Our Commitment to You
Nagrik was built on a simple idea: your city should feel like home inside an app, the way it does outside one. That only works if you trust us with real, sometimes deeply personal information — your exact birth time for an astrology reading, a photo of a pothole outside your house, your bank details as a shop owner, your phone number when you're buying a used scooter from a stranger three streets away. We don't take that trust lightly. This Policy is our detailed, honest account of what we collect, why, who else ever sees it, how we protect it, and what happens in the rare event something goes wrong. Where the language gets formal, it's because it has to hold up legally — but the intent behind every clause is the same: protect you first.
1. Scope, Definitions & Applicability
This Privacy Policy ("Policy") applies to NagrikTV.com, the Nagrik mobile applications for Android and iOS, and all associated APIs and services (together, the "Platform") operated by Nagrik Media Limited ("Nagrik," "we," "us," or "our"). It governs how we collect, use, share, and protect information from anyone who accesses or uses the Platform ("you" or "User").
This Policy does not apply to: (a) information collected offline or through channels unrelated to the Platform; (b) third-party websites or services linked from the Platform, whose own privacy practices are addressed in Section 16; or (c) fully anonymized or aggregated data from which you cannot reasonably be re-identified.
- “Personal Data” means any data about a person who is identifiable by or in relation to such data.
- “Sensitive Personal Data” means categories of Personal Data that, if compromised, carry heightened risk of harm to you — including but not limited to your exact birth date, time and place used for astrology, payment and financial information, government identity/KYC documents, and precise geolocation.
- “Data Fiduciary” means Nagrik, as the entity that determines the purpose and means of processing your Personal Data.
- “Data Principal” means you, the individual to whom the Personal Data relates.
- “Data Processor” means a third-party vendor that processes Personal Data on our behalf and under our instructions (see Section 7).
- “Processing” means any operation performed on Personal Data — collection, storage, use, sharing, or deletion.
- “Consent” means your free, specific, informed, and unambiguous indication of agreement to the processing of your Personal Data for a stated purpose.
You must be at least 18 years old to independently consent to this Policy and to use features involving financial transactions (subscriptions, classifieds, business listings). See Section 14 for our approach to minors.
↑ Back to top2. Information We Collect
2.1 Information You Provide Directly
- Account & Registration Data — name, OTP-verified mobile number, email (optional), gender, preferred language, city/district/assembly constituency (for hyperlocal personalization), and optional profile photo.
- Astrology Feature Data (Sensitive) — exact birth date, exact birth time, birth place, gender as used in chart calculation, and — if you use Kundli Match — a second person's birth details that you choose to enter. Questions you ask in Astrology Chat are also collected and may reveal health, marital, financial, or career concerns, and are treated as sensitive regardless of subject matter.
- Civic Issue Reports — the GPS location of the reported issue, photographs or videos you submit as evidence, a free-text description, the issue category, and — only if you opt in — your contact details for follow-up.
- Business Listing Data — business name, category, address, GPS location, phone number, hours, photos, the listing owner's name and contact details, and, where offered, KYC/verification documents (e.g. GSTIN, PAN, business registration proof) and bank/UPI details for payouts or advertising billing.
- Classifieds Data — listing details (category, description, price, photos), your contact information as a seller, buyer inquiries, and in-app chat messages exchanged between buyers and sellers.
- Payment & Subscription Data — payment method type, a masked/tokenized payment identifier (full card numbers are never stored on our servers — see Section 10), billing name, transaction history, and subscription status.
- User-Generated Content — comments, ratings, reviews, survey responses, contest entries, and correspondence with our support team.
2.2 Information Collected Automatically
- Device & Technical Data — IP address, device model, OS version, advertising identifiers, browser type, app version, and network carrier.
- Usage & Behavioral Data — screens and modules visited, articles read, listings viewed, search queries, session duration, and feature-usage frequency.
- Location Data — approximate location (via IP) is used by default for hyperlocal personalization. Precise GPS location is collected only with your explicit, revocable permission, used for civic issue geotagging and “near me” search.
- Diagnostic Data — crash logs, performance metrics, and error reports.
2.3 Information from Third Parties
- If you sign in via Google or another provider, we receive the profile information you authorize — typically name, email, and profile photo.
- Our payment processor confirms transaction status and payment method category to us (not full card data).
- Advertising and analytics partners may provide us aggregated or hashed audience-segment data to help measure campaign performance (see Section 7).
3. How We Use Your Information
We process your information for the following purposes:
- Creating and authenticating your account, and keeping it secure.
- Personalizing your news feed by language, district, and constituency.
