Data Protection
& Privacy Protocol.

TrustWiz Technologies operates as a Data Fiduciary under the Digital Personal Data Protection (DPDP) Act, 2023. We collect and process Personal Identifiable Information (PII) solely for the objective execution of timeline verification and the minting of a cryptographic Trust-ID.

We categorically reject the monetization of user data. Candidate records are never aggregated, sold to third-party data brokers, or utilized to train external AI models.

To execute an OSINT (Open Source Intelligence) audit, TrustWiz temporarily ingests the following data classifications:

• Identity Payloads: Legal Name, Contact Information, and securely hashed passwords.
• Corporate/Financial Records: Severance agreements, ROC strike-off notices, or furlough documentation.
• Medical Records (Zero-Knowledge): Health discharge summaries submitted strictly for DPDP-compliant timeline validation.

This is the immutable core of the TrustWiz security apparatus. We adhere to the DPDP Act's principle of Data Minimization.

Exactly 720 hours (30 days) after a Trust-ID is successfully minted, automated server-level cron jobs irreversibly destroy all physical PDF/image evidence, medical records, and corporate severance files associated with your profile. The active database retains only the sanitized mathematical hash (Trust-ID) and the cleared timeline metadata required for ATS verification.

When an integrated Applicant Tracking System (e.g., Darwinbox, Workday) queries the TrustWiz REST API using your Trust-ID, we transmit a strictly limited JSON payload. We return only the binary clearance state (AUTHENTICATED / REJECTED) and the non-PII classification metadata. Underlying evidentiary documents are never transmitted to corporate partners.