1. Regulatory Framework
All ViViD Group and VRK Group entities operate within the legal framework of India and comply with all applicable central, state, and local laws. Our primary compliance obligations include:
- Information Technology Act, 2000 (as amended): Governing electronic commerce, data protection, and cybersecurity practices
- Digital Personal Data Protection Act, 2023 (DPDP Act): Governing collection, processing, and protection of personal data of Indian residents
- Consumer Protection Act, 2019: Governing fair trade practices and consumer rights in digital commerce
- Companies Act, 2013: For incorporated entities within the group
- Goods and Services Tax (GST) regulations: For all taxable supply of services
- Foreign Exchange Management Act (FEMA), 1999: For any cross-border transactions
2. ISO 9001:2015 Quality Certification
VRK Infotech Pvt. Ltd., the flagship certified entity of VRK Group Corporations, is certified to ISO 9001:2015 — the internationally recognised standard for Quality Management Systems (QMS). This certification affirms our commitment to:
- Consistent delivery of services that meet customer and regulatory requirements
- Continuous improvement of processes, systems, and service quality
- Customer focus and systematic measurement of satisfaction
- Risk-based thinking in all operational processes
- Strong supplier and partner management practices
The principles of ISO 9001:2015 are applied across all ViViD and VRK Group entities as a quality benchmark, even where formal certification is not yet obtained.
3. Data Protection Compliance
We are committed to responsible handling of personal data in accordance with the DPDP Act 2023 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.
Our data protection commitments include:
- Processing personal data only with lawful basis and explicit consent where required
- Appointing responsible personnel for data protection oversight
- Implementing technical and organisational security measures proportionate to the data processed
- Maintaining data processing records and contracts with third-party processors
- Establishing procedures for responding to data subject rights requests
- Notifying affected individuals and regulators of significant data breaches as required by law
4. Cybersecurity Compliance
We adhere to the cybersecurity guidelines issued by the Ministry of Electronics and Information Technology (MeitY) and CERT-In. Our cybersecurity practices include:
- Regular vulnerability assessments and penetration testing
- Mandatory incident reporting to CERT-In within prescribed timelines
- Maintenance of security event logs for a minimum of 180 days
- Encryption of data in transit and at rest using industry-standard protocols
- Multi-factor authentication for all administrative and privileged access
5. Anti-Spam and Digital Communication Compliance
All bulk and commercial digital communications sent through our products (including TurboSender and SuperSender) must comply with:
- TRAI Telecom Commercial Communications Customer Preference Regulations
- Applicable anti-spam legislation
- WhatsApp Business API policies for ViViDly Pro users
Misuse of our messaging platforms for unsolicited or illegal communications may result in immediate account suspension and may be reported to relevant authorities.
6. Ethical Business Conduct
We are committed to ethical business practices across all operations. This includes:
- Zero tolerance for bribery, corruption, and fraudulent activity
- Fair and transparent dealings with clients, partners, and employees
- Non-discrimination in service provision, employment, and partnerships
- Environmental responsibility in our operational footprint
- Corporate Social Responsibility through ViViD Global Academy's free education initiatives
7. Compliance Contact
For compliance-related inquiries, reporting concerns, or whistleblower communications, please contact us at: contact@vividglobalcorp.web.app. All compliance communications are treated with confidentiality.