HSES™ Privacy Policy

Welcome to HSES™ (Hasan Smart Electrical Solutions). We are committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, store, and safeguard your data when you use our website, services, or interact with us.

Our Privacy Principles:

• 🔒 Transparency in data collection
• 📊 Minimal data collection (only what's necessary)
• 🛡️ Secure storage and handling
• 🚫 No unauthorized third-party sharing
• ✅ Customer rights respected

Legal Compliance:

This Privacy Policy complies with:

• Information Technology Act, 2000
• IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
• Consumer Protection Act, 2019
• Personal Data Protection principles

Company Name: Hasan Smart Electrical Solutions (HSES™)
UDYAM Registration: UDYAM-DL-10-0098630
Business Type: Professional Electrical Services
Website: https://hses247help.com
Contact: +91 782-781-7295 | hses247help@gmail.com

Registered Office:
Janakpuri, C-1
New Delhi – 110059
India

3.1 Personal Information (With Your Consent)

Basic Contact Information:

• 👤 Full Name
• 📞 Phone Number (Primary contact)
• 📧 Email Address (for invoices and communication)
• 📍 Service Address (location for technician visit)
• 👥 Alternate Contact Person (if provided)

Property/Business Information:

• 🏠 Property Type (Residential/Commercial/Industrial)
• 📏 Property Size (approximate)
• ⚡ Electrical System Details (load requirements, existing setup)

3.2 Technical Information

Service-Related Data:

• 🔌 Electrical Load Data (current consumption, appliance list)
• 🏗️ Property Specifications (rooms, electrical points)
• 📸 Site Photographs (before/after work, with explicit permission only)
• 🛠️ Work Specifications (service requirements, issues reported)
• 📋 Service History (past bookings, repairs, installations)

3.3 Transactional Information

Financial Data (Minimal):

• 💳 Payment Method Used (UPI, cash, bank transfer)
• 🧾 Invoice Amounts and Transaction IDs
• 📅 Service Dates (booking, completion, warranty expiry)
• 📊 Billing Information (GST details for businesses)

We DO NOT Store:

• ❌ Credit/Debit Card Numbers
• ❌ CVV Codes
• ❌ UPI PINs
• ❌ Net Banking Passwords
• ❌ OTPs

3.4 Automatic Data Collection

Website Usage Data:

• 🌐 IP Address (for security and fraud prevention)
• 🍪 Cookies (for website functionality)
• 📱 Device Information (type, browser, operating system)
• 📊 Usage Analytics (pages visited, time spent - anonymized)
• 🔍 Search Queries (on-site searches for service improvement)

3.5 Information We DO NOT Collect

We respect your privacy and DO NOT collect:

• ❌ Financial Passwords (net banking, UPI PIN, card PIN)
• ❌ Biometric Data (fingerprints, facial recognition)
• ❌ Sensitive Personal Data (religion, caste, sexual orientation - unless relevant to service access)
• ❌ Social Media Credentials (passwords or login details)
• ❌ Health Information (medical records - unless relevant for medical equipment installation)
• ❌ Complete Bank Account Details

Direct Collection (You Provide):

• 📞 Phone calls and WhatsApp messages
• 📧 Email correspondence
• 🌐 Website contact forms and booking system
• 📝 Service request forms
• 💬 Direct conversations with technicians

Automatic Collection:

• 🍪 Cookies and tracking technologies
• 📊 Website analytics tools (Google Analytics - anonymized)
• 📱 Mobile app usage (when app launches)

Third-Party Sources:

• 🗺️ Google Maps (for location services)
• 💳 Payment Gateways (transaction confirmations)

5.1 Primary Purposes (Service Delivery)

Essential Service Operations:

• ✅ Coordinating technician visits and scheduling
• ✅ Preparing accurate quotations and estimates
• ✅ Invoicing and payment processing
• ✅ Warranty management and claim processing
• ✅ Service quality assurance and follow-up
• ✅ Emergency response coordination

5.2 Communication Purposes

Service-Related Communication:

