1. Data We Collect
Account Data:
- Name, email, mobile, country, account type
- Password (bcrypt-hashed, never stored in plain text)
KYC Data (Professionals only):
- PAN, Aadhaar, GSTIN (Indians)
- Passport, Tax ID, W-8BEN (Foreigners)
- Bank/PayPal details (for payouts)
- Professional certificates, photos
Transactional Data:
- Orders, invoices, payments, refunds
- Chat messages, files shared
- Reviews, ratings
Usage Data:
- Browser type, IP address, device info
- Pages visited, time spent
- Cookies (essential, analytics, functional)
2. How We Use Your Data
- Service delivery: Match clients with pros, process payments, generate invoices
- Compliance: Tax filings (TDS, GST, TCS), FEMA reporting, RBI compliance
- Communication: Order notifications, support responses, marketing (opt-in only)
- Security: Fraud detection, anti-circumvention enforcement, KYC verification
- Improvement: Analytics, A/B testing, feature development (anonymized)
3. Data Sharing
We DO NOT sell your data. We share data only with:
- Payment gateways: Razorpay (Indian transactions), PayPal (international) — required for payment processing
- Tax authorities: Indian Income Tax Dept, GST Dept — mandatory legal compliance
- Service providers: Amazon SES (emails), Cloudflare (CDN), Daily.co (video) — under strict NDAs
- Law enforcement: Only with valid legal order from Indian courts
4. Data Security
- 256-bit SSL/TLS encryption on all data transmission
- Passwords hashed with bcrypt (cost factor 12)
- KYC documents encrypted at rest (AES-256)
- Regular security audits, VAPT testing
- Strict access controls (role-based, MFA for admin)
5. Your Rights
- Access: Request copy of your data within 30 days
- Rectification: Update incorrect data anytime via account settings
- Erasure: Request account deletion (subject to tax/legal retention requirements)
- Portability: Export your data in machine-readable format
- Opt-out: Unsubscribe from marketing emails anytime
6. Cookies
We use essential cookies (authentication), analytics cookies (Google Analytics — anonymized), and functional cookies (preferences). You can disable non-essential cookies in browser settings.
7. Data Retention
- Active account data: retained as long as account is active
- Transaction records: 8 years (Indian tax law requirement)
- KYC documents: 5 years post-account closure (PMLA requirement)
- Marketing data: deleted upon opt-out request
8. International Transfers
Some service providers (PayPal, Cloudflare, etc.) may process data outside India. We ensure adequate protection via standard contractual clauses and only work with providers compliant with international data protection standards.
9. Children
ProSansaar is not intended for users under 18 years. We do not knowingly collect data from minors. If you believe a minor has registered, contact us immediately.
10. Changes to This Policy
We may update this policy periodically. Material changes will be notified via email. Continued use of ProSansaar after changes constitutes acceptance.
11. Contact & Grievance
Data Protection Officer: support@prosansaar.com
Office: 212 Grohitam Building, Sector-19, Vashi, Navi Mumbai 400703
Response within 24-48 hours.