Legal

Privacy Policy

Plain-language transparency first, then the full legal text. Nothing here is boilerplate — every access below is what the eGuard apps actually do.

Effective date · July 13, 2026

Contents

This Privacy Policy governs how Capricorn Infotech (India) Pvt. Ltd. (“Company”, “eGuard”, “we”) collects, uses, stores, and protects information across the eGuard website, desktop app, mobile app, APIs, and related services. By using the Services you acknowledge this policy. It forms part of our Terms & Conditions.

What eGuard can never see

  • Your USB token's private key — it never leaves the token's secure chip.
  • Your PIN — it is entered only on your phone and never travels across the network.
  • Your phone's location — the mobile app does not use it. Location, when used at all, is captured only on the host and only if you turn it on.
  • Camera, microphone, contacts, SMS, call logs, photos, or your files — the app does not request these permissions at all.
  • The documents you sign are not permanently stored — only the hash is processed; any preview is encrypted, sent to your phone only, and not retained.

What the mobile app accesses — and why

Every permission the eGuard Android app requests is listed below, with the real reason it is needed. Anything marked “Optional” can be declined; the app still signs.

  • Internet

    Required

    Connect to eGuard's servers over the end-to-end encrypted relay to receive signing requests and send your approvals back.

  • USB access (OTG)

    Required

    Communicate with your USB DSC token so it can sign on-device. Scoped to recognised DSC tokens only (a filter list) — never your earphones, hubs, or chargers.

  • Foreground service (connected device / data sync)

    Required

    Keep the token session and the relay connection alive while a signing request is being handled, so a sign doesn't drop midway.

  • Notifications

    Optional

    Alert you the instant a signing request arrives so you can approve or reject it in time. Decline it and the app still signs — you'll just see requests only when the app is open.

  • Biometric / fingerprint

    Optional

    Optional app-lock — unlock eGuard with your fingerprint or face instead of a passcode. Nothing biometric ever leaves your device.

  • Ignore battery optimisation

    Optional

    Used only to keep the background service alive so signing-request notifications actually reach you when your screen is off. You can decline it — nothing is forced.

  • Vibrate

    Optional

    Haptic feedback for notifications.

What the host application accesses

The eGuard host app runs on the signing PC. Here is exactly what it reads and relays:

  • The document’s cryptographic hash— for most signs the host sends only a SHA-256 fingerprint of the document, not the document itself. A hash can’t be reversed to reveal the contents.
  • A document preview — experimental, best-effort— for some app signers (Adobe Acrobat, GST portal, MCA, Income Tax, ICEGATE, MS Office, LibreOffice) the host can detect the file open in that app and relay it encrypted, to your phone only, so you can review it before approving. This is app-dependent — some apps expose the file, some don’t — so preview works sometimes and not others, and only when the host is permitted to read it. It is not stored on our servers.
  • The requesting application & website— the name of the signing app and, for web/portal signs, the website origin. Shown to you on the approval screen and written to the audit log so you always know what you’re approving.
  • Host identity & audit details— the host is bound to the operator’s account and machine (a login is machine-locked). Each host-side signature records the host’s IP, MAC, timestamp, certificate details, and approval status in the audit trail.
  • Host location — only if you turn it on (optional) — location, when used, is captured on the host, never on your phone. If you enable it on the host, the host’s location is added to that signature’s audit record; you can leave it off, and nothing is forced.
  • Never your PIN or private key — the host works only with hashes and your explicit approval. It cannot read your PIN or your signing key.

What we do not access

  • Your USB token's private key — it never leaves the token's secure chip.
  • Your PIN — it is entered only on your phone and never travels across the network.
  • Your phone's location — the mobile app does not use it. Location, when used at all, is captured only on the host and only if you turn it on.
  • Camera, microphone, contacts, SMS, call logs, photos, or your files — the app does not request these permissions at all.
  • The documents you sign are not permanently stored — only the hash is processed; any preview is encrypted, sent to your phone only, and not retained.

