Data Privacy Policy
Electrons Remart Data Privacy Policy
Introduction
Electrons Remart is committed to protecting the privacy and security of all personal and sensitive data handled during the IT Asset Disposition (ITAD) process. This policy outlines the measures we employ to ensure compliance with applicable IT Security Rules and ISO 27001 standards. Our approach prioritizes transparency, accountability, and adherence to the highest industry standards, including secure data erasure, physical destruction, and degaussing to eliminate all risks of data breaches.
Scope and Purpose
This policy applies to all personal data and sensitive information collected, processed, stored, or destroyed by Electrons Remart. It ensures that such data is:
Used solely for the purpose for which it was collected.
Protected from unauthorized access or breaches through secure handling and destruction processes.
Disclosed to third parties only with prior consent, contractual agreement, or where required by law.
Data Security Measures
To maintain data privacy and prevent unauthorized access or misuse, Electrons Remart employs the following measures:
1. ISO 27001 Standards
Electrons Remart is ISO 27001 certified, demonstrating a systematic approach to managing and securing sensitive information. Our Information Security Management System (ISMS) includes risk assessments, regular audits, and employee training to uphold data privacy standards.
2. Data Erasure Methods
We use BitRaser, a trusted data erasure solution, to perform software-based data sanitization. BitRaser is compliant with international standards, including NIST, ensuring that data is permanently erased and cannot be recovered. Certificates of data erasure are provided to validate the process.
BitRaser supports 24 different global standards (including NIST and DOD) used in Data Wiping technology. In addition to NIST standards, BitRaser is also certified by HIPAA, ADISA, and STQC standards. Globally, many Corporations, SIs, MSPs, and recyclers trust BitRaser for their data wiping needs. (100% Made in India for Global Use)
BitRaser is the only commercially available software tested and approved by NIST.
3. Data Degaussing
Electrons Remart utilizes advanced degaussing equipment to demagnetize storage media such as hard drives. This process renders all data irretrievable, ensuring complete destruction of sensitive information.
4. Physical Data Destruction
For hardware that requires physical disposal, we employ secure shredding processes. Devices are destroyed into unrecognizable fragments, guaranteeing that data cannot be reconstructed.
5. Physical Security
Data processing and storage facilities are equipped with restricted access, CCTV monitoring, and tamper-evident storage.
Assets are tracked using a secure chain-of-custody protocol from collection to final destruction.
Data Retention and Disclosure
All personal data collected is retained only for as long as necessary to fulfill its purpose or comply with legal obligations. Data is disclosed to third parties only:
With the prior consent of the information provider.
Under contractual agreements ensuring equivalent data protection measures.
When required by applicable laws or regulations.
Incident Response and Compliance
Electrons Remart maintains a robust Incident Response Plan (IRP) to address potential data breaches or unauthorized access. Our compliance framework ensures:
Regular internal and external audits to identify vulnerabilities and implement corrective actions.
Transparent communication with stakeholders in the event of an incident.
Customer Assurance
Electrons Remart provides detailed documentation and certification for every ITAD project, including:
Certificates of Data Erasure (BitRaser): Verifying the permanent erasure of data.
Certificates of Destruction: For degaussed or physically destroyed assets.
Chain-of-Custody Reports: Ensuring transparency and accountability throughout the process.
Publishing and Updates
This Data Privacy Policy is published on our website to ensure transparency. Electrons Remart reserves the right to update this policy periodically to reflect changes in legal or regulatory requirements or advancements in technology.
