How BhoomiScan handles your personal data

What we collect, why we collect it, who we share it with, how long we keep it, and the rights you have under the Digital Personal Data Protection Act, 2023.

This Privacy Policy explains how BhoomiScan, as Data Fiduciary, collects, uses, stores, discloses, and otherwise processes personal data when you use the Service. The Cookie Policy is folded in as Section 11 so the footer carries only Terms + Privacy. Data Processor obligations covering documents you upload on behalf of clients sit in the Terms (Data Processing Addendum, Section 14).

Drafted to the Digital Personal Data Protection Act 2023, the DPDP Rules 2025, the IT Act 2000, and the IT Rules 2021. Topics covered: lawful bases for processing, the categories of personal data we collect from advocates and from buyers, sub-processor disclosures, retention windows for free vs paid uploads, breach notification timelines, the Grievance Officer's contact details, and the rights of Data Principals under the DPDP Act.

Frequently asked questions

What personal data does BhoomiScan collect?

Identity data (name, email, phone), the documents you upload (EC, ROR, Sale Deed), payment metadata processed via Razorpay, and device/usage telemetry. We do not collect government IDs unless you upload them as part of a scan.

Who processes the data on BhoomiScan's behalf?

Supabase (data hosting, India region), Razorpay (payments), and the AI model providers we use for OCR and reasoning (Reducto, Google Gemini, Cerebras, Mistral, Perplexity). All processors are bound by data-processing terms aligned with the DPDP Act, 2023.

How long do you retain uploaded documents?

Source documents are retained for 90 days after the report is delivered, then deleted from primary storage. Anonymised report metadata (scan ID, status, timing) is retained for product analytics.

For the binding text, see the full Privacy Policy and our Terms of Service.