Data Protection — UPP EMS

The Uttar Pradesh Police is committed to safeguarding personal information processed through UPP EMS in alignment with the Digital Personal Data Protection Act, 2023 (DPDP Act) and applicable Government of India information-security guidelines.

1. Data Fiduciary

The Uttar Pradesh Police, through its Information Technology wing at Police Headquarters, Lucknow, is the Data Fiduciary for personal information processed in UPP EMS.

2. Principles

Lawful processing — only for performance of sovereign functions assigned by law.
Purpose limitation — data is used only for the stated administrative purpose.
Data minimisation — only the fields required for a workflow are collected.
Accuracy — Data Principals may request correction of inaccurate records.
Storage limitation — records are retained per departmental retention schedules.
Security — encrypted transport, role-based access, row-level security, audit logging.

3. Sensitive personal data

Bank account numbers, PAN, GSTIN and pension-nominee details are accessible only to officers in the Budget, Inventory, Pension and Audit roles, and are masked for all other roles.

4. Rights of Data Principals

Right to access a summary of personal data held about you.
Right to correction, completion and updating of inaccurate data.
Right to erasure where retention is no longer required by law.
Right of grievance redressal.
Right to nominate another person in respect of your personal data.

5. Security incident response

Suspected breaches or unauthorised access must be reported immediately to the Grievance Officer. Incidents involving personal data are reported to the Data Protection Board of India as required by law.

6. Grievance Officer

Grievance Officer
Information Technology Wing, Uttar Pradesh Police Headquarters
1 Tilak Marg, Lucknow 226001, Uttar Pradesh
Email: grievance@uppolice.gov.in