Data Protection

Oxyvin’s Commitment to Data Protection, Security, and Compliance

At Oxyvin, we recognize that data security and regulatory compliance are crucial for maintaining client trust and delivering world-class services. Handling sensitive information responsibly is central to our operations, and we are committed to upholding the highest standards of security and compliance. This document outlines how we protect client data and ensure adherence to global and local regulations.

How Oxyvin Protects Client Data and Ensures Security

  1. Secure Hosting in Trusted Data Centers
    Our Contact Center platform is hosted in highly secure Sify data centers in Noida and Bangalore, while our emailing platform operates on Amazon Web Services (AWS). Both infrastructures comply with industry-leading security standards to safeguard client data and ensure reliable operations.
  2. Client-Controlled Administrative Access
    Clients are provided with administrative access to our Contact Center platform, enabling them to upload call lists, manage data, and oversee operations securely and independently. This eliminates the need for third-party involvement in data management.
  3. Data Management Support on Request
    For clients seeking assistance with data handling, a dedicated account manager oversees the secure upload and management of call lists. In such cases, we implement Data Loss Prevention (DLP) measures and establish Non-Disclosure Agreements (NDAs) to ensure confidentiality.
  4. Limited and Monitored Data Access
    Access to platform logs and restricted data is limited to Oxyvin’s technical staff. These logs exclude sensitive information, such as email addresses and phone numbers, minimizing risks and enhancing security.
  5. Robust Data Loss Prevention (DLP) Systems
    Our DLP measures include:
    Monitoring file transfers from servers to local devices.
    Restricting unauthorized downloads.
    Demonstrating the effectiveness of our DLP systems upon client request.
    By implementing these measures, Oxyvin ensures client data is secure throughout its lifecycle.

Oxyvin’s Compliance Framework

  1. Compliance with Indian Telecommunication Regulations
    Oxyvin strictly adheres to the Department of Telecommunications (DoT) and Telecom Regulatory Authority of India (TRAI) guidelines, including the Telecom Commercial Communications Customer Preference Regulations (TCCCPR). This ensures:
    Respectful handling of customer data.
    Compliance with time-based call restrictions and opt-out requests.
    Transparent data usage aligned with Indian telecom laws.
    Our platform operates through DoT-approved infrastructure to ensure full regulatory compliance.
  2. Data Privacy Compliance: HIPAA and GDPR
    Oxyvin aligns with global data privacy standards to meet diverse client needs:
    HIPAA: Ensuring secure handling of sensitive healthcare data with encryption, DLP measures, and access controls.
    GDPR: Complying with European Union regulations by managing data collection, processing, and storage responsibly, including obtaining consent and supporting the “right to be forgotten.”
  3. Compliance with Global Call Center Laws
    Oxyvin adheres to telecommunication regulations in key markets:
    United States (TCPA and TSR): Compliance with call restrictions, Do Not Call (DNC) lists, and transparent customer interactions.
    Canada (CRTC): Adherence to DNCL regulations and ethical telemarketing practices.
    Australia (ACMA): Respecting call timing and communication standards under the Do Not Call Register Act.
  4. Indian Data Protection Regulations
    Oxyvin complies with the Digital Personal Data Protection Act, 2023 (DPDP), which emphasizes:
    Transparent data usage.
    Purpose limitation and customer consent.
    Secure data handling with NDAs and robust DLP measures.
  5. Employee Training and Continuous Monitoring
    To maintain compliance excellence:
    Employees receive regular training on regulations such as DoT, GDPR, HIPAA, and TCPA.
    Periodic compliance audits and assessments identify and mitigate risks proactively.

Building Trust Through Transparency

Non-Disclosure Agreements (NDA): All engagements involving data handling are backed by NDAs to maintain confidentiality.
Data Access Transparency: Clients are informed about who has access to their data and the security protocols in place.
DLP Demonstrations: Clients can request demonstrations to understand our security systems.

Conclusion

Oxyvin is dedicated to safeguarding client data and ensuring regulatory compliance at every level. By combining secure hosting, robust DLP systems, and adherence to global and local regulations, we provide clients with confidence in their data’s security.
For more information about our data protection and compliance measures, feel free to reach out. We look forward to fostering a secure and reliable partnership for all your contact center needs.