• ✅ Appointment confirmations and reminders
• ✅ Service updates and status notifications
• ✅ Payment receipts and invoices
• ✅ Warranty information and maintenance reminders
• ✅ Customer support and query resolution
• ✅ Emergency alerts and safety notices

5.3 Legal & Compliance

Statutory Requirements:

• ✅ Tax compliance and GST filing
• ✅ Statutory record-keeping (7 years as per law)
• ✅ Dispute resolution and evidence maintenance
• ✅ Safety compliance documentation
• ✅ Government audits and inspections (if required)

5.4 Business Improvement

Quality Enhancement:

• ✅ Service quality analysis and monitoring
• ✅ Customer satisfaction measurement
• ✅ Process optimization and efficiency
• ✅ Training technicians based on feedback
• ✅ Geographic service expansion planning
• ✅ Product and service development

5.5 Marketing (With Opt-In Consent ONLY)

Promotional Communication (Optional):

• ✅ Special offers and discounts
• ✅ New service announcements
• ✅ Seasonal maintenance reminders
• ✅ AMC renewal notifications
• ✅ Educational content (safety tips, energy saving)

⚠️ You can opt-out anytime via:

• Email unsubscribe link
• SMS "STOP" reply
• Website preference center
• Contact: unsubscribe@hses247help.com

5.6 What We DO NOT Use Your Data For

Prohibited Uses:

• ❌ Selling to third-party marketers
• ❌ Spamming or unsolicited communications
• ❌ Sharing with competitors
• ❌ Profiling for discriminatory purposes
• ❌ Unauthorized surveillance or tracking
• ❌ Political campaigning
• ❌ Religious proselytizing

6.1 Storage Infrastructure

Secure Cloud Environment:

• 🔒 AWS/Google Cloud with enterprise-grade security
• 💾 AES-256 bit encryption for data at rest
• 🛡️ Multi-layer firewall protection
• 🔐 SSL/TLS certificates for data in transit (HTTPS)
• 💿 Daily automated backups with redundancy
• 🌍 Geographically distributed servers (India-based primary)

6.2 Access Control

Strict Access Management:

• 🔑 Role-Based Access Control (RBAC)
• 🔐 Strong password policies (minimum 12 characters, complexity required)
• 📱 Two-Factor Authentication (2FA) for admin access
• 📝 Comprehensive access logs (monitored and audited)
• 👥 Need-to-know basis access (limited personnel)
• 🚪 Automatic session timeout (15 minutes inactivity)

6.3 Security Protocols

Ongoing Protection:

• 🛡️ Quarterly security audits by independent experts
• 🔄 Regular software updates and security patches
• 🚨 Real-time intrusion detection and prevention
• 🧪 Annual penetration testing
• 📚 Regular employee training on data protection
• 🔍 Vulnerability assessments and remediation

6.4 Physical Security

Office & Data Center Security:

• 🏢 Secure office premises with access control
• 📹 CCTV surveillance 24×7
• 🗄️ Locked storage for physical documents
• 🚮 Secure disposal (shredding) of sensitive documents
• 🔒 Encrypted laptops and mobile devices
• 🚫 Visitor access logs and restrictions

6.5 Payment Security

Transaction Protection:

• 💳 PCI-DSS compliant payment gateways (Razorpay, Paytm)
• 🔐 We never store complete card details
• 🛡️ Tokenization for recurring payments
• 🔒 3D Secure authentication for card payments
• ✅ Transaction verification protocols

7.1 Active Customer Data

During Service Relationship:

• 📅 Retained in active database
• 🔄 Regular updates as services continue
• 📊 Full access for customer support

Retention Period: 7 years post-last service
Reason: Warranty claims, tax compliance, legal requirements

7.2 Inactive Customer Data

After 5 Years of No Activity:

• 🗂️ Data archived to secure long-term storage
• 🔒 Personal identifiers partially anonymized
• 📉 Limited access (legal/compliance only)

After 10 Years:

• 🧹 Personal identifiers completely removed
• 📊 Kept for statistical purposes only (anonymized)
• 🗑️ Option for earlier deletion upon customer request

7.3 Financial Records

Tax Compliance Retention:

