01
Data minimisation: registration collects only account, contact and role information needed for the service.
02
Purpose limitation: account and productivity data is used to provide task, notes, calendar, sync, export and administrative services.
03
Security safeguards: HTTPS, password hashing, token hashing and administrator-only CMS access are mandatory controls.
04
Transparency: privacy, terms and disclaimer pages are available on the website and will be mirrored in the mobile app.
05
User rights roadmap: access, correction, export and retention workflows are planned for the CMS and API.
06
India hosting: the deployment is configured for Indian hosting infrastructure under karyayogi.in.