- Generating your astrology readings, kundli, compatibility matches, and AI chat responses — including sending the minimum necessary birth details to our AI processing partner solely to compute your reading (Section 7.3).
- Enabling civic issue reporting, and — where a formal integration exists for your area — routing your report toward the relevant municipal authority.
- Enabling business discovery, listing display, and direct contact between users and businesses.
- Enabling classifieds posting, browsing, and buyer-seller communication.
- Processing payments, subscriptions, refunds, and invoicing.
- Providing customer support and resolving disputes.
- Preventing fraud, moderating content, and protecting platform safety.
- Sending service and transactional notifications (e.g. payment receipts, civic report status updates).
- With your separate, opt-in consent, sending promotional or marketing communications.
- Complying with legal obligations and enforcing our Terms of Service.
- Improving our product through aggregated, anonymized analytics.
4. Legal Basis for Processing
Our primary legal framework is India's Digital Personal Data Protection Act, 2023 (“DPDPA”). We process your Personal Data primarily on the basis of your explicit, informed Consent, captured through clear notice at the point of collection — not bundled into a single generic checkbox. In narrow, specific circumstances recognized under Section 7 of the DPDPA (for example, a purpose you voluntarily provided data for and haven't objected to, compliance with law, or a medical emergency), we may process data under a “Legitimate Use” basis instead of fresh consent — we do not use this as a general substitute for consent.
We do not rely on a broad “legitimate interest” basis the way some other jurisdictions' laws permit. Every non-essential use of your data requires your affirmative consent, and you may withdraw that consent at any time (Section 13). Where we serve users outside India, we additionally honor applicable local law to the extent it applies to that processing.
↑ Back to top5. Feature-Specific Data Practices
5.1 Astrology & Guidance Services
- Your birth date, time, and place are collected only after separate, explicit consent — never bundled into general account creation — because of how precisely they can identify you and how personal the resulting conversations can become.
- This data is used exclusively to generate your personalized astrology content and to fulfill any subscription you hold.
- Portions of this data are sent to our third-party AI processing partner(s) solely to compute your reading. We require contractual commitments that this data is never used to train the partner's general-purpose models and is not retained beyond what's needed to serve your response (Section 7.3).
- Astrology content is provided for entertainment and personal guidance purposes only and is not a substitute for professional medical, legal, financial, or psychological advice — disclosed both in-product and here.
- You may delete your birth-data profile at any time from Settings; doing so permanently disables personalized astrology features until it is re-entered.
5.2 Civic Issue Reporting
- Photos or videos you submit may incidentally include other identifiable people, vehicles (including license plates), or private property. By submitting such content, you confirm you have a lawful basis to do so, and you agree not to use this feature to harass, defame, or target any individual.
- Precise geolocation is attached to your report to enable accurate routing and public visibility of the issue on the map.
- Where Nagrik has a formal data-sharing arrangement with a municipal or government authority, your report — including location and photo evidence, but not your private contact details unless you opt in to being contacted — may be shared with that authority to facilitate resolution. Where no such integration exists for your area, reports remain within the Platform for community visibility.
- We moderate reports for content that violates our Terms (for example, defamatory content or private information about unrelated third parties), but we do not independently verify the factual accuracy of every report — see Section 15.
5.3 Business Listings & Merchant Data
- We collect business KYC information solely to verify listing authenticity and prevent fraudulent listings; this is not published publicly.
- Business contact information you choose to make public (phone number, address, hours) is displayed to app users to enable discovery and direct contact — you control what's shown through your listing settings.
- Bank/UPI details collected for advertising billing or payouts are transmitted directly to our RBI-authorized payment partner via encrypted channels and are not stored in plaintext on Nagrik's own servers.
- We may share aggregated, non-identifying discovery analytics (for example, “your listing was viewed 340 times this week”) with the business owner as part of the product experience.
5.4 Classifieds Marketplace
- Listing content you choose to post (description, price, photos) is publicly visible to app users by design.
- Contact details you provide for a listing are shared with interested buyers so they can reach you; likewise, if you inquire about a listing, your contact details may be shared with the seller.
- In-app chat between buyers and sellers may be scanned by automated tools — not manually read by staff except in response to a safety report or valid legal request — to detect fraud, scams, and policy violations.
- Nagrik is an intermediary facilitating discovery and communication only. We are not a party to any transaction between users, do not verify the condition or legality of listed items, and disclaim liability accordingly (Section 15).
