PRIVACY POLICY

Qvikmessage Document Automator

Effective Date: November 18, 2025

Jurisdiction: Bengaluru, India

1. OVERVIEW

This Privacy Policy ("Policy") describes how Qvikmessage Document Automator ("Company," "we," "us," or "our") collects, uses, processes, stores, shares, and protects personal data and information provided by users of the Qvikmessage Document Automator platform and services (the "Service").

This Policy applies to:

Website visitors (www.qvikmessage.com and subdomains)
Registered Users and Account holders
Authorized senders and email submitters
Organization administrators and team members

We take data privacy seriously and comply with Indian data protection laws and international best practices.

2. GOVERNING LEGAL FRAMEWORK

This Privacy Policy is drafted in compliance with:

Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 - Mandates security practices for personal data and sensitive personal data
Information Technology Act, 2000 - Governs data protection, cybersecurity, and privacy rights
Consumer Protection Act, 2019 - Provides consumer rights regarding data collection and usage
Goods and Services Tax (GST) Act, 2017 - Governs tax-related data processing and retention
Reserve Bank of India (RBI) Guidelines - For payment-related data and financial information
General Data Protection Regulation (GDPR) - If processing data of EU residents
ISO 27001 - Information Security Management standards we adhere to

3. DEFINITIONS

3.1 Personal Data

Personal Data means any information that identifies, relates to, or could reasonably be linked with an individual, including but not limited to:

Name, email address, phone number
IP address, device identifiers, cookies
Professional information, job title, company name
Payment information and transaction history
Account credentials and authentication data
Usage patterns and behavioral data

3.2 Sensitive Personal Data

Sensitive Personal Data means personal data concerning:

Financial data (bank accounts, credit card information, payment records)
Biometric data (if ever collected)
Medical information (if contained in uploaded documents)
Caste, religion, tribe, sexual orientation (if contained in documents)
Government identifiers (Aadhaar, PAN, GST numbers - if present in documents)
Legal proceedings information

3.3 Document Data

Document Data means business documents, email messages, attachments, and metadata processed through the Service, including:

Purchase Orders, Invoices, Bills
Customer and vendor information
Item/product details
Email sender and recipient information
Document content and attachments
Processing timestamps and metadata

3.4 Processing

Processing means any operation performed on personal data including collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, transmission, erasure, or destruction.

4. DATA COLLECTION

4.1 Data Collected During Registration

When you register an Account, we collect:

Data Element	Purpose	Legal Basis
Name (Full Name)	Account identification, communication	Contract, Legitimate Interest
Email Address	Account login, notifications, support	Contract, Legal Obligation
Phone Number	Optional, for account verification	Legitimate Interest
Company/Organization Name	Account context, multi-tenancy	Contract
Job Title/Role	Permission and access level assignment	Contract
Password (Hashed)	Account security and authentication	Contract, Security
GST Registration Number	Tax compliance, invoicing	Legal Obligation (GST Act)
Business Address	Tax compliance, jurisdiction determination	Legal Obligation
Industry Type	Service customization	Legitimate Interest
Terms & Privacy Acceptance	Legal compliance, consent	Legal Obligation

4.2 Data Collected Through Service Usage

As you use the Service, we automatically collect:

Technical Data:

IP address and geolocation
Device type, operating system, browser type
Session duration and activity frequency
Pages/features visited and time spent
Referral source and user journey
Error logs and crash reports
Performance metrics and API response times

Email and Document Data:

Complete email metadata (sender, recipient, subject, timestamp)
Email body content and attachments
Document classification and extracted data
Processing success/failure status
Error messages and diagnostic information
Attachment filenames and sizes
Spam filtering scores and results

Account Data:

Organizations created and configured
Authorized senders list
Email security settings and configuration
Zoho Books integration tokens (encrypted)
Third-party service connections and settings
API usage and rate limits

Behavioral Data:

Features used and frequency
Documents processed (count and types)
Processing patterns and timing
Search queries and filters applied
Dashboard and report generation
Support tickets and inquiries
Feature adoption metrics

Financial Data:

Credit purchase history and amounts
Payment method (last 4 digits, card type)
Invoice and billing information
Transaction timestamps and status
Subscription renewal dates
Refund/chargeback requests

4.3 Data from Third Parties

We may collect data from:

Zoho Books Integration:

Customer names, email addresses, phone numbers
Vendor/supplier information
Item/product names and SKUs
Invoice and order history
Organization financial data (only as cached in our system)
Your Zoho account ID and email

