LockedPDFs ("we", "our", "us") is operated by FinLens Advisory, registered in India. We are committed to protecting your personal data in accordance with the Digital Personal Data Protection Act, 2023 (DPDP Act).
Your PDF files are never uploaded to our servers. All document processing happens entirely within your browser using client-side technology. We have no technical ability to access, read, or store your documents ā because they never reach us.
We collect only what is strictly necessary to provide our service: a) Account Data ā¢ Email address (required for account creation and login) ā¢ Password (stored as a bcrypt hash ā we cannot read your password) ā¢ Account creation date b) License & Billing Data ā¢ Plan type (Free / Pro / Team) ā¢ Subscription start and end dates ā¢ Razorpay Payment ID (a reference number ā we do not store card or UPI details; these are handled entirely by Razorpay) c) Usage Data (minimal) ā¢ Login timestamps ā¢ No document metadata, filenames, or content is ever logged We do NOT collect: ā¢ The contents of any PDF you process ā¢ Filenames of documents you process ā¢ Any biometric data ā¢ Any data about minors (our service is for professionals aged 18+)
We use your data solely for: ā¢ Authenticating your account (email + password) ā¢ Verifying your license to access Pro/Team features ā¢ Sending payment receipts and GST invoices (via Razorpay) ā¢ Responding to support requests you initiate We do not use your data for advertising, profiling, or any purpose beyond operating the service you signed up for.
We share your personal data with the following third parties only: a) Supabase (supabase.com) Role: Data Processor Purpose: Database hosting and authentication infrastructure Data shared: Email, hashed password, license data Location: Hosted on AWS (region: ap-south-1, Mumbai) b) Razorpay (razorpay.com) Role: Data Processor (Payment Gateway) Purpose: Processing payments, generating GST invoices Data shared: Email, name (if provided), payment amount Note: Card/UPI/banking details are collected and stored by Razorpay directly ā we never see or store this information We do not sell your data. We do not share your data with advertisers. We do not share your data with any other third party.
ā¢ Account data: Until you delete your account ā¢ License/billing records: 7 years (required by Indian tax law / GST compliance) ā¢ Support communications: 1 year after resolution When you delete your account, we permanently delete your email and account data. Billing records are retained only as required by law.
As a Data Principal under the DPDP Act, you have the right to: a) Access ā Know what personal data we hold about you b) Correction ā Correct inaccurate or incomplete data c) Erasure ā Request deletion of your personal data ("right to be forgotten") d) Grievance Redressal ā Raise a complaint with our Grievance Officer e) Withdraw Consent ā Withdraw consent at any time (this will require account deletion as consent is necessary to provide the service) f) Nominate ā Nominate another individual to exercise rights on your behalf in the event of death or incapacity To exercise any of these rights, contact our Grievance Officer (see Section 9) or use the account management tools in your dashboard.
We implement the following security measures: ā¢ All data transmitted over HTTPS/TLS encryption ā¢ Passwords stored using bcrypt hashing (never in plain text) ā¢ Database access restricted by Row Level Security (Supabase RLS) ā¢ Payment processing handled by PCI-DSS compliant Razorpay ā¢ No document content ever stored ā eliminates the largest attack surface
LockedPDFs is a professional tool intended for users aged 18 and above. We do not knowingly collect data from minors. If you believe a minor has created an account, please contact us immediately for deletion.
In accordance with the DPDP Act 2023, we have appointed a Grievance Officer: Name: Rushabh Jamdade Email: privacy@lockedpdfs.com Response time: We will acknowledge your grievance within 48 hours and resolve it within 30 days.
We will notify you of material changes to this policy via email at least 7 days before they take effect. Continued use of the service after that date constitutes acceptance of the updated policy.
For any privacy-related queries: Email: privacy@lockedpdfs.com