Data Privacy &
Governance Framework

1. Preamble & Scope of Application

The SATARK Intelligence Gateway ("SATARK", "The Platform", "System"), architected by Sunil Kumar Jangid ("Cyber Sunil") and operated under the corporate stewardship of KENILGLOBAL TECH (OPC) PRIVATE LIMITED, functions exclusively as a highly specialized, closed-network digital forensics and algorithmic correlation infrastructure.

SATARK is not a public-facing entity. It does not offer services to civilians, private corporations, or unauthorized private investigators. Access is strictly provisioned through rigorous vetting, utilizing official government domain email addresses (`@gov.in`, `@nic.in`, `@police.gov.in`) and nodal officer authorization.

This policy delineates the stringent mechanisms through which SATARK handles the highly sensitive, legally procured raw data uploaded by LEAs. SATARK acts purely as a Data Processor under the parameters defined by the LEA (the Data Fiduciary). SATARK does not independently collect, intercept, or surveil civilian telecommunications without a direct, user-initiated query rooted in a legally sanctioned investigation (such as a registered FIR or CrPC Section 91/92 notice).

2. Information Ingestion & Categorization

In the course of executing an investigation, LEA personnel upload disparate sets of raw data into SATARK for correlation. The System is engineered to ingest, parse, and analyze the following categories of Restricted Data:

• Telecommunication Meta-Data: Call Detail Records (CDRs), Internet Protocol Detail Records (IPDRs), Tower Dumps, Subscriber Data Records (SDRs), Mobile Switching Centre (MSC) logs, and Visitor Location Register (VLR) traces.
• Financial & Fintech Telemetry: Unified Payments Interface (UPI) transaction hashes, Aadhaar Enabled Payment System (AePS) logs, wallet ledger histories (Paytm, PhonePe, MobiKwik), bank statement OCR outputs, and Payment Gateway routing logs (Razorpay, PayU).
• Open Source & Cyber Intelligence (OSINT): Publicly accessible social media graphs, unmasked IP geolocations, dark web forum scrapes, breached credential datasets, and associated cryptographic wallet ledgers (Bitcoin, Ethereum, USDT).
• Device & System Forensics: Hexadecimal memory dumps, registry hives, physical disk images, UFED extraction reports, and application cache logs (WhatsApp, Telegram, Signal).
• Personally Identifiable Information (PII) of Suspects/Victims: Names, aliases, mobile numbers, government-issued identifiers, and physical addresses manually inputted by the Investigator during Case Registration.

Source of Data: SATARK unequivocally relies on the premise that all data ingested into the system has been lawfully obtained by the User under the provisions of the Code of Criminal Procedure (CrPC), the Indian Telegraph Act, the Information Technology Act, or other prevailing statutes.

3. Algorithmic Processing & Correlation Boundaries

The core utility of SATARK lies in its proprietary algorithms which process raw data at high velocity to generate actionable intelligence. This processing strictly adheres to the following boundaries:

• Automated Link Analysis: Processing CDRs to identify A-Party and B-Party nexus, determining frequency of contact, and identifying common geographical convergence points without human intervention.
• De-obfuscation Protocols: Utilizing IPDRs to trace Network Address Translation (NAT) mappings, resolving IPv4/IPv6 addresses to physical router locations and ISP subscriber details.
• Heuristic Financial Mapping: Tracing the flow of illicit funds across multiple micro-transactions (smurfing) to identify the ultimate beneficiary or terminal crypto-exchange wallet.
• Volatile Memory Utilization: High-intensity processing tasks (such as large Tower Dump cross-referencing) utilize encrypted volatile memory (RAM). Upon completion of the process and generation of the report, the raw data is flushed from the volatile cache to prevent unauthorized lateral movement.

At no point does KENILGLOBAL TECH utilize LEA-uploaded data to train external AI models, monetize data streams, or cross-pollinate data between unrelated cases across different state LEAs, preserving absolute jurisdictional compartmentalization.

4. Data Storage, Retention, & Cryptographic Destruction

The lifecycle of data within SATARK is governed by rigid, automated protocols designed to minimize liability and maximize operational security.

4.1 Encryption Standards

All data at rest is encrypted utilizing AES-256-GCM (Advanced Encryption Standard with Galois/Counter Mode). Data in transit between the User's terminal and the SATARK nodes is secured via TLS 1.3 utilizing ECDHE-RSA cryptographic key exchange, rendering man-in-the-middle (MITM) interceptions mathematically infeasible.

4.2 The Digital Case Archive (Vault)

Reports, geospatial maps, and correlation matrices generated by the platform are stored in a dedicated, cryptographically segregated partition (The Vault) assigned uniquely to the investigating officer or the specific nodal command.

4.3 Automated Destruction & Sanitization

SATARK operates on a principle of necessary retention.

• Raw Data Ephemerality: Extremely large datasets (e.g., multi-gigabyte Tower Dumps) uploaded for transient querying are subjected to cryptographic wiping (DoD 5220.22-M standard) 72 hours post-report generation, unless explicitly locked by the Investigator for extended analysis.
• Case Closure Protocol: When an Investigator marks a Case ID as 'Resolved' or 'Closed', the associated raw telemetry is queued for permanent deletion. Only the final forensic reports and the immutable audit logs are retained for judicial review purposes.

5. Zero-Trust Security & Access Control

SATARK assumes that the network is inherently hostile. The platform enforces a strict Zero-Trust Architecture (ZTA).

• Multi-Factor Authentication (MFA): Access to the SATARK Mainframe requires a verified credential pair (Official Email/ID and Password) followed by a Time-based One-Time Password (TOTP) transmitted exclusively to the LEA officer's registered mobile device.
• Role-Based Access Control (RBAC): An Investigator can only view cases and data they have personally registered or cases explicitly shared with them by their Supervisory Officer. Cross-departmental visibility is hardware-locked.
• Session Monitoring & IP Binding: User sessions are dynamically monitored. Anomalous activity, such as concurrent logins from geographically impossible IP addresses, triggers an automatic session termination and alerts the Security Operations Center (SOC). Uplinks can be administratively bound to static IP addresses of designated Cyber Police Stations.

6. Evidentiary Admissibility & Legal Compliance

SATARK is engineered from the ground up to support the prosecution phase of criminal justice in the Republic of India.

6.1 Section 65B of the Indian Evidence Act, 1872

All intelligence reports, parsed CDR outputs, and financial correlation graphs generated by SATARK are accompanied by system-generated metadata and cryptographic SHA-256 hash values. This ensures that the digital evidence extracted through the platform meets the criteria for electronic record admissibility under Section 65B, proving that the computer system was operating properly and the data was not tampered with post-extraction.

6.2 DPDP Act & Exemptions

While SATARK adheres to global best practices in data privacy, the processing of personal data within this platform falls under the exemptions provided for law enforcement, prevention, detection, investigation, or prosecution of any offense under the Digital Personal Data Protection Act (DPDP), 2023.

7. Interaction with Third-Party Data Providers

To facilitate advanced tracking, SATARK interfaces with various third-party Application Programming Interfaces (APIs), including but not limited to, telecom provider gateways, NPCI databases, and OSINT aggregators (e.g., Truecaller, Shodan, Blockchain Explorers).

Data Minimization: When SATARK executes a query against an external API (e.g., an IP lookup), it transmits only the specific data point required (the IP address). No contextual case data, FIR numbers, or suspect names are ever leaked to third-party commercial vendors. All external API queries are routed through SATARK's obfuscated proxy network to prevent external vendors from profiling LEA investigation targets.

8. Immutable Auditing & Accountability

To prevent abuse of power and ensure absolute accountability, SATARK maintains a Write-Once-Read-Many (WORM) audit ledger.

Every action executed on the platform is permanently logged. This includes:

• The exact Timestamp (synchronized with atomic clocks).
• The Officer ID and Terminal IP Address.
• The specific module accessed (e.g., `Fintech_Flow_Analyzer`).
• The exact query executed (e.g., Searched for UTR: `301294...`).

These audit logs cannot be altered, modified, or deleted by any user, including system administrators. They are retained in perpetuity and can be subpoenaed by judicial authorities to verify the lawful usage of the intelligence platform.

9. Incident Response & Breach Protocols

In the highly improbable event of a cryptographic failure or a detected unauthorized intrusion attempt into the SATARK infrastructure, the following protocols are immediately initiated:

• Automated Node Severance: The affected server node is instantly isolated from the central database cluster to prevent lateral data exfiltration.
• LEA Notification: The Nodal Officers of all potentially affected agencies are notified within four (4) hours of breach confirmation.
• Forensic Preservation: A snapshot of the intrusion is captured for subsequent investigation by the Indian Computer Emergency Response Team (CERT-In).

10. Governing Law & Jurisdiction

The deployment, usage, and governance of the SATARK Intelligence Gateway, and this Privacy Policy, shall be governed by and construed in accordance with the laws of the Republic of India.

Any disputes, legal proceedings, or judicial inquiries arising out of the use of this platform shall be subject to the exclusive jurisdiction of the competent courts located in Jaipur, Rajasthan, India.