Privacy Policy

1.1 Information You Provide — Account information (email address, name, authentication data); payment information (transaction IDs; payment card data processed by Razorpay, not stored by us); user content (chat text, WhatsApp exports, screenshots, audio recordings submitted for analysis); communications (emails or messages you send us).

1.2 Information Collected Automatically — Log data: IP address, browser type, pages visited, time spent; device information: device type, operating system; cookies and similar tracking technologies.

1.3 Information from Third Parties — Google OAuth (basic profile information if you sign in with Google); Razorpay (payment confirmation data).

We use your information to: provide, maintain, and improve the Service; process payments and manage your credit balance; send transactional emails (account confirmation, receipts); respond to your enquiries and support requests; detect and prevent fraud and abuse; comply with legal obligations.

We do NOT use your submitted conversation content to train AI models. We do NOT sell your personal data to third parties.

3.1 Storage — Your data is stored securely on Supabase infrastructure hosted in data centers. We implement appropriate technical and organizational security measures.

3.2 Retention — Account data: retained while your account is active. Submitted content (chats, screenshots, audio): retained for 90 days then automatically deleted. Analysis results: retained while your account is active. Payment records: retained for 7 years as required by Indian financial regulations.

3.3 Security — We use industry-standard encryption (TLS 1.3) for data in transit and AES-256 encryption for data at rest. However, no method of transmission over the internet is 100% secure.

We share your information only in these limited circumstances:

• Service providers — Supabase, Razorpay, Cloudflare, Anthropic/Google/Groq for AI analysis (content processed but not retained by these providers per their terms)
• Legal requirements — if required by law, court order, or government authority
• Business transfer — in the event of a merger, acquisition, or sale of assets
• With your consent — any other sharing will be with your explicit consent

5.1 All Users — Access (request a copy of personal data we hold about you); correction (request correction of inaccurate data); deletion (request deletion of your account and associated data); data portability (request your data in a machine-readable format).

5.2 EU/EEA Users (GDPR) — Right to object to processing; right to restrict processing; right to withdraw consent at any time; right to lodge a complaint with your local data protection authority.

5.3 How to Exercise Your Rights — Email us at legal@crushcodes.in with your request. We will respond within 30 days. We may require identity verification before processing your request.

We use essential cookies for authentication and session management. We use analytics cookies to understand how users interact with the Service. You can control cookies through your browser settings, but disabling essential cookies may affect Service functionality.

Our Service is not directed to individuals under 18 years of age. We do not knowingly collect personal information from minors. If we become aware that a minor has provided personal information, we will delete it immediately.

Your data may be processed in countries other than your own, including India, the United States, and the European Union. We ensure appropriate safeguards are in place for such transfers, including standard contractual clauses where required.

Our Service may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies.

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or prominent notice on the Service. Continued use after changes constitutes acceptance.

Email: legal@crushcodes.in · Website: crushcodes.in