Privacy Policy

Updated: Jul 12th, 2026

A short promise

We do not sell your personal data. We do not use your personally identifiable information to train public AI models. We collect only what we need to run KanoonGPT securely and improve the product for you.

1. Who We Are

This Privacy Policy explains how KanoonGPT (“we”, “us”, “our”) handles information when you use our website, applications, and related services (the “Services”). We want this to be clear and practical—not legal jargon for its own sake.

2. Information We Collect

Depending on how you use KanoonGPT, we may collect:

  • Account details — such as name, email address, and mobile number (often verified with an OTP).
  • Optional profile details — for example job title or organisation, if you choose to provide them.
  • Payment-related information — billing contact details and transaction records. Card or UPI credentials are handled by our payment partners; we do not store full payment instrument secrets on our servers.
  • Usage information — features you use, approximate session activity, and basic device/browser information so we can keep the product stable.
  • Cookies and similar tools — to remember preferences, keep you signed in securely, and understand how the product is used (see section 5).

3. How We Use Information

We use information to:

  • Provide and improve the Services (including Pro features you subscribe to).
  • Create and secure your account, and prevent unauthorised access.
  • Process payments, send receipts, and manage subscriptions or auto-debit status.
  • Send important service messages (for example about billing, security, or major product changes).
  • Send optional product updates or offers where allowed—you can opt out of marketing at any time.
  • Diagnose issues, improve reliability, and understand product usage in aggregate.
  • Meet legal obligations and protect the rights and safety of users and KanoonGPT.

4. Why We Process Data (Legal Bases)

Where applicable, we rely on one or more of the following:

  • Contract — to deliver the Services you signed up for (account, access, billing).
  • Consent — for example marketing emails where consent is required; you can withdraw it anytime.
  • Legal obligation — where the law requires us to keep or share records.
  • Legitimate interests — such as securing the platform, preventing fraud, and improving the product in ways that respect your rights.

5. Cookies & Similar Technologies

We use cookies and similar technologies for essentials (security, session, preferences) and, where used, analytics so we can improve the experience. You can control cookies in your browser settings. Blocking some cookies may affect sign-in or certain features.

6. Sharing with Others

We do not sell or rent your personal information. We share data only when needed, for example with:

  • Service providers who help us operate the product (hosting, email, analytics, payment gateways such as UPI/card processors), under appropriate confidentiality and security expectations.
  • Authorities when we believe disclosure is required by law or necessary to protect users, our rights, or public safety.

We ask providers to use personal data only for the services they perform for us.

7. Where Data Is Processed

We primarily operate with infrastructure and partners that may process data in India and, in some cases, other countries where our service providers are located. We take reasonable steps so that transfers are protected in line with applicable requirements.

8. How Long We Keep Data

We keep personal data only as long as needed for the purposes above—for example to provide your account, complete transactions, resolve issues, and meet legal or accounting requirements. When data is no longer needed, we delete or anonymise it where practical.

9. Your Choices & Rights

Subject to applicable law, you may:

  • Access or update your account information.
  • Ask us to correct inaccurate data.
  • Request deletion or restriction of processing, where the law allows.
  • Object to certain processing based on legitimate interests.
  • Withdraw consent for marketing or other consent-based processing.
  • Request a copy of data you have provided, in a portable format where applicable.

To exercise these rights, contact us via the website form. We may need to verify your identity before acting on a request, to protect your account.

10. Security

We use reasonable technical and organisational measures—such as encryption in transit, access controls, and careful handling of credentials—to protect personal data. No online service can guarantee perfect security; we continuously improve our practices and ask you to protect your password and devices as well.

11. Children

The Services are intended for adults and professionals. We do not knowingly collect personal data from children under 18. If you believe a child has provided us data, please contact us and we will take appropriate steps.

12. Updates to This Policy

We may update this Privacy Policy when our practices or the law change. We will post the new version with a revised date on this page. For significant changes, we may also notify you in the product or by email when appropriate.

13. Contact Us

If you have questions about privacy or wish to make a request, please use the contact form on our website. We aim to respond thoughtfully and within a reasonable time.