• Licensed Govt of India Certifying Authority
Partner Login
Become Partner
IDsign Digital Signature

Partner Login

Privacy Policy

We have applied to UIDAI for obtaining an Authentication User Agency (AUA) license to operate as an AUA for providing Aadhar based eSign Service. The following privacy policy will be applicable for eSign Service that we intend to provide after receiving the license from UIDAI.

Definitions

Personal data – ‘Personal data’ meaning any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier. For example, Aadhar number, name, home address or private email address.

Processing – means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Third-party – means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who are authorized to process personal data.

Subscriber – means a person obtaining the digital signature certificate form a certifying authority after providing the required identification proof.

CCA – Controller of Certifying Authorities in India

UIDAI – Unique Identification Authority of India

Policy

  • For providing eSign services, the personal information collected will be treated as per CCA and UIDAI guidelines.
  • All the sensitive data, including Aadhar numbers, will be protected with appropriate encryption controls.
  • The subscriber data collected will be used only for subscriber agreed function of providing eSign service as per CCA guidelines

UIDAI Face/Biometric Data Retention – IDSign CA does not capture, store, or have access to any face image or biometric data. Face capture is performed exclusively by the UIDAI Aadhaar FaceRD app, a government application operated by the Unique Identification Authority of India.

Third Party Sharing – The encrypted PID is shared with UIDAI (Unique Identification Authority of India) via their Aadhaar eKYC API for identity verification. UIDAI processes this data in accordance with the Aadhaar Act, 2016, and their own privacy policy. UIDAI does not store face images — they validate the encrypted biometric against their records and return an authentication result only.

Encrypted PID Only – The only data received by IDSign CA from the FaceRD process is an encrypted PID block — a cryptographic token that cannot be reversed to reveal face or biometric data. This token is transmitted to our backend solely for the purpose of completing Aadhaar eKYC authentication and is not stored after the transaction.

Retention Period – No face data or biometric information is stored by IDSign CA. The encrypted PID token is discarded immediately after the authentication transaction completes.


Purpose

  • The Information collected will be used for the following purposes:
  • Authenticate the subscriber as per UIDAI guidelines
  • For issuing the digital signature certificates
  • For signing the documents of the subscriber as per Controller of Certifying Authorities in India guidelines

Disclosure

The confidential information collected will not be disclosed to a third party without the subscriber’s consent unless the information is required to be disclosed under the law or court order
The public certificates issued are published in the certificate database as per CCA guidelines

Grievance Redressal

If you have any questions or grievances about our privacy policy, please write to grievances@idsign.app

Shopping Basket