Terms of Use for DooTX

Acceptance of Terms

By accessing or using the DooTX application on any platform (Android, web, or any other platform on which DooTX becomes available), you confirm that:

• You have read, understood, and agree to be bound by these Terms and Conditions in their entirety.
• You are at least 13 years of age. If you are under 18, you represent that your parent or legal guardian has reviewed and agreed to these Terms on your behalf.
• You have the legal capacity to enter into this agreement under the laws of your jurisdiction.
• You are not a person or entity that is prohibited from using communications services under applicable Indian law or international sanctions regimes, including any person appearing on the United Nations Security Council Consolidated Sanctions List, the US OFAC Specially Designated Nationals list, or equivalent lists under Indian law.
• The information you provide during registration is accurate and complete to the best of your knowledge.

If you are using DooTX on behalf of an organisation, you represent that you have the authority to bind that organisation to these Terms, and these Terms apply to the organisation as a whole.

Description of Service

DooTX is a private, end-to-end encrypted messaging application developed and operated by Suraksha Technologies Private Limited. DooTX is designed to let individuals communicate privately using industry-leading post-quantum cryptography.

What DooTX Is

• An end-to-end encrypted messaging application. All messages are encrypted on your device before transmission. Only you and your intended recipient can read the content of your messages.
• A post-quantum cryptographically protected communication tool. DooTX uses the KAVACH encryption system, incorporating CRYSTALS-Kyber768 and CRYSTALS-Dilithium3, providing protection against both current and future quantum computing threats.
• A zero server-side message storage platform. DooTX does not store your messages on its servers. Messages transit through our infrastructure only as encrypted ciphertext and are deleted upon confirmed delivery.
• Free for personal use. DooTX is provided free of charge to individual users for personal communication.
• Made in India, for India and the world. DooTX is built in Ahmedabad, Gujarat, India, by a team committed to bringing world-class privacy technology to Indian users and beyond.

What DooTX Is Not

• Not a backup service. DooTX does not back up your messages to the cloud. If you lose your device or uninstall the app without backing up, your message history may be permanently lost. You are responsible for maintaining your own backups.
• Not a cloud storage service. Media and files sent through DooTX are delivered directly to recipients and are not stored on DooTX servers beyond the delivery window.
• Not responsible for delivery to unavailable devices. If the recipient's device is powered off, lost, or inaccessible, messages will be queued for a maximum of 30 days. After that, undelivered messages are permanently deleted. DooTX does not guarantee delivery in all circumstances.
• Not a replacement for emergency services. DooTX is not designed, intended, or suitable for use in emergency situations. For emergencies, contact local emergency services (India: 112).

User Accounts

3.1 Registration

To use DooTX, you must register with a valid mobile phone number. During registration:

• You must provide a valid mobile phone number that you own and control. You will receive a one-time password (OTP) to verify that number.
• One account is permitted per phone number. Creating multiple accounts for the same phone number is not permitted.
• You must not register using someone else's phone number without their explicit consent.
• You must be truthful in any information you provide during registration. Providing false information is a violation of these Terms and may result in immediate account termination.

3.2 Account Security

You are solely responsible for maintaining the security of your DooTX account and device. Specifically:

• Device security is your responsibility. Because DooTX's encryption keys are stored on your device, the security of your messages depends on the security of your device. We strongly recommend using a strong screen lock (PIN, password, or biometric).
• Enable app lock. DooTX provides an app-level PIN lock feature. We strongly recommend enabling this for an additional layer of protection.
• Do not share your device. Do not allow others to use your device in a way that gives them access to the DooTX application.
• Report compromise immediately. If you believe your account has been compromised — for example, if your phone has been lost, stolen, or accessed without your permission — contact us immediately at support@dootx.in and consider registering a new account with a different number.

DooTX will never ask you for your account PIN, app lock code, or any password via a message, email, or phone call. Any such request is a scam — do not comply.

3.3 Account Termination

• You may delete your account at any time from within the DooTX app (Settings → Account → Delete Account). Account deletion is immediate and permanent.
• We may terminate your account if we determine, at our reasonable discretion, that you have violated these Terms. We will attempt to notify you before termination where possible, except in cases of severe violations (e.g., CSAM distribution) where immediate action is required.
• Account deletion is permanent and irreversible. Upon deletion, your phone number, cryptographic public keys, and any queued messages are permanently erased from our systems. We cannot restore a deleted account.

Acceptable Use

DooTX is built to enable private, lawful communication. You agree to use DooTX only for lawful purposes and in a manner consistent with these Terms. The following activities are strictly prohibited.

