The BMC is committed to protecting your privacy and processing your personal data in accordance with the IT Act 2000. This policy explains how information we collect about you is used and kept secure, your privacy choices when using our website, and your right to access your information under the IT Act 2000.
Through our website, we may collect the following information about you:
We may use your personal information for a number of purposes, including:
Your personal information will not be used for marketing purposes or any other services unless you have specifically agreed to be contacted for these purposes.
We will only share your personal information with a third party if required to do so by law or for the purposes of crime prevention or detection.
We have appropriate technical and organisational measures in place to prevent the loss, misuse or alteration of your personal information.
Any personal information you provide to us is stored securely on password and firewall protected servers and all website transactions are protected using Secure Sockets Layer (SSL) encryption technology.
However, the Internet is not generally a secure medium for communication and therefore we cannot guarantee the security of any information you send to us over the Internet.
Under the , you can ask to see any personal information that we hold about you. Such requests are called subject access requests.
This section provides protection against unauthorized access of the computer system by imposing heavy penalty up to one crore. The unauthorized downloading, extraction and copying of data are also covered under the same penalty. Clause ‘c’ of this section imposes penalty for unauthorized introduction of computer viruses of contaminants. Clause ‘g’ provides penalties for assisting the unauthorized access.
This section provides for computer source code. If anyone knowingly of intentionally conceals, destroys, alters or causes another to do as such shall have to suffer a penalty of imprisonment or fine up to 2 lakh rupees. Thus protection has been provided against tampering of computer source documents.
Protection against hacking has been provided under this section. As per this section hacking is defined as any act with an intention to cause wrongful loss or damage to any person or with the knowledge that wrongful loss of damage will be caused to any person and information residing in a computer resource must be either destroyed, deleted, altered or its value and utility get diminished. This section imposes the penalty of imprisonment of three years or fine up to two lakh rupees or both on the hacker.
This section provides protection to the data stored in the protected system. Protected systems are those computers, computer system or computer network to which the appropriate government, by issuing gazette information in the official gazette, declared it as a protected system. Any access or attempt to secure access of that system in contravention of the provision of this section will make the person accessed liable for punishment of imprisonment which may extend to ten years and shall also be liable to fine.
This section provides protection against breach of confidentiality and privacy of the data. As per this, any person upon whom powers have been conferred under IT Act and allied rules to secure access to any electronic record, book, register, correspondence, information document of other material discloses it to any other person, shall be punished with imprisonment which may extend to two years or with fine which may extend to one lakh rupees or both.
Upon the footprints of the foreign laws, this bill has been introduced in the Rajya Sabha on December 8th 2006. The purpose of this bill is to provide protection of personal data and information of an individual collected for a particular purpose by one organization, and to prevent its usage by other organization for commercial or other purposes and entitle the individual to claim compensation or damages due to disclosure of personal data or information of any individual without his consent and for matters connected with the Act or incidental to the Act. Provisions contained in this Act are relating to nature of data to be obtained for the specific purpose and the quantum of data to be obtained for that purpose. Data controllers have been proposed to be appointed to look upon the matters relating to violation of the proposed Act.