Payment Providers:

Payment gateway information (Razorpay, Stripe, etc.)
Transaction ID, amount, status
Card type and last 4 digits (payment gateways retain full details)
Billing address and name
Payment authorization status

Email Infrastructure (Postmark):

Email deliverability data
Bounce and complaint information
Email open and click tracking (if enabled)
Spam score data
Email authentication (SPF, DKIM) results

Error Monitoring (Sentry):

Error logs and stack traces
User session context during errors
Browser and system information
Custom event data
Release versions and deployment information

Analytics & Monitoring:

Usage statistics and engagement metrics
Feature adoption metrics
Performance monitoring data
Error patterns and trends

4.4 Data from Uploaded Documents

When you process documents through the Service, documents may contain:

Personal data of document recipients (customers, vendors)
Business associate names and contact information
Financial information (invoices, payment terms)
Government identifiers (GST numbers, PAN numbers)
Potentially sensitive information depending on document source

We collect and process this data strictly for service functionality (extraction, classification, Zoho integration).

5. PURPOSES OF DATA COLLECTION AND USE

We process your personal data for the following legitimate purposes:

5.1 Core Service Delivery

Account Management: Creating, maintaining, and managing your Account
Service Provision: Processing documents, classifying content, extracting data
Zoho Integration: Synchronizing data with your Zoho Books account
Email Processing: Receiving, validating, filtering, and processing incoming emails
Notifications: Sending processing status, credit alerts, and service notifications
Authentication: Verifying your identity and managing secure access

5.2 Legal and Compliance Obligations

Tax Compliance: Recording GST information, invoice generation, maintaining tax records as required by GST Act, 2017
Financial Records: Maintaining payment and transaction records as required by banking regulations and RBI guidelines
Audit Logging: Creating audit trails for security, compliance, and dispute resolution purposes
Legal Requests: Responding to court orders, government requests, and legal processes
Anti-Fraud: Detecting and preventing fraudulent activities, unauthorized access, and abuse

5.3 Service Improvement

Usage Analytics: Analyzing how features are used to identify improvements
Machine Learning: Training and improving AI models for document classification and extraction (using anonymized and aggregated data)
Product Development: Planning new features based on user needs and usage patterns
Performance Optimization: Identifying and fixing bottlenecks and performance issues
Quality Assurance: Testing features and ensuring service reliability

5.4 Security and Protection

Threat Detection: Identifying security vulnerabilities and potential attacks
Access Control: Monitoring and controlling access to accounts and data
Spam Filtering: Using SpamAssassin to detect and filter malicious emails
Fraud Prevention: Detecting unusual patterns indicating fraud or abuse
Incident Response: Investigating security breaches and incidents

5.5 Communication and Support

Customer Support: Responding to support inquiries and providing assistance
Service Updates: Notifying users of service changes, maintenance, or issues
Marketing Communications: Sending newsletters, product updates, and promotional content (with opt-out option)
Feedback Requests: Surveying user satisfaction and gathering improvement suggestions
Account Management: Sending password resets, Account updates, or security alerts

5.6 Business Purposes

Analytics and Reporting: Creating aggregate, de-identified usage reports and metrics
Benchmarking: Understanding market trends and service performance
Sales and Marketing: Identifying sales opportunities and marketing campaigns (without sharing personal data)
Compliance Verification: Ensuring users comply with Terms of Service

5.7 Legitimate Interests

Improving Service security and preventing abuse
Protecting against fraud and unauthorized use
Enforcing Terms of Service and other agreements
Defending legal claims
Operating and managing the business efficiently
Protecting rights, property, and safety

6. LEGAL BASIS FOR PROCESSING

We process your personal data based on the following legal grounds:

Legal Basis	Examples
Contract	Processing necessary to provide the Service (registration, email processing, Zoho integration)
Legal Obligation	Tax compliance (GST records), payment records, anti-money laundering compliance, court orders
Legitimate Interest	Service improvement, security monitoring, fraud prevention, business analytics
Consent	Marketing communications, optional data collection, analytics beyond basic usage
Public Interest	Responding to valid government requests and legal processes

For Sensitive Personal Data, we require explicit consent before processing, except where:

Processing is necessary to provide the Service
Required by law or court order
Necessary for security or fraud detection
Contained in documents you voluntarily submit

7. DATA RETENTION

7.1 Retention Policy

We retain personal data only as long as necessary for the purposes outlined in Section 5:

