top of page

Data Security Policy

1. Introduction

This Data Security Policy ("Policy") is issued by Asvi Kritajna Private Limited ("Company") and applies to the use of all services offered by the Abra Ka Dabra platform, including its Android mobile application and forthcoming web application ("Platforms"). By accessing or using our Platforms, you ("User") agree to this Policy, forming a legally binding agreement between you and the Company.

2. Definitions

2.1 "Personal Data" refers to any information relating to an identified or identifiable natural person, including but not limited to, name, email address, phone number, location data, and online identifiers.
2.2 "Data Processing" means any operation or set of operations performed on Personal Data, whether by automated means, including collection, recording, organization, structuring, storage, alteration, retrieval, consultation, use, disclosure, dissemination, or destruction.
2.3 "Third-Party Services" refers to external service providers such as Google AdSense, Google Analytics, and MS Clarity that may process data on behalf of the Company.
2.4 "Data Controller" refers to the Company, which determines the purposes and means of processing Personal Data.

3. Legal Relationship

By accepting this Policy, the User acknowledges and consents to the collection, processing, and storage of their Personal Data by the Company in accordance with the terms herein. Users who do not accept this Policy must cease all use of the Platforms immediately.

4. Data Collection

4.1 Scope of Collection

The Company collects the following categories of data from Users:

Contact Information: Name, email address, phone number, and physical location.

Profile Information: Age, gender, username, and social media accounts.

Technical Information: IP addresses, browser types, device identifiers, operating systems, usage statistics, and geolocation data.
Payment Information: Details necessary for processing payments, including UPI IDs and transaction information, with no collection of sensitive financial data such as credit card numbers or CVV codes.

4.2 Collection Methods

Data is collected directly from Users through account creation, usage of the Platforms, and interaction with the Platforms' features, including voluntary submissions of information. Additionally, data may be collected through automated means, such as cookies and similar tracking technologies.

4.3 Third-Party Data Collection

The Company utilizes third-party services, such as Google AdSense, Google Analytics, and MS Clarity, for analytics and advertising purposes. These third-party services may collect anonymized data, which is processed according to their respective privacy policies.

5. Purpose of Data Processing

5.1 Contractual Necessity

Personal Data is processed to fulfill contractual obligations between the User and the Company, including the provision of services, account management, and user support.

5.2 Legitimate Interests

The Company processes Personal Data to improve the functionality and security of the Platforms, personalize User experiences, and conduct business analytics. Users' Personal Data may also be processed for the purpose of sending important communications, including notifications of changes to this Policy or our services.

5.3 Legal Compliance

The Company processes Personal Data to comply with applicable laws, regulations, and legal processes. This includes responding to lawful requests from public authorities, including law enforcement agencies.

6. Data Sharing and Disclosure

6.1 Internal Use

The Company retains and processes Personal Data internally to ensure the secure and efficient operation of the Platforms. Only authorized personnel have access to Personal Data.

6.2 Third-Party Disclosures

Personal Data may be disclosed to the following third parties:
Payment Processors: Limited data is shared with PhonePe for processing voluntary payments under the "Pay as you wish" feature. The Company ensures that only essential data is shared and that payment details such as card numbers are not collected by the Company.
Service Providers: Data may be shared with third-party service providers, including Google AdSense, Google Analytics, and MS Clarity, for the purpose of analytics, advertising, and enhancing user experience. These providers are contractually obligated to maintain the confidentiality and security of Personal Data.

6.3 Legal Obligations

The Company may disclose Personal Data if required to do so by law or in response to valid legal requests, including subpoenas, court orders, or governmental regulations.

7. Data Storage and Security

7.1 Data Storage Locations

All Personal Data collected by the Company is stored on secure servers located exclusively in India, managed by Google Cloud. The data is not transferred outside of India, in compliance with applicable local data protection regulations.

7.2 Security Measures

The Company employs rigorous security measures to protect Personal Data, including but not limited to:
Encryption: Advanced encryption methods are used for data at rest and in transit.
Access Controls: Strict access controls are enforced to ensure that only authorized personnel can access Personal Data.
Audit and Monitoring: Regular audits and monitoring are conducted to detect and mitigate potential security risks.

7.3 Data Retention

Personal Data is retained only for as long as necessary to fulfill the purposes outlined in this Policy or as required by applicable laws. Specific retention periods include:
Account Data: Retained for the duration of the User's account. Upon deletion of an account, all related data is permanently erased.
Transaction Data: Retained as required to comply with financial and legal obligations.
Technical Data: Retained for the duration necessary for troubleshooting, security, and analytics.

 

8. User Rights

8.1 Right to Access

Users have the right to access the Personal Data held by the Company. Requests for access must be submitted in writing to help@abra-ka-dabra.com. The Company will respond within 30 days, subject to any applicable legal exceptions.

