Platform Core
Deploy & Discover
Monetize & Operate
Support & Governance
Privacy at iDharma
iDharma’s privacy architecture is built to protect user data at every layer of the platform—by design, not afterthought.
From client engagements to tool purchases, we operate under a principle of data minimization, consent-driven visibility, and regulatory alignment.
Our Privacy Commitments
- No data is sold, rented, or repurposed—ever
- You control your data visibility, including reviews, proposals, and projects
- Project content and documents stay private—only authorized collaborators can access them
- Tool usage data is never exposed to other vendors or buyers
- Platform operations are fully encrypted and scoped to role-based access
Core Privacy Principles
| Principle | Description |
|---|---|
| Data Minimization | We collect only what’s necessary to deliver platform services and maintain security. |
| Scoped Access | Users can only access data related to their verified roles and project involvement. |
| User Transparency | Every data field has an explanation. You control what’s public, private, or shared. |
| No Shadow Profiling | We don’t aggregate behavioral data to infer hidden profiles or push targeted ads. |
| Right to Removal | Any user can request permanent deletion of their data—including deliverables, profiles, and interaction logs. |
Data Lifecycle Controls
- Profile Information: You choose what’s public (e.g., name, photo, expertise)
- Proposal & Project Data: Visible only to the involved parties and platform moderators
- Tool Purchase Records: Shared with buyer, seller, and authorized support staff only
- Communication Logs: Available to participants only; never scanned for platform targeting
- Payment & Contract Records: Encrypted and access-controlled by role (admin, finance, project lead)
User Privacy Options
- Set default visibility for all new projects or listings
- Enable public or private modes for your consultant or vendor profile
- Control what appears in your portfolio or search visibility settings
- Request removal of any stored file or uploaded artifact
- Opt in or out of review publication, even after submitting feedback
Compliance and Legal Alignment
iDharma’s privacy architecture is aligned with:
- GDPR – Right to access, correction, removal, and consent
- CCPA – Data transparency and opt-out rights for California users
- ISO 27701 – Privacy information management (in progress)
- Data localization (where required): Region-specific handling of sensitive project data
Data Access & Deletion
To access, export, or delete your data:
- Use your dashboard to manage privacy settings
- Submit a Data Access or Removal Request
- Contact our Privacy Operations Team
Requests are reviewed and responded to within 5 business days in most jurisdictions.
Third-Party Vendors & Processors
We use a minimal, vetted set of infrastructure partners (e.g., cloud hosting, payments). All vendors are:
- Bound by processor agreements
- Required to comply with equivalent data protection standards
- Subject to annual audits and compliance reviews
A full list of third-party services is available upon request.
Privacy Is a Product Feature
We believe privacy isn’t just a legal box to check—it’s core infrastructure.
Every control, dashboard, and workflow in iDharma is designed to make privacy actionable, not abstract.
You own your data. We protect it.
This is privacy by architecture—at iDharma.