1. Introduction
PFDesk Technologies Pvt Ltd ("PFDesk", "we", "us", or "our") operates the website pfdesk.in and the associated services (collectively, the "Service"). This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our Service.
By using PFDesk, you consent to the practices described in this policy. If you do not agree, please discontinue use of the Service. We may update this policy from time to time; the effective date at the top will reflect the most recent revision.
2. Data We Collect
We collect the following categories of information to provide our Service:
- Identity Information: Full name, date of birth, gender — as provided by you or retrieved from EPFO records with your consent.
- Contact Information: Mobile number and email address you provide when signing up or contacting support.
- Government Identifiers: PAN card number and/or Aadhaar number — used solely to authenticate EPFO lookups. Aadhaar numbers are never stored permanently; they are hashed immediately after use.
- PF & Financial Data: UAN(s), member IDs, PF account balances, passbook transactions, and claim statuses retrieved from EPFO on your behalf.
- Usage Data: IP address, browser type, pages visited, time spent on pages, and referring URL — collected automatically to improve service performance and security.
- Communications: Messages you send us via the contact form or email.
3. How We Use Your Data
We use the information we collect for the following purposes:
- To locate and display your PF accounts, UAN, and passbook data from EPFO.
- To provide AI-guided resolution for stuck claims, transfers, or withdrawals.
- To send you status updates and alerts related to your PF accounts (if you have opted in).
- To respond to your support requests and communications.
- To improve and personalise the Service, and to detect and prevent fraud or abuse.
- To comply with applicable laws and regulations, including the Aadhaar Act, DPDP Act 2023, and any applicable EPFO guidelines.
We do not sell, rent, or trade your personal information to third parties for their marketing purposes, ever.
4. Data Security
We implement industry-standard security measures to protect your information:
- Encryption in Transit: All data exchanged between your browser and our servers is encrypted using TLS 1.3.
- Encryption at Rest: Sensitive fields (including any temporarily stored identifiers) are encrypted using AES-256.
- Minimal Data Retention: Aadhaar numbers are not stored. Other personal data is retained only as long as necessary to provide the Service or as required by law.
- Access Controls: Only authorised personnel with a legitimate need can access your data, and all access is logged and audited.
- Penetration Testing: We conduct regular security audits and penetration tests on our infrastructure.
Despite these measures, no internet transmission or electronic storage is 100% secure. If you believe your account security has been compromised, contact us immediately at support@pfdesk.in.
5. Data Sharing & Disclosure
We may share your information in the following limited circumstances:
- EPFO & Government APIs: We transmit your identifying details to EPFO's official systems solely to retrieve your PF data on your behalf and with your explicit consent.
- Service Providers: We use trusted third-party providers for cloud hosting, analytics, and email delivery — all bound by data processing agreements and restricted from using your data for any other purpose.
- Legal Obligations: We may disclose information if required by law, court order, or governmental authority.
- Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred subject to the same protections described in this policy.
6. Your Rights
You have the following rights with respect to your personal data:
- Access: Request a copy of the personal data we hold about you.
- Correction: Request correction of inaccurate or incomplete data.
- Deletion: Request deletion of your data, subject to any legal retention requirements.
- Portability: Request your data in a machine-readable format.
- Withdraw Consent: Withdraw your consent to data processing at any time, which will require cessation of the Service for you.
- Grievance Redressal: Under the DPDP Act 2023, you have the right to file a grievance with our Data Protection Officer.
To exercise any of these rights, email us at support@pfdesk.in with the subject line "Privacy Request". We will respond within 30 days.
7. Cookies
PFDesk uses cookies and similar technologies to maintain your session, remember your preferences, and analyse usage patterns. You can configure your browser to reject cookies, though this may affect Service functionality. We do not use advertising or tracking cookies.
8. Children's Privacy
Our Service is intended for individuals 18 years of age and older. We do not knowingly collect personal information from anyone under 18. If you believe we have inadvertently collected such information, please contact us and we will promptly delete it.
9. Contact Us
For questions, concerns, or requests related to this Privacy Policy, please contact:
PFDesk Technologies Pvt Ltd
Email: support@pfdesk.in
Website: pfdesk.in