Everything you built ~ found by the ones you love.
How we protect your family's most important information — without ever having access to it ourselves.
OUR SECURITY PRINCIPLES
Five pillars of protection
Every decision we make starts with one question: does this protect the family?
Metadata Only
We store who you bank with, not your account number. Where your policy is, not your balance. The address — never the key.
Military-Grade Encryption
AES-256-GCM — the same encryption standard used by Indian banking infrastructure. Every piece of data encrypted at rest with a unique key per member.
Zero Trust Architecture
Even our own team cannot read your data. AWS KMS envelope encryption means the decryption keys are hardware-protected and never stored alongside your data.
Active Prevention
Our Sensitive Data Guard runs on every input field — real-time detection and blocking of account numbers, card numbers, UPI IDs, Aadhaar, and passwords. We don't just promise to not store them. We make it impossible.
Indian Data Residency
All your data lives on Indian servers. Full compliance with the DPDP Act 2023. Your family's financial map never leaves the country.
REGULATORY COMPLIANCE
DPDP Act 2023 — Full Compliance
What is the DPDP Act?
The Digital Personal Data Protection Act, 2023 is India's landmark data privacy legislation. It establishes clear rules for how organisations collect, store, process, and erase personal data of Indian citizens.
As a company that handles your family's most sensitive information, we don't just comply with the DPDP Act — we go beyond it. Every feature of Naksha is designed with privacy as the foundation, not an afterthought.
Explicit consent captured at registration with timestamp, IP, and user agent
Right to erasure — request data deletion anytime, processed within 30 days
Nominee access is locked by default — released only after 9-step human verification
All data stored on Indian servers — full data residency compliance
7-year data retention post account closure — aligned with Indian financial regulations
Append-only audit logs — every data access and state change is permanently recorded
Zero credential storage — no passwords, PINs, or OTPs in our database, ever
SENSITIVE DATA GUARD
What we block, warn, and allow
Our Sensitive Data Guard runs on every input field — real-time protection that makes it impossible to enter fraud-enabling data.
All blocked attempts are audit-logged (SHA-256 hash only, never plaintext). Policy numbers and folio numbers are allowed because they do not enable fraud.
ENCRYPTION EXPLAINED
How your data stays safe — in simple terms
No jargon. No technical manuals. Here's how AES-256-GCM encryption protects your family's financial map.
Your Data
Institution names, branch locations, nominee names, personal letters
Encrypted
AES-256-GCM with unique key per member, fresh IV per operation
Stored Securely
Encrypted data on Indian servers — unreadable even to our team
Decrypted for You
Only when YOU request it — through verified authentication
256-bit
Key length — it would take billions of years to crack with current technology
GCM
Galois/Counter Mode — built-in tamper detection ensures data integrity
AWS KMS
Hardware-protected key management — encryption keys never stored alongside your data
“Think of it like a bank locker. We provide the vault. You hold the only key. We can't open it even if we wanted to.”
Your data is safe with us. Start your Naksha.
Military-grade encryption. Zero sensitive data stored. DPDP Act compliant. Your family's financial map, fully protected.
AES-256-GCM encrypted · Indian servers only · DPDP Act 2023 compliant