You Also Agree Not to Use DooTX For:

• Any illegal activity under the laws of India or the laws applicable to you in your jurisdiction, including but not limited to fraud, extortion, drug trafficking, human trafficking, or money laundering.
• Harassment, stalking, or threats. Sending unwanted, threatening, or harassing messages to any person via DooTX.
• Spam or unsolicited bulk messaging. Sending unsolicited mass messages to users who have not consented to receive them.
• Impersonation. Pretending to be another person, organisation, or entity in a manner that is deceptive or misleading.
• Attempting to compromise the encryption. Reverse engineering, tampering with, or attempting to break or circumvent DooTX's cryptographic systems or security architecture.
• Reverse engineering the application. Decompiling, disassembling, or otherwise attempting to extract the source code of the DooTX application, except to the extent expressly permitted by applicable law.
• Automated access. Using bots, scripts, crawlers, or any automated systems to access, scrape, or interact with the DooTX platform without our prior written consent.
• Distributing malware. Using DooTX to distribute viruses, trojans, ransomware, spyware, or any other malicious software.
• Network interference. Attempting to interfere with, disrupt, or degrade DooTX's servers, networks, or infrastructure.
• Facilitating any of the above. Assisting, encouraging, or enabling any third party to engage in any of the prohibited activities listed in this section.

Content and Privacy

5.1 DooTX Cannot Read Your Messages

By the design of DooTX's end-to-end encryption, the content of messages sent through DooTX is encrypted on the sender's device and can only be decrypted on the recipient's device. DooTX servers never have access to the plaintext (readable) content of any message. This is a fundamental technical characteristic of the KAVACH encryption system — it is not merely a policy.

5.2 Your Responsibility for Content

You are solely and exclusively responsible for the content you send using DooTX. By sending a message through DooTX, you represent and warrant that:

• You have the right to send the content, including any media files, to the intended recipient.
• The content does not violate any applicable law or any third party's rights, including intellectual property rights, privacy rights, or rights of publicity.
• The content is consistent with DooTX's Acceptable Use policy set out in Section 4.

5.3 DooTX's Liability for User Content

DooTX and Suraksha Technologies Private Limited are not responsible or liable for the content of messages sent between users. DooTX acts as a neutral communication conduit — analogous to a telephone company — and does not endorse, verify, or take responsibility for content created by users.

Intellectual Property

6.1 DooTX Proprietary Technology

The DooTX application, its design, codebase, user interface, and the KAVACH post-quantum encryption system are proprietary to Suraksha Technologies Private Limited. All intellectual property rights in DooTX — including copyright, trade secrets, and know-how — are owned by Suraksha Technologies Private Limited or its licensors.

6.2 Trademarks

The name "DooTX," the DooTX logo, the name "KAVACH," and all related branding elements are trademarks of Suraksha Technologies Private Limited. You may not use these marks without our prior written permission. In particular, you may not:

• Use the DooTX name or logo to suggest endorsement or affiliation with Suraksha Technologies.
• Use DooTX branding in any application, website, or service without our consent.
• Register domain names, social media accounts, or any other identifiers that incorporate the DooTX or KAVACH names without permission.

6.3 KAVACH Research Contribution

The KAVACH post-quantum encryption protocol is a registered research contribution of Alay Himanshu Patel, developed at Indus University, Ahmedabad, Gujarat. Suraksha Technologies Private Limited holds the exclusive commercial licence to KAVACH. Any academic or non-commercial reference to KAVACH should properly attribute its authorship.

6.4 Your Licence to Use DooTX

Subject to your compliance with these Terms, Suraksha Technologies grants you a limited, non-exclusive, non-transferable, revocable licence to install and use the DooTX application on your personal device(s) for personal communication purposes. This licence does not include the right to copy, modify, distribute, sell, or create derivative works of DooTX.

6.5 Your Content

Because DooTX is end-to-end encrypted and your messages are not accessible to us, DooTX makes no claim of ownership over the content of your messages. Your messages are yours. We simply have no technical access to them.

Disclaimer of Warranties

To the maximum extent permitted by applicable law, DooTX and the services provided by Suraksha Technologies Private Limited are provided on an "as is" and "as available" basis, without warranties of any kind, whether express, implied, statutory, or otherwise.

Some jurisdictions do not allow the exclusion of certain implied warranties. In such jurisdictions, the above exclusions apply only to the extent permitted by law.