• Retention Period: 7 years (Income Tax Act, 1961)
• Includes: Invoices, payment receipts, GST records, bank statements
• Cannot Be Deleted: Until statutory retention period expires
• After 7 Years: Securely destroyed as per policy

7.4 Communication Records

Correspondence Retention:

• Emails/Messages: 2 years
• Call Recordings: 1 year (if recorded with notification)
• Chat Logs: 18 months
• Social Media: 1 year

Customer Consent: Required before recording calls

7.5 Site Photos & Documentation

Work Documentation:

• Retention: Warranty period + 1 year
• Deleted After: Warranty expires and no pending disputes
• Customer Copy: Provided immediately, customer can retain permanently

7.6 Marketing Database

Promotional Lists:

• Opted-In Customers: Retained until opt-out request
• Opt-Out Requested: Removed within 30 days
• Suppression List: Maintained permanently to prevent re-adding

8.1 Our Core Promise

🚫 HSES Does NOT Sell Your Data. Period.

Your information is NEVER sold, rented, or traded to third parties for marketing purposes.

8.2 Limited Sharing (Only When Necessary)

Service Providers (With Data Processing Agreements):

Payment Gateways:
Partners: Razorpay, Paytm
Data Shared: Name, phone, email, transaction amount
Purpose: Payment authorization and confirmation only
Security: PCI-DSS compliant, encrypted transmission

Email Service Providers:
Partners: SendGrid, Amazon SES
Data Shared: Email address, name
Purpose: Transactional emails only (invoices, confirmations)
NOT for marketing without consent

SMS Service Providers:
Partners: MSG91, Twilio
Data Shared: Phone number, name, appointment details
Purpose: Service notifications and reminders only

Cloud Storage:
Partners: AWS, Google Cloud
Data Shared: All data (encrypted)
Purpose: Secure data storage and backup
Location: India-based servers primarily

8.3 Legal Obligations

Government & Law Enforcement:

• ⚖️ Court orders and legal summons
• 🏛️ Tax authorities (GST/Income Tax compliance)
• 👮 Law enforcement (criminal investigation - with valid warrant)
• 📋 Regulatory authorities (MSME, consumer protection)

Notice: Customer informed unless legally prohibited

8.4 Insurance Claims

Insurance Companies:

• 🏥 For claim processing (with customer consent)
• Data Shared: Incident details, service records, invoices
• Purpose: Claim settlement and verification only

8.5 Business Transitions (Unlikely)

Merger/Acquisition:

• 🤝 Data may transfer to acquiring entity
• Notice: Customers notified 30 days in advance
• Protection: New entity bound by same privacy terms
• Opt-Out: Option to delete data before transfer

8.6 Aggregated & Anonymized Data

Statistical Usage (Non-Personal):

• 📊 Industry reports and trends
• 📈 Service improvement analytics
• 🎓 Research and development
• Protection: All personal identifiers removed
• Cannot be traced back to individuals

8.7 What We NEVER Share

Strictly Confidential:

• ❌ Third-party marketers or advertisers
• ❌ Data brokers or aggregators
• ❌ Social media platforms (without explicit consent)
• ❌ Competitors or other service providers
• ❌ Analytics companies with personally identifiable information
• ❌ Political organizations
• ❌ Religious organizations

9.1 Right to Access

Know What We Have:

• 📄 Request copy of all data we hold about you
• 📊 Understand how your data is being used
• 🔍 See data processing activities

How to Exercise:
Email: privacy@hses247help.com
Subject: "Data Access Request - [Your Name]"
Provide: Name, phone number, service address for verification
Timeline: Provided within 15 business days

9.2 Right to Correction

Keep Data Accurate:

• ✏️ Update incorrect or outdated information
• 🔄 Ensure accuracy of your data
• 📝 Add missing information

How to Exercise:
Email: privacy@hses247help.com
Call: +91 782-781-7295
Update via customer portal (upcoming feature)
Timeline: Corrected within 48 hours

9.3 Right to Deletion ("Right to be Forgotten")

Request Data Removal:

• 🗑️ Request deletion of your personal data
• 🧹 Permanent removal from active systems

Limitations (Cannot Delete If):
Legally required to retain (tax, warranty period), Ongoing legal proceedings, Pending financial transactions, Contractual obligations not fulfilled.

