Data Classification and Handling Policy

Organisation

Organisation name *

Effective date *

Policy owner *

Scheme

Classification levels *

Documents and data are labelled *

Restricted data is encrypted *

Approval and review

Review cycle *

Approved by *

Approval date *

Please fill all required fields to generate.

📋

Template verified May 2026 — checked against applicable central Acts and current state rules. Legal requirements can change; for property transactions above ₹5 lakh, employment disputes, or business agreements above ₹10 lakh, consider a lawyer's review before signing. Run Lekha Audit on any document you receive →

Attachments

Upload your company letterhead, logo, or supporting documents. These will be used in PDF generation and AI audit.

Click or drag files here

Letterhead (PNG/JPG), Logo, PDFs — max 5 MB each

Live preview

7 gaps remaining.

DATA CLASSIFICATION AND HANDLING POLICY

Effective Date
Policy Owner
Scheme: Four levels

1. Purpose and scope

This policy applies across and is owned by . It covers information in all forms.

2. Classification levels

Information is classified as follows:

Level	Description	Handling
Public	Approved for public release	No restriction
Internal	For internal use	Share within the organisation only
Confidential	Sensitive business or personal data	Access on need-to-know; encrypt in transit
Restricted	Highly sensitive (for example special-category or card data)	Strict access, encryption at rest and in transit, logging

3. Handling controls

Labelling: to be implemented. Restricted data encryption: to be implemented. Disposal follows the data retention schedule.

4. Review and approval

Reviewed [cycle]; approved by on [date].

Approved by

Policy Owner