7. Cross-Border Data Transfers
Some vendors listed in Section 6 may process or store data on servers located outside India. Under the DPDPA, cross-border transfer is permitted except to countries specifically restricted by the Central Government; no such restriction currently designates a jurisdiction relevant to our vendor footprint, and we monitor this and will adjust vendors if that changes. Where data is transferred internationally, we require our vendors to maintain security and confidentiality commitments equivalent to those in this Policy, including encryption in transit and at rest, and contractual limits on onward disclosure.
↑ Back to top8. Cookies, Pixels & Tracking Technologies
We use persistent and session-based tracking technologies to operate, secure, and personalize the Platform.
| Category | Purpose | Default State |
|---|---|---|
| Essential | Enable core functionality — login sessions, payment processing, security | Always on — required for the Platform to function |
| Performance | Analyze traffic patterns and service performance | On by default; can be limited via browser settings |
| Functional | Remember your preferences — language, region, font size | On by default; can be limited via browser settings |
| Targeting / Advertising | Deliver personalized advertising based on behavioral profiles | Off until you give explicit consent via our cookie banner |
Your astrology chat content and birth data are never used to build advertising profiles or targeting segments — that data is siloed to the astrology feature and is not shared with our advertising or analytics vendors.
You can control cookies through your browser settings (Chrome, Firefox, Safari all provide this), and through industry opt-out tools such as the Digital Advertising Alliance (optout.aboutads.info) and the European Interactive Digital Advertising Alliance (youronlinechoices.eu) where applicable. Disabling non-essential trackers may limit some personalization features.
↑ Back to top9. Data Security Measures
Protecting your data is a first-order product requirement at Nagrik, not an afterthought. Our safeguards include:
- Encryption in transit (TLS 1.2+) and at rest (AES-256) for all Personal Data, with particular emphasis on Sensitive Personal Data — astrology birth details, payment tokens, and KYC documents.
- No raw payment card data ever touches Nagrik's own servers — all card handling occurs via PCI-DSS-compliant, tokenized fields hosted by our payment partner.
- Role-based access control — only employees or contractors whose role requires it can access Personal Data, on a documented need-to-know basis, with all access logged.
- Regular independent security assessments and penetration testing, with critical or high-severity findings remediated before public release of the affected feature.
- Secure software development practices, including code review and automated dependency vulnerability scanning.
- Multi-factor authentication required for all internal systems with access to production user data.
- Physical and environmental security inherited from our cloud infrastructure vendors' certified data centers.
10. Data Breach Notification & Incident Response
We maintain a documented Incident Response Plan covering detection, containment, investigation, and notification.
In the event of a Personal Data Breach that we determine poses a risk to your rights, we will, without undue delay and in line with our obligations under the DPDPA, notify the Data Protection Board of India and affected Data Principals, describing the nature of the breach, its likely consequences, and the measures taken or proposed to address it.
Notwithstanding the above, and while we implement industry-standard technical and organizational security measures, no method of transmission or storage over the internet is 100% secure. To the maximum extent permitted by applicable law, Nagrik's liability for unauthorized access, use, or disclosure of your information resulting from circumstances beyond our reasonable control — including sophisticated criminal cyberattacks or zero-day vulnerabilities in third-party infrastructure — is limited as set out in Section 15 and in our Terms of Service. This Policy does not create any warranty, express or implied, that your data will never be compromised.
You also play a role in keeping your data secure: safeguard your account credentials, enable available account security features such as OTP verification, and notify us immediately at security@nagriktv.com if you suspect unauthorized access to your account.
↑ Back to top11. Data Retention
| Data Category | Retention Period | Why |
|---|---|---|
| Account / profile data | Duration of account, plus 90 days after deletion | Grace period for accidental-deletion recovery |
| Astrology birth data | Until you delete your profile or account | You control this directly; deletion is immediate and permanent |
| Astrology chat history | 12 months rolling, or until account deletion, whichever is earlier | Continuity of guidance without indefinite retention |
| Civic issue reports (incl. photos/location) | Retained in anonymized, aggregated form indefinitely; identifiable reporter data deleted 24 months after resolution/closure | Balances civic/public-interest record value against privacy minimization |
| Business KYC documents | Duration of active listing, plus 7 years after closure | Indian financial and tax record-keeping norms |
| Classifieds listings & chat | 12 months after listing closes, or until account deletion | Fraud-investigation window |
| Payment / transaction records | 8 years | Income Tax Act and related statutory record-keeping requirements |
| Support correspondence | 3 years | Service quality and dispute resolution |
| Device / diagnostic logs | 180 days | Debugging window; not useful beyond this |
After the applicable period, data is securely deleted or irreversibly anonymized.