Google Play — Data safety

Summary of what the Android app declares on Google Play:

  • Data collected: name, email, phone and organization (account); device & app diagnostics and crash logs; payment references (for subscriptions); and app activity / audit logs.
  • Security: data is encrypted in transit (TLS). You can request that your data be deleted.
  • Not collected: your PIN, your private key, document contents, your phone's location, contacts, photos, messages, or microphone/camera.

Apple App Store — Privacy

Summary of the App Store privacy details for the iOS companion:

  • Data used to identify you: name, email, phone, organization (for your account).
  • Data linked to you: signing audit events, certificate metadata, and device identifiers, used for security and the audit trail.
  • Data not collected: PIN, private key, document contents, your phone's location, contacts, photos, and messages.
  • Note: on iOS, Apple restricts third-party USB access, so token-holder signing is done on Android; the iOS app is used for approvals and account management.

Account & data deletion

You can delete your eGuard account and associated Personal Data at any time:

  • Email us from your registered address at sales@Certificate.Digital with the subject “Account deletion”. We verify your identity, then delete or irreversibly anonymise your Personal Data within 30 days.
  • Uninstalling the app removes it from your device; your USB token's private key was never ours to hold and stays with you.
  • Exception: certain digital-signature audit logs may be retained longer where required by law or for evidentiary purposes (see “Data retention”). These never contain your PIN or private key.

Full policy

01Definitions

“Account” = your registered user account. “Applicable Law” = all laws that apply to the Services, including the Digital Personal Data Protection Act, 2023 and the Information Technology Act, 2000. “Device” = any computer, phone, tablet, or server used to access the Services. “Digital Signature Certificate (DSC)” = a valid certificate issued by a licensed Certifying Authority. “Document Hash” = a cryptographic digest that uniquely represents a document without revealing its contents. “Personal Data” = information that can identify you directly or indirectly. “Processing” = any operation performed on Personal Data (collection, storage, use, transmission, deletion, etc.).

02Scope

This Privacy Policy applies to all information collected through the eGuard website, desktop app, mobile app, APIs, customer support, sales enquiries, subscriptions, downloads, demonstrations, newsletters, and all other interactions with us relating to the Services. It does not apply to third-party websites or services linked through the Services.

03Applicable law

We process Personal Data in accordance with the Digital Personal Data Protection Act, 2023; the Information Technology Act, 2000; the IT (Reasonable Security Practices) Rules where applicable; our contractual obligations; and any other laws governing electronic signatures, digital identity, cybersecurity, or privacy. Where local laws impose additional requirements, those apply to the extent legally required.

04Information we collect

Depending on how you use the Services, we may collect:

  • Personal information — full name, email, mobile number, organization, designation, billing address, GST details (where applicable), subscription and payment references, and support communications.
  • Account information — user ID, login credentials, password (stored encrypted), authentication preferences, registered devices, account status, subscription plan, and preferences.
  • Device information — operating system, device model and identifier, browser, IP address, network info, app version, crash and diagnostic reports, time zone, and language.
  • Digital-signature information — certificate serial/issuer/validity/status, signing timestamps, the device used, the requesting application, audit events, approval status, transaction identifiers, and the Document Hash.
  • Usage information — login history, feature usage, session duration, error logs, performance metrics, security events, API usage, and update history.

05Information we do NOT collect

eGuard is architected so that your signing secrets stay with you. We do not:

  • collect your USB token private key;
  • collect your PIN, or transmit your PIN across the network;
  • decrypt or store your private cryptographic key;
  • generate digital signatures on your behalf;
  • permanently store the documents being signed, except where a temporary encrypted preview is technically necessary.

Your private keys remain inside your USB token at all times.

06Document processing

During signing, ordinarily only the document's cryptographic hash is processed, and the original document generally stays on your device. Where preview is supported, the document is encrypted before transmission, sent only to your registered mobile device, used solely for approval, and not permanently retained. Preview availability depends on the originating application and technical limits.

07Purposes of processing

We process information to provide the Services; verify identity; authenticate users and devices; enable secure digital signatures; maintain audit logs; prevent fraud and detect unauthorized activity; improve performance and cybersecurity; respond to enquiries and provide support; comply with legal obligations; enforce contractual rights; run internal analytics; process subscription payments; and maintain business continuity. We do not sell Personal Data.

