Privacy Policy

Your privacy,
taken seriously.

Privly is built on the premise that your data is yours. This policy explains exactly what we collect, why we collect it, and how we protect it β€” in plain English.

πŸ”’ No selling your dataπŸ“§ Email + Name onlyπŸ”‘ Google OAuth🚫 No tracking pixels
Β§

Overview

This Privacy Policy applies to Privly("we", "us", or "our") and describes how we handle personal information when you use our product and website. We believe privacy isn't just a legal checkbox β€” it's core to what we do.

We collect the absolute minimumdata needed to run a functional product. We don't sell it, broker it, or share it with advertisers.

πŸ“

Jurisdiction

This policy is governed by applicable Indian data protection laws, and we aim to comply with GDPR principles for our international users.

πŸ“…

Effective date

This policy is effective as of May 18, 2025 and supersedes any prior versions.

Β§

Data We Collect

When you sign in with Google, we receive and store the following fields in our database:

FieldWhy we store itRetention
NameTo personalise your experienceUntil account deletion
Email addressAccount identity & transactional emailsUntil account deletion
Google User IDUnique identifier from OAuthUntil account deletion

We do not collect passwords, phone numbers, location data, device fingerprints, or any behavioural tracking data.

Β§

Google OAuth

Authentication is handled entirely through Google OAuth 2.0. We never see or store your Google password.

βœ…

What we request

We only request the profile and email OAuth scopes β€” the minimum required for basic authentication.

🚫

What we don't touch

We do not request access to your Gmail, Google Drive, Calendar, Contacts, or any other Google service.

πŸ”“

Revoking access

You can revoke Privly's access at any time from your Google Account permissions page. Revoking access will log you out and we will delete your data on request.

Β§

Transaction Data (Future)

⚠️

This section describes intended future behaviour. We do not currently collect payment or transaction data. This section is included for transparency about our roadmap.

When Privly introduces paid plans, we intend to store the following transaction metadata for billing, fraud prevention, and legal compliance:

  • Transaction ID (from payment processor)
  • Amount and currency
  • Purchase date and time
  • Plan / product purchased
  • Payment status (success, failed, refunded)

We will never store raw card numbers or CVVs. All payment processing will be delegated to a PCI-DSS–compliant processor (e.g. Stripe or Razorpay), and only their tokenised references will live in our database. This policy will be updated before any billing goes live.

Β§

How We Use Your Data

We use the data we collect strictly for the following purposes:

πŸ”

Authentication

Verify your identity when you sign in and maintain your session.

πŸ“¬

Transactional emails

Send receipts, security alerts, or important product updates. No marketing without consent.

πŸ› οΈ

Product functionality

Personalise your dashboard and remember your settings.

βš–οΈ

Legal obligations

Comply with applicable laws and respond to lawful requests.

We do not use your data to train AI models, sell to third parties, display targeted ads, or build behavioural profiles.

Β§

Storage & Security

Your data is stored in a managed cloud database with access controls, encryption at rest, and encrypted connections (TLS) in transit.

Encryption at restβœ… Enabled
Encryption in transitβœ… TLS 1.2 +
Access controlβœ… Role-based, least privilege
Third-party data sales🚫 Never
Marketing emails without consent🚫 Never

Despite our best efforts, no system is 100% secure. If you discover a vulnerability, please reach out to us privately before disclosing it publicly.

Β§

Your Rights

Regardless of where you're located, you have the following rights over your personal data:

  • β†’Access: Request a copy of the personal data we hold about you.
  • β†’Correction: Ask us to correct inaccurate or incomplete data.
  • β†’Deletion: Request that we delete your account and associated data. We will action this within 30 days.
  • β†’Portability: Receive your data in a machine-readable format.
  • β†’Objection: Object to any processing that you believe is not justified.

To exercise any of these rights, email us at the address below. We'll respond within 10 business days.

Β§

Contact Us

If you have questions, concerns, or requests relating to this Privacy Policy, please reach out:

ProductPrivly
Emailprivly@invisia.io
Websiteheyprivly.com

Β© 2026 Privly. All rights reserved.

Last updated: May 18, 2025