Security & Privacy

The entire website is served over HTTPS (TLS). Form submissions, enquiries and admin sign-ins are encrypted between your browser and our backend. We do not accept unencrypted (HTTP) traffic for authenticated areas.

Only authorised Tons Bio Medical Pvt. Ltd. staff can access the admin area. Sign-in uses email + password or Google sign-in, and every admin action is checked against role permissions on the server before data is shown or changed.

Public visitors can browse products, request quotes and contact us — but never see other visitors' enquiries, contact details or internal records.

Customer enquiries and internal records are stored in a managed Postgres database with row-level security (RLS) policies. Each table has explicit policies that decide which rows a request is allowed to see or change, based on the signed-in user's role.

Tables that hold submitted enquiries are write-only for the public form and read-only for admins — visitors cannot list, read or modify other people's submissions through the website or API.

The website runs on a managed serverless platform with a managed Postgres backend. Infrastructure-level patching, OS hardening, network isolation and backups are handled by our platform providers. We do not operate self-hosted servers for this site.

When you submit an enquiry or request a quote, we collect the fields you fill in (typically: name, company, email, phone, product interest, and your message). We use this only to respond to your enquiry and follow up on related products and services.

We may use standard web analytics (e.g. Google Analytics) and advertising pixels where they are enabled by us, to understand how the site is used and improve it. No payment details are collected through this website.

Third-party API keys and service credentials used by the site are stored as encrypted server-side secrets and are never sent to the browser. Tracking IDs that are public by design (such as Google Analytics or Tag Manager measurement IDs) are the only integration values exposed to the page, because they have to run in the browser to function.

Enquiry records are retained for as long as needed to serve you and to keep a reasonable business record of our communication. If you would like a copy of your data, or you would like us to delete the enquiry you submitted, email info@tonsbiomedical.com from the address you used and we will action it.

Website security is shared between us and you. We secure the application, database and hosting. You can help by using a strong, unique password for any admin account you are given, keeping your devices and browser up to date, and reporting anything that looks wrong (see below).

If you believe you've found a vulnerability or a security issue with this website, please tell us before disclosing it publicly. We acknowledge reports within 24 business hours and work with the reporter on a fix.

• info@tonsbiomedical.com
• Phone (business hours): +91-7500576369

Please do not run automated scanners that could degrade service. Do not access, modify or download data that is not yours.

Product- and company-level certifications shown elsewhere on the website (for example on the homepage trust strip or product pages) are uploaded by us as evidence of those specific marks. They are issued by the relevant external bodies, not by this website's hosting platform. See the About page for company background and standards we work to.