Session State
& Cookie Directive.
Local Storage
Boundaries.
This directive dictates how TrustWiz manages browser session data without violating the DPDP Act.
The Anti-Tracking Mandate
As a secure cryptographic registry handling sensitive corporate and medical records, TrustWiz strictly prohibits the deployment of marketing, advertising, or third-party analytical trackers on this domain.
We do not use Facebook Pixels, Google Analytics tracking cookies, or cross-site behavioral profilers. Your career verification process is completely insulated from ad-tech surveillance.
Strictly Necessary Session Tokens
To maintain secure portal access and prevent unauthorized ledger manipulation, TrustWiz deploys highly restricted, cryptographically signed cookies. These are legally classified as "Strictly Necessary" and cannot be disabled without breaking core platform functionality.
- Auth Tokens: Temporary JWT (JSON Web Tokens) stored in `HttpOnly` cookies to verify your identity during the document upload process.
- CSRF Tokens: Anti-forgery tokens deployed to prevent Cross-Site Request Forgery attacks against the registry terminal.
- Expiration: All auth cookies are strictly session-bound and auto-destruct upon terminal logout or after 24 hours of inactivity.
Third-Party Financial Infrastructure
The only permitted third-party integration capable of setting local storage data on TrustWiz is our designated financial processor, Razorpay.
During the "Ledger Initialization" (checkout) phase, Razorpay may deploy security cookies required to authenticate UPI transactions, verify device integrity, and prevent fraudulent payments. These tokens are governed strictly by Razorpay's RBI-compliant privacy infrastructure.
Client-Side Erasure
Because TrustWiz does not deploy persistent tracking cookies, you are not required to manage complex "Cookie Preference" dashboards. You may flush all local session states at any time by executing a cache clear within your browser settings.