Data Handling
TxnCheck processes sensitive personal information (PII) including mobile numbers, PAN, Aadhaar, and UPI addresses. This guide covers best practices for handling this data securely and compliantly.Data Classification
Data Minimization
Only request and store data you actually need:Selective Data Storage
Data Masking
Mobile Number Masking
PAN Masking
VPA Masking
Hashing for Storage
Use cryptographic hashing when you need to look up data but don’t need the original value:Encryption at Rest
For data that must be stored in recoverable form:Secure Logging
What to Log
What NOT to Log
Log Sanitization Middleware
Data Retention
Retention Policies
Implementing Retention
Data Access Controls
Role-Based Access
Audit Trail
Database Security
Encryption in Database
Field-Level Encryption with ORM
Data Export & Portability
For GDPR/data portability requests:Checklist
Data Collection
Data Collection
- Only collect necessary data
- Document purpose for each data field
- Obtain proper consent
Data Storage
Data Storage
- Encryption at rest enabled
- Sensitive fields hashed or encrypted
- Access controls implemented
- Retention policies defined
Data Processing
Data Processing
- Logging sanitization in place
- Masking for display
- Audit trail for sensitive access
Data Deletion
Data Deletion
- Automated retention enforcement
- Right to deletion process
- Backup purging included
Related Guides
Compliance
Regulatory compliance guidance
Security Overview
Complete security guide
