Security Policy

Home / Security Policy

Babvip Associates LLP — a service-based company. This framework includes the following policies:

 

  • Privacy Policy
     Outlines how Babvip Associates LLP collects, uses, shares, and protects personal data from clients, users, and partners, by Indian data privacy laws (e.g., IT Act, 2000) and applicable global standards (such as GDPR, if applicable).

  • Cookie Policy
     Details the use of cookies and similar tracking technologies on Babvip’s website and platforms, explaining user choices, cookie types (e.g., essential, analytics, marketing), and consent management.

  • Refund Policy
     Defines the eligibility criteria, timelines, and procedures for refunds for services rendered. Includes clauses for cancellations, partial refunds, and non-refundable services. Communicates the process for requesting a refund.

  • Accessibility Policy
     Demonstrates Babvip’s commitment to providing accessible services to all users, including individuals with disabilities. Outlines measures to comply with web accessibility standards (like WCAG 2.1), usability support, and feedback channels.

  • Terms & Conditions
     Governs the use of Babvip’s services, website, and platforms. Covers account usage, service obligations, limitations of liability, intellectual property, payment terms, termination clauses, and governing law.

  • Data Security Policy
     Establishes Babvip’s data protection protocols, including encryption standards, access controls, backup procedures, risk management, employee cybersecurity training, and incident response.

  • Confidentiality and Non-Disclosure Policy
     Protects confidential information disclosed between Babvip and its employees, vendors, and partners. Sets out responsibilities regarding access, use, storage, return or destruction of confidential data.

  • Vendor & Partner Agreements Policy
     Provides a framework for legal and commercial relationships with third parties. Includes terms for service delivery, SLAs, IP rights, dispute resolution, compliance, termination, and due diligence.

  • Compliance & Ethics Policy
     Outlines expected standards of legal and ethical conduct for all employees, vendors, and affiliates. Covers anti-bribery, anti-corruption, conflicts of interest, whistleblower protections, and code of conduct.

  • Grievance Redressal Policy
     Provides mechanisms for internal and external stakeholders (employees, clients, vendors) to raise complaints or report misconduct. Includes grievance reporting channels, investigation process, and resolution timelines.

Record Retention Policy
 Defines how long various business records (financial, HR, project, legal, digital) must be stored and when they must be archived or securely destroyed. Includes legal hold procedures and access control.

Babvip Associates LLP is committed to protecting the privacy and personal information of our clients, partners, and website users. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when you engage with our services, visit our website, or interact with us in any capacity.

 

  1. Scope
     This policy applies to all personal information processed by Babvip Associates LLP in connection with its services, website, mobile applications, and business operations.
  2. Information We Collect
     We may collect the following types of personal and sensitive information:
  • Contact information (name, email, phone number, address)
  • Business or professional information
  • Payment and billing details
  • Login credentials and access information
  • Usage data (website activity, browser type, IP address, location)
  • Feedback, inquiries, and communication history
  1. How We Collect Information
  • Directly from you when you fill out forms, submit queries, register, or engage our services
  • Automatically via cookies and similar technologies
  • From third parties or publicly available sources (e.g., partners, business affiliates, LinkedIn)
  1. Use of Information
     We use personal data for:
  • Providing and improving our services
  • Processing transactions and client onboarding
  • Customer support and responding to inquiries
  • Marketing and promotional communications (with consent)
  • Compliance with legal obligations
  • Internal operations, analytics, and audits
  1. Sharing & Disclosure
     We do not sell your data. We may share information with:
  • Authorised employees, contractors, or service providers under confidentiality agreements
  • Legal or regulatory authorities, when required by law
  • Payment gateways and cloud storage providers for operational support
  • Business partners (with your consent or as contractually necessary)
  1. Data Retention
     We retain personal information only as long as necessary for the purposes outlined in this policy or as required by law. Retention periods are defined in our Record Retention Policy.
  2. Data Security
     We implement appropriate technical and organisational measures, including:
  • SSL encryption and secure servers
  • Role-based access controls
  • Regular data audits and backup protocols
  • Employee training on data protection
  1. Your Rights
     Subject to applicable law, you have the right to:
  • Access, correct, or delete your personal information
  • Withdraw consent at any time
  • Object to or restrict certain data uses
  • Complain to a data protection authority
  1. Cookies & Tracking Technologies
     We use cookies for website functionality, analytics, and personalisation. Please refer to our Cookie Policy for more details and your options to manage preferences.
  2. Children’s Privacy
     Our services are not intended for individuals under the age of 18. We do not knowingly collect data from minors without parental consent.
  3. International Data Transfers
     If personal data is transferred outside of India, we ensure appropriate safeguards are in place, including standard contractual clauses or data protection agreements.
  4. Changes to This Policy
     We may update this policy periodically. Changes will be posted on our website with an updated “Effective Date.”
  5. Contact Us
     For questions or concerns regarding this Privacy Policy, please contact:

