Privacy Policy :

This website respects your privacy and does not automatically collect any personal information like your name, phone number, or email address that could be used to identify you. If you voluntarily provide personal details for specific requests, such as names or addresses, we only use this information to fulfill your request.

Your personal information is neither sold nor shared with any third parties, whether public or private. We ensure the protection of your data from loss, unauthorized access, misuse, alteration, or destruction.

For site management purposes, we collect anonymous information such as your IP address, domain name, browser type, operating system, and details about your visit like the date, time, and pages viewed. This information is not linked to individual identities, except in cases where site security is breached.

Content Review Policy (CRP):

The department regularly reviews the contents of the website based on changes in schemes, guidelines etc.

Content Archival Policy (CAP):

Website content is archived in accordance with guidelines on the subject

Hyperlinking Policy :

This website contains links to various other websites/portals for your convenience. It's important to note that [Department] is not responsible for the content and reliability of these linked websites, and the inclusion of such links does not necessarily imply endorsement of the views expressed therein. The presence of a link on this website should not be assumed as an endorsement.

We cannot guarantee the constant availability of these links, and we have no control over the content on the linked pages. You are welcome to link directly to the information hosted on this website without seeking prior permission; however, we appreciate being informed of any such links to stay updated on any changes or updates. Please refrain from loading our pages into frames on your site; instead, they should open in a new browser window for the user's convenience.

Contingency Management Plan & Disaster Recovery Process :

Department / Organization Website has been placed in protected zones with implementation of firewalls and IDS (Intrusion Detection System) and high availability solutions.

• Department / Organization Website is audited for protection against Security & Performance degradation.
• Any application level modification on the Department / Organization Website requires re-audit.
• All the server configuration and logs are monitored timely.
• Only System administrator users are allowed to access the servers for doing administration and configuration tasks.
• All the backend servers are under lock and net secured.
• Contents are updated through a secure FTP using VPN.

In the case of Data Corruption, government departments work closely with their web hosting service providers to implement a reliable system for regular data backups. This strategy is crucial for quick data recovery and maintaining consistent access to information for the public in case of data loss.

Regarding Hardware/Software Crashes, although server failures are infrequent, the web hosting service providers are equipped with sufficient backup infrastructure. This redundancy is vital for the rapid restoration of services on the website, aiming to ensure minimal downtime and continuous availability.

Website Monitoring Plan :

It's essential to conduct regular monitoring of the website to ensure its quality and compatibility. Key areas to be evaluated periodically include:

Performance: The website's download speed should be optimized for various network conditions, which requires regular testing to ensure efficient performance.

Functionality: All components of the website, particularly interactive elements like feedback forms, should be tested to confirm smooth functioning.

Broken Links: A comprehensive check for broken links or errors is necessary. Employing tools and techniques that can quickly identify and fix such issues is advisable.

Feedback: A strong system for gathering and analyzing feedback from visitors should be in place. This feedback is a valuable resource for making necessary adjustments and enhancements to the website, helping to continually improve the user experience.

Security Policy :

• Department / Organization Website has been placed in protected zones with implementation of firewalls and IDS (Intrusion Detection System) and high availability solutions.
• Before launch of the Department / Organization Website, simulated penetration tests have been conducted. Penetration testing has also been conducted some times after the launch of the Department / Organization Website.
• Department / Organization Website has been audited for known application level vulnerabilities before the launch and all the known vulnerabilities have been addressed.
• Hardening of servers has been done as per the guideline of Cyber Security division before the launch of the Department / Organization Website.
• Access to web servers hosting the Department / Organization Website is restricted both physically and through the network as far as possible.
• Web-servers hosting the Department / Organization Website are configured behind IDS, IPS (Intrusion Prevention System) and with system firewalls on them.
• All the development work is done on a separate development environment and is well tested on the staging server before updating it on the production server.
• After testing properly on the staging server the applications are uploaded to the production server using SSH and VPN through a single point.
• The content contributed by/from remote locations is duly authenticated & is not published on the production server directly. Any content contributed has to go through the moderation process before final publishing to the production server.
• All contents of the web pages are checked for intentional or unintentional malicious content before final upload to web server pages.
• Department / Organization Website has been re-audited for the application level vulnerability after major modification in application development [Not applicable at first launch].