Security & Privacy

How HandyPrintz is engineered to protect your documents

When you hand a document to a print shop through WhatsApp or E-mail, you lose control of that file the moment it leaves your device. It can be forwarded, saved to a personal gallery, or forgotten on the shopkeeper's device for months. HandyPrintz was built to eliminate that problem entirely. Every technical decision in the platform centres on one principle: your file should exist on the server for the shortest time possible and be accessible only to the people who need it.

Temporary File Storage — Files are deleted after printing

HandyPrintz does not maintain a permanent file repository. Uploaded documents land in a temporary directory on the server and remain there only until the shopkeeper completes the print action. The moment a job is marked as printed or rejected, the corresponding file is deleted from the file system and its metadata is purged from the database.

For uploads that go unattended — perhaps the shopkeeper was away or didn't notice the notification — a background cleanup task runs at regular intervals and removes every file and record older than two hours. This safeguard ensures that no document lingers on the server overnight or accumulates over days, regardless of whether anyone acts on it.

No Backups — No secondary copies of your files

Unlike cloud storage services that replicate files across multiple data centres and maintain version histories, HandyPrintz deliberately avoids creating secondary copies of uploaded documents. There is no recycle bin, no snapshot archive, and no disaster-recovery mirror for customer files. When a file is deleted, it is gone. This is intentional — the purpose of the platform is to relay documents to a printer, not to store them for future retrieval.

Encrypted Transfer — HTTPS from start to finish

All communication between your device and the HandyPrintz server happens over HTTPS, which means the data is encrypted with TLS while it travels across the internet. This prevents anyone on the same network — such as a public Wi-Fi hotspot — from intercepting your document during the upload process. The QR code that you scan at the shop counter links directly to an HTTPS-secured upload page, so encryption is active from the very first connection.

Server-Side Conversion — Office files converted locally

When you upload a Word document, a PowerPoint presentation, or an Excel spreadsheet, HandyPrintz converts it to PDF format on the server using LibreOffice. The conversion happens in an isolated process without internet access and without logging the file's contents. Once the PDF is generated, the original office file is deleted immediately. The shopkeeper only ever sees the converted PDF — the original is never retained.

This process is designed so that files are not sent to an external conversion API. Everything stays on the HandyPrintz server, reducing the number of systems that handle your data to the absolute minimum.

Isolated Queues — Each shop sees only their own jobs

Each registered shop on HandyPrintz has its own isolated queue. When a customer uploads a file, it is associated exclusively with that shop's queue. No other shop owner can browse, search, or access files uploaded to a different shop. The dashboard only displays jobs that belong to the logged-in shopkeeper — there is no global file listing and no admin-level browsing interface that exposes documents across shops.

This isolation is enforced at the database level. Every print job record carries a shop identifier, and all queries filter by the authenticated shopkeeper's ID before returning results.

Secure Authentication — Google OAuth with JWT tokens

Shop owners log in through Google OAuth 2.0, which means HandyPrintz never stores or handles passwords directly. After authentication, the server issues a JSON Web Token (JWT) that expires after 24 hours. The token is stored in the browser's local storage and must accompany every request to the dashboard API. If the token is expired or invalid, the server rejects the request and requires the shopkeeper to sign in again.

No Content Analysis — We don't read your documents

HandyPrintz does not read, scan, index, or analyse the contents of your uploaded files. The server's only interaction with document content is the format conversion step for office files, and that process runs without any text extraction, keyword logging, or optical character recognition. Your documents are treated as opaque data — they go in, they get converted if needed, they are printed, and then they are deleted.

Limitations — What we cannot prevent

A visible document can still be photographed, screenshotted or downloaded. HandyPrintz minimizes retention and exposure compared to WhatsApp, but cannot prevent a shopkeeper from taking a photo or downloading the document during printing.

Hosting & Breach Policy

Hosted on VPS in India (Bangalore). We will publish a Data Processing Agreement on request and will notify registered shops within 72 hours in the unlikely event of a breach.

If you have specific security questions or concerns, reach out to us at support@handyprintz.in or visit our Contact page.