Data Type	Retention Period	Reason
Account Data	Duration of Account + 6 months	Tax compliance, chargeback resolution
Document Data	As configured by User (default 1 year)	Audit, processing history, dispute resolution
Email Metadata	1 year	Audit logging, spam pattern analysis
Payment Records	7 years	GST Act compliance, financial audits, dispute resolution
Tax/Invoice Data	6 years	GST compliance, tax authority requests
Support Tickets	2 years	Quality assurance, dispute resolution
Server Logs	30-90 days	Security monitoring, troubleshooting
Cookies	Per cookie type (see Section 11)	Session management, analytics
Error Logs (Sentry)	30 days	Debugging, performance optimization
Failed Documents	As configured or 30 days	Error analysis, reprocessing capability

7.2 Data Deletion

You may request deletion of:

Your Account and associated personal data
Specific documents or processing history
Document data older than your retention policy

Deletion requests are processed within 30 days. However, we retain:

De-identified, anonymized data for analytics
Tax and financial records as required by law
Data necessary for legal compliance and dispute resolution
Server backups (may take 90 days to fully purge)

7.3 Backup and Recovery

Personal data is retained in backup systems for disaster recovery purposes. Backups are typically retained for 30-90 days after deletion and are only used for system recovery. We use industry-standard encryption for backup storage.

8. DATA SHARING AND DISCLOSURE

8.1 Data NOT Shared With Third Parties

We do NOT share your personal data with third parties for marketing, advertising, or other commercial purposes. This is a core principle of our privacy policy.

8.2 Data Shared With Service Providers

We share personal data with carefully selected third-party service providers only to operate the Service. These providers are contractually bound to protect your data:

**Service Provider	Data Shared	Purpose**
Zoho	Zoho account ID, encrypted tokens, cached customer/vendor data	Document processing, Sales Order creation, data synchronization
Postmark	Email recipient addresses, email content, processed document data	Sending transactional emails and status notifications
Cloudflare R2	Complete email and document archives, attachments	Secure storage and backup of processed documents
Payment Processors (Razorpay, Stripe, etc.)	Name, email, card type, amount, transaction ID (NOT full card details)	Processing payments for credits
Sentry	Error logs, stack traces, user session context, performance metrics	Error monitoring and performance tracking
OpenAI	Document content (anonymized), extracted text	Document classification and data extraction using GPT-4o-mini
AWS/Railway	Database content, logs, configurations (encrypted)	Infrastructure hosting and deployment
Cloudflare	Traffic logs, DDoS metrics, DNS queries	Domain security and CDN services

8.3 Data Shared With Your Organization

Within your Organization, we share data with:

Organization Administrators: Full access to organization data, documents, processing history, settings
Team Members: Access only to data relevant to their role (as configured by administrators)
Authorized Senders: View only their processed documents and status

You control access levels through organization settings.

8.4 Legally Mandated Disclosures

We may disclose personal data without consent if required by:

Court orders or valid legal processes
Government agencies and regulatory bodies (GSTN, income tax, RBI, etc.)
Law enforcement agencies investigating crimes
Prevention of imminent harm to persons or property
Other legal obligations under Indian law

We will attempt to notify you of legal requests except where prohibited by law.

8.5 Business Transfers

If Qvikmessage is acquired, merged, or assets are transferred:

Personal data may be transferred as part of the transaction
We will notify you of changes and give you the option to opt-out
Acquirer must agree to protect data under terms no less protective than this Policy

8.6 De-identified and Aggregated Data

We may share de-identified, anonymized data for:

Statistical analysis and research
Industry benchmarking
Public reports and trends
Improving machine learning models
Third-party analytics and insights

De-identified data cannot reasonably identify you and is not subject to this Policy.

9. INTERNATIONAL DATA TRANSFERS

9.1 Primary Data Localization

Personal data is primarily stored in India on servers located in India. However, due to our global infrastructure:

Some data may be transferred to:

United States: Sentry (error monitoring), OpenAI (AI processing)
European Union: Potentially required for GDPR-compliant users
Cloudflare Data Centers: Global network for CDN and security

9.2 Data Transfer Safeguards

For international transfers, we use:

Standard Contractual Clauses: Approved adequacy mechanisms for legal transfers
Encryption: All data in transit is encrypted with TLS/HTTPS
Data Processing Agreements: Third parties agree to protect transferred data
Anonymization: Sensitive data is anonymized before transfer where possible

9.3 Your Rights for International Transfers

If you are located in the EU, you have additional rights:

