Privacy Policy

Last updated: December 15, 2024

1. Introduction

Welcome to turrant.ai ("we," "our," or "us"). We are committed to protecting your privacy and handling your data in an open and transparent manner. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered document collection platform via WhatsApp.

By using turrant.ai, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, phone number, company name, and other registration details
  • Documents: Images, PDFs, and other documents you upload or send via WhatsApp
  • Communication Data: Messages, queries, and interactions through WhatsApp and other communication channels
  • Payment Information: Billing details, payment method information (processed securely through third-party payment processors)

2.2 Information Automatically Collected

  • Usage Data: Information about how you interact with our services, including timestamps, features used, and frequency of use
  • Device Information: Device type, operating system, browser type, IP address, and unique device identifiers
  • Log Data: Server logs, error reports, and diagnostic information
  • Cookies and Tracking: We use cookies and similar technologies to enhance user experience and analyze usage patterns

2.3 Information from Third Parties

  • WhatsApp Business API: Message delivery data and interaction metadata
  • Government Verification APIs: Verification results from Aadhaar, PAN, and other document verification services
  • Integration Partners: Data from third-party services you connect to turrant.ai

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Delivery: Process, verify, and manage document collection workflows
  • AI Processing: Extract text using OCR, classify documents, and perform data validation
  • Document Verification: Validate documents through government APIs and third-party verification services
  • Communication: Send service updates, notifications, and respond to inquiries
  • Account Management: Create and maintain your account, process payments, and provide customer support
  • Improvement and Analytics: Analyze usage patterns, improve our AI models, and enhance service quality
  • Security: Detect fraud, prevent abuse, and ensure platform security
  • Legal Compliance: Comply with legal obligations, enforce our terms, and protect our rights
  • Marketing: Send promotional content (with your consent, where required by law)

4. Data Storage and Security

4.1 Data Storage

Your data is stored on secure cloud servers. We use industry-standard encryption protocols to protect data both in transit (TLS/SSL) and at rest (AES-256 encryption). Document data is stored securely and is accessible only to authorized personnel and systems.

4.2 Data Retention

We retain your personal information and documents for as long as necessary to provide our services and comply with legal obligations:

  • Account data: Retained for the duration of your account plus 90 days after account closure
  • Documents: Retained according to your subscription plan and applicable legal requirements
  • Transaction records: Retained for 7 years for tax and accounting purposes
  • Communication logs: Retained for 2 years for quality assurance and dispute resolution

4.3 Security Measures

  • End-to-end encryption for sensitive data transmission
  • Regular security audits and penetration testing
  • Access controls and authentication mechanisms
  • Employee training on data protection and privacy
  • Incident response and breach notification procedures
  • Regular backups and disaster recovery protocols

5. Data Sharing and Disclosure

We may share your information with:

5.1 Service Providers

  • Cloud hosting providers (AWS, Google Cloud, Azure)
  • WhatsApp Business API providers
  • Payment processors and financial institutions
  • Document verification and government API services
  • Analytics and monitoring services
  • Customer support and communication platforms

5.2 Legal Requirements

We may disclose your information if required by law, legal process, court order, or governmental request, or to protect our rights, property, or safety, or that of others.

5.3 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred to the successor entity.

5.4 With Your Consent

We may share your information with third parties when you explicitly consent to such sharing.

6. Your Privacy Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information (subject to legal obligations)
  • Portability: Request transfer of your data to another service provider
  • Objection: Object to certain processing activities, including marketing
  • Restriction: Request restriction of processing under certain circumstances
  • Withdrawal of Consent: Withdraw consent where processing is based on consent
  • Complaint: Lodge a complaint with a data protection authority

To exercise these rights, please contact us at privacy@turrant.ai. We will respond to your request within 30 days.

7. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws different from those in your country. We ensure appropriate safeguards are in place to protect your information, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions by relevant authorities
  • Binding Corporate Rules (BCRs) where applicable
  • Compliance with local data protection regulations

8. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Maintain your session and preferences
  • Analyze website traffic and user behavior
  • Personalize content and advertisements
  • Improve security and prevent fraud

You can control cookies through your browser settings. However, disabling cookies may affect the functionality of our services.

9. Third-Party Links and Services

Our platform may contain links to third-party websites or integrate with third-party services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any information.

10. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child under 18, we will take steps to delete such information promptly.

11. AI and Machine Learning

We use artificial intelligence and machine learning technologies to process documents, extract information, and improve our services. This includes:

  • Optical Character Recognition (OCR) for text extraction
  • Document classification and categorization
  • Data validation and fraud detection
  • Service improvement and model training

Your documents may be used to improve our AI models, but we implement strict anonymization and aggregation techniques to protect your privacy. You may opt out of this processing by contacting us.

12. Data Breach Notification

In the event of a data breach that affects your personal information, we will notify you and relevant authorities as required by applicable law, typically within 72 hours of becoming aware of the breach.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date. Your continued use of our services after such changes constitutes acceptance of the updated policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: privacy@turrant.ai

General Inquiries: hello@turrant.ai

Data Protection Officer: dpo@turrant.ai

15. Jurisdiction-Specific Provisions

15.1 For Indian Users (Digital Personal Data Protection Act)

If you are located in India, you have specific rights under the Digital Personal Data Protection Act, 2023, including the right to access, correct, and delete your personal data. We process your data with your consent and for legitimate business purposes.

15.2 For EU/EEA Users (GDPR)

If you are in the European Union or European Economic Area, you have rights under the General Data Protection Regulation (GDPR), including the right to access, rectification, erasure, restriction, portability, and objection. Our lawful basis for processing includes consent, contract performance, legal obligation, and legitimate interests.

15.3 For California Users (CCPA)

California residents have specific rights under the California Consumer Privacy Act (CCPA), including the right to know, delete, and opt-out of the sale of personal information. We do not sell your personal information.