7200556313

7200556313

Introduction

This Privacy Policy describes how we collect, use, and protect your information when you use our services, including:

  • Mobile Application ("Mobile App"): Available on Android devices for field operations

  • Web Application ("Web App"): Accessible via web browsers for administrative operations

Both applications are designed for business operations and are intended for use by authorized personnel only.

By accessing or using our services, you agree to this Privacy Policy. If you do not agree with any part of this policy, please do not use our services.

Information We Collect

Personal Information

We may collect personal information that you provide when using the App, including but not limited to:

  • Name and contact details

  • Login credentials

  • Employment information

  • Profile information

Device Information

We automatically collect certain information from your device:

  • Device type and model

  • Operating system version

  • Unique device identifiers

  • Mobile network information

  • Internet Protocol (IP) address

Usage Information

We collect information about how you use our services:

  • Login and logout times

  • Features accessed

  • Actions performed

  • App performance data

  • Page views and navigation patterns (Web App)

  • Click events and user interactions

  • Session duration and frequency

Analytics and Performance Data

We collect analytics data to improve service quality:

  • Usage Analytics: Google Analytics tracks user behavior, feature usage, and navigation patterns

  • Performance Metrics: Page load times, response times, and technical performance indicators

  • Error Tracking: Application errors and crash reports for troubleshooting

  • Custom Analytics: Internal analytics for business operations monitoring

Permissions (Mobile App)

The Mobile App may request the following permissions:

  • Internet Access: To connect to our servers and access business data

  • Push Notifications: To send you important updates, alerts, and reminders about business activities

  • Local Storage: To securely store your login credentials and app preferences on your device (Android 12 and below)

  • Device Vibration: For notification alerts and haptic feedback

  • System Boot Receiver: To automatically restore notification services when your device restarts, ensuring you continue to receive important alerts

Cookies and Browser Storage (Web App)

The Web App uses the following browser technologies:

  • Session Cookies: To maintain your logged-in state and manage your session (stored in database, expires after 120 minutes of inactivity)

  • CSRF Tokens: Security tokens to protect against cross-site request forgery attacks

  • Authentication Cookies: To verify your identity and maintain secure access

  • Local Storage: May be used to store user preferences and temporary application data

We do not use cookies for advertising or tracking across other websites.

How We Use Your Information

We use the collected information for the following purposes:

  • Service Delivery: To provide and maintain both Mobile App and Web App functionality

  • Authentication: To verify your identity and manage secure access across platforms

  • Communication: To send notifications, updates, and important alerts via push notifications, email, SMS, or WhatsApp

  • Document Verification: To validate identity documents and perform KYC (Know Your Customer) checks

  • Credit Assessment: To analyze creditworthiness and generate credit scores

  • Payment Processing: To facilitate financial transactions and payment reconciliation

  • AI Assistance: To provide intelligent features like document analysis and business insights

  • Security: To protect against unauthorized access, fraudulent activities, and security threats

  • Analytics: To understand usage patterns, improve user experience, and optimize performance

  • Improvement: To enhance features, fix bugs, and develop new functionality

  • Compliance: To comply with legal obligations, regulatory requirements, and audit trails

  • Business Operations: To support chit fund operations, collections, auctions, and reporting

Data Storage and Security

Security Measures

We implement appropriate technical and organizational measures to protect your information:

  • Data Encryption: All data in transit is encrypted using HTTPS/TLS protocols

  • Secure Authentication: Multi-layered authentication with optional two-factor authentication (2FA)

  • Access Controls: Role-based access control (RBAC) ensuring users only access authorized data

  • Session Management: Secure session handling with automatic timeout after inactivity

  • Watermarking: Security watermarks on sensitive screens to prevent unauthorized screenshots

  • API Security: Token-based authentication for all API communications

  • Database Security: Encrypted database connections and secure credential management

  • Payment Security: PCI-DSS compliant payment processing

  • Regular Audits: Periodic security assessments and penetration testing

  • Monitoring: Real-time monitoring for suspicious activities and security threats

Data Retention

We retain your information for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law.

Third-Party Services

Our services may integrate with third-party service providers for various functionalities. These services may collect information as per their own privacy policies:

  • Analytics Services: For tracking usage patterns and improving user experience

  • Cloud Infrastructure: For hosting, data storage, and application infrastructure

  • Push Notification Services: For delivering alerts and notifications to mobile devices

  • AI and Machine Learning Providers: For intelligent document analysis and assistance features

  • KYC and Verification Services: For identity verification and document validation

  • Payment Gateways: For secure processing of financial transactions

  • Communication Providers: For email, SMS, and messaging notifications

  • Database and Caching Services: For data storage and performance optimization

We carefully select service providers that maintain appropriate security and privacy standards. These third-party services operate under their own privacy policies, and we encourage you to review them.

Data Sharing and Disclosure

We may share your information in the following circumstances:

  • Within Organization: With authorized personnel for legitimate business purposes

  • Service Providers: With third-party vendors who assist in operating the App

  • Legal Requirements: When required by law, court order, or governmental authority

  • Business Transfers: In connection with mergers, acquisitions, or asset sales

  • Consent: When you provide explicit consent

We do not sell your personal information to third parties.

Your Rights

You have certain rights regarding your personal information:

  • Access: Request access to your personal data

  • Correction: Request correction of inaccurate information

  • Deletion: Request deletion of your data (subject to legal requirements)

  • Objection: Object to certain processing of your data

  • Portability: Request a copy of your data in a portable format

To exercise these rights, please contact us using the information provided below.

Indian Law Compliance

This App complies with applicable Indian laws, including:

  • Information Technology Act, 2000 and rules thereunder

  • Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011

  • Digital Personal Data Protection Act, 2023

As a user in India, you have rights under these laws to access, correct, and delete your personal data.

Children's Privacy

This App is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the updated policy in the App

  • Updating the "Last Updated" date

  • Sending notifications through the App or email

Your continued use of the App after changes constitutes acceptance of the updated policy.

Data Transfers

Your information may be processed and stored on servers located in India or other countries. We ensure appropriate safeguards are in place for any international transfers.

Data Storage Locations

  • Primary servers are located in India

  • Cloud infrastructure may be distributed across multiple regions for reliability and performance

  • All international transfers comply with applicable data protection laws and regulations

Grievance Redressal

In accordance with Information Technology Act, 2000 and applicable rules, we have designated a Grievance Officer to address your concerns regarding data processing.

For any privacy-related concerns or complaints, please contact us at the details provided below.

Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact us:

Email: admin@curioustech.io
Phone: +91 99760 09911

Response Time: We aim to respond to all inquiries within 30 days.

Consent

By using this App, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. Your use of the App constitutes your acceptance of this policy and consent to our collection, use, and disclosure of your information as described herein.