Privacy Policy

1. Information We Collect

1.1 Information You Provide

When you use SimaraGuard, you provide us with:

• Account Information: Email address, name, password (encrypted)
• Profile Data: Optional profile picture (if using Google Sign-In)
• Content for Analysis: Text content you submit for AI-powered safety and tone analysis
• Platform Preferences: Intended platform (X/Twitter or LinkedIn) and tone selection
• Payment Information: Processed through Razorpay. We do not store your complete credit card details.
• Support Communications: Messages you send to our support team

1.2 Social Media Connection Data

When you connect social media accounts:

• OAuth Tokens: Secure access tokens for posting (stored encrypted)
• Account Username/Handle: Your social media handle
• Platform Identifier: Which platforms you've connected (X/Twitter, LinkedIn)

1.3 Information Collected Automatically

We automatically collect:

• Usage Data: Features used, content analyzed, posting decisions made
• Device Information: Device type, operating system, browser type
• Log Data: IP address, access times, error logs
• Analytics Data: App performance, usage patterns (anonymized)

2. How We Use Your Information

2.1 To Provide Our Services

• Create and manage your account
• Analyze your content using AI for tone, safety, and risk assessment
• Publish content to connected social media accounts (only when you explicitly choose to publish)
• Track posting decisions and send email notifications
• Process payments and manage subscriptions
• Provide customer support

2.2 AI Processing

Your content is processed by:

• Third Party LLM (AI Provider): For natural language processing, content analysis, and safety assessment
• Our Algorithms: For tracking, analytics, and decision recording

Important: We do NOT train AI models on your personal data. Your content is only sent to AI providers when you request analysis and is used exclusively for generating your analysis results.

2.3 For Communication

• Send email notifications about posting decisions
• Send subscription confirmation and receipt emails
• Respond to your inquiries and support requests
• Send important service updates and security alerts

2.4 To Improve Our Services

• Analyze usage patterns (anonymized data only)
• Fix bugs and improve performance
• Develop new features based on user needs

3. How We Share Your Information

3.1 We Do NOT Sell Your Data

We will never sell your personal information or content to third parties.

3.2 Service Providers

We share data with trusted third-party service providers:

• Third Party LLM: AI-powered content analysis
• Third Party API Services: For social media posting functionality, your OAuth authorization tokens are stored with third-party API providers, not on our servers
• Payment Processors: Payment processing and transaction handling
• Email Services: Transactional email delivery
• Cloud Infrastructure: Backend infrastructure, authentication, database storage, and hosting

These providers are contractually obligated to protect your data and use it only for providing services to us.

3.3 Legal Requirements

We may disclose your information if required by law or in response to:

• Valid legal processes (court orders, subpoenas)
• Government or regulatory requests
• Protection of our rights, property, or safety
• Prevention of fraud or illegal activity

4. Data Security

4.1 Security Measures

We implement industry-standard security measures:

• Encryption: Data in transit (HTTPS/TLS) and at rest in secure database
• OAuth Token Security: Social media authorization tokens stored with third-party API providers and can be revoked instantly
• Authentication: Secure password hashing and authentication services
• Access Controls: Role-based access, least privilege principle
• Monitoring: Security logging, intrusion detection

4.2 Your Responsibility

• Keep your password secure and confidential
• Log out from shared devices
• Report suspicious activity immediately
• Review connected social media accounts periodically

4.3 Data Breach Notification

In the event of a data breach involving personal data:

• We will notify the Data Protection Board of India within 72 hours
• We will notify affected users within 24 hours via email
• Notification will include: nature of breach, data affected, remedial actions, and contact information

5. Your Rights (GDPR & DPDP Act)

You have the following rights regarding your personal data:

• Access: Request a copy of your data
• Correction: Update or correct inaccurate data
• Deletion: Request deletion of your data (with exceptions for legal retention)
• Export: Download your data in a portable format (JSON)
• Disconnect Social Media: Revoke social media account connections at any time
• Object: Object to processing of your data for certain purposes
• Cancel Subscription: Cancel your subscription at any time

To exercise these rights, contact us at: support@simaraguard.com

Response time: 30 days

6. Data Retention

6.1 Active Accounts

We retain your data as long as your account is active or as needed to provide services:

• Content Analysis History: Retained while account is active
• Posting Decision Records: Retained while account is active
• Social Media OAuth Tokens: Retained until you disconnect accounts
• Usage Logs: 90 days
• Payment Records: 7 years (legal requirement)

6.2 Subscription Expiry & Data Archival

When your subscription expires:

• Immediate: Access to premium features is disabled
• 15 Days Post-Expiry: We may archive your user data and automatically disconnect connected social media accounts
• Data in Archive: Archived data can be recovered upon subscription renewal within a reasonable timeframe
• Payment Records Exception: Payment transaction records retained for 7 years (legal requirement)

6.3 Account Deletion

When you explicitly request account deletion:

• Immediate: Social media accounts disconnected, OAuth tokens revoked
• Soft Delete: 30-day recovery period
• Permanent Deletion: After 30 days, all data deleted from active systems
• No Recovery: Data cannot be recovered after permanent deletion
• Payment Records: Retained for 7 years (legal requirement)
• Anonymized Analytics: May be retained (no personally identifiable information)

7. Children's Privacy

SimaraGuard is intended for users 13 years and older. We do not knowingly collect data from children under 13. If you believe we have collected data from a child under 13, please contact us immediately at support@simaraguard.com

8. International Data Transfers

8.1 Data Storage Locations

• Primary Data Center: Secure cloud infrastructure
• AI Processing: Third-party LLM providers in various regions
• Social Media Tokens: Stored with third-party API service providers

8.2 Cross-Border Transfers

SimaraGuard operates from India. If you access our services from outside India, your data may be transferred to and stored in India and the United States. We ensure appropriate safeguards are in place:

• All transfers encrypted in transit (TLS/HTTPS)
• GDPR & DPDP Act compliant data handling
• Contractual protections with service providers

9. Cookies and Tracking

We use essential cookies and similar technologies to:

• Maintain your login session
• Remember your preferences
• Analyze usage patterns (anonymized)
• Improve service performance

We do NOT use third-party advertising cookies or tracking pixels.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

• Posting the updated policy in the app and on our website
• Sending an email notification
• Updating the "Last updated" date at the top of this page

Your continued use of SimaraGuard after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or your data:

• Privacy Inquiries: support@simaraguard.com
• Company: Simarahitam Technologies Pvt. Ltd., Bangalore, Karnataka, India