Page 157 - DBIM Version 3.0_11-02-25_Final
P. 157
Digital Brand Identity Manual
D.1.15. Offline Sync
App should include an offline syncing function wherever possible to
ensure users in low connectivity continue to access and use the mobile
app.
D.2. Data Security and Privacy
D.2.1. Security Certification
Every app must be evaluated and certified with CERT-IN approved
security auditing agency.
D.2.2. User Data Consent Protocol
Apps hosted on the government Gov.In: App Store must seek user
consent for data sharing, using a standardised template provided by
the framework.
The user must be given an option to accept or decline data sharing.
Transparency should be maintained in data sharing practices, informing
users about how their data would be used and shared. Transparent
data practices build user trust and foster confidence in government
apps.
D.2.3. Data Collection and Usage
Data collection enhances understanding of user behavior and
preferences, enabling tailored services. App owners should analyse
indicators on collected user data to facilitate personalized information
delivery to users. Users must be informed about the app's data
collection practices and data usage.
D.2.4. Data Security and Privacy
Government apps must implement robust data security measures to
protect user data. They must define clear data handling and privacy
practices to build user trust and comply with regulations, including the
DPDP Act. Encryption should be used for storing, collecting, and
exchanging information securely. Appropriate security measures must
address cybersecurity vulnerabilities to minimize risks. Throughout the
137