↑ Back to top12. Your Rights & Choices
Under the DPDPA, and as a matter of our own policy, you have the right to:
- Access a copy of the Personal Data we hold about you.
- Correct inaccurate or incomplete data.
- Erase data that's no longer necessary for the purpose it was collected, subject to the legal retention exceptions in Section 11.
- Withdraw consent at any time for any consent-based processing — withdrawal doesn't affect processing already carried out, and may disable the related feature (for example, withdrawing astrology consent disables personalized readings).
- Nominate another individual to exercise your rights on your behalf in the event of your death or incapacity, per Section 14 of the DPDPA.
- Seek grievance redressal through our Grievance Officer (Section 19), with escalation to the Data Protection Board of India if unresolved within the statutory timeline.
You can exercise these rights via in-app Settings > Privacy, or by emailing privacy@nagriktv.com. We aim to respond within 30 days, and in line with any shorter timeline required by applicable law.
↑ Back to top13. Children's Privacy
Nagrik's Services are intended for users 18 years and older, given that classifieds, business transactions, and paid astrology subscriptions involve financial and contractual capacity. We do not knowingly collect Personal Data from children under 18 without verifiable parental or guardian consent as required under Section 9 of the DPDPA, and we do not knowingly serve targeted advertising to any user we identify as a child. If we learn a child's data has been collected without appropriate consent, we will delete it promptly. Parents or guardians who believe their child has provided data to us should contact our Grievance Officer immediately.
↑ Back to top14. Limitation of Liability & User Responsibilities
- Nagrik implements reasonable, industry-standard security practices as described in Section 9, but cannot guarantee absolute security of data transmitted over the internet or stored electronically, and disclaims liability for events arising from causes beyond our reasonable control — including sophisticated cyberattacks, zero-day vulnerabilities in third-party infrastructure, or compromise on the user's own device.
- Content submitted by users — civic reports, classifieds listings, comments — reflects the views and representations of that user, not Nagrik. Nagrik is an intermediary under the Information Technology Act, 2000 and is not liable for the accuracy, legality, or consequences of user-submitted content, subject to our compliance with applicable intermediary due-diligence obligations.
- Astrology content is provided “as is” for guidance and entertainment purposes; Nagrik disclaims liability for decisions made in reliance on such content.
- Users are responsible for the accuracy of information they submit — including birth details, business KYC, and classifieds listings — and for maintaining the confidentiality of their account credentials.
This section operates alongside, and does not replace, the fuller limitation-of-liability and indemnification provisions in our Terms of Service, which govern in the event of any conflict on matters outside the scope of data protection specifically.
↑ Back to top15. Third-Party Links & Integrations
Our Services may contain links to third-party websites or integrate third-party services — for example, “Open in Maps,” payment gateway checkout pages, or social sharing. This Policy does not apply to those third parties' own data practices; we encourage you to review their respective privacy policies. Nagrik is not responsible for the content or privacy practices of any third-party site or service.
↑ Back to top16. Changes to This Policy
We may update this Policy periodically to reflect changes in our practices, features, or legal requirements. Material changes — such as a new category of data collected, a new purpose of processing, or a new category of third-party sharing — will be notified via in-app notice and/or email at least 15 days before taking effect, and, where required by law, we will seek fresh consent. The “Last Updated” date at the top of this Policy always reflects the most recent revision. We encourage you to review this Policy periodically.
↑ Back to top17. Governing Law & Jurisdiction
This Policy is governed by the laws of India. Any disputes arising in connection with this Policy are subject to the exclusive jurisdiction of the competent courts at [registered office city — to be confirmed], India, without prejudice to any consumer-forum rights you may have under the Consumer Protection Act, 2019 to approach a forum closer to your own residence.
↑ Back to top18. Grievance Officer & Contact Information
In accordance with the Information Technology Act, 2000, the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, and the Digital Personal Data Protection Act, 2023, the contact details of our Grievance Officer and Data Protection contact are:
- Name: [To be appointed]
- Designation: Grievance Officer & Data Protection Contact
- Email: privacy@nagriktv.com / grievance@nagriktv.com
- Address: [Registered office address — to be confirmed]
- Response Timeline: Acknowledgement within 24 hours; resolution within 15 days, as mandated under the IT Rules, 2021 (or the timeline prescribed under DPDPA Rules once notified, if different).
For general privacy questions: privacy@nagriktv.com
For data breach or security concerns: security@nagriktv.com
For DPDPA grievances unresolved by us: you may approach the Data Protection Board of India through the process it establishes.
↑ Back to top