Helpline Number: 📞 (+91) 86249-39757 Helpline Number: 📞 022 234567890
📍
Detecting...
👤 Customer Login
🔧 Join as Technician

Privacy Policy

Home Privacy Policy
Last updated: April 2026
Overview

1. Overview

At Dorcas ("we", "our", "us"), your privacy is fundamental to everything we build. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our home services platform — whether you're a customer, vendor/service provider, or administrator.

Dorcas operates in compliance with the Information Technology Act, 2000, the IT (Amendment) Act, 2008, and applicable rules under India's data protection framework. By using our platform, you consent to the practices described in this policy.

We are committed to transparency. We will always tell you what data we collect, why we collect it, and how you can control it. This policy applies to our website, mobile application, and all related services.
Data Collection

2. Data We Collect

We collect different types of data depending on your role on the platform. Below is a full breakdown of what we collect and from whom.

A. Information You Provide Directly

Data Type Collected From Purpose
Full name, email, phone number All users Account creation & communication
Address, pincode, landmark Customers Service delivery & location matching
Government ID (Aadhaar, PAN, etc.) Vendors KYC identity verification
Bank account / UPI details Vendors Commission payments & payouts
Profile photo Vendors Customer-facing vendor profile
Service category & skills Vendors Job matching algorithm
Reviews and ratings Customers Service quality monitoring

B. Information Collected Automatically

  • Device information: model, OS version, unique device identifiers (UDID/IMEI).
  • IP address, browser type, and referral URL for platform security.
  • App usage analytics: screens visited, features used, session duration.
  • GPS/location data (with your permission) to match nearby vendors.
  • Crash reports and error logs for debugging and platform stability.

C. Information from Third Parties

  • Payment confirmation data from gateways (Razorpay / CCAvenue) — we do not store full card details.
  • Social login details (name, email, profile picture) if you sign in via Google.
  • KYC verification results from government-authorised verification APIs.
Usage

3. How We Use Your Data

We use your data only for legitimate purposes directly related to operating the Dorcas platform. We do not use your data for advertising profiles or sell it to third parties.

Core Platform Operations

  • Creating and managing your account and authenticating logins securely.
  • Matching customer booking requests with the nearest available verified vendors.
  • Sending booking confirmations, reminders, and status updates via SMS/email/push.
  • Processing payments and generating invoices / commission statements for vendors.
  • Enabling customer reviews and vendor rating calculations.

Safety, Compliance & Improvement

  • Verifying vendor identity through KYC to ensure platform safety.
  • Detecting and preventing fraud, abuse, and unauthorised access.
  • Analysing aggregated usage data to improve features and fix bugs.
  • Complying with legal obligations including tax records and court orders.
  • Sending important policy or service change notifications.
We will NEVER use your data to: sell to advertisers, build third-party marketing profiles, share with unaffiliated commercial entities, or make automated decisions that legally affect you without human review.
Sharing

4. Data Sharing & Disclosure

We share your personal data only as described below. We require all third parties to respect data security and process your data lawfully.

When We Share Data

  • With the matched vendor: Customer name, phone, and address are shared with the assigned vendor to fulfil the booking — no more.
  • With the customer: Vendor name, photo, rating, and contact number are shared upon booking confirmation.
  • Payment gateways (Razorpay / CCAvenue): Transaction data is shared with PCI-DSS compliant processors. We do not store card numbers.
  • KYC verification partners: Government ID data is shared only with authorised verification APIs for identity confirmation.
  • Cloud hosting providers: Data is stored on secure servers (AWS / Azure) under strict data processing agreements.
  • Legal authorities: We may disclose data to law enforcement or courts if legally required by valid order or to prevent imminent harm.
In the event of a business transfer or merger, user data may be transferred as part of the transaction. You will be notified in advance and can delete your account if you object.
Retention

5. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this policy, comply with legal obligations, resolve disputes, and enforce agreements.

Data Category Retention Period Reason
Account & profile data Active + 2 years Account operations & legal compliance
Booking & transaction records 7 years Tax & financial regulations (India)
KYC documents (vendors) Active + 3 years Identity verification & dispute resolution
Communication logs (support) 2 years Dispute management & quality assurance
Usage & analytics data 12 months Platform improvement (aggregated/anonymised)
Deleted account data 30 days Recovery window, then permanently erased
Security

6. Data Security

We implement industry-standard technical and organisational measures to protect your personal data from unauthorised access, loss, destruction, or alteration.

