sensitive personal data, the Company will notify the affected customers.
• A dedicated response team will handle security incidents, ensuring swift corrective actions are implemented to prevent future breaches.

Customer Rights & Data Requests

• Customers have the right to access, modify, or request deletion of their data.
• Requests for data access, rectification, or portability must be submitted through official channels and will be processed in a timely manner.
• Customers have the right to file complaints regarding data misuse, which will be addressed accordingly.

Policy Review & Updates

• This policy is reviewed biannually and updated as necessary.
• Employees, vendors, and stakeholders are required to undergo mandatory training on data protection practices.

SAZS Apps Private Limited

8D, Arunachalam Pettai Street,
Kovilpatti, Tuticorin District,
Tamil Nadu, India.
Phone: 04632 294 666
Email: info@sazsapps.com
Effective Date: 15-12-2023

This Privacy Statement was last updated on 06-01-2025.