PropertyRiskPropertyRisk
Get started

Privacy policy

Last updated: 30 April 2026

Who we are

PropertyRisk is operated by Wenvia Global Solutions Pvt Ltd, a company incorporated in India (GSTIN 29AAECW3598E1ZV), with registered office in Bengaluru. Throughout this policy, "we", "us", and "PropertyRisk" refer to Wenvia.

What data we collect

  • Account data: name, work email, bank/organization name, password hash, role.
  • Documents you upload: PDFs of sale deeds, encumbrance certificates, tax receipts, etc. Stored encrypted at rest in Cloudflare R2 (ap-south region).
  • Government portal records we fetch on your behalf: with your explicit authorization, we use headless browsers to request public records (Bhoomi RTC, BBMP e-Khata, eSwathu Form 9 / 11B) from Karnataka government portals. The fetched documents are stored alongside your case.
  • Risk findings & AI summaries generated from your documents.
  • Usage telemetry: timestamps, IP address (truncated for storage), user-agent, audit log entries.

What we do NOT do

  • We do not train AI models on your documents.
  • We do not sell or share your data with third parties for marketing.
  • We do not use third-party analytics that fingerprint individual users.

Sub-processors

We rely on the following sub-processors to deliver the service:
  • Google (Gemini API) — AI inference. Documents are sent to Gemini for extraction and risk analysis. Google's Gemini API has a no-training guarantee for paid tier requests.
  • Cloudflare — object storage (R2) and CDN.
  • Hosting provider — Indian VPS for the application backend.
  • SMTP provider — transactional email delivery (account verification, password reset, billing notifications).
  • Stripe (when enabled) — payment processing for credit top-ups.

Retention

  • Documents are retained for the lifetime of your account, plus 90 days after deletion.
  • Audit logs are retained for 12 months.
  • Backup copies are retained for 30 days, then deleted.
  • You can request deletion of any case at any time from the case page.

Your rights (DPDP Act 2023)

You have the right to access, correct, erase, and export your personal data. To exercise any of these rights, email privacy@propertyrisk.in. We respond to verified requests within 30 days as required by the Digital Personal Data Protection Act, 2023.

Security

All traffic is encrypted in transit with TLS 1.3. Documents are encrypted at rest with AES-256. Authentication uses JWT in httpOnly cookies (XSS-resistant), with optional 2FA. Security incidents can be reported to security@propertyrisk.in — we acknowledge within one business day.

Cookies

We use a single httpOnly cookie (access_token) for authentication. We do not use third-party tracking cookies, analytics cookies, or advertising cookies.

Changes to this policy

We'll email you 30 days before any material change.
Chat with us on WhatsApp