A short promise
We do not sell your personal data. We do not use your personally identifiable information to train public AI models. We collect only what we need to run KanoonGPT securely and improve the product for you.
1. Who We Are
This Privacy Policy explains how KanoonGPT (“we”, “us”, “our”) handles information when you use our website, applications, and related services (the “Services”). We want this to be clear and practical—not legal jargon for its own sake.
2. Information We Collect
Depending on how you use KanoonGPT, we may collect:
- Account details — such as name, email address, and mobile number (often verified with an OTP).
- Optional profile details — for example job title or organisation, if you choose to provide them.
- Payment-related information — billing contact details and transaction records. Card or UPI credentials are handled by our payment partners; we do not store full payment instrument secrets on our servers.
- Usage information — features you use, approximate session activity, and basic device/browser information so we can keep the product stable.
- Cookies and similar tools — to remember preferences, keep you signed in securely, and understand how the product is used (see section 5).
3. How We Use Information
We use information to:
- Provide and improve the Services (including Pro features you subscribe to).
- Create and secure your account, and prevent unauthorised access.
- Process payments, send receipts, and manage subscriptions or auto-debit status.
- Send important service messages (for example about billing, security, or major product changes).
- Send optional product updates or offers where allowed—you can opt out of marketing at any time.
- Diagnose issues, improve reliability, and understand product usage in aggregate.
- Meet legal obligations and protect the rights and safety of users and KanoonGPT.
4. Why We Process Data (Legal Bases)
Where applicable, we rely on one or more of the following:
- Contract — to deliver the Services you signed up for (account, access, billing).
- Consent — for example marketing emails where consent is required; you can withdraw it anytime.
- Legal obligation — where the law requires us to keep or share records.
- Legitimate interests — such as securing the platform, preventing fraud, and improving the product in ways that respect your rights.
5. Cookies & Similar Technologies
We use cookies and similar technologies for essentials (security, session, preferences) and, where used, analytics so we can improve the experience. You can control cookies in your browser settings. Blocking some cookies may affect sign-in or certain features.
6. Sharing with Others
We do not sell or rent your personal information. We share data only when needed, for example with:
- Service providers who help us operate the product (hosting, email, analytics, payment gateways such as UPI/card processors), under appropriate confidentiality and security expectations.
- Authorities when we believe disclosure is required by law or necessary to protect users, our rights, or public safety.
We ask providers to use personal data only for the services they perform for us.
7. Where Data Is Processed
We primarily operate with infrastructure and partners that may process data in India and, in some cases, other countries where our service providers are located. We take reasonable steps so that transfers are protected in line with applicable requirements.
8. How Long We Keep Data
We keep personal data only as long as needed for the purposes above—for example to provide your account, complete transactions, resolve issues, and meet legal or accounting requirements. When data is no longer needed, we delete or anonymise it where practical.
9. Your Choices & Rights
Subject to applicable law, you may:
- Access or update your account information.
- Ask us to correct inaccurate data.
- Request deletion or restriction of processing, where the law allows.
- Object to certain processing based on legitimate interests.
- Withdraw consent for marketing or other consent-based processing.
- Request a copy of data you have provided, in a portable format where applicable.
To exercise these rights, contact us via the website form. We may need to verify your identity before acting on a request, to protect your account.
10. Security
We use reasonable technical and organisational measures—such as encryption in transit, access controls, and careful handling of credentials—to protect personal data. No online service can guarantee perfect security; we continuously improve our practices and ask you to protect your password and devices as well.
11. Children
The Services are intended for adults and professionals. We do not knowingly collect personal data from children under 18. If you believe a child has provided us data, please contact us and we will take appropriate steps.
12. Updates to This Policy
We may update this Privacy Policy when our practices or the law change. We will post the new version with a revised date on this page. For significant changes, we may also notify you in the product or by email when appropriate.
13. Contact Us
If you have questions about privacy or wish to make a request, please use the contact form on our website. We aim to respond thoughtfully and within a reasonable time.