Privacy

aapkasahyog.com | Crowdfunding Powered By: aapkasahyog.com

Privacy Policy

Last updated: [Date]

Welcome to AapkaSahyog.com. We respect your privacy and are committed to protecting your personal data. This Privacy Policy describes how we collect, use, disclose, store, and protect information about you when you use our website, mobile applications, APIs, services, or otherwise interact with us (collectively, the “Platform”).

By using or accessing the Platform, you accept and agree to the practices described in this Privacy Policy. If you do not agree, you must not use or access the Platform.

1. Introduction & Scope

1.1. This Privacy Policy applies to all Users of the Platform (donors, campaign creators, visitors, registered users) and covers personal data collected, processed, or stored by us in relation to your use of the Platform.

1.2. This Privacy Policy also applies to offline or offline-to-online interactions (for example, via events, campaigns, communications) if we combine that data with our Platform systems.

1.3. We may link this Privacy Policy to other notices or policies (e.g. cookie notice, campaign data disclosures, KYC policy). In case of conflict, the specific notice/policy may supplement or override, as appropriate.

1.4. We may update or amend this Policy from time to time. When we make material changes, we will notify you (for example via email, in-site banner). Your continued use after changes constitutes acceptance of the updated Policy.

1.5. If you have any questions, complaints, or requests regarding your personal data or this Policy, contact us at anjorfoundation@gmail.com..

2. Definitions

  • “Personal Data” means any information relating to an identified or identifiable natural person (a “Data Subject”).

  • “Sensitive Personal Data / Information (SPDI)” means data of a more sensitive nature (e.g. financial information, bank account details, identity proofs) that deserves higher protection.

  • “Processing” means any operation performed on Personal Data — collection, recording, organization, storage, use, disclosure, deletion, or other handling.

  • “Data Controller” / “We / Us / Our” means AapkaSahyog (or related legal entities) which decide how and why Personal Data is processed.

  • “Data Processor / Service Provider” means any third party that processes Personal Data on our behalf under our instructions (e.g. payment gateways, analytics providers).

  • “Aggregate Data / Anonymized Data” means data that is processed to remove personal identifiers and so cannot reasonably identify a person.

  • “User” / “You / Your” means any person or entity using or interacting with the Platform.

3. Categories of Information We Collect

We collect various categories of information, depending on how you interact with the Platform. These may include but are not limited to:

3.1. Identity & Contact Information

  • Full name, username, user alias

  • Email address

  • Postal address, city, state, postal / ZIP code, country

  • Phone number / mobile number

  • Profile photograph or avatar (if you upload)

  • Government-issued identity numbers (e.g. Aadhaar, PAN, ID card, passport) when required for KYC / verification

3.2. Account & Profile Data

  • Login credentials (username, hashed password)

  • Preferences, settings, notifications preferences

  • Your biography, public profile, social media links

  • Your campaigns (if you're a campaign creator)

  • Your contributions, history of donations or pledges

3.3. Financial & Transaction Data

  • Payment instrument details (credit / debit card, bank account, UPI, wallet, etc.) — usually handled via secure, certified payment processors

  • Transaction records: amounts, dates, currencies, fees, status

  • Refunds, chargebacks, dispute records

3.4. KYC, Verification & Compliance Data

  • Identity verification documents (scans/photos of ID, address proof)

  • Bank account details / proof of ownership

  • Additional information required by law (in various jurisdictions) such as tax information, PAN, etc.