Right to know third parties receiving your data
Right to object to transfers to non-compliant jurisdictions
Right to request data localization in EU

10. SECURITY AND DATA PROTECTION MEASURES

10.1 Security Infrastructure

We implement comprehensive security measures:

Technical Controls:

Encryption: All data in transit encrypted with TLS 1.2+ (HTTPS)
Database Encryption: Sensitive data encrypted at rest using AES-256
Token Encryption: Zoho tokens encrypted with Fernet symmetric encryption
Access Control: Role-based access control (RBAC) limiting data access to authorized personnel
Intrusion Detection: Monitoring for unauthorized access attempts
DDoS Protection: Cloudflare DDoS mitigation and security
Firewalls: Network-level protection against unauthorized access
Vulnerability Scanning: Regular automated security scans

Administrative Controls:

Employee Access: Only authorized employees access personal data
Background Checks: Employees undergo security screening before data access
Access Logging: All data access is logged and monitored
Confidentiality Agreements: All employees sign data protection agreements
Training: Regular security awareness training for all staff

Operational Controls:

Incident Response Plan: Procedures for responding to security breaches
Backup and Recovery: Regular encrypted backups for disaster recovery
Security Audits: Annual third-party security audits
Penetration Testing: Regular testing for vulnerabilities
Patch Management: Timely application of security updates
Vendor Security: Third-party vendors assessed for security compliance

10.2 Limitations

Despite these measures, no security is 100% guaranteed. We cannot guarantee:

Absolute protection against all attacks or breaches
Protection if your password is compromised
Security of data in third-party systems beyond our control
Protection if you authorize unauthorized parties

10.3 Your Responsibility

You are responsible for:

Maintaining confidentiality of your password
Immediately reporting suspicious account activity
Updating your password regularly
Using strong, unique passwords
Securing your email account (critical for password recovery)
Installing security software on your devices
Keeping your operating system and browsers updated
Not sharing Account credentials with others

11. COOKIES AND SIMILAR TECHNOLOGIES

11.1 Cookie Usage

The Service uses cookies and similar tracking technologies for:

Cookie Type	Purpose	Duration	Your Control
Session Cookies	Maintaining login session, user preferences	Session (until logout)	Cannot disable (required for functionality)
Authentication Cookies	JWT token storage, user identity	Until logout or expiry	Automatically cleared on logout
Preference Cookies	UI theme, language, layout preferences	1 year	Resettable through settings
Analytics Cookies	Usage tracking, feature adoption, performance	13 months	Disable in privacy settings
Third-party Analytics	Google Analytics, Sentry, Postmark tracking	Per service settings	Disable in browser settings

11.2 Cookie Categories

Strictly Necessary Cookies:

Cannot be disabled; required for Service functionality
Authentication, security, session management
Essential to prevent fraud and abuse

Performance/Analytics Cookies:

Track how you use the Service
Help improve features and performance
Can be disabled in privacy settings without affecting core functionality

Functional Cookies:

Remember your preferences
Enhance user experience
Disable in settings, though some features may not work optimally

11.3 Managing Cookies

You can manage cookies through:

Browser Settings: Most browsers allow you to refuse cookies or alert when cookies are set
Account Settings: Manage analytics and tracking preferences in your Account settings
Do Not Track: We honor Do Not Track (DNT) signals where technically possible
Cookie Management Tools: Third-party services like opt-out.aboutads.info

Disabling cookies may reduce Service functionality.

11.4 Similar Technologies

We may use similar technologies including:

Tracking Pixels: Transparent images that record page views and interactions
Web Beacons: Small code snippets that track email opens and clicks
LocalStorage: Browser storage for preferences and session data
IndexedDB: Local database for offline functionality

These technologies are governed by the same rules as cookies.

12. YOUR PRIVACY RIGHTS AND CHOICES

12.1 Rights Under Indian Law

Under the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, you have the right to:

Right to Information:

Know what personal data we hold about you
Know how we use and process your data
Know who has access to your data
Know our data retention policy

Right of Access:

Request a copy of your personal data
Export your data in machine-readable format
Receive your data for transfer to another service

Right to Rectification:

Correct inaccurate personal data
Complete incomplete data
Update information through your Account settings

Right to Erasure ("Right to be Forgotten"):

Request deletion of your personal data
Subject to legal obligations and business necessity
Partial deletion of sensitive data while retaining non-sensitive data
Exceptions for required tax records and legal holds

Right to Restrict Processing:

Request that we limit how we use your data
Suspend certain processing activities temporarily
Maintain data without active use

Right to Object:

Opt-out of marketing communications
Opt-out of analytics and tracking
Object to specific processing on legitimate interest grounds

Right to Complaint:

Lodge complaints with the Data Protection Authority
Report violations to relevant regulatory bodies (GSTN, income tax, RBI)
Seek redress through civil courts

12.2 Exercising Your Rights

To exercise any privacy right:

Log into Your Account: Use Account settings where available
Send Written Request: Email [email protected] with:
- Your name and Account email
- Specific right you're exercising
- Detailed description of your request
- Supporting documents if applicable
Verification: We verify your identity before processing requests
Response Timeline: We respond within 30 days (extendable to 60 days for complex requests)
Free Requests: First request annually is free; additional requests may incur a reasonable fee

12.3 Opt-Out Preferences

Marketing Communications:

Unsubscribe link in every marketing email
Manage preferences in Account settings
Email [email protected] to opt-out completely

Analytics and Tracking:

Disable in Account privacy settings
Use browser "Do Not Track" signals
Clear cookies regularly

Postmark Email Tracking:

Tracking can be disabled at email level
Contact support to disable for all emails

13. CHILDREN'S PRIVACY

13.1 No Service for Children

The Service is NOT intended for individuals under 18 years of age. We do not knowingly collect personal data from children.

13.2 If a Child's Data is Collected

If we become aware that we've collected data from a child under 18:

We will immediately delete such data
We will notify the parent or guardian
We will take measures to prevent future collection

Parents or guardians who believe a child's data has been collected should contact us immediately at [email protected].

13.3 Parental Controls

If your child accesses the Service:

You are responsible for monitoring their activity
You are responsible for their compliance with these terms
We recommend implementing parental controls on their devices

14. SENSITIVE PERSONAL DATA

14.1 Definition and Handling

Sensitive Personal Data includes:

Financial information (bank accounts, payment information)
Government identifiers (Aadhaar, PAN, GST numbers)
Medical information
Biometric data
Religious or political affiliation
Criminal records or legal proceedings

14.2 Consent for Sensitive Data

We obtain explicit consent before processing Sensitive Personal Data, except where:

Processing is necessary to provide the Service
Required by law or court order
Necessary for security, fraud prevention, or protection of vital interests
The data is contained in documents you voluntarily submit

14.3 Minimal Processing

We minimize processing of Sensitive Personal Data by:

Anonymizing where possible
Using only what's necessary for service provision
Restricting access to authorized personnel only
Encrypting sensitive data at rest

14.4 Your Responsibility

Important: If documents you submit contain Sensitive Personal Data:

You are responsible for legal compliance (data protection, consent)
You warrant that you have appropriate permissions
You accept liability for any violations
We recommend removing unnecessary sensitive data before submission

15. THIRD-PARTY SERVICES AND LINKS

15.1 Third-Party Integrations

The Service integrates with third-party services. When you connect third-party services:

Their privacy policies govern their data collection
We are not responsible for third-party privacy practices
You should review their privacy policies independently
We do not control third-party data handling

Integrated Third Parties:

Zoho Books: https://www.zoho.com/privacy.html
Postmark: https://postmarkapp.com/privacy
Cloudflare: https://www.cloudflare.com/privacy
OpenAI: https://openai.com/privacy
Sentry: https://sentry.io/privacy/

15.2 Third-Party Links

The Service may contain links to third-party websites. We are not responsible for:

Third-party website privacy practices
Content on third-party websites
Data collection by third-party websites
Security of third-party websites

Review third-party privacy policies before providing information.

16. DATA BREACH NOTIFICATION

16.1 Security Breach Protocol

If we discover a security breach compromising personal data:

Investigation: We immediately investigate the scope and nature of the breach
Risk Assessment: We assess the risk to affected individuals
Notification: We notify affected users within 72 hours of discovery
Government Notification: We notify relevant authorities (RBI, GSTN, etc.) as required by law
Documentation: We maintain detailed breach records

16.2 Breach Notification Content

Notifications will include:

Nature of the breach and data affected
Potential risks to you
Measures we're taking to address the breach
Your recommended actions
Contact information for further inquiries
Resources and support available

16.3 Your Rights After Breach

After a breach, you have the right to:

Request data deletion
Receive credit monitoring (if payment data affected)
Seek compensation for damages
File complaints with authorities
Terminate your Account without penalty

17. DATA PROTECTION OFFICER

17.1 Contact Information

For privacy inquiries, complaints, or to exercise your rights, contact:

