Privacy Policy

AgeGate Kit is built around data minimisation and the principles of India's Digital Personal Data Protection (DPDP) Act, 2023, and is GDPR-aware.

1. What we collect

For each verification we store: a verification id, timestamp, method, outcome (pass/fail), the configured minimum age, a derived age (a number, not a date of birth), a masked document reference, a consent flag, a truncated hash of the visitor's IP, and the page URL. We do not store raw Aadhaar or PAN numbers, dates of birth, selfies, or names of end-visitors.

2. Document handling

Document numbers are validated in memory and immediately masked (e.g. XXXXXXXX1234) before any storage. The raw value never touches our database or logs.

3. Why we process it

To provide age-gating and to give site operators an auditable record demonstrating that a check occurred — a legitimate, consented purpose under the DPDP Act.

4. Data controller vs processor

For verification records generated on a customer's site, the customer is the data fiduciary/controller and AgeGate Kit acts as a processor on their behalf.

5. Retention and deletion

Verification records are retained to support compliance audits. Operators may request deletion of their site's records by email; we action verified requests within 30 days.

6. Your rights

You may request access to, correction of, or erasure of your personal data by emailing getdeaddictedllc@gmail.com.

7. Cookies / local storage

The widget stores a single timestamp in the visitor's browser local storage to remember a passed verification for 30 days. No third-party tracking cookies are set by the widget.