Privacy Policy
Pankaj Jewellers App

• Full Name (Required) — Your legal name as a trader
• Email Address (Required) — Used as your login identifier
• Firm Name (Required) — Your business or firm name
• Mobile Number (Required) — 10-digit Indian mobile number; also used as your default WhatsApp contact number
• Password (Required) — Stored as a secure hash; minimum 6 characters
• Firm / Home Address (Optional) — Business or home address
• PAN Number (Optional) — Format: 5 letters · 4 digits · 1 letter (e.g. ABCDE1234F)
• Aadhaar Number (Optional) — 12-digit government-issued identity number

• Government-issued identity documents (Aadhaar, PAN, etc.) uploaded via the Document Upload screen
• Document images stored on our secure server for trader verification and compliance

• Device type, operating system and app version
• Firebase Cloud Messaging (FCM) token for push notification delivery
• IP address and approximate location (for fraud prevention only)
• App crash logs and diagnostic data

• Screens visited, features used and session duration
• Jewellery category and item browsing history (within the app)
• News articles viewed

• Create and manage your trader account and authenticate login sessions
• Process gold and silver buy orders, generate invoices (PDF) and maintain order history
• Deliver live gold/silver spot rates, MCX futures prices and INR exchange data via WebSocket
• Verify your identity and business through KYC document review (admin approval workflow)
• Send push notifications for order updates, price alerts and important announcements
• Display jewellery catalogue categories and products relevant to your browsing
• Publish and deliver market news updates within the app
• Contact you via phone or email regarding your account or orders
• Improve app performance, fix bugs and enhance features

The app maintains a persistent WebSocket connection to our server to stream live price data — including COMEX gold/silver spot prices, MCX futures rates and INR exchange rates. This connection transmits your session token to authenticate the data stream.

No personal browsing data is transmitted through this channel. The connection is encrypted using TLS. If the connection drops, the app attempts automatic reconnection. A "stale data" banner is displayed when live rates have not refreshed within the expected interval, ensuring you are never shown outdated prices without notice.

We use Google Firebase Cloud Messaging (FCM) to send push notifications to your device. To do this, we collect and store your device's unique FCM token on our server when you register or first open the app.

Notifications may include:

• Order status updates (confirmed, settled, cancelled)
• Important announcements from Pankaj Jewellers
• Market-related news published by admin

New traders are required to upload identity documents through the Document Upload screen as part of the account approval process. An administrator manually reviews these documents to verify your identity before approving your account for trading.

• Documents are stored on our secure server with access restricted to authorised admin personnel only
• Documents are never shared with third parties for marketing or advertising purposes
• Documents are retained as long as your account remains active or as required by applicable law
• Your account status (Pending / Approved / Rejected) is visible to you within the app at all times

When you place a buy order through the app, we collect and store:

• Metal type (gold or silver), product variant (e.g. GOLD 999-IMP, GOLD 995, SIL PETI TDS, SIL CHORSA 98.20) and quantity in grams
• Live rate at the time of order placement (MCX or Local Retail pricing mode)
• Calculated GST amount as configured by admin
• Order date, time and current status (pending, confirmed, settled, cancelled)
• Invoice reference details used for PDF generation

All account data, orders and KYC documents are stored on our secure server. We use industry-standard security measures including:

• HTTPS / TLS encryption for all API communications
• JWT-based authentication tokens for all authenticated requests
• Server-side role-based access controls limiting data access
• Your authentication token is stored securely on your device using the platform keychain

We do not sell, rent or trade your personal information. We share data only in the following limited circumstances:

• Google Firebase: FCM device token shared with Firebase for push notification delivery only
• WhatsApp / Email (User-Initiated): When you share an invoice via WhatsApp or email, this is done through your device's native share sheet — we do not send this data ourselves
• Legal Compliance: If required by law, court order or government authority

• Account data: Retained while your account is active. Deleted within 30 days of account deletion request
• Order records: Retained for a minimum of 7 years as required by financial record-keeping regulations
• KYC documents: Retained for the duration of the business relationship and as required by law
• Push notification tokens: Deleted when you delete your account or uninstall the app
• Crash/diagnostic logs: Retained for up to 90 days for debugging purposes

The Pankaj Jewellers app is intended for use by adult traders and business professionals only. We do not knowingly collect personal information from persons under 18 years of age. If we become aware that a minor has provided personal data, we will delete it promptly.