Privacy Policy

VakiliSNear is an online platform that connects people with legal requirements to qualified, practising advocates in India. The platform operates at vakilisnear.com and related subdomains. We act as a marketplace — we do not provide legal advice ourselves and are not a law firm.

For the purposes of applicable data protection law, VakiliSNear is the Data Controller for personal data you provide to us directly. Lawyers who receive your contact details after an unlock payment become independent controllers of that limited data.

2.1 Data you provide directly

When you register or use our services, we collect:

• Account data: name, mobile number, email address, password (hashed — never stored in plain text).
• Profile data (Lawyers): full name, practice areas, city, office address, WhatsApp number, years of experience, bio, and availability status.
• Verification documents (Lawyers): Aadhaar card, law degree certificate, and Bar Council enrolment certificate — uploaded voluntarily for account verification and approval.
• Requirement data (Users): legal category, description of requirement, city, and preferred contact time posted on the platform.

2.2 Data collected automatically

• Usage data: pages visited, features used, search queries, timestamps.
• Device & technical data: IP address, browser type, operating system, referring URL.
• Log data: server access logs retained for security and debugging.
• Last login timestamp: recorded on every successful authentication.

2.3 Payment data

We do not store your card numbers, bank account details, or UPI credentials. All payment information is processed directly by Razorpay (our payment partner) under their own PCI-DSS-compliant environment. We only receive a payment confirmation token and the transaction amount from Razorpay.

We use your personal data for the following purposes:

• Account creation and authentication — to register you and verify your identity on login.
• Service delivery — to match users with relevant lawyers, display lawyer profiles, and facilitate legal requirement posts.
• Lawyer verification — to review uploaded documents and approve or reject lawyer accounts. Documents are only accessible to authorised admins.
• Communication — to send transactional emails (OTP, welcome, payment confirmation, document alerts) and platform notifications.
• Payments — to process Contact Unlock (₹99) and Pro Subscription (₹499/month) payments and maintain payment records.
• Platform improvement — to analyse usage patterns, fix bugs, and improve features.
• Legal compliance — to comply with applicable Indian laws including the Information Technology Act, 2000 and IT (Amendment) Act, 2008.
• Fraud prevention and security — to detect and prevent unauthorised access, spam, and abuse.

We do not use your data for automated profiling that produces legal or significant effects about you, and we do not sell your personal data to third parties.

4.1 With Lawyers (limited data, on payment)

When a User pays for a Contact Unlock, the lawyer's WhatsApp number and direct contact details become visible to that User for 7 days. Similarly, when a lawyer claims a lead, they receive limited contact details (name, mobile) of the User who posted it. This is the core function of the marketplace.

4.2 With our service providers

We share data with trusted third parties only as necessary to operate our services:

• Razorpay — payment processing (subject to Razorpay's Privacy Policy).
• Cloudinary — secure cloud storage for lawyer verification documents.
• Railway / hosting providers — server infrastructure and database hosting.
• SMTP / email providers — transactional email delivery.

All service providers are contractually bound to process data only on our instructions and to maintain appropriate security measures.

4.3 Legal requirements

We may disclose personal data to government or law enforcement authorities if required by law, court order, or to protect the rights, property, or safety of VakiliSNear, its users, or the public.

4.4 Business transfers

In the event of a merger, acquisition, or sale of assets, user data may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website before your data becomes subject to a different privacy policy.

Your data is stored in a PostgreSQL database hosted on secure cloud infrastructure. Verification documents (Aadhaar, degree, Bar licence) are stored on Cloudinary with access controls — documents are only accessible to authorised platform admins via time-limited signed URLs (valid 5 minutes per access).

We implement the following security measures:

• Passwords are hashed using bcrypt and are never stored in plain text.
• All communications between your browser and our servers are encrypted over HTTPS/TLS.
• Admin access to sensitive data (documents, payment records) is role-restricted.
• API routes are protected with JWT-based authentication.
• Database credentials and API keys are stored as environment variables — never in source code.
• Server logs are monitored for suspicious activity.

While we take reasonable precautions, no system is 100% secure. In the event of a data breach that is likely to result in high risk to your rights and freedoms, we will notify affected users without undue delay.

• Account data — retained for as long as your account is active. If you request account deletion, we will delete or anonymise your personal data within 30 days, unless retention is required by law.
• Verification documents — retained for a minimum of 1 year after account approval for regulatory compliance; deleted upon written request if your account is inactive and verification is not under dispute.
• Payment records — retained for 7 years as required under Indian financial regulations.
• Server logs — retained for up to 90 days for security purposes.
• Posted requirements — retained for 1 year from the date of posting, then anonymised.

You have the following rights over your personal data:

• Right to access — request a copy of the personal data we hold about you.
• Right to correction — update or correct inaccurate data via your Dashboard → Profile at any time.
• Right to deletion — request deletion of your account and associated data (subject to legal retention requirements).
• Right to restrict processing — ask us to stop processing your data in certain circumstances.
• Right to data portability — request your data in a structured, machine-readable format.
• Right to object — object to processing based on our legitimate interests.
• Right to withdraw consent — where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, email us at privacy@vakilisnear.com with your registered email address and the nature of your request. We will respond within 30 days.

We use minimal cookies and browser storage to operate the platform:

• Authentication token — a JWT stored in your browser's local storage to keep you logged in. This is strictly necessary for platform functionality.
• Session preferences — to remember your UI preferences (e.g., active dashboard tab) within a session.

We do not use third-party advertising cookies, behavioural tracking pixels, or sell data to ad networks. We do not display advertisements on VakiliSNear.

You may clear cookies/local storage via your browser settings at any time, which will log you out of the platform.

Payment processing is handled exclusively by Razorpay Financial Solutions Pvt. Ltd., a PCI-DSS Level 1 certified payment gateway. We never see or store your full card number, CVV, or bank password.

When you make a payment, Razorpay generates an Order ID which we store in our database alongside your user ID, payment amount (in paise), currency (INR), and payment status. This is used to grant you access to paid features (Contact Unlock for 7 days or Pro Subscription for 30 days).

Refund requests should be emailed to privacy@vakilisnear.com. Refunds are evaluated on a case-by-case basis per our refund policy.

VakiliSNear is intended for use by adults aged 18 years and above. We do not knowingly collect personal data from anyone under 18. If you believe a minor has registered on our platform, please contact us immediately at privacy@vakilisnear.com and we will delete the account promptly.

Our platform may contain links to external websites (e.g., Razorpay, Bar Council of India, court websites). We are not responsible for the privacy practices of those sites. We encourage you to read their privacy policies before providing any personal information.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or applicable law. When we make material changes, we will:

• Update the Effective Date at the top of this page.
• Send a notification email to all registered users.
• Display a notice on the platform for at least 7 days.

Continued use of VakiliSNear after changes become effective constitutes your acceptance of the revised policy.

If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please contact our Privacy team: