Rigpa Technologies Privacy Policy

Last Updated: June 30, 2025

1. Introduction

Welcome to Rigpa Technologies. We operate an AI-powered customer engagement platform that provides chatbot services, WhatsApp integration, and social media client solutions (collectively, the "Services").

Your privacy is fundamental to our business. This Privacy Policy explains in clear terms how we collect, use, share, and protect your information when you use our Services. We believe transparency builds trust, so we've written this policy in plain language and organized it to help you quickly find the information you need.

Important: This Privacy Policy applies only to our direct services and platform. When our chatbot technology is integrated into third-party websites, applications, or services (our "Client Partners"), those Client Partners may have their own privacy policies and data practices. We recommend reviewing the privacy policy of any website or service where you interact with our chatbot technology.

By using our Services, you agree to the practices described in this policy.

2. Quick Summary

Before diving into details, here's what you should know:

• What we collect: Conversation data, contact information, and technical usage data
• How we use it: To provide our services, improve our AI models, and ensure system security
• Who we share with: Third-party AI providers (like OpenAI), essential service providers, and when legally required
• Your control: You can access, correct, or delete your data by contacting us
• Our commitment: We don't sell your personal data and implement strong security measures

3. Information We Collect

3.1 Information You Provide Directly

Conversation Data

• Messages, questions, and commands you send through our chatbots
• Files, images, or documents you share during conversations
• Feedback and ratings you provide about our services
• Voice messages or audio files (if applicable)

Account and Contact Information

• Name, email address, and phone number when you register or contact support
• Company name and job title for business accounts
• Login credentials and account preferences
• Billing information for paid services

3.2 Information We Collect Automatically

Usage and Analytics Data

• Features you use and how you interact with our Services
• Time, date, duration, and frequency of your sessions
• Performance metrics and error logs
• User interface interactions and navigation patterns

Technical Information

• IP address and approximate location (city/region level)
• Device type, operating system, and browser information
• Network connection details and mobile carrier information
• Unique device identifiers and app version information

Platform-Specific Data

• WhatsApp: Phone numbers, profile information, and message metadata
• Social Media: Public profile information and interaction data (as permitted by platform APIs)

3.3 Information from Third Parties

• Data from integrated platforms (WhatsApp, social media) as authorized by you
• Information from our business partners when you use integrated services
• Public information from social media platforms to enhance our services

4. How We Use Your Information

4.1 Core Service Delivery

• Providing AI responses: Processing your messages to generate relevant, helpful responses
• Cross-platform communication: Managing conversations across WhatsApp, social media, and web interfaces
• Account management: Maintaining your account, preferences, and service history
• Customer support: Responding to your inquiries and resolving technical issues

4.2 AI Model Training and Improvement

This is a core part of our service. We use conversation data to:

• Train and fine-tune our AI models for better accuracy and relevance
• Develop new features and capabilities
• Reduce errors and improve response quality
• Adapt our models to different languages and contexts

Important: We implement privacy-preserving techniques such as data anonymization and differential privacy where possible.

4.3 System Operations and Security

• Performance monitoring: Ensuring our systems run smoothly and efficiently
• Security protection: Detecting and preventing fraud, abuse, and security threats
• Quality assurance: Testing new features and evaluating system performance
• Compliance monitoring: Ensuring adherence to our terms of service and applicable laws

4.4 Communication and Updates

• Service announcements and feature updates
• Security alerts and important account notifications
• Marketing communications (with your consent where required)
• Surveys and feedback requests to improve our services

5. Information Sharing and Disclosure

We do not sell your personal information. We share information only in these specific circumstances:

5.1 Third-Party AI and LLM Providers

To power our AI capabilities, we work with leading providers such as:

• Large Language Model (LLM) providers (e.g., OpenAI, Anthropic, Google)
• Machine learning infrastructure providers
• Natural language processing services

What they receive: Your conversation data and related context How they use it: To generate responses and may use aggregated data for their own model improvements Our safeguards: We maintain data processing agreements requiring appropriate security measures and limiting data use

5.2 Essential Service Providers

We share limited information with trusted vendors who help us operate:

• Cloud hosting providers: For secure data storage and processing
• Analytics services: For usage insights and performance monitoring
• Customer support tools: For managing support requests
• Security services: For fraud detection and system protection

All providers are contractually bound to protect your data and use it only for specified purposes.