How to Exercise:
Email: privacy@hses247help.com
Subject: "Data Deletion Request - [Your Name]"
Verification required (ID proof)

Timeline: Processed within 30 days after verification

9.4 Right to Data Portability

Take Your Data With You:

• 📦 Receive your data in machine-readable format (CSV, JSON, PDF)
• 🔄 Transfer to another service provider
• 💾 Keep personal copy

What You'll Receive: All personal information, Service history and invoices, Communication records, Transaction history.

How to Exercise:
Email: privacy@hses247help.com
Subject: "Data Portability Request"

Timeline: Provided within 15 business days

9.5 Right to Restrict Processing

Limit How We Use Your Data:

• ⏸️ Stop marketing communications
• 🔒 Freeze certain data processing activities
• 🚫 Limit data sharing

How to Exercise:
Email: privacy@hses247help.com
Use unsubscribe links in emails
SMS "STOP" to opt-out

Timeline: Immediate effect (within 24 hours)

9.6 Right to Object

Challenge Data Processing:

• 🙅 Object to data processing for specific purposes
• 📢 Challenge automated decision-making
• ⚖️ Request human review

How to Exercise:
Email: privacy@hses247help.com
Subject: "Data Processing Objection"

Timeline: Reviewed within 7 days

9.7 Right to Withdraw Consent

Change Your Mind:

• 🔓 Withdraw previously given consent
• 🛑 Stop specific data processing

Effect: May limit our ability to provide certain services, Account may need to be closed, Pending transactions must be completed first.

How to Exercise:
Email: consent@hses247help.com
Written request with signature

Timeline: Processed within 15 business days

9.8 Exercising Your Rights

Contact Information:
📧 Email: privacy@hses247help.com
📞 Phone: +91 782-781-7295
📝 Subject Line: "[Right Type] Request - [Your Name]"
🆔 Verification: May require ID proof to prevent fraud

Response Time: 7-15 business days for most requests

10.1 What Are Cookies?

Cookies are small text files stored on your device to enhance website functionality and user experience.

10.2 Types of Cookies We Use

Essential Cookies (Always Active):

• 🔐 Session management and login
• 🛒 Shopping cart functionality (future feature)
• 🔒 Security and fraud prevention
• Cannot Be Disabled: Required for basic functionality

Functional Cookies (Optional):

• 🌐 Language preferences
• 📍 Location settings
• 🎨 Theme/display preferences
• Can Be Disabled: Via browser settings

Analytics Cookies (Optional):

• 📊 Google Analytics (anonymized IP)
• 📈 Page views and user journey
• 🕒 Time spent on pages
• Purpose: Improve website performance
• Can Be Disabled: Via cookie consent banner

10.3 Cookies We DO NOT Use

Prohibited Tracking:

• ❌ Advertising/Targeting cookies
• ❌ Social media tracking pixels (without consent)
• ❌ Third-party marketing cookies
• ❌ Cross-site tracking
• ❌ Behavioral profiling cookies

10.4 Managing Cookies

Cookie Consent Banner:

• 🍪 Appears on first visit
• ✅ Accept all / ❌ Reject non-essential
• ⚙️ Customize preferences

Browser Settings:

• Chrome: Settings > Privacy > Cookies
• Firefox: Options > Privacy > Cookies
• Safari: Preferences > Privacy > Cookies
• Edge: Settings > Privacy > Cookies

Clear Existing Cookies: Browser > Settings > Clear browsing data > Cookies

Note: Disabling cookies may affect website functionality

10.5 Third-Party Services

External Tools We Use: Google Analytics (anonymized IP addresses), Google Maps (for location services), Payment Gateways (for transactions).

Governed By: Their respective privacy policies. Links provided on cookie consent banner.

