Privacy Policy

Privacy Policy Version 1.2 | Last updated: April 19, 2025

This Privacy Policy describes our policies and procedures for the collection, use, and disclosure of your information when you use the Service. It explains your privacy rights and the legal bases under which we process your data in compliance with applicable data protection laws, including but not limited to the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant laws.

Please review this document periodically. Major revisions are recorded at the end in the Change History section.

1. Interpretation and Definitions

1.1 Interpretation

Terms with capitalized initial letters have defined meanings, whether singular or plural.

1.2 Definitions

Account: a unique account created by you to access our Service. Affiliate: an entity controlling, controlled by, or under common control with the Company (50%+ ownership). Company (we, us, our): Rishta360, India, including its websites (rishta360.com) and related services. Cookies: small files placed on your device by a website, storing browsing details and preferences. Data Controller: the entity that determines the purposes and means of processing personal data (we). Data Processor: any person or organization processing data on behalf of the Controller (e.g., service providers). Personal Data: any information relating to an identified or identifiable individual. Service (Website): Rishta360’s online portal accessible at https://rishta360.com/ and associated features. Service Provider: third-party companies or individuals appointed by us to perform services or process data. Third-Party Social Media: external social networks (e.g., Google or Facebook) used for authentication or data sharing. Usage Data: automatically collected data about your use of the Service (e.g., IP address, pages visited). You: the individual or legal entity accessing or using the Service.

2. Legal Bases for Processing (GDPR & Similar Regimes)

We rely on one or more of the following legal bases: Consent: you have given clear consent for us to process your personal data for a specific purpose (e.g., marketing). Contract Performance: processing is necessary to fulfill our contract with you (e.g., account setup, service provision). Legal Obligation: compliance with laws or regulations (e.g., tax or reporting). Legitimate Interests: our business interests when they do not override your fundamental rights (e.g., improving Service quality).

3. Data Collection and Use

3.1 Types of Data Collected.

Personal Data (provided by you): name, email address, phone number, postal address (optional), registration details, profile information (including but not limited to age, gender, occupation, education, interests, caste, religion, marital status, etc.), and any other information you choose to provide. Usage Data (automatically collected): IP address, browser type and version, pages visited, timestamps, device identifiers, approximate location information. Social Media Data (if you use social login): profile name, email, avatar URL. We do not access contacts or friend lists without explicit permission.

3.2 Purpose of Processing and Legal Basis

Purpose Legal Basis Service provision and maintenance Contract Performance Account management and authentication Consent or Contract Customer support and communications Legitimate Interests Marketing (news and offers) Consent Analytics and service improvement Legitimate Interests Legal compliance and security Legal Obligation Business transfers (mergers and acquisitions) Legitimate Interests

4. Cookies and Tracking Technologies

We use cookies, beacons, tags, and scripts to improve and analyze our Service. You can manage your preferences via our Cookie Consent Banner. Essential Cookies (session duration): authentication and fraud prevention. Preferences Cookies (persistent duration): language, login state, and display settings. Analytics Cookies (persistent duration): usage statistics (e.g., Google Analytics). Marketing Cookies (persistent duration): personalized ads and offers. Users may opt in or out of non-essential categories via the Banner or browser settings. For details, visit our Cookies Policy section.

4.5 Do Not Track

Some browsers have implemented "Do Not Track" features that allow you to tell websites that you do not want to have your online activities tracked. Our website does not currently respond to "Do Not Track" signals, but we are monitoring developments in this area and may change our practices in the future.

5. Data Retention

Account Profile and Personal Data: retained until account deletion plus two years to support recovery and audits. Usage and Analytics Logs: retained for 12 months for service improvement and security. Marketing Consents: retained until unsubscribed to honor user preferences. After these periods, data is securely deleted or anonymized, except where legal obligations require longer retention or where we need to retain data for legal purposes, such as to comply with a court order or to defend against legal claims.

6. Sharing and Third-Party Processing

Service Providers and Affiliates: we sign Data Processing Agreements to ensure adequate safeguards Business Transfers: in mergers or acquisitions, user data may transfer with notice. Legal Requirements: we may disclose data when legally compelled (e.g., court orders). Public Areas: any information you share publicly (comments or profiles) may be visible to others. Third-Party Websites and Services: We may embed content or provide links to third-party websites or services. These third parties may use cookies, web beacons, or other tracking technologies to collect information about you. We do not control these third parties and are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party websites or services you interact with.

7. Your Rights and Controls

You may exercise the following rights by contacting us at privacy@rishta360.com or via your Account Settings: Access: obtain a copy of your data. Rectification: correct incomplete or inaccurate data. Erasure: delete your data (right to be forgotten), subject to legal obligations. Restriction: limit processing in certain circumstances. Portability: receive your data in a structured, machine-readable format. Objection: object to processing based on legitimate interests or direct marketing. You may also control cookies via the Cookie Banner or browser settings.

7.1 Account Security

To protect your account, we recommend that you: Use a strong, unique password Enable two-factor authentication if available. Log out of your account when using shared computers. Keep your contact information up to date. If you believe your account has been compromised, please contact us immediately at privacy@rishta360.com.

8. Security Measures

We implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your personal information. These measures include: Encryption: We use SSL/TLS encryption for data in transit and AES-256 encryption for data at rest. Access Controls: We have role-based access controls and require multi-factor authentication for administrative access. Monitoring: We regularly monitor our systems for vulnerabilities and intrusions. Compliance: We adhere to industry standards and may obtain relevant security certifications. While we strive to use commercially acceptable means to protect your personal information, no method of transmission over the internet or method of electronic storage is 100% secure.

9. International Data Transfers

Your data may be processed in locations outside India. By using our Service, you consent to the transfer of your personal data to countries outside of your country of residence, including India. We rely on Standard Contractual Clauses or equivalent safeguards for GDPR compliance and organizational controls to ensure adequate protection under applicable laws.

10. Children’s Privacy

Our Service is not directed to anyone under 18. We do not knowingly collect data from children under 18. If we discover any such data, it will be deleted promptly.

11. Automated Decision-Making

We may use automated systems to help match users based on their profile information and preferences. You have the right to opt out of such automated decision-making processes that produce legal or similarly significant effects. To exercise this right, please contact us at privacy@rishta360.com.

12. Changes to This Policy

We may update this Privacy Policy periodically. Major revisions will be posted here with version and date updates. Registered users will be notified by email.

13. Change History

Version 1.0 (December 13, 2023): initial publication. Version 1.1 (January 15, 2024): added GDPR legal bases and expanded definitions. Version 1.2 (April 19, 2025): introduced retention schedules, user rights details, Cookie Banner, security measures, and DPAs. Version 1.3 (April 19, 2025): clarified data types, added "Do Not Track" and account security guidance, specified compliance with CCPA, detailed security measures, and included automated decision-making disclosure. Version 1.4 (April 19, 2025): added dispute resolution clause specifying arbitration in Nagpur.

14. Contact Us

For any questions or to exercise your rights, contact: Email: privacy@rishta360.com Website: https://rishta360.com/contact-us/page

15. Dispute Resolution

All disputes arising out of or in connection with this Privacy Policy shall be finally settled under the provisions of the Arbitration and Conciliation Act, 1996 by one or more arbitrators appointed in accordance with the said Act. The seat of arbitration shall be Nagpur, India, and the courts at Nagpur shall have exclusive jurisdiction over all matters arising out of this arbitration agreement.