5.3 Legal and Safety Requirements

We may disclose information when we believe it's necessary to:

Legal Compliance:

• Comply with applicable Indian laws, regulations, and legal processes
• Respond to lawful requests from government authorities, law enforcement, or regulatory bodies
• Comply with court orders, subpoenas, warrants, or other legal mandates
• Meet statutory obligations under Indian laws (IT Act, DPDPA, etc.)

Law Enforcement Cooperation:

• Assist in criminal investigations when legally required
• Provide information for national security purposes as mandated by law
• Cooperate with cybercrime investigations
• Support anti-terrorism and anti-money laundering efforts as required

Safety and Protection:

• Protect the safety, security, and rights of our users
• Investigate potential violations of our terms of service
• Prevent, detect, or investigate fraud, abuse, or illegal activities
• Protect our rights, property, or legitimate business interests
• Respond to emergencies involving immediate threats to safety

Important Notes:

• We will verify the legitimacy of legal requests before disclosure
• We may notify affected users unless legally prohibited from doing so
• We will disclose only the minimum data necessary to comply with legal requirements
• We maintain records of all legal disclosures for transparency and accountability

5.4 Business Transactions

If we undergo a merger, acquisition, or sale of assets, your information may be transferred. We will:

• Notify you before any transfer occurs
• Ensure the receiving party agrees to protect your data
• Provide you with choices about your data where possible

6. Your Privacy Rights and Choices

Under Indian privacy laws, including the Digital Personal Data Protection Act, 2023, you have certain rights regarding your personal data:

6.1 Access and Transparency Rights

• Right to information: Know what personal data we have about you and how we use it
• Right to access: Obtain a copy of your personal information
• Data portability: Receive your data in a commonly used format

6.2 Control and Correction Rights

• Right to correction: Request correction of inaccurate or incomplete information
• Right to update: Modify your account information and preferences
• Right to restrict: Limit certain types of data processing

6.3 Deletion and Consent Rights

• Right to erasure: Request deletion of your personal data (with some legal exceptions)
• Right to withdraw consent: Stop processing based on your previous consent
• Right to grievance redressal: File complaints about our data practices

6.4 How to Exercise Your Rights

Contact us at: [email protected] What to include: Your full name, registered email/phone, and specific request Response time: We'll respond within 30 days as required by Indian law Verification: We may need to verify your identity before processing requests No charge: Exercising these rights is free of charge

7. Data Security and Protection

7.1 Technical Safeguards

• Encryption: Data encrypted in transit and at rest using industry-standard protocols
• Access controls: Strict authentication and authorization measures
• Network security: Firewalls, intrusion detection, and monitoring systems
• Regular audits: Security assessments and vulnerability testing

7.2 Important Limitations

While we implement robust security measures, no system is 100% secure. We cannot guarantee absolute security of your information. We recommend:

• Not sharing sensitive personal information (Adhaar or other IDs, Financial details, Health information)
• Using strong, unique passwords for your accounts
• Being cautious about what you share in conversations

8. Data Retention

We keep your information only as long as necessary:

8.1 Retention Periods

• Active accounts: While your account remains active and for legitimate business purposes
• Conversation data: Up to 2 years for AI training purposes (anonymized after 6 months)
• Support requests: 3 years to help resolve ongoing issues
• Legal requirements: As required by applicable laws and regulations

8.2 Secure Deletion

When we delete data, we:

• Remove it from active systems within 90 days
• Ensure secure deletion from backup systems within 180 days except where required by law.
• Maintain anonymized data for statistical purposes only
• Provide deletion confirmation upon request

9. International Data Transfers

Since we work with third-party AI providers (like OpenAI, Google, etc.) who may process data outside India, your information may be transferred internationally. We ensure appropriate protections through:

• Data processing agreements: Contracts requiring providers to maintain security standards
• Security certifications: Working with providers who have internationally recognized security certifications
• Limited transfers: Minimizing international data transfers where possible
• User notification: Being transparent about which providers may access your data

