PRIVACY POLICY

Kawach.Ai (“Kawach”, “we”, “our”, “us”) is committed to protecting your personal information and being transparent about how we collect, use, store, and share it.

This Privacy Policy explains what data we collect, why we collect it, how we use it, and the choices available to you.

By using our products, platforms, websites, or services (“Services”), you agree to this Policy.

1. Definitions

• Personal Data : Any information relating to an identified or identifiable individual.
• Sensitive Personal Data : As defined under the India DPDP Act (e.g., financial data, health data, biometric data, government identifiers).
• Subscriber : The organisation or individual who signs up for paid Services
• Users : Individuals who access the Services (employees, consultants, etc.).
• AI Inputs : Prompts, data, or content submitted to our AI tools.
• AI Outputs : Results generated by the AI tools based on AI Inputs.
• Services : Any Kawach product, web app, mobile app, API, AI features, website, or platform.

2. Scope of this Policy

This Policy applies when you:

• Use Kawach.Ai or related applications.
• Visit our websites.
• Contact us for support.
• Apply for a job or interact with us in any way

This Policy does not apply to:

• Third-party websites or applications .
• Data you process in your own systems using Kawach (whereyou are the Controller) .
• Any data governed under a separate Data Processing Agreement (DPA).

3. What Information We Collect

We collect information in three ways.

• A. Information You Provide

  • 1. Account & Profile Information

    • Name
    • Work email, phone number
    • Company name, role
    • Password (encrypted)

  • 2. Content Submitted to the Services

    • Files, documents, images
    • Messages, code, data you upload
    • Any AI Input you provide

  • 3. Payment & Billing Information

    • Billing address
    • Payment details via secure third-party processors (we do not store card numbers)

  • 4. Communications & Support

    • Emails, chat logs
    • Feedback, surveys
    • Support tickets and call recordings (if applicable)

  • 5. Job Applications

    • Resume, education, employment history
    • Skills, assessments, interview notes

• B. Information Collected Automatically

  • IP address
  • Browser type & device information
  • Operating system
  • Usage logs, performance logs
  • Pages visited & time spent
  • App interactions, click patterns
  • Crash reports
  • Cookies & similar technologies
  • Approximate location (based on IP unless disabled)

• C. Information from Third Parties

  • Identity providers (e.g., Google, Microsoft SSO)
  • Analytics platforms
  • Marketing partners
  • Integrations you enable
  • Publicly available sources

  We do not intentionally collect Sensitive Personal Data unless:

  • required for specific services, and
  • you give explicit consent.

4. How We Use Your Information

We use your data to:

• 1. Provide the Services

  • Account creation
  • Authentication
  • Platform functionality

• 2. Improve and develop the Services

  • Train your own AI/ML models.
  • Analytics
  • Error monitoring
  • Product enhancements

• 3. Communicate with you

  • Service updates.
  • Security alerts
  • Policy changes
  • Customer support
• 3. Communicate with you
• 4. Process payments and manage billing
• 5. Maintain security & prevent fraud
• 6. Comply with law and regulatory requirements
• 7. Personalise the product experience
• 8. Train and improve AI systems

Only using anonymised and aggregated data unless otherwise contractually agreed.

We do not sell your Personal Data.

5. AI-Specific Privacy Terms

• 5.1 Ownership

  You retain ownership over your AI Inputs and AI Outputs .

• 5.2 Use of AI Inputs and Outputs

  We may process anonymised AI Inputs and Outputs to:

  • Maintain and improve our AI systems
  • Ensure safety
  • Enhance performance

  Enterprise customers may opt out by signing a DPA.

• 5.3 What You Must Not Submit

  Do not provide:

  • Sensitive Personal Data
  • Illegal or harmful content
  • Third-party confidential information without permission
  • Any data that violates applicable laws

• 5.4 Third-Party AI Providers

  Some AI features rely on third-party models.

  By using AI features, you instruct us to share necessary Inputs with those providers.

6. How We Share Information

We may share Personal Data with:

• A. Service Providers

  • Cloud hosting
  • Analytics
  • Payment processors
  • Customer support tools
  • Email/SMS providers
  • AI infrastructure providers

  Each provider is bound by confidentiality and data-processing obligations.

• B. Within Your Organisation

  If you use Kawach through your employer, certain data may be visible to account admins.

• C. Legal and Regulatory Authorities

  If required by law, court order, or government request.

• D. Business Transfers

  In cases of merger, acquisition, financing, or restructuring.

• E. Affiliates

  Companies under common ownership following the same safeguards.

• F. Aggregated/Anonymised Data

  Used for analytics and benchmarking, never identifying you personally.

7. International Data Transfers

Your data may be transferred to countries where we or our service providers operate.

When we do so, we apply appropriate safeguards such as:

• Standard Contractual Clauses (SCCs)
• Data Processing Agreements .
• Adequacy decisions
• Contractual protections .

Where required by law, we seek your consent before transferring data.

8. Data Retention

We retain data only as long as necessary:

• Account data : retained while account is active
• After termination : retained up to 45–365 days, based on contractual needs
• Job application data : up to 3 years
• Logs and analytics : per Cookie Policy
• Legal obligations : stored for required duration

Where Kawach processes Personal Data on behalf of a client organisation, decisions regarding data deletion are controlled by the client organisation. The client organisation may submit a data deletion request, which Kawach will process within sixty business days. Unless such a request is received, Kawach will retain the data for up to two years after termination of the relevant contract, subject to applicable law.After the retention period, data is deleted or anonymised.

9. Security

We use industry-standard security measures, including:

• Encryption
• Access controls
• Secure development lifecycle

Regular audits & monitoring

Network security controls

No online platform can guarantee absolute security; you must keep your credentials safe.

10. Your Rights

Depending on your location (India DPDP Act, GDPR, etc.), you may have rights to:

• Access your data
• Request correction
• Request deletion

Withdraw consent

Restrict processing

Object to processing

Port your data

Opt-out of certain uses

Where Kawach processes Personal Data on behalf of a client organisation, Kawach acts as a data processor and cannot fulfil individual data requests without the client organisation’s authorisation. All such requests should be directed to the relevant client organisation.

To exercise rights, email: support@kawach.ai.

11. Cookies

We use:

• Essential cookies : necessary for login/security
• Preference cookies : remember settings
• Analytics cookies : website usage
• Marketing cookies : only if consented

You can manage cookies via your browser or cookie banner.

12. Children’s Privacy

The Services are not for individuals under 16 .

If we learn that we collected data from a child, we will delete it promptly.

13. Changes to This Policy

We may update this Policy periodically.

Significant changes will be notified via email or website notice.

Your continued use of the Services means you accept the updated Policy.

14. Contact Information

For questions, notices, or legal enquiries:

Kreeti Technologies Pvt Ltd

#1408, Godrej Genesis, Plot XI Block EP, Sector V, Salt Lake City, Kolkata – 700 091, India

Email: support@kawach.ai.