Data Protection Officer
 Babvip Associates LLP
 Email: support@babviphotels.com




Babvip Associates LLP uses cookies and similar tracking technologies to enhance your browsing experience on our website, analyse traffic, and deliver personalised content and services. This Cookie Policy explains what cookies are, how we use them, and your rights regarding cookie usage.

  1. What Are Cookies?
     Cookies are small text files that are stored on your device (computer, tablet, or mobile) when you visit a website. They help websites remember your preferences and actions over a period of time.

     

  2. Types of Cookies We Use
  3. Essential Cookies
     These are necessary for the website to function properly. They enable basic features like page navigation, secure login, and access to protected areas.
  4. Performance & Analytics Cookies
     These cookies help us understand how visitors interact with our website by collecting and reporting information anonymously. Example: Google Analytics.
  5. Functional Cookies
     These cookies remember choices you make (such as language or region) to provide a more personalised experience.
  6. Advertising & Targeting Cookies
     These cookies are used to deliver relevant advertisements and track the effectiveness of marketing campaigns. They may be set through our site by advertising partners.
  7. How We Use Cookies
  • To recognise repeat visitors and remember their preferences
  • To track and analyse website usage and user behaviour
  • To deliver targeted advertisements across third-party platforms
  • To improve website performance and security

     

  1. Third-Party Cookies
     We may use cookies from trusted third-party providers such as:
  • Google Analytics
  • Facebook Pixel
  • LinkedIn Insight Tag
  • Hotjar or similar tools

These third parties may collect your browsing activity across websites.

  1. Cookie Consent & Control
     When you visit our site for the first time, you will see a cookie banner requesting your consent for non-essential cookies. You may:
  • Accept all cookies
  • Customise your cookie preferences
  • Decline non-essential cookies

You can also control cookies through your browser settings. Most browsers allow you to:

  • View cookies stored on your device
  • Delete all or specific cookies
  • Block or allow cookies by default
  • Set exceptions for specific websites

Note: Disabling cookies may affect certain functionalities of the website.

  1. Duration of Cookies
  • Session Cookies: Expire when you close your browser
  • Persistent Cookies: Remain on your device until deleted or they reach their expiration date

     

  1. Your Rights
     You have the right to manage your cookie preferences at any time. If you have concerns about your privacy, you can contact our Data Protection Officer.

     

  2. Changes to This Policy
     We may update this Cookie Policy from time to time. Updates will be published on this page with an updated “Effective Date.”

At Babvip Associates LLP, we aim to deliver high-quality services and exceptional client satisfaction. This Refund Policy outlines the conditions under which clients may be eligible for a refund, the process for requesting a refund, and the exceptions that apply.

