We do not collect personal information for any purpose other than to respond to you, for example, to respond to your queries, by email or by post.

Our website never collects information or creates individual profiles for commercial marketing. While you must provide an e-mail address for a localised response to any incoming questions or comments to us, we recommend that you do NOT include any other personal information.

PESO may record your IP address, which is the Internet address of your computer, and information such as your browser type and operating system. This information helps us learn about the geographical distribution of our website visitors and the technology they use to access our site. This information is never connected with the personal information you supply to us.

The contents of this website may not be reproduced partially or fully, without due permission from PESO. If referred to as a part of another publication, the sources must be appropriately acknowledged. The contents of this website cannot be used in any misleading or objectionable context.

Links to external websites/portals:

At many places in this website, you shall find links to other websites/portals. The links have been placed for your convenience. PESO is not responsible for the contents and reliability of the linked websites and does not necessarily endorse the views expressed in them. Mere presence of the link or its listing on this Portal should not be assumed as endorsement of any kind. We cannot guarantee that these links will work all the time and we have no control over availability of linked pages.

Links to PESO Website by other websites:

We do not object to you linking directly to the information that is hosted on this site and no prior permission is required for the same. However, we would like you to inform us about any links provided to this website so that you can be informed of any changes or updations therein. Also, we do not permit our pages to be loaded into frames on your site. The pages belonging to this site must load into a newly opened browser window of the User.

i) Application Security Audit

PESO website is built on Drupal CMS to dynamically display information based on user requests. The application has undergone a security audit to identify and mitigate known vulnerabilities as per the OWASP Top 10 security guidelines before its launch.The website is audited every year or upon significant changes to the website's dynamic content, whichever occurs earlier by a CERT-In empaneled agency as per Government of India guidelines to ensure continued security compliance. The Web Information Manager is responsible for monitoring security compliance and recommending additional audits if there are changes in functionality or environmental factors.

ii) Server Audit

PESO Website's application and database servers are hosted on managed NIC National Cloud thereby ensuring that they undergo regular security audits to maintain data integrity and system security.

iii) Server Hardening & Access Control

The servers have been security audited, and necessary hardening measures have been implemented. Access to the servers is strictly restricted both physically and via the network. Logs are maintained for authorized physicalaccess to the servers.

iv) Firewall & Security Measures

Servers are placed behind an Application Firewall to prevent unauthorized public access. Website content is securely uploaded to NIC Data Centre servers using SSH and VPN through a controlled single access point.

v) Development & Testing Environment

All development activities are performed in a separate development environment. Changes are tested on a staging server before being deployed to the production server.

vi) Content Verification & Upload

Content is reviewed and approved before publication on the website. All web content is checked for malicious code before final upload.

vii) System Monitoring & Updates

Audit logs of OS activities, system access, and application access are maintained and archived.Unauthorized access attempts and rejected services are logged in exception reports for further investigation. Regular deployment of system updates, security patches, and bug fixes is ensured. Antivirus software is installed and regularly updated on all servers.

viii) Data Security

PESO takes data security with utmost seriousness and has implemented robust measures to protect user information and organizational data. Multiple layers of security protocols are in place to prevent loss, theft, or unauthorized access to any sensitive data. Firewalls, antivirus software, secure servers, and encrypted connections (SSH/VPN) are used to ensure data is safeguarded during transmission and storage. Access to critical systems and data is role-based and restricted to authorized personnel only. Regular security audits and system monitoring are conducted to detect and address vulnerabilities proactively. Backup and disaster recovery measures are also in place to ensure data continuity in case of unforeseen incidents.

The PESO website is monitored periodically to ensure smooth functionality and optimal performance. Monitoring activities include:

Performance tracking, functionality checks, broken link detection, and traffic analysis. Regular security monitoring to verify system integrity and prevent misuse.

A visitor feedback form is available to collect user suggestions.

All feedback is systematically reviewed to support continuous improvement of the website.

i) Defacement Protection Policy

The PESO website is security audited to identify and mitigate any application-level vulnerabilities and performance risks. Any modification at the application level triggers a mandatory re-audit of the entire website to ensure ongoing security. Server configurations and system logs are monitored regularly for anomalies or suspicious activities. Only authorized system administrators have access to the servers for performing administrative or configuration tasks. Servers are physically secured and network-protected against unauthorized access. Website content is updated via secured FTP over VPN connections.

ii) Monitoring of Website Defacement

Multi-layered secured infrastructure, setup in National Data Centres of NIC is being managed and monitored by highly skilled Cyber Security team of NIC. The development team also performs periodic monitoring. In the event of any defacement, the person detecting it must immediately inform the Technical Manager, and the Web Information Manager via phone and email for immediate corrective action. 

iii) Actions to be Taken After Defacement Upon receiving notification of a defacement, the Technical Manager and/or Web Information Manager will immediately initiate the following actions:

