Data Handling Policy

1. Purpose of this policy

This document sits alongside the Privacy Policy and explains the technical mechanics. If the Privacy Policy answers “what do you do with my data?”, this one answers “how exactly do you do it?”.

2. Where data is stored

• Primary database. Relational database hosted in a Tier-3 data centre in Singapore, with an encrypted read-replica in Mumbai for regional redundancy.
• Photo storage. Object storage, separated from the primary database, with signed-URL access only. Photos are never publicly indexable.
• Backups. Encrypted nightly snapshots, retained for 30 days, stored in a second region from the primary database.

We choose regional hosting (Singapore and Mumbai) deliberately so that latency to Nepal is low and so that data does not transit the United States or China by default.

3. Encryption

• In transit. All traffic to and from pawseen.com and the mobile application is encrypted using TLS 1.3. Older TLS versions are disabled at the load balancer.
• At rest. Database volumes and object storage are encrypted using AES-256.
• Secrets. API keys, payment credentials, and other secrets are stored in a dedicated secrets manager, not in source code, and never transmitted to the browser.

4. Access control

Raw access to the production database is restricted to a named list of Pawseen engineers. Today that list has 3 people on it. All access requires:

• Multi-factor authentication on an Anthropic-managed identity
• A VPN-gated internal network
• A written audit log of every session

Partner shelter staff access rescue reports through a scoped web interface. A shelter in Kathmandu cannot view reports routed to a shelter in Pokhara, and so on.

5. Third-party processors

We share the minimum data needed with the following service providers, under written data processing agreements:

• Hosting and database: our cloud provider, for running the platform infrastructure
• Email delivery: for transactional emails and sponsor update mailings
• SMS gateway: Sparrow SMS, for the DOG to 1234 SMS fallback service
• Payment processing: eSewa, Khalti, or direct shelter bank transfer, depending on what the sponsor selects
• Error monitoring: for crash and error logs (personally identifying fields are scrubbed before upload)

6. SMS and location data

The SMS fallback (text DOG to 1234) relies on cell-tower triangulation for approximate location. That level of precision is typically accurate to roughly 200 metres to 2 kilometres in urban Nepal. We do not purchase or attempt precision location from mobile operators.

If you grant GPS access in the mobile app, precise coordinates are attached to your report and shared with the receiving shelter and volunteer. After the case is closed, coordinates are rounded to the nearest 100 metres for long-term storage.

7. Breach protocol

If we detect or are credibly informed of a data breach:

1. Pawseen contains the breach and preserves logs
2. Within 72 hours, we notify affected users by email
3. Within 7 days, we publish a public post-mortem on pawseen.com
4. Where required under Nepali law, we notify relevant authorities

We commit to this even when there is no legal requirement to disclose. Trust is the product.

8. Data portability

You can request a machine-readable export of your account data in JSON format by emailing hello@pawseen.com. We will deliver it within 14 days.

9. Deletion

When you request deletion, we remove your personal data from active systems within 30 days and from backups within 60 days (backups naturally expire on a 30-day cycle, so the additional 30 days is the buffer).

Some records may be retained in anonymised form where they contribute to public-health statistics (for example, the fact that a rescue occurred in Ward 26 on a particular date). These records cannot be linked back to you.

10. Questions and accountability

Pawseen’s founder, Saman, is personally responsible for data handling until a formal Data Protection Officer is appointed. You can write to him directly.