BPCL

SEARCH

Security Policy

Introduction and Purpose

We at Bharat Petroleum Corporation Limited (hereinafter referred to as BPCL, “we,” “us,” or “our”) place the highest priority on safeguarding our website’s security and protecting user data. This Website Security Policy (“Policy”) sets forth the principles, responsibilities, and controls required to ensure the confidentiality, integrity and availability of this website (https://www.bharatpetroleum.in/) (“Website”).

BPCL has adopted and implemented this Policy to establish and incorporate best practices and provide for a robust security framework as required under applicable law to protect the Website. BPCL may amend or update this Policy at its discretion and without prior notice. Any such amendments or updates shall be published on this page.

Data Accuracy and Access

BPCL endeavours to ensure that the data on the Website is accurate and up to date, though content may change without prior notice. Certain non-personal information (e.g., IP address, page usage time) may be collected to detect any unauthorized access or misuse. Content of the Website is assessed and verified to prevent any malicious material before being uploaded. Further, the Website is continuously monitored to ensure its availability, integrity of content, and prevention of unauthorized modifications.

Data Security Measures

The Website is hosted in a secure and protected environment with implementation of security solutions. The Website has been tested for Vulnerability Assessment and Penetration Testing (VAPT) and Web Application Penetration Testing (WAPT) prior to its launch and such tests are also conducted after any significant changes and in any case on an annual basis. The systems and servers of the Website are security hardened and regularly patched based on a defined schedule and bug fixes and upgrades are promptly and routinely reviewed and installed on web server. Access to the servers of the Website is restricted both physically and through the network as far as possible.

All development work is carried out in a separate development environment and thoroughly tested on a staging server before being updated on the production server. Production web servers are utilised for server administration related tasks only, and internet browsing, email, and other desktop applications are disabled. Server passwords are updated regularly as part of security protocols.

Comprehensive audit and logs involving the operating system, access to the system and access to the applications are archived and maintained. Further, rejected attempts to access the services are logged and listed as exceptions for further scrutiny. User sessions are logged (along with IP address and session time) to detect unauthorized access.

Appropriate actions in accordance with the applicable law shall be taken in respect of any attempt to damage, alter, or steal information from the Website.

Notice And Disclosures

BPCL will not sell, trade, nor disclose the personally identifiable information of its Website users to any unauthorized third parties. Personally identifiable information is transmitted only through secure channels. BPCL is dedicated to adhering to all applicable laws, regulations, and industry standards concerning website security and data protection. Our security practices are periodically reviewed to remain consistent with evolving legal and regulatory requirements.

About BPCL

OUR BUSINESSES

BHARAT PETROLEUM FOR

IMPORTANT LINKS

CONNECT WITH US

India Goverment Portal My Goverment Portal Data Goverment India Portal

Copyright © 2023- All Rights Reserved - Official Website of Bharat Petroleum Corporation Limited | Ministry of Petroleum and Natural Gas, Government of India.

Content on this website is Published and Managed by Bharat Petroleum Corporation Limited

For any query regarding this website, please contact the "Web Information Manager" Sheilagh Nair - General Manager (PR & Brand), Contact No.: +91-22-22713000 Email ID: info[at]bharatpetroleum[dot]in

Top