Security Measures We Use

  • All data transmitted between your device and our servers is encrypted using TLS 1.2 / TLS 1.3 (HTTPS).
  • Passwords are hashed using bcrypt — we never store plain-text passwords.
  • KYC documents are stored in encrypted cloud storage with strict access controls.
  • Payment data is handled by PCI-DSS Level 1 compliant gateways — Dorcas never stores card numbers.
  • Admin access is protected by multi-factor authentication (MFA) and full audit logs.
  • Regular security audits and penetration testing are conducted by third-party experts.
  • No system is 100% secure. We encourage you to use a strong, unique password and enable OTP-based login for extra protection.
In the event of a data breach that poses a risk to your rights and freedoms, we will notify affected users within 72 hours and report to appropriate authorities as required by law.
Cookies

7. Cookies & Tracking

We use cookies and similar tracking technologies to improve your experience, remember your preferences, and analyse how our platform is used.

Types of Cookies We Use

  • Essential Cookies: Required for the platform to function — login sessions, security tokens, and booking state. Cannot be disabled.
  • Functional Cookies: Remember your language, location preferences, and saved addresses for a smoother experience.
  • Analytics Cookies: Collect anonymised data about which pages you visit and how you navigate, helping us improve the platform (via Google Analytics / Mixpanel).
  • Third-Party Cookies: Set by embedded tools like payment widgets or map integrations (Google Maps). We have limited control over these.
You can control non-essential cookies through your browser settings or our cookie preference centre. Disabling essential cookies may affect platform functionality.
Your Rights

8. Your Privacy Rights

You have meaningful rights over your personal data. We make exercising these rights straightforward — most can be done directly from your account dashboard.

Right to Access

Request a copy of all personal data we hold about you at any time.

Right to Rectification

Correct inaccurate or incomplete data in your profile directly from the dashboard.

Right to Erasure

Request deletion of your account and associated data, subject to legal retention requirements.

Right to Object

Opt out of non-essential communications, analytics, and marketing at any time.

Right to Portability

Download your booking history and account data in a structured, machine-readable format.

Right to Restrict Processing

Request that we limit how we use your data while a correction or objection is being reviewed.

To exercise any of these rights, email us at privacy@dorcasaid.com with your registered email and the specific request. We will respond within 30 days.
Minors

9. Children's Privacy

Dorcas is not intended for use by individuals under the age of 18 years. We do not knowingly collect personal data from minors.

  • Users must be 18 or older to create an account, book services, or register as a vendor.
  • If we discover that a minor has provided personal data without parental consent, we will delete it immediately.
  • If you believe a minor has registered on our platform, please contact us at support@dorcasaid.com without delay.
Vendor KYC Privacy
KYC Privacy

10. KYC Document Privacy (Vendors)

We treat KYC documents — such as Aadhaar cards, PAN cards, Voter IDs, and Passports — with the highest level of care. Their collection is mandatory to ensure a safe, trustworthy platform.

  • KYC documents are uploaded over an encrypted HTTPS connection and stored in access-controlled encrypted storage.
  • Only authorised Dorcas admin personnel and verification API partners can access KYC documents — never customers.
  • Documents are used exclusively for identity verification. They are not shared for any marketing or commercial purpose.
  • KYC documents are not displayed publicly at any time on the platform.
  • Upon account deletion, KYC documents are retained for 3 years as required by applicable regulations, then permanently deleted.
Vendors may request a copy of their submitted KYC documents or ask for their deletion (post-contract) by emailing privacy@dorcasaid.com. Regulatory retention requirements may apply.
Updates

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

  • Update the "Last updated" date at the top of this page.
  • Send an in-app notification and email to all registered users at least 7 days before the change takes effect.
  • For significant changes, request your explicit re-consent before you can continue using the platform.
  • Maintain an archive of previous versions of this policy, available on request.

Continued use of the Dorcas platform after the effective date of any update constitutes your acceptance of the revised Privacy Policy.