Privacy Policy

Welcome to Neelaxmi — The Saviour. This Privacy Policy outlines our strict protocols regarding the collection, processing, and protection of your data. As a "Data Fiduciary" under the Digital Personal Data Protection Act (DPDPA) 2023, we prioritize your life safety while ensuring the sanctity of your personal information.

1. The Taxonomy of Data Collection

To provide rapid intervention, we categorize the data we collect as follows:

1.1 User Profile Data (On-Boarding)

• Data Principals (General Users): Name, Mobile Number, Age, Gender, and Blood Group.
• Medical Profile: Pre-existing conditions (Diabetes, Hypertension), current medications, and Insurance Policy identifiers to facilitate "Golden Hour" medical readiness.
• Trusted Circle: Contact details of individuals you designate as emergency responders.

1.2 Volunteer (Hero) Verification Data

To ensure a secure network, Volunteers must undergo mandatory KYC:

• Government Identity: Digilocker/Aadhaar/PAN verification for accountability.
• Biometric Verification: Live selfie matching to prevent "Hero Impersonation."
• Payout Data: Bank account/UPI details for "Gratitude Donation" settlements.

1.3 Technical & Telemetric Data

• Precise Geo-Location: Continuous tracking of GPS coordinates (Background & Foreground).
• Network Logs: IP address, Device ID (IMEI), and signal strength to optimize "Silent Blast" packet delivery.

2. Advanced Protection Protocols (Ghost Mode)

The "Ghost Mode" (Level 3 Emergency) involves specialized data processing:

3. Purpose & Legitimate Use

We process your data exclusively for:

1. The 200m Radius Matchmaking: Identifying the exact spatial intersection between a Data Principal in distress and a verified Neelaxmi Hero.
2. Siren Protocol: Cross-referencing your location with Fire Department APIs to warn you of active fire hazards in your vicinity.
3. Evidence Chain-of-Custody: Maintaining an unalterable record of crime scenes for Law Enforcement Agencies (LEA).
4. Financial Integrity: Deducting the 5% infrastructure fee and ensuring fair distribution of reward points.

4. Data Retention and The "Non-Erasure" Exception

While we respect the "Right to Erasure" under DPDPA, please note the following exceptions:

• Routine Data: Deleted within 30 days of account termination.
• Incident Data: Any data generated during a "Triggered SOS" is preserved for a minimum of 180 days or until the conclusion of any legal proceedings, as mandated by the Indian Evidence Act.
• Immutable Evidence: Once data is streamed via "Ghost Mode," it is moved to a "Legal Vault" and cannot be modified or deleted by the user to prevent coercion by attackers.

5. Disclosure and Third-Party Transfer

We do not operate as a data broker. Data transfer is restricted to:

• State Authorities: Automatic API sharing with Police Control Rooms (PCR) and Fire Stations.
• Medical Providers: Sharing your blood group and medical history with the assigned Ambulance/Hospital.
• Financial Intermediaries: UPI/Razorpay for donation processing.
• Neelaxmi Heroes: Your name and photo are shared only when they accept your rescue request.

6. Infrastructure & Cybersecurity

Our "Project 360-Kavach" infrastructure utilizes:

• AES-256 Encryption: For all data at rest.
• Geo-Fencing Security: Access to "Ghost Mode" evidence is restricted to authorized LEA IPs only.
• DDoS Protection: Ensuring the app remains online during mass-emergencies.

7. Grievance Redressal Mechanism

As per Rule 5(9) of the IT Rules 2011 and the DPDPA 2023, for any grievances or data-related inquiries: