Privacy Policy

Privacy Policy for all Sampark Connect apps.

This Privacy Policy is published by Sanyojan Foundation ("Sanyojan Foundation," "we," "our," or "us") and applies to every Sampark Connect app (Citizen, Leader, Officer, Vendor) — on Google Play, published by Sanyojan Foundation; on the Apple App Store, published on our behalf by our technology partner ITASSET Private Limited — and any future app we add to the platform. By installing or using any of these apps, you agree to the practices described below.

Effective & last updated: 26 May 2026
Published by (Developer) Sanyojan Foundation (Google Play) · ITASSET Private Limited, on its behalf (Apple App Store)
Platform Sampark Connect — a civic-tech platform
Privacy contact support@samparkconnect.in
Website https://samparkconnect.in
Independent platform — not a government app Sampark Connect is an independent civic-engagement platform operated by Sanyojan Foundation. It is not affiliated with, endorsed by, operated by, or representing the Saswad Municipal Council, the Nagarpalika, or any government body or municipal authority. Use of the apps is entirely voluntary.

1. Apps covered by this Policy.

This single Policy applies to every Sampark Connect mobile application — on Google Play (published by Sanyojan Foundation) and on the Apple App Store (published on our behalf by ITASSET Private Limited). The currently published apps are listed below so each app's store listing maps unambiguously to this document. Apps added in future will be appended to this list and become subject to the same Policy.

Sampark Connect Citizen

com.samparkconnect.citizen
Under review on Google Play

The citizen-facing app. Lets residents (starting with the town of Saswad) raise voice and text civic issues, browse public welfare schemes, find emergency contacts, and stay connected with their local representatives — as an independent community platform, not an official government service.

Sampark Connect Leader

com.samparkconnect.leader
Under review on Google Play

The app for elected representatives (Corporators / Prabhag leaders). View and respond to complaints, manage events, broadcast announcements, browse the citizen and officer directory for the ward, and optionally sync events to Google Calendar.

Sampark Connect Officer

com.samparkconnect.officer
Live on Google Play

The field-officer app for municipal staff assigned to resolve complaints. Receive ward-scoped task assignments, navigate to the complaint location, upload "before / after" photo evidence, and update task status.

Sampark Connect Vendor

com.samparkconnect.vendor
Live on Google Play

The app for empanelled municipal contractors and service vendors. Receive work orders, navigate to job sites, submit photo evidence on completion, and update the status of assigned jobs.

Future apps

Any new app Sanyojan Foundation publishes under the same Google Play developer account — whether a new variant of Sampark Connect (e.g. for a different municipality) or a different civic-tech app — will be added to the list above and will be governed by this same Policy. The "Effective & last updated" date at the top of the page reflects the latest revision.

2. About the publisher.

Sanyojan Foundation is the independent body that owns and operates the Sampark Connect platform (https://samparkconnect.in) and is the data controller for the personal information processed through these apps. On the Apple App Store, the apps are published on Sanyojan Foundation's behalf by its technology partner, ITASSET Private Limited; on Google Play they are published by Sanyojan Foundation.

Sampark Connect is an independent civic-engagement platform. It is not affiliated with, endorsed by, operated by, or representing any government body, municipal corporation, or local authority. Use of the apps is entirely voluntary.

All apps share a common backend at admin.samparkconnect.in, common authentication, and common privacy practices — which is why a single Policy applies to all of them. Where an app collects something the others do not (e.g. location, audio, photos), that is called out explicitly in the per-app permissions matrix in section 4.

3. The data we collect.

We only collect what is necessary to operate each app. The categories below correspond to what is declared in the Google Play Data Safety form for every covered app. Items marked with a coloured tag apply only to specific apps; everything else applies to all four.

a) Information you provide directly

  • Mobile number — for OTP-based login. The OTP is delivered by SMS via a third-party SMS gateway (FastSMS).
    All apps
  • Name and role (Citizen / Corporator / Officer / Vendor) — for your in-app profile and so people you interact with can identify you.
    All apps
  • Address, ward, and municipality — set during onboarding (Citizen) or assigned by your municipal administrator (Leader / Officer / Vendor).
    All apps
  • Profile photo (optional) — uploaded from your device's camera or photo library.
    All apps
  • Voice recordings for filing or replying to complaints.
    CitizenLeader
  • Photo / image attachments on complaints, "before / after" task evidence, and assistance requests.
    CitizenOfficerVendor
  • Complaint location picked on an in-app map (latitude + longitude).
    Citizen
  • Content you create — broadcasts, event details, internal notes, scheme remarks, chat messages, dictated text, task updates.
    All apps (role-dependent)

b) Information collected automatically

  • Authentication token issued by our backend after successful OTP verification, stored on your device in the Android Keystore / iOS Keychain.
    All apps
  • Push-notification token (Firebase Cloud Messaging) so we can deliver alerts about new complaints, assignments, broadcasts, and replies.
    All apps
  • Device & diagnostic data — device model, OS version, app version, language setting, and crash diagnostics needed to debug issues.
    All apps
  • App preferences — your language choice (English / Hindi / Marathi) and last-used screen, stored locally on the device.
    All apps

c) Information collected only with your explicit consent

  • Microphone audio — only when you tap the in-app microphone button to record a voice note or use voice dictation. Audio is never recorded in the background.
    CitizenLeader
  • Camera / photo library access — only when you choose to attach an image.
    CitizenLeaderOfficerVendor
  • Device location — only when you tap the in-app map picker to attach a location to a complaint or when you tap "Navigate" on an assigned task. Location is not collected in the background.
    CitizenOfficerVendor
  • Google account email and OAuth tokens — only if you connect your Google account from the Profile screen to sync Sampark events to your Google Calendar. See section 5(b).
    Leader
  • Native speech recognition — when you tap the dictation mic in a text field, the app uses your device's built-in speech-recognition service (Google / Apple) to convert audio to text. Sanyojan Foundation does not receive the raw audio in that flow.
    CitizenLeader
  • Bhau AI voice & questions — only when you use the optional "Bhau AI" assistant. Your spoken question is sent to Sarvam AI for transcription and answered by Google Gemini (see section 5c). Used solely to answer you — not for advertising and not to train AI models.
    Citizen

What none of our apps collect

  • We do not read your contacts, SMS, or call logs.
  • We do not access files outside what you explicitly pick.
  • We do not collect background location in any app.
  • We do not show third-party advertising.
  • We do not sell your personal data to anyone, ever.
  • We do not use your data to train third-party AI models.

Data linked to your identity

  • Mobile number, name, role, ward, municipality
  • Profile photo (if uploaded)
  • Voice notes & photo attachments you submit
  • Messages, notes, and updates you write
  • FCM push-notification token
  • Map-picked location (Citizen only)
  • Google account email (Leader, if Calendar connected)

4. Android permissions — by app.

Each app declares only the minimum permissions needed for its features. The matrix below shows exactly which permissions are requested by which app and why. You can revoke any runtime permission at any time from your device's Settings > Apps > [App name] > Permissions.

Permission / capability Citizen Leader Officer Vendor
INTERNET Network calls to admin.samparkconnect.in and Google services.
RECORD_AUDIO (Microphone) Voice complaints (Citizen); voice notes & dictation (Leader).
CAMERA Photo attachments on complaints & tasks; profile photo capture. (runtime, via image_picker)
READ_MEDIA_IMAGES / READ_EXTERNAL_STORAGE Selecting an existing photo from the gallery as an attachment. runtime runtime runtime
ACCESS_FINE_LOCATION / ACCESS_COARSE_LOCATION In-app map picker (Citizen); "Navigate to task" (Officer, Vendor). Foreground only — never in the background.
POST_NOTIFICATIONS (Android 13+) Show push notifications for new activity via Firebase Cloud Messaging.
Google Sign-In + Calendar API (OAuth) Optional: sync Sampark events into the leader's Google Calendar (calendar.events scope).
Save to Photos / Gallery Save personalised Sampark posters & complaint receipts to your device.
Speech Recognition (device service) In-field-dictation on text inputs, via the OS provider.

Where a row shows "runtime," the permission is not declared statically in the app's manifest; the underlying OS plugin (e.g. image_picker) triggers the standard system picker, which handles its own access prompt.

5. Third-party services we use.

Our apps rely on a small set of trusted third-party services. Each one is listed below with the data it sees, which apps use it, and a link to its own privacy policy.

a) Firebase Cloud Messaging (Google LLC)

All apps

Used to deliver push notifications. Firebase receives a device-generated FCM token (an opaque identifier), the app version, and the notification payload. It does not receive the contents of your in-app records. Reference: firebase.google.com/support/privacy.

b) Google Sign-In & Google Calendar API (Google LLC)

Leader only

Optional. If a leader connects their Google account from the Profile screen, the app receives their Google email and a short-lived OAuth token, which our backend exchanges for a refresh token used solely to write Sampark events to their Google Calendar. The leader can disconnect at any time from the Profile screen or from their Google Account permissions page. We request only the calendar.events scope.

c) Bhau AI voice assistant — Google Gemini & Sarvam AI

CitizenLeader

The optional "Bhau AI" assistant uses two AI providers, and only when you actively choose to use it:

  • Sarvam AI (voice questions) — when you ask a question by voice, your audio recording is sent to Sarvam AI's speech-to-text service to transcribe it. Sarvam receives only that recording, only when you use the voice assistant, and only to perform the transcription. Reference: sarvam.ai.
  • Google Gemini — your question (typed, or the transcribed voice query; if transcription fails, the short audio clip itself) is sent to Google's Gemini Generative Language API to generate the reply. We send only your query and the strictly relevant civic context — never the full citizen directory or device data. Per Google's policy, data submitted via the paid Generative Language API is not used to train Google's models. Reference: ai.google.dev/gemini-api/terms.

d) Native Speech Recognition (Google / Apple)

CitizenLeader

When you use voice dictation inside a text field, the app invokes your device's built-in speech-recognition service (Google on Android, Apple on iOS) via the OS-provided plugin. The audio is processed by the OS provider per their privacy policy and we do not receive the raw audio.

e) FastSMS (OTP delivery)

All apps

Used by our backend to send the one-time password to your registered mobile number during login. FastSMS receives only your mobile number and the OTP message text.

f) Cloud hosting

All apps

Backend data is stored on industry-standard cloud infrastructure inside India where feasible. All transport between the apps and our backend uses HTTPS / TLS.

