Privacy Policy

1Overview & Important Notice

Post Connect is designed with a privacy-first, offline-first architecture. The core design principle of this application is that your personal and financial data stays on your device. We do not operate servers that store your financial records, DOP credentials, or customer data.

By installing and using Post Connect, you agree to the terms of this Privacy Policy. If you do not agree to these terms, please do not use the application.

2Data We Collect

Post Connect collects only the minimum data necessary to provide the service. We categorize data into two types:

2.1 Data Stored Locally on Your Device (Never Transmitted to Us)

• DOP Agent Portal Credentials: Your username and password for dopagent.indiapost.gov.in, stored in AES-256 encrypted format on-device only.
• RD Account Records: Account numbers, customer names, installment amounts, due dates, and collection history — all stored locally in encrypted SQLite.
• Collection Entries: Payment records you manually enter — stored locally only.
• Lot Records: Batch submission records created through the app — stored locally only.
• Generated Files: PDF and Excel reports generated by the app — stored in your device's local storage.

2.2 Data Collected for Authentication (Firebase)

• Mobile Phone Number: Collected during registration for OTP-based authentication via Firebase Authentication. This is processed by Google Firebase under their own Privacy Policy.
• Firebase User ID (UID): A unique anonymous identifier assigned by Firebase upon successful authentication. Used to enforce one-device-per-agent binding.
• Authentication Tokens: Firebase-issued session tokens, managed by Firebase SDK, used to maintain your login session.

2.3 Technical / Diagnostic Data (Limited)

• App Crash Reports: If enabled, anonymized crash data may be collected via Firebase Crashlytics to help us fix bugs. No personal data is included in crash reports.
• Basic Device Information: Android version and device model may be logged anonymously for compatibility diagnostics. This is never linked to your identity.

3How We Use Your Data

We use collected data only for the following specific purposes:

1. Authentication: Your phone number is used solely to verify your identity via OTP and to enforce one-device-per-agent binding through Firebase Authentication.
2. App Functionality: Locally stored credentials are used exclusively to automate login to the DOP agent portal on your behalf, within a secure WebView on your device.
3. Bug Fixes: Anonymized crash data (if any) is used to identify and fix technical issues in the app.
4. Account Security: Firebase UID is used to bind your app activation to one device to prevent unauthorized sharing.

We do not use your data for advertising, profiling, data mining, or any purpose beyond directly operating the app features you have consented to.

4Data Storage & Retention

4.1 On-Device Storage

All financial records, RD account data, collection entries, and DOP credentials are stored in an encrypted SQLite database on your device. This data:

• Remains entirely on your device at all times
• Is encrypted at rest using AES-256 encryption
• Is never uploaded to our servers or any cloud service by Post Connect
• Is automatically deleted when you uninstall the app or use the "Clear All Data" option in Settings
• Can be manually backed up and restored by you through the app's Backup/Restore feature

4.2 Firebase Data

Your phone number and Firebase UID are stored in Google Firebase's secure infrastructure. Firebase operates under Google's Privacy Policy and is compliant with international data protection standards. Firebase data is retained as long as your account is active. You may request deletion of your Firebase account data by contacting us.

4.3 Data Deletion

You may delete your data at any time by:

• Using Settings → Backup → "Delete All Data" within the app
• Uninstalling the application
• Contacting us at support@postconnect.in to request Firebase account deletion

5Third-Party Services

Post Connect uses the following third-party services. Each operates under its own privacy policy:

5.1 Google Firebase (Authentication & Analytics)

• Service: Firebase Authentication, Firebase Crashlytics
• Purpose: Phone OTP verification, crash reporting
• Data Shared: Phone number (for authentication only), anonymized crash data
• Provider Privacy Policy: policies.google.com/privacy

5.2 India Post DOP Agent Portal (Government Service)

• Service: dopagent.indiapost.gov.in (third-party government portal)
• Purpose: Sync RD account data using agent's own credentials
• Data Shared: Your DOP credentials are used within an on-device secure WebView to access your own government account. Credentials are NOT shared with Post Connect servers.
• Important: Post Connect merely automates what you would do manually in a browser. The government portal's own terms and privacy policy apply to your use of their service.

5.3 Google Play Store (Distribution & Payments)

• Service: App distribution and in-app subscription billing
• Purpose: App delivery, subscription processing
• Data Shared: Payment and billing data is processed entirely by Google Play. Post Connect does not receive or store your payment card details.
• Provider Privacy Policy: policies.google.com/privacy

6Your Rights (DPDP Act 2023 & IT Act 2000)

Under India's Digital Personal Data Protection Act, 2023 (DPDP Act) and applicable provisions of the Information Technology Act, 2000, you have the following rights:

6.1 Right to Access

You may request a summary of personal data we hold about you (limited to Firebase account data, as all other data is on your device). Contact us to exercise this right.

6.2 Right to Correction

You may correct inaccurate personal data. For data stored on your device, use the app's editing features directly. For Firebase data (phone number), contact us.

6.3 Right to Erasure

You have the right to request deletion of your personal data. To delete on-device data: use Settings → Delete All Data or uninstall the app. To delete Firebase authentication data, contact support@postconnect.in.

6.4 Right to Data Portability

You may export your data at any time through the app's Backup feature (Settings → Backup → Export). Exported data is provided in a standard format.

6.5 Right to Withdraw Consent

You may withdraw your consent to data processing at any time by ceasing use of the app and requesting deletion of your account data.

6.6 Grievance Redressal

For any data protection concerns, please contact our Data Protection Point of Contact at support@postconnect.in. We aim to respond to all requests within 72 hours.