• Temporarily suspend or partially restrict access to the website based on the severity of the defacement.
• Report the incident to CERT-In as per government protocol.
• Restore from a known-clean backup.
• Analyze server logs to trace the source of the breach and block compromised services.
• Identify and fix the specific type of defacement that occurred.
• Forward relevant log files to the Cyber Security Division/ CERT-In for further investigation.
• Patch all vulnerabilities as per security audit recommendations and conduct a full reaudit of the application.

iv) Contact details in case of any eventuality of defacement

v) Time for Restoration of the Website after Defacement

The time taken to restore the PESO website depends on the extent of defacement and the criticality of services affected. Immediate action will be initiated upon detection, and full restoration may take anywhere from a few hours to 24 hours, depending on the severity.

vi) Data Corruption

Regular data backups are maintained at the NIC Data Centre. In the event of data corruption, backups ensure quick restoration and continuity of services for users, minimizing downtime.

vii) Hardware/Software Crash

In rare cases of server failure, NIC's redundant infrastructure enables rapid recovery. Typically, the website can be restored from a backup or alternate server within 24 hours. 

viii) Natural DisastersIn case of natural disasters affecting the primary Data Centre, the PESO website will be restored from the Disaster Recovery (DR) site, since the website is hosted in all-equipped NIC National Cloud- MeghRaj.

ix) Monitored Parameters

Although reports can be generated for nearly every aspect of the Petroleum & Explosives Safety Organization (PESO) website, the Quality Manager is primarily responsible for analyzing and generating the following key reports:

Visitor's Dashboard: Overview of visitor patterns and engagement trends on the portal.

Usage Pattern: Geographic distribution of visitors (cities and countries).

Hits by Hour of the Day: Identifies the peak and off-peak traffic hours.

Referring Sites: Lists the domain names and IPs that direct users to the portal.

Search Phrases: Highlights the most used keywords and the corresponding search engines leading to the site.

Top Pages: Displays the most frequently visited web pages and their visit counts.

Entry Pages: Tracks the first page viewed during a visit-may or may not be the homepage.

Browsers: Shows the most common web browsers used by visitors.

Platforms: Lists the operating systems predominantly used to access the PESO website.

x) Utility of Monitored Parameters

Visitor and Usage Patterns: Help understand user demographics, aiding in designing future personalization features. Search Phrases: Identify popular keywords used to reach the website, allowing for targeted SEO optimization.

Top and Entry Pages: Highlight the most viewed and frequently accessed pages (even beyond the homepage), which are prioritized for content and search engine optimization.

Browsers and Platforms: Assist in ensuring the website is fully compatible with the most used browsers and operating systems. Hits by Hour of the Day: Inform server load times to ensure optimal performance during peak traffic hours.

Referring Sites: Enable link partnerships and collaborations with sites generating high referral traffic.

Spelling Errors: Corrected immediately upon identification.

Broken Links: Detected through scans and promptly resolved to maintain site integrity.

PESO Website is the face of the Government disseminating official information, services, and updates related to the acts and rules administered by PESO. This Content Review Policy has been formulated to ensure that the content on the PESO Website (https://peso.gov.in/web/) remains current, relevant, and up-to-date.

Since the content on the PESO website varies in type and nature, different review timelines are defined for the diverse content elements. This policy is aligned with the validity, importance, and frequency of change for each content type, and follows the organization's archival policy.

Copyright and Ownership Verification
Before publishing any content on the website, the Web Content Management Team shall ensure that all materials (including text, images, videos, and documents) are either owned by the organization or used with due permission or license from the copyright holder.
Records of such permissions shall be maintained to ensure compliance with copyright laws and web audit requirements.

The Website of the Petroleum & Explosives Safety Organization (PESO) represents a single Organisation where most content is contributed by a defined set of authorized sources.

To ensure accuracy, consistency, and accountability, PESO adopts a 2-tiered structure to implement the Content Contribution, Moderation, and Approval Policy (CMAP), requiring a minimum of two officials to execute the following roles:

Contributor: Responsible for creating and submitting the content relevant to their domain. Contributors are designated officers from PESO headquarters or regional offices.

Shri Sumeet Thakur, JTA has been appointed as Contributor by the Competent Authority.

Moderator/Approver: Responsible for reviewing, verifying, and approving the content before publication.

Shri H P Sangole, Controller of Explosives, has been appointed as Moderator/Approver by the Competent Authority.

Web Information Manager (WIM): The single-point custodian of the PESO website https://peso.gov.in. The WIM coordinates with all PESO divisions, WES (development partner) and NIC (hosting partner) to ensure that content, usability and security standards are met at all times.

Dr. A. K. Dalela, Dy. Chief Controller of Explosives has been appointed as Web Information Manager by the Competent Authority.

All content is also checked to ensure it is free from offensive, discriminatory, or inappropriate language. A defined content moderation and approval workflow within the CMS ensures that only verified and approved content is published to maintain authenticity, transparency, and reliability of information provided to the public.