INLINE FANS , EXHAUST FANS, DUCT FANS, INLINE EXHAUST FANS, METAL FANS, FRESH AIR FANS ,VENTILATION FANS, ENERGY RECOVERY VENTILATORS

Home
Security

Security

Security Policy

BLUMA APPLIANCES INDIA PRIVATE LIMITED
At BLUMA APPLIANCES INDIA PRIVATE LIMITED (“we,” “us,” “our”), we are committed to safeguarding the confidentiality, integrity, and availability of data and online services on our e-commerce platform. This Security Policy explains the measures we take to protect customer data, website infrastructure, payment information, and other digital assets against unauthorized access, loss, misuse, or damage.

1. Scope & Purpose

This Security Policy applies to all digital systems, services, platforms, customer interactions, and staff activities relating to the BLUMA APPLIANCES INDIA PRIVATE LIMITED e-commerce site. The purpose of this policy is to:

Protect personal and financial information of users.
Maintain secure and trusted transactions.
Prevent unauthorized access, data breaches, attacks, and misuse of systems.
Ensure compliance with applicable security best practices and standards.

2. Data Encryption & Secure Communications

We protect data in transit and at rest using industry-standard encryption technologies:

All communications between users and the platform are secured using HTTPS/SSL/TLS encryption to prevent interception of sensitive data such as login credentials and personal information.
Sensitive data (such as passwords) are stored in hashed and encrypted formats using secure algorithms to prevent unauthorized access.

3. Secure Payment Processing

We integrate with trusted and compliant third-party payment gateways (e.g., Razorpay) to process financial transactions securely.

Payment card information and sensitive financial data are not stored on our servers; they are handled securely by the payment processor.
Transactions are encrypted, and financial systems comply with applicable data security practices.
In all financial processing, secure communication protocols (such as TLS) are maintained to protect cardholder and payment data.

4. Access Control & Authentication

We protect our systems and customer accounts through:

Strong password policies that encourage the use of complex passwords and periodic password changes.
Role-based access controls (RBAC) limiting access to data only to those employees with a business need.
Where applicable, multi-factor authentication (MFA) is used to strengthen account security.

5. Firewalls and Network Defense

Our network infrastructure is protected by:

Firewalls and intrusion detection/prevention systems to monitor and block unauthorized activities.
Regular monitoring of server activity to identify abnormal access or suspicious activity patterns.

6. Software Updates & Patch Management

To minimize vulnerabilities:

Operating systems, server software, applications, and plugins are regularly updated with security patches.
Automated tools and maintenance schedules help ensure that the platform remains protected against known threats.

7. Monitoring, Audits & Vulnerability Assessments

We conduct ongoing security activities to maintain the integrity of our systems:

Routine security audits, vulnerability scans, and penetration testing help identify potential weaknesses so they can be resolved promptly.
Logs and activity records are regularly reviewed to detect irregular access patterns, attempted breaches, or misuse.

8. Data Minimization & Protection

We commit to collecting only the information necessary to fulfill customer transactions and improve service quality.

Personal information is processed and stored only as needed for order processing, delivery, support, analytics, and legal compliance.
Sensitive details such as full card numbers or CVVs are never stored on our servers, and data access is limited to authorized personnel.

9. Incident Response & Reporting

In the event of a security incident:

Our internal security team will assess and respond swiftly to contain and mitigate threats.
We will notify affected users in accordance with applicable legal and regulatory requirements if personal data is compromised.
Root cause analysis and corrective measures will be implemented to prevent recurrence.

10. Customer Responsibilities

Customers are also encouraged to practice security best practices:

Use strong and unique passwords for their accounts.
Keep account credentials confidential.
Report any suspected unauthorized activity or security concerns to our support team immediately.

These practices help enhance the overall security of all users.

11. Third-Party Services & Compliance

While we implement robust internal security measures, some services are provided by third-party vendors. These partners are required to maintain adequate security controls and compliance with relevant standards, such as PCI DSS for payment processing.

12. Updates to This Security Policy

We may revise this Security Policy to reflect changes in technology, legal requirements, threats, or business practices. Updated versions will be posted on the Site with a revised effective date.

13. Contact

If you have questions about this Security Policy, cybersecurity practices, or reporting potential vulnerabilities, please contact:

BLUMA APPLIANCES INDIA PRIVATE LIMITED
Email: support@blumaindia.com
Phone: 99256-06900