Privacy Policy

Your privacy matters. How we collect, use, and protect your data.

11 May 2026 DPDP Act 2023 UIDAI Guidelines Data in India

1. Information We Collect 2. How We Use Data 3. Aadhaar Protection 4. Data Sharing 5. Security 6. Cookies 7. Retention 8. Your Rights 9. Children 10. Third Parties 11. Grievance Officer 12. Contact

Contents

1. Information We Collect
2. How We Use Data
3. Aadhaar Protection
4. Data Sharing
5. Security
6. Cookies
7. Retention
8. Your Rights
9. Children
10. Third Parties
11. Grievance Officer
12. Contact

Compliant with DPDP Act 2023. We collect minimum necessary data and never sell your information.

Information We Collect

Type	Examples	Required?
Identity	Name, gender, DOB	Yes
Contact	Mobile, email	Mobile required
Govt IDs	Aadhaar, PAN, Voter ID	Service-dependent
Address	Address, district, pincode	Yes
Documents	Photos, PDFs of IDs	Service-dependent
Financial	Wallet transactions, UTR	When paying
Technical	IP, browser, device	Automatic

How We Use Your Data

Process and submit government service applications on your behalf
Verify your identity as required by government departments
Send application status updates via SMS and notifications
Provide customer support
Prevent fraud and unauthorised access
Comply with legal obligations

We never use your data for advertising or sell it to any third party.

Aadhaar Data Protection

We strictly follow UIDAI guidelines for Aadhaar data handling.

Aadhaar encrypted at rest using AES-256
Always masked in displays (e.g., XXXX XXXX 9935)
Used only for the specific service that requires it
We do not perform biometric authentication
Never shared with any party other than the relevant government department

Data Sharing

Government Departments: Application data to process your service
Razorpay: Transaction data for payment processing only
SMS Provider: Mobile number for OTPs and notifications
Legal: If required by law or court order

We do NOT share data with advertisers, data brokers, or commercial third parties.

Data Security

HTTPS/TLS

All data encrypted in transit

AES-256

Sensitive data encrypted at rest

bcrypt (cost 12)

All passwords hashed

CSRF Protection

All forms protected

Secure Sessions

HTTPOnly cookies

Access Control

Documents restricted

Cookies & Tracking

Session Cookie (SK_SESSION): Essential for login
Language Preference: Stores EN/KN/TE choice
Theme Preference: Stores colour theme

We do NOT use advertising cookies, Google Analytics, or any cross-site tracking.

Data Retention

Data Type	Period	Reason
Application Records	7 years	Government compliance
Uploaded Documents	3 years	Legal compliance
Transaction Records	8 years	Financial audit
Account Data	Until deletion + 30 days	Account management
Access Logs	90 days	Security monitoring

Your Rights — DPDP Act 2023

Access

View all data we hold

Correction

Correct inaccurate data

Erasure

Request account deletion

Withdraw Consent

Stop data processing

Portability

Get data in readable format

Grievance

Lodge a complaint

Email privacy@sevakendra.in to exercise any right. Response within 30 days.

Children's Privacy

SevaKendra is not intended for children under 18. Applications for minors must be submitted by a parent or legal guardian.

Third-Party Services

Razorpay — Payment processing. Their Privacy Policy
Hostinger — Cloud hosting (India/Singapore region)
QR Server API — QR code generation (no personal data sent)

Grievance Officer

G. Gangaraju — Grievance Officer, GR Technology Pvt. Ltd.

grievance@sevakendra.in

+91 98765 43210

Mon–Fri: 10AM–5PM

Acknowledged within 48 hours, resolved within 30 days.

Contact

privacy@sevakendra.in

Main Road, Bengaluru – 560001