Limitation of Liability

To the maximum extent permitted by applicable law, Suraksha Technologies Private Limited, its directors, officers, employees, contractors, and agents shall not be liable to you for any:

• Indirect, incidental, special, consequential, or punitive damages.
• Loss of data, messages, or information resulting from your use of, or inability to use, DooTX.
• Loss of profits, revenue, business, or goodwill.
• Any damage resulting from unauthorised access to, or alteration of, your messages or data by a third party.
• Any damage arising from your reliance on DooTX for any purpose, including business or emergency communications.

Where liability cannot be fully excluded by law, Suraksha Technologies' total liability to you for all claims arising out of or relating to these Terms or DooTX shall not exceed the greater of:

• The amount you paid to use DooTX in the twelve (12) months preceding the event giving rise to the claim; or
• Indian Rupees One Thousand (₹1,000).

Privacy

Your use of DooTX is also governed by our Privacy Policy, which is incorporated into these Terms by reference. By accepting these Terms, you also accept the Privacy Policy.

The Privacy Policy explains in detail:

• What personal information we collect and why.
• How we use and protect your information.
• How the KAVACH end-to-end encryption system works to protect your messages.
• What information we can and cannot provide in response to legal requests.
• Your rights under the Digital Personal Data Protection Act 2023 and GDPR.
• How to contact our Grievance Officer.

Indemnification

You agree to indemnify, defend, and hold harmless Suraksha Technologies Private Limited and its officers, directors, employees, contractors, agents, licensors, and suppliers from and against any claims, liabilities, damages, judgments, awards, losses, costs, expenses, or fees (including reasonable legal fees) arising out of or relating to:

• Your violation of these Terms or any provision herein.
• Your violation of any applicable law or regulation, including but not limited to the Information Technology Act 2000, the DPDP Act 2023, POCSO, or any other applicable Indian or international law.
• The content of messages you send through DooTX, including any claims by third parties that such content infringes their intellectual property, privacy, or other rights.
• Your misuse of DooTX, including any prohibited use described in Section 4.
• Any misrepresentation you made to us, including during the registration process.

This indemnification obligation survives the termination of these Terms and your use of DooTX.

Governing Law and Dispute Resolution

11.1 Governing Law

These Terms are governed by the laws of India. The following legislation, among other applicable laws, governs your use of DooTX and any disputes arising therefrom:

• The Information Technology Act 2000 and its amendments, including the Information Technology (Amendment) Act 2008.
• The Digital Personal Data Protection Act 2023 and rules made thereunder.
• The Indian Contract Act 1872, governing the contractual relationship between you and Suraksha Technologies.
• The Protection of Children from Sexual Offences Act 2012 (POCSO), in respect of prohibited content.
• Any other applicable Indian legislation as may be relevant to your use of the service.

11.2 Jurisdiction

Subject to the arbitration clause below, any legal proceedings arising out of or related to these Terms or the DooTX service shall be subject to the exclusive jurisdiction of the courts located in Ahmedabad, Gujarat, India. You hereby consent to the personal jurisdiction of such courts and waive any objection to the laying of venue in Ahmedabad.

11.3 Dispute Resolution

Before initiating formal legal proceedings, the parties agree to attempt to resolve any dispute through good-faith negotiation for a period of thirty (30) days after one party gives written notice of the dispute to the other.

If the dispute is not resolved through negotiation, either party may initiate arbitration under the Arbitration and Conciliation Act 1996 (as amended). The arbitration shall be conducted in English, in Ahmedabad, by a sole arbitrator mutually agreed upon by the parties or, failing agreement, appointed by the competent court.

Nothing in this section prevents either party from seeking urgent injunctive or other equitable relief from a competent court to prevent irreparable harm.

Changes to These Terms

We may revise these Terms from time to time. Changes may be necessary to reflect updates to DooTX's features, changes in applicable law, or improvements in how we operate the service.

How We Notify You

• We will update the "Last Updated" date at the top of this page whenever changes are made.
• For non-material changes (for example, clarifications to language that do not change the substance of what you have agreed to), we will update the page and the effective date. We may send an in-app notification at our discretion.
• For material changes — changes that meaningfully affect your rights, the services we provide, or the obligations you are taking on — we will send an in-app notification and provide at least 30 days' advance notice before the new Terms take effect.

Your Choices

If you agree with the updated Terms, simply continue using DooTX after the effective date — your continued use constitutes acceptance. If you do not agree with any change, you may delete your account at any time before the new Terms take effect. After the effective date, continued use of DooTX constitutes your acceptance of the revised Terms.

Contact

For any questions, concerns, or complaints about these Terms, please contact us. We are committed to responding promptly and transparently.

Legal Enquiries & Grievance Officer

General Support