10.6 Do Not Track (DNT)

• ✅ We respect DNT browser settings
• 🚫 Analytics disabled if DNT enabled
• 🔒 Tracking minimized automatically

In the unlikely event of a data breach, HSES has a comprehensive response plan:

11.1 Immediate Actions (Within 24 Hours)

Containment:

• 🚨 Breach identified and isolated
• 🔒 Security vulnerabilities patched immediately
• 🛑 Affected systems secured
• 🔍 Forensic investigation initiated
• 📋 Incident report prepared

11.2 Customer Notification (Within 72 Hours)

Transparent Communication:

• 📧 Email to all affected customers
• 📱 SMS alert for critical breaches
• 🌐 Public notice on website
• 📞 Direct calls for high-risk customers

Information Provided: What data was compromised, Potential impact and risks, Steps HSES is taking, Recommended customer actions, Support contact information.

11.3 Regulatory Notification

Compliance:

• 🏛️ Inform relevant authorities as per IT Act, 2000
• 📋 File required reports with CERT-In
• 🔍 Cooperate fully with investigations
• 📄 Document all breach response actions

11.4 Remediation & Support

Customer Protection:

• 🛡️ Enhanced security measures implemented
• 💳 Credit monitoring offered (if financial data compromised)
• 🔐 Mandatory password resets
• 📞 Dedicated helpline for affected customers
• 🆓 Free identity theft protection (if applicable)

11.5 Post-Breach Review

Prevention:

• 📊 Comprehensive security audit
• 🔧 System improvements implemented
• 👨‍🏫 Staff retraining on security
• 📈 Enhanced monitoring protocols

11.6 Compensation (Case-by-Case)

Potential Remedies: Based on severity and impact, Legal liability as per applicable laws, Goodwill gestures for inconvenience, Service credits or discounts.

12.1 Age Restriction

• 🧒 **HSES does not knowingly collect data from children under 18**
• 👨‍👩‍👧 **Services are intended for adults** (homeowners, business owners)
• **If Discovered:** Any data from minors deleted immediately

12.2 Parental Consent

Work Involving Minors' Spaces:

• Parental/guardian consent required for electrical work in children's rooms
• Safety protocols specifically communicated to parents
• Child safety prioritized in all decisions (childproof sockets, height considerations)

12.3 Reporting

If You Believe We Have Minor's Data:
Email: privacy@hses247help.com
Subject: "Minor Data Concern"
We will investigate and delete immediately.

13.1 Data Location

• 🇮🇳 **Data Stored Primarily in India**
• 🌍 **Cloud Servers:** May use global data centers (AWS, Google Cloud)
• 🔒 **Protection:** Equivalent security standards maintained across all locations

13.2 Cross-Border Transfers

When Data Leaves India: Only to jurisdictions with adequate data protection laws, EU/US: GDPR-compliant handling, Contractual safeguards in place (Standard Contractual Clauses), No Transfer to Countries Without Data Protection Laws.

13.3 International Customers

If You're Outside India: Your data processed under Indian law, Additional protections under your local law (where applicable), Contact us for specific concerns: privacy@hses247help.com.

14.1 Right to Update

HSES reserves the right to update this Privacy Policy at any time.

Reasons for Updates: Legal or regulatory changes, New services or features, Security enhancements, Customer feedback implementation, Industry best practice adoption.

14.2 Notification of Changes

Major Changes (Affecting Your Rights):

• 📧 Email notification 15 days in advance
• 🌐 Prominent website banner for 30 days
• 📱 In-app notification (when app available)
• Content: Summary of changes, effective date, impact

Minor Updates (Administrative):

• 🌐 Posted on website immediately
• 📅 "Last Updated" date always displayed
• 📧 Monthly newsletter mention

14.3 Your Options After Changes

Continue Using Services:

• ✅ Acceptance of new terms
• ✅ Automatic application to your data

Discontinue Services:

• ❌ Delete account/request data deletion
• ⚠️ Subject to legal retention requirements
• 📝 Must notify within 30 days

14.4 Where to Find Latest Version

Always Available At: https://hses247help.com/privacy-policy

Version History: Current version number displayed at top, Previous versions available upon request, Change log maintained for transparency.

Continued use of our services after updates constitutes acceptance of the revised Privacy Policy.

