Data Processing Addendum

This Data Processing Addendum (“DPA”) forms an integral part of the Terms and Conditions, Agreements, and any contractual documents entered into between Vismika Tech and the Client. In the event of any inconsistency, the provisions of this DPA shall prevail with respect to data protection and processing obligations.

1. Definitions

Unless otherwise defined herein, capitalized terms shall have the meaning assigned under the Information Technology Act, 2000, the SPDI Rules, 2011, and the applicable Agreement.

  • “Personal Data” means any information relating to an identified or identifiable natural person.

  • “Sensitive Personal Data or Information (SPDI)” shall have the meaning assigned under the SPDI Rules.

  • “Data Controller” refers to the Client.

  • “Data Processor” refers to Vismika Tech.

  • “Processing” includes collection, storage, use, transmission, disclosure, deletion, or any operation performed on data.

2. Scope and Purpose of Processing

Vismika Tech shall process Personal Data and SPDI solely for the purposes of providing the Services, fulfilling contractual obligations, complying with legal and regulatory requirements, ensuring system security, performing analytics, and delivering support services, strictly in accordance with documented instructions of the Client and applicable laws.

3. Roles and Responsibilities

3.1 Client Responsibilities (Data Controller)

The Client represents and warrants that:

  • It has lawful authority to provide data to Vismika Tech;

  • All necessary consents, notices, and approvals have been obtained;

  • Data shared complies with applicable laws and tender conditions.

3.2 Vismika Tech Responsibilities (Data Processor)

Vismika Tech shall:

  • Process data only on documented instructions;

  • Ensure confidentiality of personnel accessing data;

  • Implement reasonable security practices as mandated by law;

  • Not disclose data to third parties except as permitted under the Agreement or required by law.

4. Compliance with Indian Laws

Vismika Tech shall comply with:

  • Information Technology Act, 2000

  • IT (SPDI) Rules, 2011

  • CERT-In Cyber Security Directions, 2022

  • MeitY guidelines and advisories

  • Applicable Government of Karnataka IT policies

  • Applicable provisions of future Indian data protection laws, once enacted

5. Security Measures

Vismika Tech implements industry-standard and legally compliant security controls, including but not limited to:

  • Encryption of data at rest and in transit (AES-256 / TLS)

  • Role-based access control and multi-factor authentication

  • Logging and monitoring of system activity

  • Minimum 180-day log retention as mandated by CERT-In

  • Periodic vulnerability assessments and audits

  • Incident response and containment procedures

6. Data Location and Localization

Unless otherwise agreed in writing or mandated by government contract, data processed under this DPA shall be hosted within India in approved data centers. Cross-border data transfers, if any, shall occur only where legally permitted and contractually authorized.

7. Sub-Processors

Vismika Tech may engage sub-processors (such as cloud service providers) strictly for service delivery purposes. All sub-processors shall be bound by confidentiality and data protection obligations no less stringent than those set forth in this DPA.

8. Data Subject Rights

To the extent applicable, Vismika Tech shall assist the Client in responding to lawful requests for access, correction, or deletion of Personal Data, subject to legal, contractual, and regulatory constraints.

9. Data Breach Management

In the event of a confirmed data breach affecting Personal Data or SPDI:

  • Vismika Tech shall notify the Client without undue delay;

  • Reasonable steps shall be taken to contain, mitigate, and remediate the breach;

  • Reporting shall be carried out in accordance with CERT-In and applicable law.

10. Data Retention and Deletion

Data shall be retained only for the duration necessary to fulfill contractual and legal obligations. Upon termination of Services, data shall be returned or deleted as per the Agreement, subject to statutory retention requirements.

11. Audits and Compliance

Where required by law or government contract, Vismika Tech shall reasonably cooperate with audits conducted by authorized authorities or the Client, subject to confidentiality and security safeguards.

12. Governing Law and Dispute Resolution

This DPA shall be governed by the laws of India. Any dispute arising out of or in connection with this DPA shall be resolved in accordance with the Dispute Resolution and Arbitration provisions set forth in the Terms and Conditions.

Vismika Tech © 2004. All Rights Reserved.
Policies
Terms & Conditions
Privacy Policy
Support Policy
Data Processing
Security and Compliance
Get In Touch
  • +919902261436
  • kc@vismika.com
  • Bengaluru, India

Innovation with a purpose!

Quick Links
Policy
Terms and Conditions
Privacy Policy
Support
Get In Touch

Copyright © 2025 Vismika Tech. All Rights Reserved.