Data Breach Response
This page summarises how Praesidio Care Private Limited (VAYU) responds to personal data breaches affecting systems we operate today — primarily our pre-order booking data stored in Google Sheets and our website hosted on Vercel.
Grievance Officer / incident contact: Ajinkya Jadhav · team@vayuglasses.in (subject: Security Incident) · ITI Layout, Somasundarapalya, Bengaluru 560102, India
1. Detection & reporting
- Any team member who suspects unauthorised access, lost device, exposed credentials, or accidental disclosure must report immediately to team@vayuglasses.in
- Triggers include: compromised Google Workspace account, leaked Apps Script secret, unauthorised Sheet access, or Vercel account compromise
2. Containment (within 24 hours)
- Revoke compromised credentials and rotate
WAITLIST_SCRIPT_SECRET/ Google Apps Script deployment - Restrict Google Sheet sharing to minimum required accounts
- Review Vercel access logs and deployment history
- Preserve evidence (logs, timestamps, affected rows) before remediation
3. Assessment
We assess: what data was affected (names, emails, phones, addresses), how many individuals, likelihood of harm, and whether the breach involved cross-border systems (Google, Vercel).
4. Notification
In line with the Digital Personal Data Protection Act, 2023 and applicable rules, where a personal data breach is likely to affect data principals, we will:
- Notify the Data Protection Board of India as required by law
- Notify affected users without undue delay, including the nature of the breach, data involved, and steps we are taking
- Provide contact details for the Grievance Officer
5. Remediation & review
- Delete or secure exposed data; re-issue privacy notices if practices change
- Document root cause and preventive actions within 30 days
- Update this plan and technical controls as needed
6. Data retention & automated purge
Pre-order bookings are retained for up to 24 months after fulfilment or cancellation, as stated in our Privacy Policy. A scheduled Google Apps Script job (purgeExpiredBookings) runs monthly to delete booking rows older than 24 months. To enable: Apps Script → Triggers → Add trigger → function purgeExpiredBookings → time-driven → monthly.
What you can do
If you believe your booking data has been compromised, contact us immediately at team@vayuglasses.in. You may also request deletion of your data through our rights portal.