8.2 Right to Rectification

Users may request correction of inaccurate or incomplete Personal Data. Users can update their own profile information directly through the Platforms or contact the Company for assistance.

8.3 Right to Erasure

Users have the right to request the deletion of their Personal Data. Account deletion requests can be processed directly through the Platforms, resulting in the permanent erasure of all associated data, which is non-recoverable.

8.4 Right to Data Portability

Upon request, the Company will provide Users with a copy of their Personal Data in a structured, machine-readable format, facilitating the transfer of data to another service provider.

8.5 Right to Object and Restrict Processing

Users may object to or request restrictions on the processing of their Personal Data in certain circumstances. The Company will honor such requests in accordance with applicable laws.

 

9. Cookies and Tracking 

9.1 Use of Cookies

The Company uses cookies and similar tracking technologies to enhance the functionality and user experience of the Platforms. Cookies are small text files stored on the User's device that enable the Platforms to recognize the User on subsequent visits.

9.2 Types of Cookies

Essential Cookies: Necessary for the basic operation of the Platforms.
Performance Cookies: Collect information on how Users interact with the Platforms to improve functionality.
Functional Cookies: Remember User preferences to enhance the user experience.

9.3 User Control Over Cookies

Users may control the use of cookies through their browser settings. Disabling cookies may affect the availability and functionality of certain features on the Platforms.


10. Advertisements

10.1 Use of Google AdSense

The Company uses Google AdSense to display advertisements on the Platforms. The Company does not collect or process any Personal Data for ad targeting; all such data collection is managed autonomously by Google AdSense. Users are encouraged to review the Google AdSense privacy policy to understand how their data is handled.

10.2 Ad Personalization

Advertisements displayed on the Platforms may be personalized based on the User's interaction with the Platforms. Users can manage their ad preferences through their Google account settings.


11. Liability

11.1 Company Responsibility

The Company is committed to safeguarding User data; however, Users acknowledge that no system is completely secure. The Company disclaims liability for any unauthorized access, data breach, or loss of data due to external factors beyond its control.

11.2 User Responsibility

Users are responsible for maintaining the confidentiality of their account credentials, including User ID and password. The Company shall not be liable for any unauthorized access resulting from the User's failure to secure their account information.


12. Amendments to This Policy

12.1 Right to Amend

The Company reserves the right to amend this Data Security Policy at any time. Any significant changes will be communicated to Users through the Platforms. Continued use of the servicesHere's the continuation and completion of the detailed Data Security Policy draft:

​

13. Amendments to This Policy

13.1 Right to Amend

The Company reserves the right to amend this Data Security Policy at any time. Any significant changes will be communicated to Users through the Platforms. Continued use of the services following such amendments will constitute acceptance of the updated Policy.

13.2 User Notification

In the event of amendments that materially affect the processing of Personal Data, Users will be notified in advance and will have the opportunity to review and consent to the changes. Users who do not agree with the updated Policy must cease using the Platforms and may request the deletion of their data.
 

14. Compliance with Indian Law

14.1 Jurisdiction

This Data Security Policy is governed by and construed in accordance with the laws of India. Any disputes arising out of or related to this Policy shall be subject to the exclusive jurisdiction of the courts in Bengaluru, Karnataka.

14.2 Legal Compliance

The Company complies with all applicable laws and regulations governing data protection and privacy in India, including the Information Technology Act, 2000, and any amendments or rules made thereunder.
 

15. Grievance Redressal Mechanism

15.1 Grievance Officer

In compliance with the Information Technology Act, 2000, the Company has appointed a Grievance Officer to address any concerns or disputes regarding the processing of Personal Data. The Grievance Officer's contact details are as follows:
Designation: Grievance Redressal Officer
Email: customergrievance@abra-ka-dabra.com

15.2 Dispute Resolution

Users are encouraged to contact the Grievance Officer with any concerns regarding this Policy or the processing of their Personal Data. The Grievance Officer will acknowledge receipt of the complaint within 48 hours and will endeavor to resolve the issue within 30 days.
 

16. Severability

16.1 Severability Clause

If any provision of this Data Security Policy is found to be invalid or unenforceable by a court of competent jurisdiction, the remaining provisions shall continue in full force and effect. The invalid or unenforceable provision shall be modified to the minimum extent necessary to make it valid and enforceable.
 

17. Entire Agreement

17.1 Comprehensive Agreement

This Data Security Policy, along with the Terms and Conditions and Privacy Policy, constitutes the entire agreement between the User and the Company concerning the use of the Platforms. It supersedes all prior agreements, understandings, and representations regarding data security and processing.
 

bottom of page