  1. Scope
     This policy applies to all clients who have purchased or subscribed to services directly from Babvip Associates LLP, including but not limited to:
  • IT and digital services
  • Consulting and advisory services
  • Website or application development
  • Subscription-based offerings or retainers
  1. Eligibility for Refunds
     Refunds may be issued under the following conditions:
  2. Service Non-Delivery
     If the service is not initiated or delivered within the agreed timeline due to company-side issues, and no alternative arrangements are provided.
  3. Service Deficiency
     If the delivered service does not meet agreed-upon specifications or quality standards, and the issue is not rectified after a reasonable number of revisions.
  4. Duplicate Payment
     If you are accidentally charged more than once for the same service, the duplicate payment(s) will be refunded.
  5. Cancellation within the Grace Period
     Some services may include a grace period (e.g., 3-5 business days from contract start) for cancellation and partial refund, depending on the nature of the engagement.
  6. Non-Refundable Items and Conditions
     Refunds will not be provided for:
  • Services that have already been fully delivered or completed
  • Custom development or tailored consultation after partial or full execution
  • Delays or dissatisfaction due to client-side inaction, communication lapses, or scope changes
  • Third-party fees, tools, licenses, or hosting charges arranged on the client’s behalf
  • Promotional or trial services are marked as non-refundable
  1. Refund Process
  2. Request Procedure
     To initiate a refund request, email support@babvipassociates.com with:
  • Full name and contact details
  • Invoice number and date of payment
  • Description of service and reason for the refund
  • Any supporting documents (communications, contracts, etc.)
  1. Review & Response
  • We will acknowledge the request within 2 business days
  • Evaluation and decision will be made within 7–10 business days
  • Approved refunds will be processed to the original payment method within 10–15 business days
  1. Cancellation Policy
     Clients may cancel ongoing monthly or subscription-based services with prior written notice as per the service agreement. Any unused portion of services may be considered for a pro-rated refund, subject to review.
  2. Dispute Resolution
     If you are not satisfied with the outcome of your refund request, you may escalate the matter to grievance@babvipassociate.com. We are committed to resolving disputes fairly and promptly.

7. Modifications to Policy
 We reserve the right to update or modify this Refund Policy at any time without prior notice. The updated version will be posted on our website with a new effective date.

Babvip Associates LLP agree to be bound by these Terms & Conditions. If you do not agree with these terms, please do not use our services.

  1. Services Offered
     Babvip Associates LLP provides digital, consultancy, and technology-based services. The scope, deliverables, and timelines for each project or service will be governed by individual contracts, service level agreements (SLAs), or order forms.
  2. User Obligations
     By using our services, you agree to:
  • Provide accurate and up-to-date information
  • Do not use the services for any unlawful or unauthorised purpose
  • Comply with all applicable local, national, and international laws
  • Cooperate with us in the provision of services and provide all required materials, data, or access promptly
  1. Payments and Fees
     All fees and payment terms will be specified in your agreements or invoices. Late payments may incur interest charges as per contractual terms. We reserve the right to suspend services in case of non-payment.
  2. Intellectual Property
     All content, designs, software, logos, and materials created or used by Babvip Associates LLP are our intellectual property unless otherwise stated. Clients receive a limited, non-transferable license to use deliverables solely for agreed purposes.
  3. Confidentiality
     Both parties agree to keep confidential all proprietary and sensitive information shared during the engagement. Our Confidentiality and Non-Disclosure Policy governs this in further detail.
  4. Service Availability
     We strive to maintain service availability as per the applicable Service Level Agreement (SLA). However, we do not guarantee uninterrupted access due to factors such as maintenance, technical failures, or external disruptions.
  5. Limitation of Liability
     To the maximum extent permitted by law, Babvip Associates LLP shall not be liable for:
  • Indirect, incidental, or consequential damages
  • Loss of data, business, or revenue
  • Errors or delays caused by third-party providers or client-side limitations

Total liability under any claim shall not exceed the total fees paid by the client for the service in question.

  1. Termination
     We may suspend or terminate services if:
  • There is a breach of these terms
  • The client fails to pay invoices after reasonable reminders
  • Illegal, unethical, or abusive behaviour is observed

Either party may terminate the agreement with notice as per the individual contract.