3.5. Technical & Usage Information

  • IP address

  • Device type, operating system, browser type and version

  • Device identifiers, mobile carrier

  • Time zone, language preferences

  • Log files (access times, pages visited, clickstreams, referring pages, exit pages)

  • Cookies, pixel tags, tracking technologies

  • Geolocation (approximate or precise if permitted)

  • Usage statistics, metrics, feature interaction data, error logs

3.6. Communications & Support Data

  • Messages, correspondence, feedback, support requests between you and us

  • Emails, chat logs, call recordings (if applicable)

  • Survey responses, reviews

3.7. Public / Shared Information

  • Content you make public (campaign descriptions, comments, updates, images, video)

  • Public activity (e.g. your contributions flagged as “public donor”, unless anonymous)

  • Social media content you share via integrations

3.8. Derived / Aggregated Data

  • Statistical, aggregated or anonymized data derived from your Personal Data (e.g. average donation amounts, conversion rates)

  • Insights, trends, analytics

4. How We Collect Personal Data

We collect Personal Data using the following methods:

4.1. Directly from You

  • When you register / create an account

  • When you create or manage a campaign

  • When you make a donation / contribution

  • When you verify identity or provide KYC documents

  • When you contact us for support, feedback, or through forms, emails, surveys

  • When you post content, upload images / videos

4.2. Automatically / Passive Collection

  • Through cookies, web beacons, tracking pixels, SDKs, logs

  • Server logs, analytics tools, error tracking

  • From your interactions (pages visited, features used)

4.3. From Third Parties & Public Sources

  • Payment gateways, financial institutions, verification services

  • Social login providers (if you sign up via Facebook, Google, etc.)

  • Public databases, public records, data aggregators

  • Partners, other users (e.g. campaign collaborators)

5. Purposes for Which We Use Your Personal Data

We process your Personal Data for various purposes, including:

Purpose Data Used Legal Basis / Rationale
Provision & operation of the Platform Identity, contact, account, technical, usage data To fulfill contract with you, legitimate business interests, necessary for service delivery
User registration, login, account management Identity, contact, login credentials Performance of contract, legitimate interests
Campaign creation, management & display Profile, content, media, metadata To provide core service
Payment processing & disbursement Financial, transaction, identity, KYC data Performance of contract, compliance obligations
Verification, fraud prevention, security Identity, usage, device, verification data Legitimate interests, compliance, legal obligation
Communication & notifications Email, contact info, preferences Performance of contract, consent, legitimate interests
Customer support & inquiries Support logs, communication records Performance of contract, legitimate interests
Analytics, improvements, optimization Usage, technical, interaction data Legitimate interests (to improve service)
Marketing & promotional communications Email, preferences, usage data Consent (where required), legitimate interests
Legal, compliance, regulatory obligations Identity, transaction, verification data Legal obligation, public interest
Dispute resolution, audit, enforcement Transaction logs, communications, analytics Legitimate interests, legal obligations
Anonymized / aggregated reporting Derived data Legitimate interests, public interest

We will use your Personal Data only to the extent necessary and will not retain it longer than needed for the purposes.

6. Sharing & Disclosure of Personal Data

We may share your Personal Data in the following circumstances:

6.1. With Service Providers / Processors

We may disclose data to third parties who process data on our behalf (e.g. payment gateways, banks, KYC / verification services, hosting, analytics, email services), under confidentiality agreements and limited to necessary purposes.

6.2. With Campaign Creators / Beneficiaries

  • Some data (e.g. donor name, donation amount, message) may be shared with the campaign you donate to, if you choose to make your contribution public or include a message.

  • If you opt to be anonymous, we will not share identifying details with the campaign creator or public.

  • Any rewards delivery or fulfillment may require sharing postal address, phone number with campaign collaborators, subject to minimal disclosure.

6.3. For Legal, Compliance, Safety

  • To comply with law, court orders, government requests, regulation

  • To detect, prevent or respond to fraud, security breaches, misuse, illegal activities

  • To enforce our Terms of Service, or protect rights, property, or safety of us, Users, or public

6.4. Business Transfers

If we undergo merger, acquisition, reorganization, sale of assets, or other corporate change, your data may be transferred to the successor entity, subject to this Policy or new privacy terms (with notice to you).

6.5. Aggregate / Anonymized Data

We may share aggregated or anonymized data (where individuals cannot be identified) publicly or with third parties for research, analytics, reporting, benchmarking.

6.6. Affiliated Entities

If we have subsidiaries, related entities, we may share data within our corporate group for internal operation, oversight, or compliance.

