Privacy Policy

Welcome to Titan Print ("we", "our", or "us"). We operate the website titanprint.co.in and associated services, providing digital government document printing solutions to operators across India.

This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you register for, access, or use our platform. It also describes your rights and choices with respect to your data.

By accessing or using Titan Print, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy. If you do not agree, please do not use our services.

Account & Registration Data

When you create an operator account, we collect the following information:

• Full Name — used to identify your account and personalise your dashboard.
• Mobile Number — used for OTP verification, login, and support communications.
• Email Address — used for account notifications, invoices, and support.
• Password (hashed) — stored as a one-way encrypted hash; we cannot see your plaintext password.
• Business/Shop Name (optional) — to personalise your operator profile.
• State & City — used to improve regional service availability and support routing.

Wallet & Payment Data

When you recharge your wallet, our payment gateway partner processes the transaction. We retain only:

• Transaction ID — for your records and dispute resolution.
• Amount & Timestamp — for billing and wallet history.
• Payment Method Type (UPI / Card / Net Banking) — not the actual card number or UPI ID.

Document Fetch Data (Citizen Data)

When an operator uses our platform to fetch a government document, the citizen's identifier (Aadhaar number, PAN, EPIC number, etc.) is transmitted to the relevant government API. The fetched data — name, photo, address — is:

• Used only to generate the print file in real time.
• Not stored permanently on our servers after the print session ends.
• Logged in anonymised form (document type + timestamp only) for audit and billing purposes.

Usage & Technical Data

We automatically collect certain technical data when you use our platform:

We use the personal information we collect only for legitimate, clearly defined purposes. We will never use your data in ways you would not reasonably expect.

• Account Management — Creating, maintaining, and securing your operator account.
• Service Delivery — Processing your document print requests and wallet transactions.
• Customer Support — Responding to your queries, complaints, and refund requests.
• Security & Fraud Prevention — Detecting unauthorised access, suspicious activity, and abuse of our platform.
• Platform Improvement — Analysing usage patterns (in aggregated, anonymised form) to improve our product.
• Legal Compliance — Meeting obligations under Indian law, including the IT Act 2000 and DPDP Act 2023.
• Communication — Sending important service notifications, transaction receipts, and security alerts (not marketing without consent).

We do not sell, rent, or trade your personal information. We may share limited data only in the following specific circumstances:

Trusted Service Providers

• Payment Gateways — Razorpay / PayU / CCAvenue process wallet recharges securely. They operate under their own privacy policies.
• SMS & OTP Providers — Your mobile number is shared with our OTP gateway solely to deliver verification codes.
• Cloud Hosting — Our servers are hosted on reputable cloud providers (e.g., AWS, DigitalOcean) with SOC2-compliant data centres.
• Analytics Tools — We use Google Analytics with IP anonymisation enabled. No personally identifiable data is shared.

Government & Legal Obligations

We may disclose your information if required to do so by applicable law, court order, or government authority — including the Ministry of Electronics & Information Technology (MeitY) and law enforcement agencies — under the Information Technology Act, 2000 or any successor legislation.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the successor entity. We will notify you via email or a prominent notice on the website before your data becomes subject to a different privacy policy.

We implement a multi-layered approach to data security, combining technical controls, organisational policies, and regular audits to protect your information from unauthorised access, alteration, disclosure, or destruction.

• 256-bit SSL/TLS Encryption — All data transmitted between your browser and our servers is encrypted in transit.
• Password Hashing (bcrypt) — Passwords are hashed with a strong one-way algorithm; we cannot recover or read your password.
• Two-Factor Authentication (OTP) — OTP verification is required during login and sensitive account actions.
• Rate Limiting & CAPTCHA — Automated abuse, brute-force login attempts, and API scraping are blocked at the server level.
• Firewall & DDoS Protection — Our infrastructure is protected by enterprise-grade firewalls and DDoS mitigation services.
• Regular Security Audits — Penetration tests and vulnerability scans are conducted regularly by independent security teams.
• Access Controls — Staff access to production data is role-based, logged, and audited. Minimum necessary access principle is strictly followed.

We use cookies and similar technologies to keep you logged in, remember your preferences, and understand how our platform is used. We do not use cookies for third-party advertising.

You can control or disable cookies through your browser settings. Note that disabling session cookies will prevent you from logging in to your account.

We retain your personal data only for as long as necessary to fulfil the purposes described in this policy, or as required by applicable law. Here is our retention schedule:

• Active Account Data — Retained for the lifetime of your account plus 3 years after account closure for legal compliance.
• Transaction & Wallet Records — Retained for 7 years as required under Indian financial and tax laws.
• Document Fetch Logs — Anonymised audit logs (document type + timestamp only) retained for 12 months.
• Support Ticket Data — Retained for 2 years after ticket closure to resolve recurring issues.
• Server & Access Logs — Retained for 90 days then automatically deleted.
• Deleted Account Data — Core personal data (name, email, phone) is anonymised within 30 days of account deletion request.

Under the Digital Personal Data Protection Act, 2023 (DPDP Act) and other applicable Indian data protection principles, you have the following rights regarding your personal data:

Titan Print is a business-to-operator platform intended solely for adults (18 years and above) who register as operators to provide document printing services.

We do not knowingly collect personal data from anyone under the age of 18. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately at Support@TitanPrint.Co.IN and we will promptly delete such information from our systems.

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or best practices. When we make material changes, we will notify you through one or more of the following methods:

• A prominent notice on our website homepage and dashboard.
• An email notification sent to your registered email address.
• An SMS alert to your registered mobile number for significant changes.

The "Last Updated" date at the top of this page will always reflect when the most recent revision was made. Your continued use of Titan Print after the effective date of any changes constitutes your acceptance of the updated policy.

We encourage you to review this policy periodically. If you disagree with any changes, you may close your account and stop using our services at any time.

If you have any questions, concerns, or complaints about this Privacy Policy or our data practices, please do not hesitate to reach out. Our team is dedicated to addressing all privacy-related queries promptly and transparently.