  1. Third-Party Services
     Our services may involve integration with or use of third-party platforms, tools, or content. We are not responsible for the performance or security of such third-party services.
  2. Privacy and Data Protection
     Use of our services is also governed by our Privacy Policy and Data Security Policy. We are committed to protecting your personal and business data.
  3. Governing Law and Jurisdiction
     These terms are governed by the laws of India. Any disputes shall be resolved in the courts of [Insert Jurisdiction/City], India.
  4. Changes to Terms
     We reserve the right to modify these Terms & Conditions at any time. Changes will be effective upon publication on our website. Continued use of services after changes implies acceptance.

At Babvip Associates LLP, we are committed to ensuring equal access and inclusion for all individuals, including people with disabilities. This Accessibility Policy outlines our approach to removing barriers and providing accessible digital and physical experiences.

  1. Our Commitment
  • Providing accessible services, content, and communications
  • Ensuring compliance with applicable accessibility laws and standards such as the Rights of Persons with Disabilities Act, 2016 and Web Content Accessibility Guidelines (WCAG) 2.1
  • Continuously improving usability for all users, including those using assistive technologies
  1. Scope
     This policy applies to:
  • Our website and digital platforms
  • Client-facing services and documentation
  • Internal communications and employment practices
  • Third-party tools and technologies used in our operations
  1. Web Accessibility
     We aim to make our websites and digital content accessible to individuals with a wide range of disabilities by:
  • Designing and maintaining WCAG 2.1 Level AA compliance
  • Providing alternative text for images
  • Ensuring colour contrast and readability
  • Enabling keyboard navigation and screen reader compatibility
  • Avoiding reliance on flashing content or non-compliant media

  1. Physical Accessibility
     Although Babvip Associates LLP operates primarily as a digital and remote service provider, for any physical facilities or meetings:
  • Reasonable accommodations will be provided for clients, visitors, or employees with disabilities
  • Advance requests for accessibility aids (e.g., wheelchair access, sign language interpretation) will be honoured
  1. Employee Accessibility & Inclusion
     We provide an inclusive workplace by:
  • Providing reasonable accommodations for job applicants and employees with disabilities
  • Educating staff on disability sensitivity and inclusive communication
  • Promoting a non-discriminatory work environment through the Equal Opportunity Policy
  1. Feedback & Assistance
     We welcome feedback on the accessibility of our services. If you encounter any accessibility barriers or need assistance, please contact us:

Accessibility Support Team
 Email: support@babviphotels.com
Address: Dehradun, Uttarakhand 248001

We aim to respond to accessibility-related queries within 5 business days.

  1. Third-Party Tools and Integrations
     We strive to work with vendors and third-party providers who follow inclusive design principles. However, we cannot guarantee the accessibility of external platforms not controlled by Babvip Associates LLP.
  2. Review & Updates
     This policy will be reviewed annually or when significant changes to laws, technology, or services occur. Updates will be published with a new effective date.
  3. Enforcement & Governance
     The Human Resources & Compliance team is responsible for monitoring and enforcing this policy.

Babvip Associates LLP’s commitment is to protecting the confidentiality, integrity, and availability of client, employee, and business data against unauthorised access, use, disclosure, disruption, modification, or destruction.

