Privacy Policy
Last Updated: 20/02/2026
1. Introduction
This Privacy Policy (“Policy”) explains how TrustSaathi (“Company”, “we”, “our”, or “us”) collects, uses, processes, stores, shares, and protects personal data when you access or use our platform, website, applications, and related services (collectively, the “Platform”).
TrustSaathi provides consent-based identity verification and structured screening of publicly available court records. We are committed to processing personal data lawfully, fairly, and transparently.
This Policy must be read together with our Terms of Service and Data Retention Policy.
By using the Platform, you confirm that you have read and understood this Policy.
2. Definitions
For the purposes of this Policy:
- “Personal Data” means any information that relates to an identified or identifiable individual.
- “User” means any individual accessing or using the Platform.
- “Verified Individual” means the person whose identity or court record is being screened.
- “Consent” means free, specific, informed, and unambiguous agreement to process personal data for a specified purpose.
3. Lawful Basis for Processing
TrustSaathi processes personal data primarily on the basis of explicit consent.
Verification cannot proceed unless:
- The individual being verified completes OTP-based authentication;
- The individual actively participates in the verification process;
- Required identity details are voluntarily provided.
Where processing is required for compliance with legal obligations, fraud prevention, or dispute resolution, such processing is undertaken in accordance with applicable law.
You may withdraw consent at any time, subject to the consequences described in Section 9 of this Policy.
4. Categories of Personal Data Collected
We collect only the minimum personal data necessary to provide verification services.
4.1 Identity and Authentication Information
This may include:
- Full name
- Date of birth
- Address details
- PAN (where provided)
- Aadhaar authentication token or confirmation (where applicable and compliant with law)
- OTP verification records
- Live photo capture during verification
We do not store raw biometric data beyond operational necessity.
4.2 Public Court Record Information
We access and structure publicly available court record data, including:
- Case numbers
- Court names
- Filing year
- Case status
We do not access confidential police or private investigative databases.
4.3 Contact Information
- Mobile number
- Email address (if provided)
4.4 Technical and Usage Data
- IP address
- Device information
- Session logs
- Fraud detection signals
4.5 Payment Information
Payments are processed through authorized third-party payment gateways. TrustSaathi does not store full card or banking details.
5. Purpose of Processing
Personal data is processed for the following purposes:
- To perform identity authentication;
- To conduct structured screening of publicly available court records;
- To generate verification reports;
- To maintain audit logs demonstrating lawful consent;
- To prevent fraud and unauthorized access;
- To comply with legal, tax, and regulatory obligations;
- To resolve disputes and enforce contractual rights.
We do not sell, rent, or trade personal data for advertising or marketing purposes.
6. Data Minimization and Purpose Limitation
We collect only such personal data as is strictly necessary to complete the verification service requested. Data is not retained or repurposed beyond its stated purpose except where legally required.
7. Sharing of Personal Data
We do not sell personal data.
Personal data may be shared only:
- With secure authentication service providers;
- With authorized payment processors;
- With cloud hosting providers under contractual safeguards;
- When required by court order or lawful authority;
- To protect legal rights or prevent fraud.
Verification reports are accessible only to the initiating User and the Verified Individual, subject to consent and platform controls.
8. Cross-Border Data Transfers
Where technical infrastructure or service providers require processing outside India, such processing shall occur subject to appropriate safeguards and in compliance with applicable law.
We ensure that data protection standards are maintained irrespective of processing location.
9. Withdrawal of Consent
You may withdraw consent at any time by contacting us through designated channels.
Withdrawal of consent:
- Will not affect processing already completed;
- May result in inability to complete ongoing verification;
- May not require immediate deletion where retention is mandated by law.
Requests are processed in accordance with our Data Retention Policy.
10. Data Principal Rights
Subject to applicable law, individuals have the right to:
- Obtain confirmation of whether personal data is being processed;
- Request access to personal data;
- Request correction of inaccurate or incomplete data;
- Request erasure of personal data where legally permissible;
- Seek grievance redressal;
- Nominate another person to exercise rights in case of incapacity or death.
Requests may be submitted to the contact details provided below. We will respond within a reasonable timeframe as required under applicable law.
11. Data Retention
Personal data is retained only for the period necessary to fulfill the purposes described in this Policy and in accordance with our Data Retention Policy.
Retention periods vary depending on the category of data and legal requirements. Upon expiry of applicable retention periods, data is securely deleted or anonymized.
12. Security Safeguards
We implement reasonable technical and organizational measures, including:
- Encrypted transmission of data;
- Secure server infrastructure;
- Role-based access controls;
- Logging and monitoring of system activity.
However, no system can guarantee absolute security. Users acknowledge that internet-based transmission involves inherent risks.
13. Security Incidents
In the event of a material data breach affecting personal data, TrustSaathi will take appropriate remedial action and notify affected individuals and authorities as required under applicable law.
14. Children’s Data
The Platform is not intended for individuals under 18 years of age. We do not knowingly collect personal data from minors. If we become aware of such collection, appropriate steps will be taken to delete the data.
15. Automated Processing
Verification reports are system-generated based on authenticated identity inputs and publicly available records. TrustSaathi does not perform behavioral profiling or assign character scores.
Users remain responsible for independent decision-making.
16. Grievance Redressal
In compliance with applicable law, TrustSaathi has appointed a Grievance Officer.
Grievance Officer: [Insert Name]
Email: [Insert Email]
Address: [Insert Registered Address]
Grievances will be acknowledged and addressed within the timelines prescribed by applicable law.
17. Limitation of Liability
TrustSaathi’s liability in relation to personal data processing is subject to the limitations set out in the Terms of Service.
18. Policy Updates
We may update this Privacy Policy periodically to reflect changes in law or operational practices. Updated versions will be published with a revised “Last Updated” date.
Continued use of the Platform constitutes acceptance of the revised Policy.