Everything you built ~ found by the ones you love.
How we protect your family's most important information without turning the map into account credentials.
OUR SECURITY PRINCIPLES
Five pillars of protection
Every decision we make starts with one question: does this protect the family?
Metadata Only
We store who you bank with, not your account number. Where your policy is, not your balance. The address — never the key.
Vault Encryption
Customer vault data uses AES-256-GCM encryption with a unique key per member where the data model stores encrypted customer records.
Key Separation
Hardware-protected envelope encryption keeps customer data keys separate from stored records, and privileged access is role-gated and audited.
Active Prevention
A continuous safeguard prevents sensitive credentials from ever entering customer records. Partner KYC and payout flows are isolated on separate, role-gated paths.
Indian Data Residency
Core customer records are hosted on India-first infrastructure, with limited payment, messaging, and delivery metadata shared with processors only where needed to provide the service.
REGULATORY COMPLIANCE
DPDP Act 2023 - aligned controls
What is the DPDP Act?
The Digital Personal Data Protection Act, 2023 is India's landmark data privacy legislation. It establishes clear rules for how organisations collect, store, process, and erase personal data of Indian citizens.
Naksha is designed around explicit consent, data minimisation, erasure workflows, export controls, audit records, and grievance handling. Some operational promises depend on manual review rather than automatic deletion.
Explicit consent captured at registration with timestamp, IP, and user agent
Right to erasure — request data deletion through the customer settings workflow, with manual review and a 30-day target
Nominee access is locked by default — released only after a multi-step, human-verified escalation
Core customer records are hosted on India-first infrastructure, with provider sharing limited by purpose
Retention periods are separated by data type: account records, payment records, Life Signal logs, partner records, and grievance records
Append-only audit logs — every data access and state change is permanently recorded
Customer vault fields actively prevent the storage of sensitive credentials and identity numbers
WHAT NEVER ENTERS YOUR NAKSHA
We hold the address — never the key.
Account numbers. Card numbers. UPI IDs. Aadhaar. Passwords, PINs, OTPs. None of these belong inside your Naksha — and our system actively prevents them from being saved, even if a customer or partner tries.
Your Naksha is a map of where your wealth lives, not how to access it. That single decision is what makes the system safe to use, safe to store, and safe to pass on.
Verified continuously
Every input, every save
Never stored
Sensitive credentials, ever
Audited monthly
Independent review trail
Subscribers see the full safeguard detail inside their account, on the dedicated security page — including the audit log of every check we run on their data.
ENCRYPTION EXPLAINED
How your data stays safe — in simple terms
No jargon. No technical manuals. Here's how AES-256-GCM encryption protects your family's financial map.
Your Data
Institution names, branch locations, nominee names, personal letters
Encrypted
AES-256-GCM with unique key per member, fresh IV per operation
Stored Securely
Encrypted data on Indian servers — unreadable even to our team
Decrypted for You
Only when YOU request it — through verified authentication
256-bit
Key length — it would take billions of years to crack with current technology
GCM
Galois/Counter Mode — built-in tamper detection ensures data integrity
Bank-Grade Keys
Hardware-protected key infrastructure — keys are physically separated from data, just like the world's largest banks
“Think of it like a bank locker. We provide the vault. You hold the only key. We can't open it even if we wanted to.”
Your data is safe with us. Start your Naksha.
Customer vault encryption, sensitive-data blocking, audited release controls, and a clear separation between customer records and partner KYC data.
AES-256-GCM for vault data · India-first infrastructure · DPDP-aligned controls