Micrometry Automator
Effective Date: July 2026
1. Introduction
This Privacy Policy describes how Micrometry Automator ("we," "us," or "our") collects, uses, stores, and protects information in connection with the Micrometry Automator desktop application ("the App"). The App is a Windows-based microscopy measurement automation tool designed for use by authorised personnel within your organisation.
We are committed to protecting your privacy and handling your data responsibly in compliance with the Digital Personal Data Protection Act, 2023 ("DPDP Act") and applicable Indian laws.
By using the App, you acknowledge that you have read and understood this Privacy Policy.
2. Data Controller
The data controller responsible for your personal data is:
Micrometry Automator
Email: contact@micrometry.vserver.app
3. Information We Collect
3.1 Information Stored Locally on Your Machine
The following information is created and stored exclusively on your local machine in an encrypted database. This data is never transmitted to our servers:
- User Account Information: Username, first name, last name, contact number (optional), and designation (optional), as entered by your organisation's administrator.
- Authentication Data: Password hashes (your password is never stored in readable form).
- Captured Images: Microscope images saved as files on your local filesystem.
- Measurement & Calibration Data: Particle analysis results, calibration profiles, line measurements, and shape annotations.
- Audit Trail: A log of user actions within the App, including the user, action performed, and timestamp.
- Application Settings: Preferences such as theme, language, measurement units, and camera configuration.
- Error Logs: Technical error information stored locally for diagnostic purposes. Log files are automatically overwritten after 30 days.
3.2 Information Transmitted to Our Server
The following information is transmitted to our licensing server only during specific events. Our licensing server is located in India.
During License Activation (one-time):
- Activation key
- Machine identifiers: Machine GUID, system drive volume serial number, BIOS serial number, motherboard serial number, and a device identifier
- System information: Windows username, computer name, user domain name, operating system version, and MAC addresses of active network adapters
- A database recovery credential (encrypted at rest on our server)
- Your device's local date and time
During License Integrity Verification (if a license issue is detected):
- Activation identifier and license status information
- Machine identifiers and system information as described above
In both cases, our server also records the public IP address and user-agent string of the request.
3.3 Information We Do Not Collect
We do not collect:
- Email addresses, postal addresses, or government-issued identifiers
- Your captured microscope images, measurement results, or analysis data
- Browsing history, location data, or usage analytics
- Any data for advertising or marketing purposes
4. Purpose of Data Processing
| Purpose | Data Used | Legal Basis |
|---|---|---|
| User authentication and access control | User account info, password hashes (local only) | DPDP Act, Section 7(i) |
| Software license validation | Machine identifiers, activation key, system info | DPDP Act, Section 7(i) |
| License integrity verification | Machine identifiers, license status, system info | DPDP Act, Section 7(i) |
| Database recovery | Encrypted database recovery credential | Consent during activation |
| Microscopy measurement | Camera input, images, calibration (local only) | DPDP Act, Section 7(i) |
| Error diagnostics | Local error log files (local only) | DPDP Act, Section 7(i) |
5. Data Storage and Security
5.1 Local Data Security
- Database Encryption: AES-256 encryption via SQLCipher with hardware-derived keys protected by Windows DPAPI.
- Password Hashing: PBKDF2-SHA256 with 100,000 iterations, cryptographic random salt, 32-byte output.
- Account Lockout: 5 failed attempts → 15-minute lockout.
- Session Timeout: Auto-expire after 30 minutes of inactivity.
- Password Policy: Minimum complexity requirements, 90-day expiry.
5.2 Server Data Security
- Encryption in Transit: HTTPS (TLS) with certificate pinning.
- Encryption at Rest: AES-256-GCM encryption for recovery credentials.
- Server Location: India.
- Access Controls: Restricted to authorised personnel only.
5.3 Scope of Access
Your work data (images, measurements, audit trails, user accounts) is stored exclusively on your local machine and is never transmitted to our server. We do not have access to your work data.
6. Data Sharing
- We do not sell, rent, trade, or share your personal data with any third party.
- We do not use any third-party analytics, telemetry, crash reporting, or advertising services.
- The only data transmission is to our own licensing server in India.
- We may disclose information if required by law, regulation, or legal process.
7. Camera and Hardware Access
- Camera Access: Used solely for live preview and image capture. No images are transmitted.
- Hardware Identifiers: Read solely for license binding. Transmitted only during activation and integrity verification.
8. Data Retention
Local Data: Retained on your machine for as long as the App is installed. Error logs auto-overwrite on a 30-day rolling cycle.
Server Data: Activation logs retained for 12 months. Active license records retained while the license is valid, then deleted within 12 months of revocation.
9. Your Rights
Under the Digital Personal Data Protection Act, 2023:
- Right to Information (Section 11): Request a summary of your personal data and processing activities.
- Right to Correction and Erasure (Section 12): Request correction, completion, updating, or erasure of your data.
- Right to Grievance Redressal (Section 13): Raise a grievance regarding data processing.
- Right to Nominate (Section 14): Nominate another individual to exercise your rights.
Contact us at contact@micrometry.vserver.app to exercise these rights. We will respond within 30 days.
10. Grievance Redressal
Contact our Grievance Officer at contact@micrometry.vserver.app. We will acknowledge and resolve grievances within 30 days. Unresolved complaints may be escalated to the Data Protection Board of India.
11. Children's Privacy
The App is designed for professional use and is not directed at individuals under 18. We do not knowingly collect data from children.
12. Changes to This Policy
We may update this policy to reflect changes in practices, technology, or legal requirements. Changes will be communicated through application updates. Continued use constitutes acceptance.
13. Contact Us
Micrometry Automator
Email: contact@micrometry.vserver.app
Phone: +91-9712622239