7Security Practices

Post Connect implements robust technical security measures to protect your data:

• AES-256 Encryption: All credentials and sensitive data stored on-device are encrypted using industry-standard AES-256 encryption.
• Device Binding: Your app activation is tied to a single device via Firebase UID to prevent unauthorized use from other devices.
• SSL Certificate Pinning: Connections to the DOP portal use SSL pinning to prevent man-in-the-middle attacks.
• Root Detection: The app detects rooted or compromised devices and displays a security warning to protect your data.
• Secure WebView: DOP portal access uses an isolated, secure WebView that does not share session data with external apps or browsers.
• No Credential Transmission: Your DOP credentials are never transmitted to Post Connect servers — they are used only within the on-device WebView.
• Firebase Security Rules: Firebase data access is protected by strict security rules that prevent unauthorized access.

8Children's Privacy

Post Connect is designed exclusively for registered India Post DOP agents, who are adults engaged in professional capacity. The app is not intended for use by individuals under the age of 18 years.

We do not knowingly collect personal data from minors. If we become aware that personal data has been collected from a person under 18, we will take immediate steps to delete such data. If you believe a minor has registered with the app, please contact us immediately.

9Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes:

• The "Last Updated" date at the top of this page will be revised
• We will notify users via an in-app notification on next launch
• Continued use of the app after the effective date constitutes acceptance of the updated policy
• If changes are significant, we will provide 14 days' advance notice via in-app notification

We encourage you to review this policy periodically.

10Terms of Use

10.1 Acceptance

By downloading, installing, or using Post Connect, you agree to be bound by these Terms of Use. If you do not agree, do not use the app.

10.2 Eligibility

Post Connect is intended for use by registered DOP/India Post Recurring Deposit agents only. You represent that you are a registered DOP agent and that you are using the app for legitimate professional purposes related to your agency work.

10.3 Permitted Use

• Managing your own DOP agent account and associated RD customer accounts
• Recording collections from your registered customers
• Generating lot reports for submission to your post office
• Syncing data from the DOP portal using your own credentials

10.4 Prohibited Use

• Using the app to access DOP accounts belonging to other agents without authorization
• Sharing your app login credentials with unauthorized persons
• Attempting to reverse engineer, decompile, or tamper with the app
• Using the app in any manner that violates applicable Indian laws
• Misrepresenting the app as an official India Post or Government of India application

10.5 Subscription & Billing

• A mandatory 45-day free trial is provided to all new installations with no payment required
• After the trial period, continued use requires an active subscription (₹99/month or ₹849/year)
• All payments are processed by Google Play Store under Google's terms
• Subscriptions auto-renew unless cancelled at least 24 hours before the renewal date
• Refunds are governed by Google Play's refund policy

10.6 Intellectual Property

The Post Connect application, its code, design, branding, and name are proprietary to the developer. You may not reproduce, distribute, or create derivative works without written permission. "Post Connect" and the associated "P" logo are trademarks of the developer.

10.7 Limitation of Liability

Post Connect is provided "as is" without warranties of any kind. The developer is not liable for any data loss, financial loss, or consequences arising from use of the app, including but not limited to errors in DOP portal sync, incorrect lot submissions, or service interruptions. You are responsible for verifying all submissions made through the app against official government records.

10.8 Governing Law

These Terms are governed by the laws of India. Any disputes shall be subject to the exclusive jurisdiction of the courts in Jharkhand, India.

11Legal Disclaimer

11.1 Non-Affiliation

Post Connect is an independent productivity tool for registered DOP/India Post Recurring Deposit agents. It is NOT affiliated with, endorsed by, sponsored by, authorized by, or connected to India Post, the Department of Posts, the Ministry of Communications, or the Government of India in any manner whatsoever.

The name "Post Connect" and the app's branding are original creations of the developer. The app does not use India Post's official logo, horn symbol, official seal, or any other protected government visual identity.

11.2 Nature of the Service

Post Connect acts as an automation and productivity layer for DOP agents. It:

• Uses credentials voluntarily provided by the agent to access their own government account
• Does not submit unauthorized transactions or modify official government records
• Does not intercept, alter, or tamper with government portal security measures
• Is functionally equivalent to a browser automation tool or form-filler
• Never processes, holds, or transmits financial funds on behalf of users

11.3 Legal Basis for Operation

The developer believes Post Connect operates within the framework of applicable Indian law, including the Information Technology Act, 2000 (Section 66 is not applicable as only the authorized agent accesses their own account), the Copyright Act, 1957 (only original source code is used), and the DPDP Act, 2023 (compliant data practices are followed).

Similar productivity tools assisting government field workers are available on the Google Play Store and have not been subject to legal action. This does not constitute a legal guarantee, and the legal landscape may change.

11.4 Risk Acknowledgment

Users acknowledge that:

• India Post may, at its discretion, send a cease-and-desist notice regarding the app's use of their portal
• Google Play Store may, under its policies, request modifications to the app listing or app features
• The developer will respond promptly to any legitimate legal notices
• Use of the app is at the user's own discretion and risk

11.5 No Financial Advice

Post Connect is a data management tool. Nothing in the app constitutes financial advice, legal advice, or official guidance on DOP procedures. Always refer to official India Post/Department of Posts communications for authoritative information.

11.6 Accuracy of Data

Data synced from the DOP portal is provided as-is. The developer does not guarantee the accuracy, completeness, or timeliness of data obtained from the government portal. Users must verify all records against official sources before submitting lots or taking financial action.

12Contact & Grievance Redressal

For any privacy concerns, data deletion requests, legal notices, or general support: