Enterprise Privacy Policy

Welcome to Doc Sansar ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy in accordance with the Digital Personal Data Protection (DPDP) Act of India and global enterprise standards. This Enterprise Privacy Policy explains what information we collect, how we use it, and your rights regarding your data when you use our website, digital economy, and platform, www.docsansar.com.

By accessing or using Doc Sansar, including our Token Economy or Donation systems, you explicitly consent to the terms of this Privacy Policy.

1. Information We Collect

We collect information to provide enterprise-grade services, operate our digital economy, and secure our student community. The types of data we collect include:

A. Personal Information

When you register for an account, participate in the community, or contact us, we may collect:

• Name: To identify you within the community and on the "Wall of Gratitude."
• Email Address: For account verification, password resets, secure payment receipts, and important updates.
• Profile Information: Profile pictures, academic details (Branch, Semester, University), and identity metadata you voluntarily provide.

B. Usage Data & Forensic System Logs

For platform security and continuous optimization, our servers automatically log information:

• IP Address & Device Fingerprinting: To detect spam, prevent payment fraud, manage rate-limiting, and prevent unauthorized access (DDoS protection).
• Browser Type & Device: To ensure our UI/UX renders correctly on your mobile or desktop devices.
• Pages Visited & Interactions: To analyze which study materials (RGPV, SBTE, JUT) are most popular and to calculate engagement rewards (Trust Points).

C. User-Generated Content (Uploads)

Important: Any documents, notes, question papers, custom donation messages, or comments you upload to Doc Sansar are considered Public Information. These materials are intended to be shared with the student community and may be indexed by search engines. Please do not upload files containing private personal data (like phone numbers or home addresses) within the document text.

2. Financial & Payment Data

When you make a voluntary contribution or purchase via our portal:

• Transaction Metadata: We record the transaction ID, contribution tier, timestamp, and amount to update your internal ledger (DocTokens/Trust Points) and display your identity on community feeds (unless anonymous mode is selected).
• No Sensitive Financial Data Stored: Doc Sansar DOES NOT collect, store, or process your credit card numbers, UPI PINs, or bank account details. All financial processing is securely handled by our PCI-DSS compliant third-party payment gateway (Razorpay).

3. How We Use Your Information

We use the collected data for the following enterprise operations:

• Service Delivery & Economy: To allow you to download notes, upload files, manage your user profile, and operate the DocToken digital economy (issuing and tracking digital rewards).
• Security & Fraud Prevention: To detect and prevent "scraping," unauthorized cloning of our code, malicious uploads, and payment replay attacks via strict idempotency checks.
• Communication: To reply to your queries or send notifications about platform updates (we strictly do not sell your email to third parties).
• Platform Improvement: To analyze traffic patterns and improve our server performance, AI models, and search ranking.

4. Cookies and Tracking Technologies

We use cookies and local storage to deliver a seamless, secure experience:

• Essential & Security Cookies: Required to keep you logged in securely, maintain session states for guest checkouts, and enforce rate-limiting.
• Analytics Cookies: We may use third-party tools (like Google Analytics) to track anonymous usage statistics and UI/UX friction points.
• Advertising Cookies: If we display ads (e.g., Google AdSense), third-party vendors may use cookies to serve ads based on your prior visits to our website.

You can choose to disable cookies through your browser settings, but critical features (like logging in, earning tokens, or processing payments) may fail to function securely.

5. Third-Party Services

We share data with trusted enterprise partners strictly for operational functionality:

• Payment Processors: Razorpay (to securely process contributions and handle KYC/AML compliance).
• Hosting & Infrastructure: Hostinger and cloud providers (which secure the physical servers and databases).
• Analytics & AI APIs: Google Analytics and document-tagging APIs (for traffic monitoring and automated document sorting).
• Search Engines: Google and Bing (for indexing public study materials).

We unequivocally do not sell, trade, or rent your personal identification information to data brokers or unauthorized third parties.

6. Data Security

We deploy military-grade architecture and industry-standard security measures:

• SSL/TLS Encryption: All data transferred between your browser and Doc Sansar is encrypted via HTTPS strict transport security.
• Database Security & Atomicity: User passwords are cryptographically hashed and salted. Financial ledgers utilize ACID-compliant SQL transactions and row-locking to prevent data corruption.
• Access Control: Only authorized administrative personnel have secured access to the backend database.

However, no method of transmission over the Internet is 100% secure. While we deploy robust safeguards, we cannot guarantee its absolute security against state-level actors or unprecedented zero-day exploits.

7. Your Rights (DPDP Alignment)

As a user of Doc Sansar, you possess the following data rights:

• Right to Access & Correction: Request a copy of your data or update your profile information via your account dashboard.
• Right to Erasure: Request the permanent deletion of your account and personal data.
  Note: Anonymized transaction ledgers (for accounting compliance) and publicly shared academic notes may remain on the platform to preserve community integrity.
• Right to Grievance Redressal: You may raise concerns regarding your data processing directly with our Data Protection Officer/Admin.

To exercise these rights, please contact us at support@docsansar.com.

8. Children's Privacy

Doc Sansar is strictly intended for engineering, diploma, and higher-education students. We do not knowingly collect personal identifiable information from children under the age of 13. Furthermore, usage of our payment/donation gateway requires the user to be 18 years of age or possess legal parental consent. If you believe a minor has provided us with personal information, please contact us immediately for secure data removal.

9. Updates to This Policy

We may dynamically update this Privacy Policy to reflect changes in our enterprise architecture, token economy, or legal requirements. We will notify users of any significant changes by posting the new policy on this page with an updated "Last Updated" date.

10. Contact Us

If you have any legal inquiries, data privacy requests, or questions regarding these practices, please contact the site administration: