Thank you for availing our digital services at www.myrinbazaar.com operated by MYRINBAZAAR CONSULTANCY PRIVATE LIMITED. We are committed to providing you with high-quality products and excellent customer service. This End-to-End Encrypted Service Policy outlines our guidelines for implementing and managing end-to-end encryption (E2EE) within our organization to protect sensitive data from unauthorized access and breaches.
This End-to-End Encrypted Service Policy forms part of our Privacy Policy, Terms and Conditions, and Refund & Cancellation Policy. All the policies should be collectively considered and read as a whole.
Purpose: The purpose of this clause is to define the requirements and obligations related to end-to-end encryption (E2EE) for the employees, contractors, and third-party service providers who handle or have access to sensitive data for the services provided under this Agreement.
Scope: This clause applies to all data transmitted or processed as part of the digital services provided by the Provider, including but not limited to [specify types of data, e.g., messages, files, user information].
Encryption Protocols: The Provider agrees to implement and maintain end-to-end encryption using industry-standard protocols. At a minimum, encryption will be provided using [specific encryption standards, e.g., AES-256, RSA-2048, TLS 1.2 or higher].
Encryption Key Management: The Provider will ensure that encryption keys are managed securely, including key generation, storage, rotation, and disposal processes. Keys will not be accessible to unauthorized parties.
Data Protection: The Provider will take all necessary measures to ensure that data is encrypted both in transit and at rest, and that encryption keys are kept secure.
No Data Access: The Provider will not have access to the decrypted content of any data transmitted or stored as part of the services, except as required for legitimate technical support purposes and with the Client’s explicit consent.
Encryption Use: The Client acknowledges and agrees to use the provided end-to-end encryption features as intended and to follow best practices for maintaining the security of their own encryption keys, if applicable.
Notification of Issues: The Client will promptly notify the Provider of any suspected security breaches or issues related to encryption and cooperate in any subsequent investigation.
Compliance: The Provider will comply with all applicable laws and regulations related to data encryption and security, including relevant regulations, e.g., Digital Personal Data Protection Act (DPDP Act), GDPR, CCPA.
Audits: The Provider agrees to allow the Client or an independent auditor, upon reasonable notice, to conduct security audits to verify compliance with encryption requirements.
Breach Notification: In the event of a data breach or security incident involving encrypted data, the Provider will notify the Client within 48 hours of discovery and provide details regarding the breach, including the nature of the incident and any potential impact.
Incident Response: The Provider will cooperate with the Client in responding to and mitigating the effects of any data breaches or security incidents, including providing assistance with forensic investigations and remediation efforts.
Termination: Upon termination of this Agreement, the Provider will securely delete or return all encrypted data according to the Client’s instructions and ensure that no residual data remains accessible.
If you have any questions or concerns about this Policy, please contact us at: info@myrinbazaar.com
We may update this Policy from time to time. Any changes will be posted on this page with an updated effective date. Your continued use of our Service after changes are made constitutes your acceptance of the revised policy.
