Terms of Service.

Last updated: May 24, 2026. Please read carefully before using SecLink.

GOVERNED BY INDIAN LAW
DATA STORED IN INDIA
DPDP ACT 2023

1. Acceptance of Terms

By accessing or using SecLink ("the Service"), operated by DataFort (datafort.cloud), you agree to be bound by these Terms of Service and all applicable laws of India. If you do not agree, you must not use this Service.

2. Who Can Use SecLink

You must be at least 18 years of age to use SecLink, in accordance with the Digital Personal Data Protection Act, 2023 (DPDP Act). By using the Service, you confirm that you meet this requirement. If you are under 18, you may not use SecLink under any circumstances.

3. What SecLink Does

SecLink is a zero-knowledge, end-to-end encrypted platform for sharing sensitive text securely via self-destructing links. Your secret is encrypted entirely inside your browser using AES-256-GCM before it is transmitted. DataFort does not possess the decryption key and cannot read the content of any secret at any time.

4. Acceptable Use

SecLink is intended for legitimate personal and professional use only. Acceptable examples include:

  • Sharing passwords, API keys, or server credentials securely with colleagues.
  • Transmitting sensitive business or HR information.
  • Secure communication between professionals and clients.
  • Protecting personal financial or account details in transit.

5. Prohibited Use

The following activities are strictly prohibited and will result in immediate account suspension, IP blocking, and reporting to relevant Indian and international law enforcement authorities:

  • Sharing, distributing, or facilitating Child Sexual Abuse Material (CSAM) — a criminal offence under the POCSO Act, 2012 and IT Act, 2000.
  • Human trafficking, sexual exploitation, or forced labour.
  • Promoting or facilitating terrorism, extremism, or violence.
  • Sale or distribution of illegal drugs, weapons, or controlled substances.
  • Distribution of malware, ransomware, spyware, or phishing material.
  • Extortion, blackmail, harassment, or cyberstalking.
  • Any activity that violates the Information Technology Act, 2000, or any applicable Indian or international law.

6. Data Retention

Encrypted secrets are automatically and permanently deleted from our servers based on the expiry option chosen at creation — after a single view, 1 hour, 24 hours, or 7 days. Once deleted, secrets cannot be recovered under any circumstances. Access metadata (timestamps and hashed IP addresses — not the secret content) is purged after 90 days.

7. Law Enforcement Cooperation

Because SecLink uses zero-knowledge end-to-end encryption, DataFort is technically unable to provide the plaintext contents of any secret to law enforcement — we do not hold the decryption keys. We will comply with valid legal orders issued by Indian courts or competent authorities regarding metadata (hashed IP addresses, timestamps, expiry type) to the extent such data exists and has not been automatically purged.

8. Reporting Abuse

If you encounter a SecLink URL used in violation of these Terms, please report it immediately to our Grievance Officer (see Section 11) or at abuse@datafort.cloud. Include the full URL. Reports are reviewed within 24–72 hours.

9. Service Availability

DataFort does not guarantee uninterrupted availability of SecLink. The Service may be suspended, modified, or terminated at any time for maintenance, legal reasons, or at our discretion — with or without notice. DataFort is not liable for any loss resulting from service downtime or interruption.

10. Limitation of Liability

SecLink is provided "as is" without warranties of any kind, express or implied. DataFort is not liable for:

  • Loss of data due to expiry, accidental deletion, or service interruption.
  • Compromise of secrets resulting from a compromised device or browser on the sender's or recipient's end.
  • Any indirect, incidental, or consequential damages arising from use of the Service.

Our total liability to you for any claim shall not exceed INR 1,000 (one thousand Indian rupees).

11. Grievance Officer

In accordance with the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 and the DPDP Act, 2023, DataFort has appointed a Grievance Officer for addressing complaints related to the Service:

  • Name: Nilesh Pathare
  • Email: grievance@datafort.cloud
  • Response time: Complaints will be acknowledged within 24 hours and resolved within 15 days.

12. Changes to These Terms

DataFort reserves the right to update these Terms at any time. The "Last updated" date at the top of this page will reflect any changes. Continued use of SecLink after changes are posted constitutes acceptance of the revised Terms.

13. International Users

SecLink is designed, operated, and regulated under the laws of India. It is primarily intended for users located in India. Users accessing SecLink from outside India — including from the European Union, United Kingdom, United States, or other jurisdictions — do so at their own risk and are solely responsible for ensuring their use complies with their local laws.

SecLink is not GDPR compliant. EU and UK users should be aware that their data is processed and stored in India, and DataFort has not appointed an EU/UK data representative. If you are an EU or UK resident, we recommend you do not use this service until GDPR compliance is established.

DataFort makes no representation that SecLink is appropriate or lawfully available in any jurisdiction outside India.

14. Governing Law & Jurisdiction

These Terms are governed by and construed in accordance with the laws of India, including the Information Technology Act, 2000, and the Digital Personal Data Protection Act, 2023. Any disputes arising from these Terms shall be subject to the exclusive jurisdiction of the courts of India.

15. Contact

For general enquiries: hello@datafort.cloud
For abuse reports: abuse@datafort.cloud
For security issues: security@datafort.cloud