Privacy Policy

Last updated: 2 April 2026

TANIYUR ("we", "us") respects your privacy. This Privacy Policy describes how we collect, use, store, and share personal data when you use our website, marketing channels, and the TANIYUR society operating platform, in accordance with the Digital Personal Data Protection Act, 2023 ("DPDP Act") and other applicable laws in India. For a high-level compliance summary, see our DPDP compliance overview. This policy is not legal advice.

1. Who we are

For the purposes of the DPDP Act, we act as a Data Fiduciary when we determine the purpose and means of processing your digital personal data. You, as an individual to whom such data relates, are the Data Principal.

2. Scope

This policy applies to:

  • Visitors to our public website (e.g. taniyur.com);
  • Users of our marketing chat or contact flows who share email or phone;
  • Authorised users of the TANIYUR platform (residents, committee members, staff, and administrators), including mobile and web clients that connect to our API.

3. Personal data we collect

Depending on how you interact with us, we may process:

  • Identity and profile: name, society or unit identifiers, role, and similar account attributes.
  • Contact: email address, phone number, and mailing address where provided.
  • Operational and society data: visitor logs, complaints, notices, billing references, and other data your society records in the platform.
  • Financial and transaction metadata: payment references and ledger entries processed through integrated payment providers (card or bank details are handled by certified payment gateways, not stored by us as full card data).
  • Technical and security: IP address, device and browser type, session identifiers, authentication events, and timestamps.
  • Communications: messages you send via support or in-product channels, including content routed to our team for response (e.g. visitor chat notifications).

4. Purposes and legal bases

We process personal data to:

  • Provide, operate, and improve the TANIYUR platform and website;
  • Authenticate users, enforce access rules, and protect security;
  • Facilitate society billing, compliance workflows, and communications you expect from the product;
  • Respond to enquiries, demos, and support requests;
  • Comply with law, court orders, or lawful requests by competent authorities;
  • Defend legal claims and enforce our Terms & Conditions.

We rely on consent where required under the DPDP Act, and on other permissible grounds—including voluntary provision of data for specified purposes and legitimate uses recognised under the Act—where applicable.

5. Cookies and similar technologies

We use cookies and similar technologies as needed for session management, security, preferences, and analytics. You can control cookies through your browser settings; disabling some cookies may limit certain features.

6. Sharing and processors

We may share personal data with trusted Data Processors and service providers who assist us (hosting, database, authentication, email, analytics, payment, and internal tooling such as team notifications), under contracts that require them to protect data and process it only on our instructions. We do not sell personal data.

7. Cross-border processing

Some processors may be located outside India. Where personal data is transferred outside India, we comply with the DPDP Act and with Central Government notifications regarding permissible transfers or restrictions, as in force from time to time.

8. Retention

We retain personal data only for as long as necessary for the purposes above, including statutory, accounting, or dispute-resolution needs, after which we delete or anonymise it in line with internal schedules. Society-specific retention may also follow instructions from the customer (management committee) where consistent with law.

9. Security

We implement appropriate technical and organisational measures—including encryption in transit, access control, and monitoring—to protect personal data against unauthorised access, loss, or alteration. No method of transmission or storage is completely secure; we continually review our practices.

10. Your rights under the DPDP Act

Subject to the DPDP Act and applicable rules, you may have the right to obtain information about processing, seek correction of inaccurate data, request erasure where grounds apply, withdraw consent (where processing is consent-based), nominate another individual as provided under the Act, and use our grievance mechanism. Some requests may need to be routed through your society administrator where data is controlled jointly for society operations.

11. Grievance officer / contact

For privacy requests, corrections, or grievances, contact us at privacy@taniyur.com. We will acknowledge and address grievances in line with the DPDP Act and rules (including prescribed timelines, once applicable to your matter). You may also have the right to approach the Data Protection Board of India as the law permits.

12. Changes

We may update this Privacy Policy from time to time. We will post the revised version with a new "Last updated" date and, where appropriate, provide additional notice.