7. Cookies, Tracking & Similar Technologies

7.1. We and our service providers use cookies, web beacons, local storage, pixel tags, SDKs, analytics tools to collect and process usage and technical data.
7.2. Cookies help us with:

  • Enabling core functionalities (login, sessions)

  • Personalization, remembering preferences

  • Analytics, performance monitoring

  • Marketing, advertising, tracking conversions
    7.3. Types of cookies:

  • Essential / Strictly Necessary Cookies — required for Platform to operate

  • Performance / Analytics Cookies — track usage, metrics

  • Functionality / Preference Cookies — remember user choices

  • Marketing / Advertising Cookies — used to deliver relevant ads
    7.4. You can manage or disable cookies via browser settings, but disabling certain cookies may degrade your experience or prevent access to some features.
    7.5. Third-party cookies (e.g. from analytics providers, social networks, advertising networks) may be used; we do not control them beyond compliance.

8. Security Measures & Data Protection

8.1. We implement reasonable, technical, organizational, administrative, and physical safeguards to protect your Personal Data from unauthorized access, alteration, disclosure, or destruction.
8.2. Measures may include: encryption (in transit and at rest), secure authentication (password hashing, multi-factor authentication), access controls (role-based access), intrusion detection, monitoring, security audits, vulnerability assessments.
8.3. Payment data is handled using secure, PCI-compliant processors; we do not store full card credentials (only tokenized or minimal necessary) beyond transaction lifecycle.
8.4. Only authorized personnel or service providers with a need may access data, on strict confidentiality obligations.
8.5. While we strive to protect your data, no system is 100% secure. We cannot guarantee absolute security. In case of a data breach, we will follow applicable laws, notify affected users and authorities as required.
8.6. We may require you to update credentials, force password resets, or suspend accounts in case of suspicion of compromise.

9. Data Retention

9.1. We retain your Personal Data only as long as necessary to fulfill the purposes described (operation, compliance, auditing, legal obligations).
9.2. Factors considered: nature of data, purpose of processing, applicable legal or regulatory requirements (e.g. tax, financial, anti-money laundering, accounting).
9.3. After retention period, we either delete or anonymize data in a safe manner, unless we have a legal reason to keep it longer.
9.4. Backup copies may be retained for a limited additional period for disaster recovery or legal obligations.
9.5. Aggregated / anonymized data may be retained indefinitely.

10. Your Rights & Controls

Subject to applicable law, you may have the following rights:

10.1. Access / Data Subject Access Request — request a copy of your Personal Data that we hold.
10.2. Correction / Update — correct or update inaccurate, incomplete data.
10.3. Erasure / Deletion / “Right to be Forgotten” — request deletion of your data (subject to legal or contractual constraints).
10.4. Restriction of Processing — request that we limit processing under certain circumstances.
10.5. Data Portability — request that your data be transferred to another service provider in a structured, machine-readable format (where applicable).
10.6. Objection — object to our processing on legitimate interests grounds or for direct marketing.
10.7. Withdraw Consent — where processing is based on consent, you may withdraw it (without affecting processing done before withdrawal).
10.8. Lodge Complaint — with relevant supervisory or regulatory authority.

To exercise any rights, contact us at anjorfoundation@gmail.com. We may ask you to verify your identity before fulfilling your request. We will respond within timelines required by law.

11. Children / Minors

11.1. The Platform is not intended for use by children under the age of 18 (or applicable age of majority in your jurisdiction).
11.2. We do not knowingly collect Personal Data from minors. If we become aware that we have inadvertently collected data from a minor, we will take steps to delete it promptly.
11.3. If you believe that we have collected data from a minor, contact anjorfoundation@gmail.com. to request deletion.

12. Anonymity & Pseudonymity

12.1. We allow donors or users to donate or interact anonymously (or with a pseudonym) in campaigns, subject to certain limitations and compliance obligations.
12.2. If you choose anonymity, we will not share your identifying information publicly or with campaign creators, except what is strictly required (e.g. for legal or financial disbursement).
12.3. Even if anonymous publicly, internally we may retain identity / verification data as required by law or our policies.

