In adherence to the DPDP Act 2023 and GDPR, E-SafeDoc™ processes only the User Name and Business Email required for institutional access. We have no provisions to request or store sensitive personal data.

Your "Document Wrappers" are encapsulated on Tier-IV Indian Infrastructure (MilesWeb), strictly following a non-custodial, Zero-Knowledge Architecture.

The recording of IP addresses is a purely technical security interlock to prevent session hijacking via our Stateless $tid Tokenization. This data is never used for predatory tracking or commercial profiling.

Our Sovereign Handshake implements a Zero-Trust 'Airlock' architecture, where every session is forensically sealed and every data journey is atomically validated to ensure your institutional sanctuary remains impenetrable to unauthorized interference.

• Customizable Retention Threshold: The Client acknowledges that Audit Trail Records are subject to a default two (2) year threshold for Mandatory Purging. However, the Client Administrator holds the Coded Authority to increase this retention parameter within the System Settings to meet specific institutional or regulatory requirements.
• Onus of Maintenance: By increasing the retention threshold, the Client accepts the responsibility for the associated increase in database volume and infrastructure load. The Client remains solely responsible for executing the Double-Lock Consent Purge and retaining the system-generated Encrypted Cloud ZIP and CSV downloads for their long-term forensic archives prior to any deletion. Once the Purge is executed, the action is irreversible.

• Default Privacy Sentinel: To safeguard institutional integrity and prevent unauthorized access via unattended workstations, E-SafeDoc™ enforces a default thirty (30) minute idle timeout. If no system activity is detected within this window, the session key ($tid) is automatically invalidated and purged from server memory.
• Administrative Flexibility: The Client Administrator holds the Coded Authority to adjust this temporal parameter to align with specific departmental "Rhythms" or security protocols.
• The Onus of Adjustment: By extending the idle timeout beyond the 30-minute default, the Client formally acknowledges and accepts the increased risk of session exposure. E-SafeDoc™ recommends maintaining the 30-minute threshold as the Sovereign Standard for maximum perimeter defence.

• Universal Audit Capture: The Client acknowledges that the Immutable Audit Trail (Chronicle) is absolute and all-encompassing. It explicitly captures every action performed by the Client Administrator, including but not limited to: metadata re-classification, session timeout adjustments, and audit retention parameter shifts.
• Administrative Sovereignty: The Client Administrator is equipped with the authority to execute high-privilege interventions, including universal engine shutdowns, real-time session messaging, and mandatory user termination (The Kick-Out).
• The Accountability Lock: To prevent the misuse of power, every such intervention—including the execution of the Double-Lock Purge—is indelibly recorded within the Immutable Audit Trail. This ensures that while the Administrator holds the "Master Key," their actions are subject to permanent institutional scrutiny, maintaining a state of absolute accountability.
• Restoration of Institutional Defaults (The Factory Reset): The engine is delivered with Factory-Configured Parameters designed to maintain maximum security. The Client Administrator holds the Coded Authority to reset any modified settings back to these original benchmarks, ensuring the organization can instantly restore the Sovereign Standard.

We ensure no vendor lock-in. Upon service termination, a formal handover request triggers an automated Full Extraction Tool within our defined portability windows.