Privacy Policy & Data Protection

Our team prepared this statement to explain how we handle digital personal data collected from users in India. Privacy Policy in India region covers collection methods, storage practices, user rights, consent mechanisms, cross-border transfers, and grievance channels under the Digital Personal Data Protection Act 2023 and related frameworks.

Introduction

We prepared this Privacy Policy to explain how we handle digital personal data for India-based users across all services and interactions. The document covers structured information you provide during registration, browsing, transactions and support requests. Our team follows the principles and obligations outlined in the Digital Personal Data Protection Act 2023, which regulates how entities collect, store, use and share personal information within India. This text applies to all users who access our services from India, regardless of account status or subscription tier. It also describes how we work with processors, partners and vendors who handle your data on our behalf. You will find details about your rights, consent management, retention timelines and complaint channels specific to India throughout the sections that follow.

Personal Information

Our team outlines the main categories of data handled under India Privacy Policy frameworks. The Digital Personal Data Protection Act 2023 requires services to specify types of information collected from India users. We list the key data categories below.

  • Identifiers include full name, residential address, postal code, email address, mobile phone number, date of birth, government identity number and unique account identifiers assigned during registration;
  • Contact data covers telephone numbers, email addresses, correspondence addresses and emergency contact details provided by users during account setup or service use;
  • Financial information includes bank account details, card numbers, UPI handles, transaction records, payment history and billing addresses needed for India payment processing;
  • Authentication credentials cover passwords, OTP codes, security questions, biometric authentication data, identity verification documents and two-factor authentication tokens;
  • Sensitive personal data includes health records, biometric identifiers, precise location coordinates, caste or religion markers and official identity documents requiring higher protection under India rules.

Technical Data

Our team collects technical information each time India users access services or interact with web pages and mobile applications. This data helps us maintain system operations, improve responsiveness and track usage patterns across different device types and network conditions.

  1. Device identifiers. Records contain model names, operating system versions, screen resolutions and hardware specifications from smartphones, tablets and computers;
  2. IP addresses. Systems log numerical addresses assigned to connections, which indicate approximate geographical location and internet service provider details;
  3. Access logs. Servers store timestamps, page URLs visited, referrer sources and browser type information for each session;
  4. Cookie-related identifiers. Services place unique alphanumeric strings in browsers to recognise repeat visits and maintain preferences;
  5. Usage metadata. Systems capture click patterns, feature interactions, session duration and navigation paths within applications.

Cookies

Websites and services store small text files called cookies on devices to remember preferences and track activity across sessions. Session cookies expire when you close your browser, while preference cookies save language settings, account details and other choices for future visits. Technologies similar to cookies include pixel tags and local storage identifiers that collect usage data. You can adjust cookie settings directly in your browser controls to block or delete stored files without step-by-step instructions from us.

Data Categories

We organise personal information into high-level categories to help India users understand what data services collect and process under the DIGITAL PERSONAL DATA PROTECTION ACT 2023.

Data CategoryDescription
IdentifiersName, address, email, phone number
Technical DataIP address, device ID, browser type
Usage DataLogs, clicks, session duration
Children’s DataInformation from users below 18 years

How Information Is Used

Our team explains processing purposes under the Privacy Policy in India region framework to help you understand how collected data supports services. We reviewed documentation to identify core uses that apply to India-based users.

  • Service delivery Data powers account creation, authentication, transaction processing and customer support interactions for India users;
  • Account management Records enable subscription tracking, preference settings and security monitoring across user sessions;
  • Analytics Usage logs help us measure technical performance, identify errors and improve service reliability in India;
  • Marketing subject to consent Promotional communications reach users who opt in through documented consent mechanisms as per India requirements;
  • Legal record-keeping Systems maintain audit trails and statutory records to meet compliance obligations under applicable India legislation.

Processing Purposes

Our experts pair common processing purposes with the personal data categories services handle for them under India rules.

Processing PurposeData Categories Used
Account registration and authenticationName, email, phone number, password
Service delivery and transaction executionContact details, financial information, usage logs
Marketing communications and promotional offersEmail, phone number, consent records
Analytics and service improvementDevice identifiers, IP address, usage patterns
Compliance and legal obligationsIdentity proofs, transaction records, communication logs

Security Practices

Our team outlines the key safeguards applied to India user information stored and processed under current obligations.

  • Access controls restrict personal data to authorised staff and systems only;
  • Encryption in transit protects data during network transfers through secure protocols;
  • Encryption at rest shields stored records on servers and databases;
  • Limited retention deletes records after defined service and statutory periods expire;
  • Backups maintain recovery copies under secure conditions for short durations;
  • Monitoring tracks access logs to detect and respond to unauthorised activity.

Third-Party Providers

We engage external service vendors to process India user data strictly under written instructions and contracts aligned with India rules.

  1. Hosting vendors. Store data on servers located in India and approved territories to maintain service availability;
  2. Payment processors. Handle financial transactions, card details and banking operations under PCI DSS standards;
  3. Analytics partners. Measure performance, track usage patterns and generate aggregated statistics;
  4. Customer support tools. Manage tickets, resolve queries and maintain communication records for India users.

Privacy Rights

India users hold specific rights over their stored digital personal information under the DIGITAL PERSONAL DATA PROTECTION ACT 2023 and related frameworks. Our team explains the core entitlements and complaint routes available to India-region individuals.

  • Access entitlement allows users to request copies of their stored personal information;
  • Correction right permits individuals to update inaccurate or incomplete personal records;
  • Deletion request can be submitted in situations where law permits erasure of data;
  • Consent withdrawal lets users revoke permission for specific processing activities at any time;
  • Complaint filing routes include the named GRIEVANCE OFFICER and escalation to DATA PROTECTION BOARD OF INDIA;
  • Response timelines stated in texts govern acknowledgement and resolution of grievances;
  • Documentation of rights exercised kept by services to demonstrate compliance with India rules.

Updates

Our team reviews and modifies this text periodically to reflect changes in India legislation, data handling methods, or service features. Users receive notice of material changes through email, account notifications, or service messages before the revised version takes effect in India region.

Contact Details

India users can contact the named GRIEVANCE OFFICER via email and phone channels provided in the policy text. Response timelines state acknowledgement within 24 hours and resolution within 15 days for complaints related to personal data handling under India rules.

FAQ

What personal information is collected from users in India

Services collect identifiers, contact details, technical data, and usage information from India users as needed to deliver requested services and maintain account security.

How long is personal data kept for India users

Our team retains data in line with service requirements and India statutory periods, then deletes or anonymises records when retention purposes end.

How can India users exercise their privacy rights

India users can send requests through designated contact channels to access, correct, delete data or withdraw consent as per their rights.

Are cookies mandatory for India-based services

Essential cookies enable core service functions, while optional cookies remain under user control through browser settings or account preference tools within services.

Who can India users contact for privacy complaints

India users may contact the named GRIEVANCE OFFICER first and, where applicable, approach the DATA PROTECTION BOARD OF INDIA.