13. International Data Transfers

13.1. Your Personal Data may be transferred to, processed in, or stored in jurisdictions outside your residence (for example servers in other countries, third-party service providers abroad).
13.2. In such cases, we will ensure appropriate safeguards (e.g. standard contractual clauses, model clauses, binding corporate rules, consent, adequate protection) to protect your data.
13.3. Where required by law, we will notify you of cross-border transfers and seek your consent or provide opt-out options.

14. Third-Party Services & Integrations

14.1. We may integrate or link with third-party services, APIs, social login providers, widgets, or embed content.
14.2. These third parties may collect, store or process data according to their own privacy policies. We do not control their practices.
14.3. When you use such integrations, you are also subject to their terms and policies.
14.4. We recommend reviewing their policies before granting access or interacting through them.

15. Marketing & Communications

15.1. With your consent (where required) or under legitimate interests, we may send you promotional emails, newsletters, updates, offers, event notifications.
15.2. You can opt-out of marketing communications (unless required by law) by using unsubscribe mechanisms or contacting us at anjorfoundation@gmail.com..
15.3. Service notifications, security alerts, or transactional communications may still be sent even if you opt-out of promotions.
15.4. We may use third-party email / notification service providers. These providers are contractually bound to handle your data responsibly.

16. Cookies / Similar Rights

16.1. (See Section 7) In addition, you may have cookie consent preferences, opt-outs, or browser-level controls.
16.2. We may provide a cookie banner or preferences manager so you can configure which categories of cookies you allow (except essential ones).
16.3. You may revoke or modify your cookie preferences at any time in the settings or via browser controls.

17. Legal Bases & Compliance (India & Elsewhere)

17.1. We process your Personal Data in compliance with applicable laws, including Indian IT Act, rules, and forthcoming Digital Personal Data Protection Act, 2023. Wikipedia
17.2. Where required, we rely on lawful bases such as contract performance, legal obligation, legitimate interests, or consent.
17.3. For cross-border transfers, we will adopt lawful safeguards.
17.4. We will cooperate with regulatory authorities on data protection matters as required by law.

18. Data Breach & Notification

18.1. In case of a security breach involving unauthorized access to your Personal Data, we will promptly assess, mitigate, and take necessary remedial steps.
18.2. If required by law, we will notify affected users and relevant government authorities within the timelines mandated by applicable law.
18.3. We will provide information about the breach: nature, data categories, consequences, remedies, and contact steps.

19. User Responsibilities

19.1. You should keep your credentials secure and not share them with others.
19.2. You must review and maintain your contact, profile, and privacy settings, and update them if they change.
19.3. When you upload content, images, or documents, ensure you have rights and that it does not violate any law or third-party rights.
19.4. Be cautious in clicking links, opening attachments or downloading files from unknown sources.

20. Changes to Privacy Policy

20.1. We may update this Privacy Policy from time to time.
20.2. We will post the updated date and changes on the Platform.
20.3. For material changes, we may notify you via email or in-app/in-site notice before the change takes effect.
20.4. If you do not agree with the changes, you may discontinue use of the Platform and request deletion of your account (subject to Terms).

21. Contact & Grievance

21.1. If you have any queries, concerns, or requests regarding this Privacy Policy or your data, contact us at anjorfoundation@gmail.com..
21.2. We may designate a Data Protection Officer (DPO) or Grievance Officer whom you can contact.
21.3. If you are dissatisfied with our handling of your request, you may lodge a complaint with the relevant supervisory / regulatory authority in your jurisdiction.

22. Severability & Enforceability

If any provision of this Policy is held invalid, illegal or unenforceable, that provision will be modified to the minimum extent necessary and the remainder will remain in effect.

23. Definitions & Interpretation

Headings are for convenience. Words implying the singular include the plural and vice versa. If there is any conflict between this Privacy Policy and other notices (e.g. cookie notice, campaign-specific disclosures), the specific notice may prevail to the extent permitted.