🔐 PRIVACY POLICY

Last Updated: January 2026

1. Introduction

LostFound (“we”, “our”, “us”) is a public service platform that enables users to report and claim lost and found persons, animals, articles, and other items. We are committed to protecting your privacy and handling your personal data responsibly, transparently, and securely.

This Privacy Policy explains:

• What data we collect
• How we use it
• How we protect it
• Your rights under applicable laws

2. Scope & Applicability

This policy applies to:

• All users globally
• Visitors, reporters, finders, claimants
• Authorities and administrators

We comply with:

• GDPR (EU)
• India Digital Personal Data Protection Act (DPDP), 2023
• International child protection and public safety norms

3. Information We Collect

3.1 Personal Information

Collected when you register, submit reports, or make claims:

• Full name
• Email address
• Phone number
• Country, state, city
• Government-issued ID (for verification, where required)

3.2 Sensitive & Special Category Data

Only when necessary and with safeguards:

• Information related to missing persons
• Photos of individuals or animals
• Identification documents (masked & encrypted)

3.3 Non-Personal Data

Automatically collected:

• IP address
• Device & browser type
• Usage analytics
• Date/time of access

4. Purpose of Data Collection

We collect data to:

• Enable lost & found reporting
• Match lost and found records
• Verify claimant identity
• Facilitate safe communication
• Prevent fraud and misuse
• Comply with legal obligations
• Improve platform performance

5. Legal Basis for Processing

Data is processed based on:

• User consent
• Legitimate public interest
• Legal obligation
• Protection of vital interests (missing persons, safety cases)

6. Data Sharing & Disclosure

We do not sell personal data.

Data may be shared only with:

• Verified authorities (law enforcement, NGOs)
• Platform administrators
• Legal or regulatory bodies when required by law

Sensitive cases (minors, missing persons) are never publicly disclosed without safeguards.

7. Data Security Measures

We use:

• Encrypted storage (AES-256)
• Secure PHP/MySQL access controls
• Role-based admin permissions
• Limited data visibility
• Regular security audits (OWASP standards)

8. Data Retention

• Standard records: retained for 12–36 months
• Critical cases: retained as per legal requirements
• Users may request deletion unless restricted by law

9. Cookies & Tracking

We use cookies for:

• Authentication
• Language preferences
• Performance analytics

Users may manage cookies through browser settings.

10. User Rights

You have the right to:

• Access your data
• Correct inaccurate data
• Withdraw consent
• Request deletion
• File complaints with authorities

Requests can be made via the website contact form.

11. Children’s Privacy

• Accounts for minors require guardian or authority involvement
• No targeted advertising or profiling of children
• Extra safeguards apply to missing children cases

12. International Data Transfers

Data may be processed on secure servers located internationally, following adequate protection standards.

13. Policy Updates

We may update this policy periodically. Continued use of the platform implies acceptance of changes.

14. Contact

For privacy-related queries, contact:
Privacy Officer – LostFound
(Email/Contact Form on Website)