10. Children's Privacy

• Age restrictions: Our Services are not intended for children under 16 (or the applicable age in your jurisdiction)
• No knowing collection: We don't knowingly collect information from children
• Parental notification: If we discover we've collected a child's data, we'll delete it promptly
• Parental rights: Parents can contact us to review or delete their child's information

11. Cookies and Tracking Technologies

11.1 Types of Cookies We Use

• Essential cookies: Required for basic service functionality
• Analytics cookies: Help us understand how you use our Services
• Preference cookies: Remember your settings and preferences
• Marketing cookies: Used for relevant advertising

11.2 Your Cookie Choices

• Browser settings: Most browsers allow you to control cookies
• Opt-out tools: Use industry opt-out mechanisms

12. Indian Privacy Laws Compliance

12.1 Digital Personal Data Protection Act, 2023 (DPDPA)

We are committed to complying with India's Digital Personal Data Protection Act as it becomes fully implemented:

• Lawful processing: We process your data based on legitimate business purposes and your consent
• Data minimization: We collect only the data necessary for our services
• Purpose limitation: We use data only for the purposes disclosed in this policy
• Transparency: We provide clear information about our data practices

12.2 Information Technology Act, 2000

We maintain compliance with India's IT Act and associated rules:

• Reasonable security practices: We implement appropriate technical and organizational measures
• Data breach notification: We will notify affected users as required by law
• Sensitive personal data: We handle sensitive data with extra care and obtain explicit consent when required

Note: As we formalize our business registration, we will ensure full compliance with all applicable Indian laws and regulations.

13. Changes to This Privacy Policy

13.1 How We Update This Policy

• Notification: We'll notify you of material changes via email or prominent notice
• Effective date: Changes take effect 30 days after posting
• Continued use: Using our Services after changes constitutes acceptance
• Version history: Previous versions available upon request

13.2 Types of Changes

• Legal updates: Changes required by new laws or regulations
• Service changes: Updates reflecting new features or services
• Clarifications: Improvements to language and organization
• Security enhancements: Updates to our security practices

14. Contact Information

14.1 Privacy Questions

Email: [email protected] Response time: Within 5 business days Languages: Available in English.

14.2 Privacy Concerns and Complaints

For any privacy-related concerns or complaints: Email: [email protected] Response time: Within 5 business days

14.3 Business Contact

Business Name: Rigpa Technologies Email: [email protected] Website: www.rigpatech.com

Company registration details will be updated once our formal incorporation is complete.

15. Third-Party Integration and Client Partner Services

15.1 Scope of This Privacy Policy

This Privacy Policy applies exclusively to:

• Direct use of Rigpa Technologies' platform and services
• Data processing activities conducted by Rigpa Technologies
• Interactions with our chatbots on our own websites and platforms

15.2 Third-Party Client Partners

When our chatbot technology is embedded or integrated into third-party websites, mobile applications, or other digital services ("Client Partners"):

Separate Privacy Practices:

• Client Partners may have their own privacy policies that govern their data collection and use
• Client Partners may collect additional information beyond what we collect
• Client Partners may use your data for their own business purposes
• Client Partners may share your data with other parties according to their own policies

Your Responsibility:

• Always review the privacy policy of the website or service where you're interacting with our chatbot
• Contact the Client Partner directly for questions about their data practices
• Exercise your privacy rights with the Client Partner for data they control

Our Limited Role:

• We process conversation data as a service provider to our Client Partners
• We may not have direct control over data collection practices on Client Partner platforms
• We cannot be responsible for Client Partners' privacy practices or data security

15.3 Data Controller Relationships

• For direct platform use: Rigpa Technologies acts as the data controller
• For Client Partner integrations: The Client Partner typically acts as the data controller, and we act as a data processor
• Joint processing: In some cases, both parties may be joint controllers with shared responsibilities

This privacy policy is designed to be transparent and comprehensive. If you have questions about any section, please don't hesitate to contact us. Your privacy matters to us, and we're committed to protecting it.

End of Privacy Policy