6. How we use your data.

We use the information collected solely to operate, maintain, and improve the apps. Specifically, to:

  • Authenticate you via OTP and keep you signed in across the relevant app;
  • Show you the complaints, broadcasts, events, schemes, tasks, citizens, and officers belonging to your ward / municipality / role;
  • Route a citizen complaint to the right leader, then to the right officer or vendor for resolution;
  • Deliver push and in-app notifications about activity that concerns you;
  • Sync Sampark events to your Google Calendar, if you opt in (Leader);
  • Generate, save, and share personalised civic posters you choose to create;
  • Detect, prevent, and investigate fraud, abuse, or security incidents;
  • Comply with applicable laws and lawful requests from public authorities;
  • Improve the apps through aggregated, anonymised usage and crash analytics.

We do not use your data for advertising, profiling, or any purpose unrelated to the civic-engagement functions of the apps.

7. When we share your data.

We do not sell your personal data. We share information only in these limited cases:

  • With other users you interact with in the apps — a citizen who files a complaint can see the leader and officer assigned to it; the leader and officer see the citizen's name, ward and the contents of the complaint; vendors see the work-order details from the assigning officer.
  • Not with any government body — we do not share your personal data with the Nagarpalika, any municipal corporation, or any government authority for routine operations. Civic issues you raise are visible only to the relevant people within the Sampark platform (see above) and to you.
  • With service providers listed in section 5, under strict contractual confidentiality and only for the purposes described.
  • With law-enforcement or government authorities when compelled by a valid legal order under Indian law.
  • In connection with a corporate or organisational change (e.g. a merger of Sanyojan Foundation's civic-tech programme into a successor entity), subject to equivalent privacy protections and prior notice.

8. How we secure your data.

  • All network traffic between the apps and our backend is encrypted in transit using HTTPS / TLS.
  • Your session token is stored in the platform secure enclave (Android Keystore / iOS Keychain), not in plain files.
  • Server-side, access to personal data is restricted to authorised Sanyojan Foundation personnel on a need-to-know basis and is logged.
  • Passwords are not used; access requires an OTP delivered to your registered mobile number.
  • Voice recordings, photos, and attachments are stored in private cloud storage that is not publicly readable.

No system is 100% secure.

While we follow industry-standard practices, no method of transmission or storage is completely secure. If you discover a security issue, please email support@samparkconnect.in immediately.

9. How long we keep your data.

We retain personal data only for as long as your account is active or as needed to provide the apps. When you request deletion (see section 10), personal data is removed from active systems within 7 business days and purged from encrypted backups within 90 days.

Civic records (complaints, events, broadcasts, scheme actions, task evidence) created through the apps are retained — in anonymised form where appropriate — for the period required by municipal-governance and Indian IT-rules audit-trail obligations, so the ward's civic record remains intact.

10. Your rights and choices.

You have the following rights with respect to your personal data:

  • Access — request a copy of the personal data we hold about you.
  • Correction — ask us to correct inaccurate or out-of-date information.
  • Deletion — request that your account and personal data be deleted. Full instructions are on our Account & Data Deletion page.
  • Withdraw consent — disconnect Google Calendar (Leader), revoke microphone / camera / location / notification permissions from device Settings at any time.
  • Object or restrict processing — write to support@samparkconnect.in.
  • Portability — request a machine-readable export of the personal data you provided.

We will respond to verified requests within 30 days, in line with Indian data-protection requirements.

11. Children's privacy.

The apps are intended for adult residents, elected representatives, municipal officers, and empanelled vendors. They are not directed to children under 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

12. International data transfers.

Sanyojan Foundation is based in India and stores user data in India wherever feasible. Some service providers (e.g. Firebase, Google APIs) may process limited data on servers outside India under their own contractual safeguards. By using the apps, you consent to such transfers subject to the protections described in this Policy and in those providers' policies.

13. Changes to this Policy.

We may update this Policy from time to time — for example to add a newly published app, document a new third-party integration, or reflect a change in law. When we make material changes, we will revise the "Effective & last updated" date at the top of this page and, where appropriate, provide a notice inside the affected app or by email. Continued use of an app after a change means you accept the revised Policy.

14. Contact us.

Questions, concerns, or privacy requests about any of the apps covered by this Policy should be addressed to:

Sanyojan Foundation

Email: support@samparkconnect.in

Website: https://samparkconnect.in

Subject line for privacy requests: "Privacy Request — [App name]" (e.g. "Privacy Request — Sampark Leader") so we route it correctly.

We respond within 7 business days.

Write to us in English, Hindi or Marathi.

support@samparkconnect.in