This platform operates as a private consultancy and professional service provider and is not affiliated with, authorized by, or associated with any Government authority, department, or agency. All charges paid through this platform constitute professional consultancy, facilitation, and service fees. Users may also apply for these services directly through official government portals at no additional service cost.

DSBS

Contact Us

Data & Document Retention Policy

Last Updated: 09-May-2026

1. INTRODUCTION

1.1 This Data and Document Retention Policy (“Policy”) sets out the manner in which “DigiServe Business Services” also known as “DSBS” (“Company”, “We”, “Us”, “Our”) retains, stores, reviews, and disposes of personal data and documents.

1.2 This Policy is implemented in compliance with:

• The Digital Personal Data Protection Act, 2023

• The Information Technology Act, 2000

1.3 This Policy applies to all personal data and documents processed by the Company in connection with its services.

2. OBJECTIVES

The objectives of this Policy are to:

2.1 Ensure data minimization and storage limitation
2.2 Maintain compliance with applicable laws
2.3 Protect confidentiality and integrity of data
2.4 Prevent excessive or unnecessary retention
2.5 Ensure secure storage and disposal

3. SCOPE

3.1 This Policy applies to:

• Clients and users

• Employees and contractors

• Third-party service providers

3.2 This Policy covers:

• All digital and physical records

• All systems, databases, and storage mechanisms

4. DEFINITIONS

4.1 Personal Data means any data relating to an identifiable individual.

4.2 Sensitive Data includes identity documents, financial information, and other confidential data.

4.3 Processing means collection, storage, use, sharing, or deletion of data.

4.4 Retention means the duration for which data is stored.

4.5 Deletion means permanent removal of data.

4.6 Anonymization means irreversible removal of identifying information.

5. CATEGORIES OF DATA AND DOCUMENTS

The Company may retain the following:

5.1 Personal Data

• Name, contact details, address

5.2 Business Data

• Business information and registration details

5.3 Identity Documents

• PAN card

• Aadhaar card (only where legally required)

• Other identification documents

5.4 Financial Data

• Payment records, transaction details, and bank account information including account number and IFSC code where required for application processing, regulatory filings, or compliance-related services.

5.5 Application Data

• Application forms, drafts, and submission records

5.6 Communication Records

• Emails, messages, and call records

5.7 Technical Logs

• IP address, system activity logs

5.8 OTP and Authentication Data

• OTP is used only for real-time authentication

• OTP is strictly non-financial

• OTP is not stored, logged, or retained

• The Company does not store:

      • OTP

      • Passwords

      • Login credentials

6. DATA RETENTION PRINCIPLES

The Company follows:

6.1 Purpose Limitation – Data is retained only for specified purposes
6.2 Data Minimization – Only necessary data is retained
6.3 Storage Limitation – Data is not retained longer than required
6.4 Integrity and Confidentiality – Data is secured against unauthorized access

7. RETENTION PERIODS

7.1 Active Data

• Retained for the duration of the service engagement

7.2 Completed Service Data

• Retained for 90 days or as required by applicable law

7.3 Financial Records

• Retained as per applicable tax and accounting laws

7.4 Communication Records

• Retained for operational and dispute resolution purposes

7.5 Technical Logs

• Retained for a limited duration necessary for security and monitoring

8. EXTENDED RETENTION

Data may be retained beyond standard periods where necessary for:

• Legal disputes

• Regulatory investigations

• Compliance requirements

9. DATA STORAGE AND SECURITY

The Company implements reasonable safeguards including:

• Encryption of sensitive data

• Role-based access control

• Secure infrastructure and storage systems

• Monitoring and audit mechanisms

10. DATA DELETION AND DISPOSAL

10.1 Upon expiry of retention periods, data shall be:

• Permanently deleted; or

• Anonymized where appropriate

10.2 Disposal methods include:

• Secure digital deletion

• Removal from active and archival systems

11. BACKUPS AND ARCHIVAL DATA

11.1 Data may be stored in backup systems for business continuity.

11.2 Backup data shall:

• Be protected with appropriate safeguards

• Be retained only as necessary

11.3 Deletion from backups shall occur through periodic overwrite cycles.

12. SPECIAL PROVISIONS FOR SENSITIVE DATA

12.1 Aadhaar Data

• Collected only where legally required

• Used strictly for specified purposes

12.2 OTP and Authentication Data

• OTP is used only for real-time authentication

• OTP is never stored or retained

13. DATA REVIEW AND MINIMIZATION

13.1 Data shall be periodically reviewed.

13.2 Unnecessary or outdated data shall be deleted or anonymized.

14. USER RIGHTS

Subject to applicable law, users may:

• Request access to data

• Request correction

• Request deletion

Such rights may be subject to legal retention requirements.

15. THIRD-PARTY PROCESSORS

15.1 Third-party processors shall:

• Process data only for authorized purposes

• Maintain appropriate security measures

• Comply with applicable laws

16. DATA BREACH MANAGEMENT

In the event of a data breach:

• Detection and containment measures shall be implemented

• Impact shall be assessed

• Notification shall be made as required by law

17. RESPONSIBILITIES

17.1 Company Responsibilities

• Ensure compliance with this Policy

• Maintain data security

• Implement appropriate controls

17.2 Employee Responsibilities

• Handle data securely

• Prevent unauthorized access

• Follow internal policies

18. POLICY REVIEW AND UPDATES

The Company may update this Policy periodically to reflect legal and operational changes.

19. CONTACT DETAILS

DigiServe Business Services (DSBS)
Phone: +91-9373574235
Email: support@registrationonline.org