  1. Scope
  • All employees, associates, contractors, and third-party vendors of Babvip Associates LLP
  • All data systems, cloud services, applications, devices, networks, and business platforms
  • All forms of data: electronic, physical, structured, and unstructured
  1. Data Classification
     We categorise data to determine its sensitivity and handling requirements:
  • Public Data: Information intended for public viewing
  • Internal Data: Information shared within the company but not externally
  • Confidential Data: Client information, business records, financials
  • Restricted Data: Personally Identifiable Information (PII), health, financial, and sensitive client data
  1. Data Protection Measures
  2. Administrative Controls
  • Employee onboarding and offboarding checklists
  • Signed Confidentiality & NDA Agreements for all personnel
  • Regular training on cybersecurity awareness, phishing, and data handling
  1. Technical Controls
  • Use of firewalls, antivirus, intrusion detection, and prevention systems
  • Secure servers and cloud platforms with data encryption at rest and in transit (e.g., TLS, AES-256)
  • Multi-factor authentication (MFA) for system access
  • Access controls based on role and the least privilege principle
  • Regular security patches and vulnerability assessments
  1. Physical Controls
  • Restricted access to office premises and server rooms
  • Secure disposal of paper records and hardware using shredding and degaussing
  • Surveillance systems in restricted areas
  1. Data Access and Usage
  • Access is granted based on job roles and responsibilities
  • Access logs are maintained and monitored
  • Employees must not store confidential data on personal devices or in unsecured locations
  1. Data Backup and Recovery
  • Daily automated backups of critical data
  • Off-site and cloud-based secure storage
  • Quarterly backup restoration testing
  • Disaster Recovery Plan (DRP) and Business Continuity Plan (BCP) in place
  1. Data Breach and Incident Response
  • Any suspected breach must be reported immediately to support@babviphotels.com
  • A defined Incident Response Team (IRT) will investigate, document, and resolve incidents
  • Notification to affected stakeholders will be done by legal and regulatory requirements
  1. Vendor and Third-Party Security
  • Due diligence before onboarding third-party vendors
  • Vendor security and data protection clauses in agreements
  • Regular audits of critical vendors’ compliance
  1. Data Retention and Disposal
  • Retention periods are defined in our Record Retention Policy
  • Secure deletion of electronic files and physical destruction of documents post-retention period
  1. Compliance

Babvip Associates LLP ensures compliance with:

  • The Information Technology Act, 2000 (India)
  • GDPR (where applicable)
  • Industry standards such as ISO 27001 best practices
  1. Policy Enforcement

Non-compliance with this policy may result in disciplinary action, including termination or legal action, depending on the severity of the violation.

  1. Policy Review

This policy is reviewed annually or as required by law or business changes. Any updates will be communicated to all stakeholders.

Babvip Associates LLP (“the Company”), its clients, partners, and employees. This Policy defines the responsibilities and obligations of employees, vendors, and third parties in handling confidential information.

  1. Scope
     This Policy applies to:
  • All employees, contractors, interns, consultants, and third-party service providers of Babvip Associates LLP
  • All forms of confidential information, including oral, written, electronic, visual, or otherwise
  • All phases of the business relationship: before, during, and after termination of engagement
  1. Definition of Confidential Information
     Confidential Information includes, but is not limited to:
  • Business strategies, plans, and financial information
  • Client data, contracts, proposals, and project materials
  • Technical informatio,n including software code, algorithms, and designs
  • Trade secrets and proprietary processes
  • Employee records and internal communications
  • Non-public data shared under NDA or by reasonable expectation of confidentiality
  1. Obligations of Confidentiality
     All parties subject to this policy agree to:
  • Use confidential information only for the purposes for which it was disclosed
  • Maintain such information in strict confidence
  • Take all reasonable precautions to protect confidentiality (including encryption, secure storage, and access controlDo notot disclose confidential information to third parties without prior written authorisation from the Company
  • Immediately report any unauthorised access, use, or disclosure to  enquiry@babvipassociates.com
  1. Exclusions
     This Policy does not apply to information that:
  • Is or becomes publicly available through no fault of the receiving party
  • Is independently developed without the use of confidential information
  • Is rightfully obtained from a third party, not under an obligation of confidentiality
  • Is required to be disclosed by law or a regulatory body, provided the Company is notifiedbeforeo disclosure (where permitted)
  1. Duration of Obligation
     The duty to maintain confidentiality remains in effect:
  • During the period of engagement/employment
  • For a minimum of three (3) years after the termination of the relationship, or longer if required by contract or applicable law
  1. Enforcement
     Any breach of this Policy may result in:
  • Disciplinary action, including suspension or termination of employment or engagement
  • Legal action for damages or injunctive relief
  • Blacklisting or disqualification from future engagements with Babvip Associates LLP
  1. Third-Party and Vendor Agreements
     All vendors, partners, and service providers who may have access to confidential data are required to sign a Non-Disclosure Agreement (NDA) and comply with this Policy. The Company may audit compliance at any time.
  2. Training & Awareness
     Babvip Associates LLP conducts regular confidentiality and information security training to ensure all employees and stakeholders understand their responsibilities.
  3. Policy Review
     This Policy is reviewed annually and updated as necessary to reflect changes in legal, business, or technological environments.

Babvip Associates LLP’s relationships with third-party vendors, suppliers, and business partners. This Policy ensures alignment with our business values, compliance practices, and client commitments.

  1. Scope
  • All third-party vendors, contractors, suppliers, consultants, service providers, and channel partners who engage with Babvip Associates LLP
  • All services, supplies, or solutions provided to or in partnership with Babvip Associates LLP.
  • All stages of the business relationship — from onboarding to project execution, renewal, or termination
  1. Objectives
  • To ensure fair, transparent, and ethical partnerships
  • To safeguard the confidentiality and integrity of data shared with or managed by partners
  • To minimise legal, financial, operational, and reputational risks
  • To maintain consistency with our Compliance & Ethics, Data Security, and Confidentiality Policies
  1. Due Diligence & Onboarding

All vendors and partners must undergo a thorough evaluation process before engagement, including:

  • Legal entity verification and ownership transparency
  • Financial stability and tax compliance
  • Security posture and data handling practices
  • Adherence to anti-corruption and labour law compliance
  • Reference and performance checks (if applicable)

All approved vendors must sign a formal agreement and Non-Disclosure Agreement (NDA) before services begin.

  1. Contractual Terms

All Vendor & Partner Agreements must specify:

  • Scope of work, deliverables, and timelines
  • Pricing, payment terms, and invoicing process
  • Service Level Agreements (SLAs) or performance benchmarks
  • Data privacy and information security requirements
  • Confidentiality, intellectual property, and non-compete terms
  • Termination and dispute resolution mechanisms
  • Compliance with applicable local and international laws
  1. Data Security & Confidentiality

Vendors and partners are required to:

  • Protect client and company data by our Data Security and Confidentiality Policies
  • Limit access to authorised personnel only
  • Report any data breach or security incident within 24 hours of discovery
  • Refrain from storing, copying, or reusing any Babvip Associates LLP data outside the scope of the agreement
  1. Code of Conduct

Partners must agree to:

  • Conduct business with integrity, fairness, and professionalism
  • Avoid conflicts of interest, bribery, and unethical behaviour
  • Treat employees, customers, and stakeholders with respect and without discrimination
  • Abide by all labour laws, including prohibitions on child or forced labour
  1. Performance Monitoring

Babvip Associates LLP reserves the right to:

  • Conduct periodic reviews of vendor performance and compliance
  • Audit systems, documentation, or project deliverable,s when necessary
  • Suspend or terminate vendors who fail to meet contractual or ethical standards
  1. Renewal and Termination
  • Agreements may be renewed based on mutual performance reviews
  • Either party may terminate the agreement per the termination clause in the contract
  • Upon termination, vendors must return all proprietary materials and delete any retained confidential data
  1. Exceptions

Exceptions to this policy require written approval from the Executive Management or Legal Team and must be documented with justification.

  1. Enforcement

Violations of this policy or associated agreements may result in:

  • Immediate termination of engagement
  • Legal action or financial recovery
  • Removal from approved vendor lists

Babvip Associates LLP’s commitment is to conducting its business ethically, transparently, and in full compliance with all applicable laws, regulations, and internal policies. It guides employee and partner behaviour and establishes the principles of integrity and accountability across all operations.

  1. Scope
  • All employees, directors, interns, and associates of Babvip Associates LLP
  • All vendors, suppliers, contractors, and third-party partners representing or working with Babvip Associates LLP
  • All activities, transactions, communications, and decisions carried out on behalf of the company
  1. Core Principles of Ethical Conduct
  2. Integrity & Honesty
     All stakeholders must act with honesty, sincerity, and good faith in all dealings within and outside the organisation.
  3. Compliance with Laws & Regulations
     Babvip Associates LLP complies with all applicable local, national, and international laws, including but not limited to:
  • The Companies Act, 2013 (India)
  • The Information Technology Act, 2000
  • Goods and Services Tax (GST) regulations
  • Anti-corruption, anti-money laundering (AML), and data protection laws (e.g., GDPR, if applicable)
  1. Fair Business Practices
     We are committed to fair competition and expect all stakeholders to avoid anti-competitive practices, collusion, or misuse of confidential or insider information.
  2. Anti-Bribery & Anti-Corruption
     Offering, accepting, or soliciting bribes, kickbacks, or illegal payments in any form is strictly prohibited.
  3. Conflict of Interest
     All employees and associates must avoid situations where personal interests conflict with professional duties. Any potential conflict must be disclosed to the Compliance Officer.
  4. Equal Opportunity & Respectful Workplace
     We provide a workplace free from discrimination, harassment, or retaliation. Employment decisions are based on merit, qualifications, and business needs.
  5. Confidentiality & Data Protection
     All personnel must protect the confidentiality of company, client, and partner information, by our Confidentiality and Data Security Policies.
  6. Intellectual Property & Asset Use
     Employees and partners must protect the company’s intellectual property and use company resources solely for authorised purposes.
  7. Reporting Misconduct
  • Anyone can report suspected violations of this Policy or illegal activities via email: support@babviphotels.com
  • All reports will be treated confidentially and investigated promptly
  • Whistleblowers are protected from retaliation under this policy
  1. Disciplinary Action
  • Warnings, training, or counselling
  • Termination of employment or contract
  • Legal action, if warranted
  1. Training & Awareness
     Babvip Associates LLP provides regular training and awareness programs on ethics, compliance, anti-corruption, and privacy to all relevant stakeholders.
  2. Monitoring & Auditing
     The Compliance & Legal team monitors compliance with this Policy through internal audits, reviews, and performance evaluations. Any non-compliance will be documented and addressed.
  3. Policy Review
     This Policy is reviewed annually and updated to reflect changes in laws, industry best practices, or organisational structure.

Babvip Associates LLP is committed to fostering a fair, respectful, and responsive environment.

  1. Scope
  • All current and former employees of Babvip Associates LLP
  • Clients, customers, vendors, and other stakeholders
  • All types of grievances, including but not limited to: workplace issues, service dissatisfaction, discrimination, harassment, payment delays, ethical violations, and contract disputes
  1. Objectives
  • To ensure that grievances are handled promptly and fairly
  • To uphold the company’s values of integrity, professionalism, and accountability
  • To identify areas for improvement in policies, processes, or relationships
  • To protect complainants from retaliation and promote a culture of open communication
  1. Grievance Submission Process
  2. Who Can File
     Any individual (employee, client, vendor, or third-party partner) who experiences or observes misconduct, unfair treatment, or service-related issues can file a grievance.
  3. How to File
     Grievances can be submitted via:
  • Email: support@babviphotels.com
  • Online form on our official website: www.babvipassociates.com/contact-us
  • In writing to: Grievance Officer, Babvip Associates LLP, Dehradun, Uttarakhand
  1. Information to Include
  • Full name and contact information (anonymous grievances may be reviewed on a case-by-case basis)
  • Date and details of the incident
  • Names of involved individuals (if applicable)
  • Supporting evidence, if available
  • Desired resolution or relief sought
  1. Grievance Resolution Procedure

Step 1: Acknowledgement
 The Grievance Officer will acknowledge receipt of the complaint within 3 working days.

Step 2: Review & Investigation
 An impartial investigation will begin within 7 working days. Confidentiality will be maintained throughout the process.