For any privacy-related questions, concerns, data requests, or complaints:

Hasan Smart Electrical Solutions (HSES™)

Privacy Officer Contact:

• 📧 Email: privacy@hses247help.com
• 📞 Phone/WhatsApp: +91 782-781-7295
• 📍 Address: Janakpuri, C-1, New Delhi – 110059, India

Alternative Contacts:

• 🌐 Website: https://hses247help.com/contact
• 📧 General Email: hses247help@gmail.com
• Official Social Media: @HSES247HELP (Instagram | Facebook | LinkedIn | Twitter/X | YouTube)

Support Availability:

• General Inquiries: 24×7 via email
• Phone Support: Monday-Saturday, 9 AM - 9 PM
• Privacy Request Response Time: 7-15 business days
• Urgent Concerns: Escalated within 48 hours

What to Include in Your Request:

For Data Requests: Your full name, Registered phone number, Service address, Type of request (access, deletion, correction, etc.), ID proof for verification.

For Complaints: Detailed description of concern, Supporting evidence (if any), Expected resolution.

Complaint Escalation:

If Not Satisfied with Response: Level 1: Privacy Officer (7 days response), Level 2: Operations Head (Additional 7 days), Level 3: Founder/Director (Final review).

External Complaint: File complaint with local Data Protection Authority, Consumer forum (for service-related data issues).

16.1 Consent Declaration

By using our website, booking our services, or providing your information to HSES™, you consent to:

• ✅ The collection and use of your information as described in this Privacy Policy
• ✅ The processing of your data for service delivery and related purposes
• ✅ Communication from us regarding your bookings and services
• ✅ Cookie usage as per our Cookie Policy
• ✅ Data storage and security measures as outlined herein

16.2 Explicit Consent Required For

Special Processing: Marketing communications (opt-in checkbox), Sharing testimonials publicly (explicit permission), Site photography (verbal/written consent), Sharing data with third parties beyond service delivery.

16.3 Withdrawal of Consent

You may withdraw consent at any time:

Email: consent@hses247help.com
Subject: "Withdrawal of Consent - [Your Name]"
Effective within 15 business days

Consequences: May limit service delivery capabilities, Account may need to be closed, Legal obligations still apply (tax records, etc.).

17.1 Jurisdiction

This Privacy Policy is governed by the laws of India and complies with:

Primary Legislation:

• 📜 Information Technology Act, 2000
• 🔒 Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
• 🛡️ Consumer Protection Act, 2019
• 📋 Indian Contract Act, 1872

Regulatory Compliance: CERT-In (Computer Emergency Response Team - India), Ministry of Electronics and Information Technology, Reserve Bank of India (for payment data).

17.2 Dispute Resolution

Jurisdiction: Exclusive jurisdiction: Courts of Delhi, India. Consumer disputes: Consumer forums (District/State/National).

Preferred Resolution: Direct communication with HSES privacy team, Mediation before litigation, Amicable settlement prioritized.

18.1 By Using Our Services, You Acknowledge:

• ✅ You have read and understood this Privacy Policy
• ✅ You agree to the collection, use, and disclosure of your information as described
• ✅ You understand your rights and how to exercise them
• ✅ You consent to cookies and tracking technologies as outlined
• ✅ You acknowledge that HSES takes privacy seriously and implements appropriate safeguards

18.2 Questions or Concerns?

If anything in this Privacy Policy is unclear or if you have questions:

• 📞 Call us: +91 782-781-7295
• 📧 Email us: privacy@hses247help.com
• 🌐 Visit: hses247help.com/privacy-policy

We're here to help and committed to protecting your privacy.

What We Collect: Name, phone, email, address, service details

Why We Collect: Service delivery, communication, legal compliance

How We Protect: Encryption, secure servers, access control, regular audits

Who We Share With: Payment gateways (necessary), government (legally required), NOBODY ELSE

Your Rights: Access, correct, delete, port, restrict, object

How to Contact: privacy@hses247help.com | +91 782-781-7295

We DO NOT:

• ❌ Sell your data
• ❌ Spam you
• ❌ Share with marketers
• ❌ Store financial passwords

We DO:

• ✅ Protect your privacy
• ✅ Honor your rights
• ✅ Maintain transparency
• ✅ Comply with law