Chief Privacy Officer Qvikmessage Document Automator Email: [email protected] Address: Bengaluru, Karnataka, India

Response time: Within 5-7 business days

17.2 Privacy Request Process

Email [email protected] with subject: "Privacy Request: [Type of Request]"
Clearly describe your request and provide necessary details
Include your Account email and any supporting documents
We will acknowledge receipt within 2 business days
We will respond with a resolution within 30 days

18. COMPLAINT AND ESCALATION

18.1 Filing a Complaint

If you believe your privacy rights have been violated:

Step 1: Internal Escalation

Email [email protected] with detailed complaint
Include evidence and specific violations
Allow 30 days for investigation and resolution

Step 2: Regulatory Complaint If unresolved, file complaints with:

Data Protection Authority: Indian regulatory bodies managing data protection
Goods and Services Tax Authority: For tax data violations
Reserve Bank of India: For financial data violations
Consumer Protection Authority: For consumer rights violations
Cyber Crime Reporting: If criminal activity is involved

Step 3: Legal Action

File civil suit in courts of Bengaluru
Seek compensation for damages
Obtain injunctive relief if necessary

19. POLICY CHANGES AND UPDATES

19.1 Modification Right

We may update this Privacy Policy to:

Reflect changes in our data practices
Comply with new laws or regulations
Improve clarity and transparency
Address emerging privacy risks

19.2 Notification of Changes

Changes are effective when posted to the website. Material changes receive:

At least 30 days' notice before effectiveness
Prominent notification on the website
Email notification to registered users
Updated version with new "Effective Date"

19.3 Your Choice

If material changes reduce your privacy protections:

You may review the new Policy
You may accept or reject changes
Continued use constitutes acceptance
You may terminate your Account without penalty within 30 days

20. COMPLIANCE WITH REGULATIONS

20.1 Information Technology Rules Compliance

We comply with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 by:

Implementing reasonable security practices
Obtaining consent for sensitive data processing
Providing privacy policies to users
Enabling user choice and control
Restricting data access to authorized personnel
Maintaining audit logs and accountability

20.2 GST Act Compliance

For GST-related data, we comply by:

Maintaining accurate GST registration records
Preserving invoices and transaction records for 6 years
Providing data to tax authorities upon legitimate request
Implementing internal controls for GST compliance

20.3 RBI Guidelines Compliance

For payment-related data, we comply with RBI guidelines by:

Using certified payment processors
Encrypting sensitive financial data
Implementing fraud detection mechanisms
Maintaining audit trails for all transactions
Complying with Know Your Customer (KYC) requirements

21. GLOBAL PRIVACY COMPLIANCE

21.1 GDPR Compliance (EU Residents)

If you're located in the European Union:

You have additional rights under GDPR
Your data is protected by our GDPR-compliant practices
We have a Data Protection Officer
Legal basis for processing is transparent
You have the right to lodge complaints with your national DPA

21.2 Other Jurisdictions

If you're subject to other privacy laws (UK GDPR, Canada PIPEDA, Australia Privacy Act, etc.):

We adapt our practices to comply with applicable law
Contact us for jurisdiction-specific information
We may need to restrict data processing based on your location

22. CONTACT AND SUPPORT

22.1 Privacy Inquiries

For all privacy-related inquiries, including:

Data access requests
Deletion requests
Privacy concerns
Complaint escalation

Contact: Email: [email protected] Address: Bengaluru, Karnataka, India Phone: [Support contact available on website]

Response Time: We respond to all inquiries within 5-7 business days.

22.2 Regular Business Support

For non-privacy customer support: Email: [email protected]

23. ENTIRE POLICY

This Privacy Policy, together with the Terms of Service and any other documents referenced, constitutes the entire privacy agreement between you and Qvikmessage regarding personal data. No prior representations, agreements, or understandings remain valid.

24. GOVERNING LAW AND JURISDICTION

This Privacy Policy is governed by the laws of India, specifically:

Information Technology Act, 2000
Information Technology Rules, 2011
Goods and Services Tax Act, 2017
Consumer Protection Act, 2019

All disputes regarding privacy are resolved in the courts of Bengaluru, Karnataka, India, as specified in our Terms of Service.

Last Updated: November 18, 2025

Effective Date: November 18, 2025

This Privacy Policy is effective as of the date first written above and continues until modified by Qvikmessage. Your continued use of the Service after modifications constitutes acceptance of the updated Policy.