Step 3: Resolution
 A resolution will be communicated to the complainant within 15 working days of receiving the grievance, unless extended due to complexity.

  1. Roles & Responsibilities

Grievance Officer

  • Receive, document, and track grievances
  • Ensure timely investigation and resolution
  • Maintain neutrality and confidentiality
  • Recommend systemic improvements if needed

Employees & Stakeholders

  • Cooperate with investigations
  • Refrain from retaliatory actions
  • Respect the confidentiality of the process
  1. Protection Against Retaliation
     Babvip Associates LLP strictly prohibits any form of retaliation against individuals who file grievances in good faith. Retaliation will result in disciplinary action, including possible termination or legal action.
  2. Confidentiality
     All grievance records and communications will be kept confidential and disclosed only on a need-to-know basis or as required by law.
  3. Record Keeping
     All grievances, investigations, findings, and resolutions shall be recorded and maintained securely by the Grievance Officer for a minimum of 3 years, by the Record Retention Policy.
  4. Review of Policy
     This policy is reviewed annually and revised as needed to ensure effectiveness and compliance with applicable regulations and business practices.

Babvip Associates LLP. The objective is to ensure compliance with legal, regulatory, and operational requirements while safeguarding sensitive and business-critical information.

  1. Scope
  • All departments and personnel of Babvip Associates LLP
  • All business records, including physical and electronic formats
  • All internal and external documentation created, received, or maintained during business operations.
  1. Objectives
  • To ensure legal and regulatory compliance regarding recordkeeping.
  • To preserve records essential to the continuity and success of the organisation
  • To prevent unauthorised access, alteration, or destruction of records
  • To define retention periods for various types of documents and provide disposal guidelines
  1. Types of Records and Retention Schedule

The following table outlines the major categories of records and their recommended retention periods:

Record Type

Retention Period

Responsible Department

Corporate Governance Documents

Permanent

Legal/Management

Financial Statements & Audit Reports

8 Years

Finance

Tax Returns & Supporting Documents

8 Years

Finance/Accounts

Employee Records (Active)

Duration of employment

HR

Employee Records (Former)

7 Years post-employment

HR

Contracts & Agreements

7 Years after expiration

Legal/Respective Department

Client Records

7 Years post-relationship

Sales/Client Services

Vendor Agreements

7 Years after termination

Procurement

Project Files

5–7 Years post-completion

Project Management

Marketing Materials

3 Years

Marketing

Legal Dispute & Case Files

7 Years post-resolution

Legal

Emails and Internal Correspondence

3 Years

All Departments

IT System Logs

1 Year

IT & Security

Note: Certain records may be retained longer where required by contract, legal hold, or regulation.

  1. Storage and Access
  • Records must be stored securely, whether in physical cabinets or encrypted digital platforms.
  • Access is limited to authorised personnel only, based on roles and responsibilities.
  • Confidential records must be labelled and maintained by the Confidentiality & Data Security Policies.
  1. Disposal of Records

When records reach the end of their retention period:

  • Physical records must be shredded or incinerated securely
  • Electronic records must be deleted or anonymised in a way that prevents recovery.
  • Disposal must be authorised and logged by the record owner or department head.
  1. Legal Hold Procedure

In the event of litigation, investigation, or audit:

  • A Legal Hold must be issued to prevent alteration or destruction of relevant records
  • All affected personnel will be notified, and normal record disposal practices must be suspended until the hold is lifted.d
  1. Responsibility & Compliance
  • Each department is responsible for classifying, maintaining, and disposing of records in line with this policy. cy
  • The Legal & Compliance Team will conduct periodic audits to ensure compliance.
  • Violations of this policy may lead to disciplinary action or legal consequences.s
  1. Training & Awareness

All employees and contractors will be trained on this policy during onboarding and through periodic compliance refreshers.

  1. Policy Review

This policy shall be reviewed annually by the Legal Department to ensure alignment with business needs and legal obligations.