At SarkariPixel.in, security is not a feature—it is our foundation. We built this platform to ensure that Indian job aspirants can prepare their sensitive documents without the fear of data leaks or identity theft. This page outlines the technical safeguards we have implemented to protect your privacy.

  1. On-Device Architecture (RAM-Only Processing)

    The core “Secret Sauce” of SarkariPixel is our Client-Side Architecture.

    • Local Execution: Image resizing, KB compression, and PDF merging happen locally on your device using HTML5 Canvas, WebAssembly, and pdf-lib.
    • Zero-Server Uploads: Your Aadhar cards, signatures, and marksheets are processed in your browser's RAM. They are never transmitted to our servers or stored in any cloud database.
    • Network Independence: Once the tool page is loaded, you can technically finish your work even if you disconnect from the internet.
  2. Secure Browsing & HSTS

    We ensure that your connection to SarkariPixel is always encrypted and authenticated.

    • SSL/HTTPS: All traffic is served over a secure, encrypted tunnel.
    • HSTS (Strict Transport Security): We have enabled HSTS to force browsers to interact with SarkariPixel.in only via HTTPS. This eliminates the risk of “man-in-the-middle” attacks.
    • Browser Lock: We encourage aspirants to always check the “Padlock” icon in their browser address bar before processing documents.
  3. Dependency Management & Audits

    We rely on industry-standard, open-source libraries to power our tools.

    • Controlled Libraries: We use pinned versions of pdf-lib and pdf.js to ensure stability.
    • Regular Patching: We monitor our dependencies for CVEs (Common Vulnerabilities and Exposures) and apply security patches within 72 hours of any critical disclosure.
    • No Third-Party Tracking: We do not use tracking pixels or fingerprinting scripts that compromise your device's security.
  4. Storage Discipline

    We follow a strict “No-Persistence” policy for your data.

    • Session-Only: Your processed documents are deleted from your browser's memory the microsecond you close the tab.
    • Minimal LocalStorage: We only use localStorage to save your UI preferences (like your last selected Exam Preset) to make your experience faster. We never save personal data, images, or PDFs in the browser cache.
  5. Responsible Disclosure

    We value the contribution of the security community. If you discover a technical vulnerability on our platform, we invite you to report it.

    • Reporting: Please email details to support@sarkaripixel.in.
    • Policy: We acknowledge every report within 48 hours and prioritize fixing critical bugs that could affect user privacy.
  6. Incident Response Plan

    In the unlikely event of a technical incident, our protocol is:

    • Isolate: Immediately identify and patch the vulnerability.
    • Disclose: Publish a transparent post-mortem on this page.
    • Remediate: Provide clear steps for users to secure their local devices if necessary.
  7. Security Roadmap for 2026

    While the site is technically stable for our 6-month study pause, our future security goals include:

    • Offline Desktop App: A signed, standalone build for 100% offline document prep.
    • Security.txt: Implementing a standardized security.txt file in our root directory for easier vulnerability reporting.