Dear Investor, As you are aware, under the rapidly evolving dynamics of financial markets, it is crucial for investors to remain updated and well-informed about various aspects of investing in securities market. In this connection, please find a link to the BSE Investor Protection Fund website where you will find some useful educative material in the form of text and videos, so as to become an informed investor. https://www.bseipf.com/investors_education.html We believe that an educated investor is a protected investor !!!
Get In Touch

Privacy Policy

Privacy Policy

ORBIS Information Security & Data Protection Policy Commitment Statement

1. Commitment to Security

At ORBIS, protecting our clients’ financial data and ensuring the integrity of our systems is a top priority. We implement industry-leading security controls to safeguard information against unauthorized access, misuse, loss, or disclosure. Our security program follows globally recognized standards, including ISO 27001:2022, ISO 9001:2015, GDPR and CSCRF Framework, and SOC principles.

2. Data Privacy & Confidentiality

  • ORBIS collects and processes personal information only for legitimate business purposes.
  • Client data is stored and transmitted using strong encryption (TLS 1.2+ / AES-256).
  • Data access is restricted to authorized personnel under the principle of Least Privilege.
  • We maintain policies aligned with GDPR, CSCRF, and applicable financial-sector privacy regulations.

3. Secure Infrastructure

  • All network traffic is protected by next-generation firewalls, advanced threat-detection systems, and continuous monitoring.
  • ORBIS maintains segmented and hardened internal systems to minimize risk exposure.
  • Production systems operate in secure, compliant environments with built-in redundancy, DDoS protection, and disaster-recovery capabilities.

4. Encryption & Data Protection

  • In-Transit Encryption: All communication between clients and our servers uses modern, secure encryption protocols.
  • At-Rest Encryption: Sensitive financial data is encrypted using AES-256 or industry-equivalent standards.
  • ORBIS does not store plaintext credentials; all authentication data is securely hashed and salted using strong cryptographic algorithms.

5. Identity & Access Management

  • Multi-Factor Authentication (MFA): Required for all internal and administrative system access.
  • Role-Based Access Control (RBAC): Ensures employees can access only the resources necessary to perform their duties.
  • Access logs are continuously monitored, recorded, and regularly reviewed to detect and prevent unauthorized activity.

6. Continuous Monitoring & Threat Management

  • ORBIS operates a 24/7 Managed SOC solution to continuously monitor systems for suspicious and malicious activity.
  • We leverage SIEM platforms, endpoint protection, and advanced threat-intelligence feeds to rapidly detect and respond to security incidents.
  • Regular vulnerability scanning and penetration testing are conducted by internal teams and independent third-party security experts.

7. Secure Development Practices

  • ORBIS follows Secure Software Development Lifecycle (SDLC) methodologies across all application development.
  • All code undergoes rigorous security reviews, automated vulnerability scanning, and penetration testing prior to deployment.
  • Formal change-management processes ensure safe, controlled, and auditable updates to client-facing systems.

8. Third-Party Risk Management

  • Vendors and service providers undergo thorough due-diligence reviews and must meet ORBIS security and compliance requirements.
  • All contracts include data-protection obligations, breach-notification procedures, and strict confidentiality clauses.

9. Compliance & Certifications
ORBIS maintains compliance with relevant financial-sector and cybersecurity frameworks including:

  • ISO 27001:2022 – Information Security Management System (ISMS)
  • ISO 9001:2015 – Quality Management System (QMS)
  • ISO 22301:2019 – Business Continuity Management System (BCMS)
  • CSCRF – SEBI Cyber Security & Cyber Resilience Framework compliance
  • SOC 2 Type II – Security, Availability, and Confidentiality controls
  • GDPR – General Data Protection Regulation compliance
  • Compliance with applicable national financial regulatory requirements.

Certificates or audit summaries can be made available upon request.

10. Incident Response & Business Continuity

  • ORBIS maintains a tested Incident Response Plan to rapidly identify, contain, and remediate security threats.
  • Clients are promptly notified of any data breach in accordance with applicable legal and regulatory requirements.
  • Business Continuity and Disaster Recovery (BCDR) plans are in place to ensure service continuity during unforeseen disruptions.

11. Client Responsibilities

To ensure a secure environment, ORBIS encourages clients to:

  • Use strong, unique passwords and enable multi-factor authentication (MFA) wherever available.
  • Keep all software, applications, and devices up to date with the latest security patches.
  • Report any suspicious activity immediately to ORBIS support.

12. Contact Information
Clients with security or privacy questions can contact our Security Office:
Email: ithelpdesk@orbisfinancial.in

Orbis, a nationally recognized leader in Financial Services since 2009, provides Securities Services to foreign and domestic investors, corporates, and high-net-worth clients.

Contact Info

India
info@orbisfinancial.in
+91 124 454 6565