Skip to main content

Trust center / Security practices

Security practices for the contact form

The Kanwer Polytex website protects the contact route with validation, anti-abuse controls, and request-level traceability before a buyer requirement reaches internal handling.

Route checks

Payload validation before processing

The lead API checks content type, payload size, JSON structure, and field-level validity before a requirement can enter the workflow.

Abuse controls

Rate limiting, honeypot, reCAPTCHA, and duplicate locks

The intake surface uses layered controls to block spam bursts and repeated submissions without weakening the operator workflow.

Stored signals

Request IDs, hashed IPs, and notification state

Each accepted requirement is stored with the operational metadata needed to trace persistence and delivery outcomes.

Entry protection on the lead route

The lead endpoint rejects malformed or obviously invalid traffic before business logic runs. This keeps the contact path explicit, auditable, and harder to abuse.

  • Requests must use the expected content type and stay within the configured payload size limit.
  • The raw request body is parsed explicitly and rejected when JSON is malformed or empty.
  • Server-side schema validation checks the complete lead payload, including dependent product fields.
  • A hidden honeypot field is checked before the submission can proceed deeper into the workflow.

Bot and duplicate suppression

The intake flow is designed to reduce bot traffic and repeated bursts without blocking the path for legitimate buyers.

  • Google reCAPTCHA verification is enforced by the server-side lead route in production-capable environments.
  • Rate limiting is applied before processing to reduce repeated submission abuse.
  • Email addresses are normalized and requirement content is fingerprinted so exact repeats can be identified.
  • A short-lived submission lock helps suppress repeated bursts while preserving clean retry behavior when persistence fails.

Stored operational record discipline

Accepted requirements are stored with the operational context needed to audit the route, trace notification delivery, and review suspicious patterns.

  • Each record carries a request ID so the submission can be traced across intake, persistence, and notification steps.
  • IP addresses are stored as hashes rather than raw values for operational review and abuse analysis.
  • Normalized email values and requirement fingerprints are stored to support duplicate detection.
  • Notification state is written back to the lead record so delivery success or failure remains visible to operators.

Operational review and escalation

Security-related questions or suspicious website behavior should be reported through the official contact route so the request can be reviewed against logs, request IDs, and stored notification state.

  • Use the contact page or official email for security-related questions tied to a live request.
  • Include the request ID when referencing a specific submission.
  • These practices can evolve as the website's intake stack and operational safeguards are refined.

Need to report an intake issue?

Use the official contact route so the security question can be linked to the relevant request context, notification state, or route behavior.

Trust center pages

Operational facts

Official phone+91 7021872923
Operating company

TextileFairy Consultancy Pvt. Ltd.

Dyeing plants

Shelar Dyeing Plant

772/1/2, Laxmi Compound, Shelar, Bhiwandi, Thane District, Maharashtra 421-302.

Shelar dyeing-plant detail for directions, visit planning, and buyer reference.

Get directions

Katai Dyeing Plant

1128/1/2, Goradkar Compound, Village Katai, Bhiwandi, Thane District, Maharashtra 421-302.

Katai dyeing-plant detail for directions, visit planning, and buyer reference.

Get directions