Privacy Policy
Effective 1 January 2026
Samhita Legal ("Samhita Legal", "we", "us", "our") is committed to protecting the privacy of visitors, clients and lawyers who use samhitalegal.com and our related services (together, the "Platform"). This Privacy Policy explains what personal information we collect, how we use it, who we share it with and how you can exercise your rights.
1. Who this policy applies to
This policy applies to anyone who visits our website, creates an account, books a consultation, uploads a document, applies to be a lawyer on the Platform, or otherwise interacts with our services. It is a supplement to, and read alongside, our Terms of Use.
2. Information we collect
- Account information - name, email address, phone number, password (stored as a bcrypt hash) and any profile details you choose to share.
- Legal matter details - the description of your matter, documents you upload, notes and messages exchanged with your lawyer.
- Payment metadata - the amount, gateway reference and status of any payment. Full card numbers are never seen or stored by Samhita Legal.
- Technical information - IP address (hashed for audit), device / browser information, cookies and log data for security and troubleshooting.
- Lawyer verification data - Bar Council enrolment number, ID proof, address proof and professional details, collected during KYC.
3. How we use your information
We use your information to operate the Platform, connect you with lawyers, deliver documents, process payments, meet our legal obligations, prevent fraud and abuse, personalise the experience and communicate with you about your account.
4. Who we share your information with
We share your matter details only with the lawyer(s) you've been matched with, with vetted service providers who help us operate the Platform (payment gateways, cloud infrastructure, email/SMS providers), or where required by law. We do not sell your personal information.
5. How we protect your data
Data is encrypted in transit (TLS 1.2+) and, for sensitive fields, at rest using AES-256-GCM. Documents are stored outside of publicly accessible folders and are served only through authenticated links. Access to production data is limited to authorised personnel and every privileged action is written to a tamper-evident audit log.
6. Cookies
We use essential cookies to keep you signed in and remember your preferences. With your consent we also use analytics cookies to understand aggregate usage. You can withdraw analytics consent at any time from the cookie banner or your browser settings.
7. Your rights
You have the right to access, correct, download or delete your personal information. Contact grievance@samhitalegal.com and we will respond within 30 days.
8. Retention
We retain account and consultation records for as long as required to provide the service and to comply with our legal obligations. When you close your account, we delete or anonymise your personal data within a reasonable period, except where the law requires us to retain it.
9. Grievance officer
In accordance with the Information Technology Act, 2000 and applicable rules, the grievance officer is Ms. R. Iyer, reachable at grievance@samhitalegal.com.
10. Changes to this policy
We may update this policy from time to time. Material changes will be announced on the Platform and, where appropriate, notified by email. Your continued use of the Platform after a change indicates your acceptance of the updated policy.