08Legal basis for processing

We process Personal Data only where lawful — your consent; performance of a contract with you; compliance with legal and regulatory obligations; our legitimate business interests (where these don't override your rights); and protection against fraud, cyber threats, and misuse. Where consent is required, you may withdraw it at any time, subject to legal and contractual limits.

09Cookies and similar technologies

Our website may use cookies, local storage, and similar technologies to authenticate users, keep sessions secure, remember preferences, analyze traffic, measure usage, identify technical issues, and enhance security. Most browsers let you disable cookies, though some features may then not work.

10Disclosure of Personal Data

We do not sell, rent, or commercially exploit Personal Data. We may disclose it only to: (a) trusted service providers (cloud hosting, payment processing, support, analytics, monitoring, email delivery) who receive the minimum needed and are bound by confidentiality; (b) a successor entity in a merger, acquisition, restructuring, or asset sale, remaining bound by similar obligations; (c) authorities where required by law, court order, or lawful request; and (d) where reasonably necessary to protect our or users' rights and platform security.

11International data transfers

Your Personal Data may be processed or stored in jurisdictions outside your country of residence where legally permitted. Where cross-border transfers occur, we apply appropriate contractual, technical, and organizational safeguards to ensure adequate protection consistent with applicable privacy laws.

12Data retention

We retain Personal Data only for as long as reasonably necessary to provide the Services, maintain records, comply with legal obligations, resolve disputes, defend claims, maintain audit records, detect fraud, and enforce agreements. When retention periods expire, data is securely deleted, anonymized, or destroyed unless the law requires otherwise. Digital-signature audit logs may be retained longer where required for regulatory, compliance, or evidentiary purposes.

13Information security

We maintain administrative, technical, and physical safeguards, including where appropriate:

  • Transport Layer Security (TLS) and encrypted communications;
  • authenticated device pairing and role-based access controls;
  • security monitoring, intrusion detection, and audit logging;
  • secure development practices and regular vulnerability assessments;
  • encryption at rest where applicable and multi-factor authentication for administrative access.

No electronic transmission or storage can be guaranteed completely secure, so we cannot warrant absolute security.

14Your rights

Subject to applicable law, you may request access to your Personal Data; correction of inaccurate data; deletion; withdrawal of consent; restriction of or objection to processing; information about the categories processed; and you may lodge a complaint with the appropriate regulator. We may require reasonable identity verification, and some requests may be refused where retention or processing is required by law or legitimate business interests. See “Account & data deletion” above for how to make a request.

15Children's privacy

The Services are intended for business, governmental, institutional, and professional users, and are not directed at individuals under 18. We do not knowingly collect Personal Data from minors, and will delete such data within a reasonable period if we become aware of it.

16Third-party websites

The Services may link to third-party websites, software, or services. We do not control and are not responsible for their privacy practices, security, content, or policies. Please review their privacy policies before sharing data with them.

17Confidentiality of digital signatures

eGuard is designed to preserve the confidentiality of your signing credentials: the private key stays within the USB token's hardware boundary; your PIN is entered only on your authorized device; we cannot recover, view, decrypt, reconstruct, or reproduce your private key; and we cannot sign on your behalf. You remain responsible for safeguarding your DSC, USB token, authentication device, and credentials.

18Changes to this policy

We may amend this Privacy Policy at any time. Material changes take effect on publication on our website unless the law requires otherwise. Continued use of the Services after publication constitutes acceptance of the revised policy. Please review it periodically.

19Limitation of liability

Nothing here creates any obligation beyond what applicable law requires. To the maximum extent permitted by law, we are not liable for indirect, incidental, consequential, punitive, exemplary, or special damages arising from the collection or processing of Personal Data.

20Governing law & contact

This Privacy Policy is governed by the laws of India, with jurisdiction in the courts of Delhi. For any privacy question or request, contact Capricorn Infotech (India) Pvt. Ltd., G-5, Vikas Deep Building, Plot No. 18, Laxmi Nagar District Centre, Delhi 110092, India — sales@Certificate.Digital.

Questions about your data?

Our team is happy to walk you through exactly what eGuard does and doesn't collect. Reach out any time.

Contact us