Privacy Policy

1. Information We Collect

1.1 Personal Information

When you register or use our services, we collect:

• Full name and email address
• Password (stored as a bcrypt hash — never in plain text)
• Billing and subscription plan information
• IP address and device/browser information

1.2 Payment Information

All payment transactions are processed by Razorpay Software Private Limited, a PCI-DSS compliant payment gateway regulated by the Reserve Bank of India (RBI). We do not store, process, or transmit any cardholder data including:

• Credit/debit card numbers
• CVV/CVC codes
• Net banking credentials
• UPI PINs or wallet credentials

We only store the Razorpay Order ID, Payment ID, and transaction status for record-keeping purposes.

1.3 Usage Data

• Pages visited and features used within the platform
• Number of leads discovered and searches performed
• Login timestamps and session duration

2. How We Use Your Information

We use your information to:

• Provide, maintain, and improve our services
• Process payments and manage your subscription
• Send transactional emails (OTP verification, payment receipts)
• Enforce our Terms of Service and prevent fraud
• Comply with legal obligations under Indian law
• Respond to customer support requests

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

3. Data Storage and Security

Your data is stored on secure servers. We implement industry-standard security measures including:

• HTTPS/TLS encryption for all data in transit
• Bcrypt hashing for passwords with salt rounds ≥ 10
• JWT tokens with 7-day expiry for session management
• Database access restricted to application layer only
• Regular security audits and vulnerability assessments

In the event of a data breach that affects your personal data, we will notify you within 72 hours as per applicable regulations.

4. Payment Gateway — RBI Compliance

We use Razorpay as our payment processor. Razorpay is authorized by the Reserve Bank of India (RBI) as a Payment Aggregator under the Payment and Settlement Systems Act, 2007.

• All payment data is handled exclusively by Razorpay on their PCI-DSS Level 1 certified infrastructure
• We comply with RBI's guidelines on Regulation of Payment Aggregators and Payment Gateways (March 2020)
• No card or banking credentials are stored on our servers at any point
• Recurring payments (if any) are handled through Razorpay's tokenization framework as mandated by RBI circular RBI/2021-22/34
• Refunds are processed back to the original payment method within 5–7 business days

5. Cookies

We use minimal, essential cookies only:

• Authentication: JWT tokens stored in localStorage for session management
• Preferences: UI preferences stored locally in your browser

We do not use advertising cookies or third-party tracking cookies. You can clear cookies at any time through your browser settings.

6. Data Sharing

We share your data only with:

• Razorpay: For payment processing (name, email, phone for payment prefill)
• Resend: For transactional email delivery (email address, name for OTP emails)
• Google Places API: We send search queries to Google to discover business listings. No personal user data is sent to Google
• Legal authorities: When required by law, court order, or government regulation

7. Data Retention

• Account data is retained as long as your account is active
• Payment records are retained for 8 years as required under Indian tax and accounting laws
• Upon account deletion, personal data is deleted within 30 days, except where retention is required by law

8. Your Rights

Under applicable Indian privacy laws, you have the right to:

• Access the personal data we hold about you
• Correct inaccurate or incomplete data
• Request deletion of your account and associated data
• Withdraw consent for data processing (this may affect service availability)
• Lodge a complaint with the relevant data protection authority

To exercise these rights, email us at leadifypro@pixelroot.in.

9. Children's Privacy

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected such information, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or a prominent notice on our platform. Continued use of our services after changes constitutes acceptance of the revised policy.

11. Contact Us

For any privacy-related questions, requests, or grievances, please contact our Grievance Officer: