logo

Legal & Compliance

Privacy Policy

This Privacy Policy describes how Bhim Bandhan collects, uses, discloses, stores, and protects information about you when you access or use our services.

Last Updated: 25 May 2026Version: 1.0

This policy is designed to comply with the Information Technology Act, 2000, the IT (Reasonable Security Practices and Procedures) Rules 2011, Google Play Store User Data Policy, and applicable international privacy frameworks including GDPR where applicable.

1. About This Application and Scope

This Application is a multi-module platform designed to serve as a social and utility super-app. In its current version (v1.0.0), only the Social Network module is active and accessible to users. Future modules — including Matrimony, Marketplace, Gig Platform, and Career Hub — are planned for release in subsequent versions.

This Privacy Policy applies to all current features and also sets out the anticipated data practices for future modules, clearly distinguished in each section below. When we say “Services,” we mean everything the Application provides, including the platform itself, any APIs, push notifications, in-app messaging, account management, content feeds, and related features.

2. Information We Collect

We collect several categories of information to provide, improve, and secure our Services. The nature and extent of data collection varies depending on the modules you use and your account configuration.

2.1 Information You Provide Directly

  • Account Registration Data: Full name, username, mobile phone number, email address, date of birth, gender, and profile photograph.
  • Profile Information: Biography text, location (city or region), interests, links to external social profiles, and any other optional profile fields you choose to complete.
  • Content You Post: Images, videos, reels, text posts, polls, stories, comments, captions, hashtags, and any other user-generated content you publish.
  • Communications: Messages you send through in-app chat, voice messages, and metadata including timestamps and read receipts.
  • Support Communications: Information you provide when you contact our support team, report a problem, or submit a complaint.
  • Preferences and Settings: Notification settings, privacy settings, content preferences, language settings, and account configuration choices.

2.2 Information We Collect Automatically

  • Device Information: Device model, manufacturer, operating system version, unique device identifiers (Android ID, advertising ID), screen resolution, hardware capabilities, and mobile carrier information.
  • Log Data: IP address, app version, time and date of access, pages or features visited, time spent on features, crash logs, error reports, and other diagnostic data.
  • Usage and Behavioral Data: Features you use, content you interact with (likes, comments, shares, saves, watches), search queries, profile pages you visit, and the frequency of your interactions.
  • Network and Connectivity Data: Wi-Fi network information (where applicable), connection type (mobile data or Wi-Fi), and approximate network location.
  • Performance Data: App performance metrics, crash reports, ANR data, and battery/memory usage statistics.

2.3 Information From Your Device Permissions

The Application requests certain device permissions that enable specific features. Below is a full disclosure of each permission and its purpose:

PermissionPurposeStatus
CAMERACapturing photos and videos for profile pictures, posts, reels, and stories.Optional
MICROPHONERecording audio for video posts, reels, voice messages, and voice calls.Optional
READ_EXTERNAL_STORAGE / READ_MEDIA_IMAGES / READ_MEDIA_VIDEOAccessing media files from your device gallery to upload as posts, reels, or profile media.Optional
CAMERA (QR scanning)Scanning QR codes for profile sharing or community joining.Optional
INTERNETConnecting to application servers to deliver content, sync data, and enable all online features.Required
ACCESS_NETWORK_STATEDetecting network availability to manage content loading, offline mode, and sync behavior.Required
VIBRATEDelivering haptic feedback for notifications and interaction confirmations.Optional
RECEIVE_BOOT_COMPLETEDRe-registering push notification service after device restart to ensure uninterrupted notifications.Required for notifications
FOREGROUND_SERVICERunning background tasks such as media upload and real-time chat without interruption.Required for upload features
POST_NOTIFICATIONS (Android 13+)Displaying push notifications for messages, activity alerts, and system communications.Optional

2.4 Information From Third Parties

If you choose to register or log in using a third-party authentication provider (such as Google Sign-In or Facebook Login), we receive limited profile information from that provider including your name, email address, and profile photograph. We do not receive your password from third-party authentication providers.

We may also receive anonymized and aggregated data from analytics providers and crash reporting services, which is used solely to improve performance and user experience.

3. How We Use Your Information

We use the information we collect for specific, legitimate purposes. We do not sell your personal data to advertisers or third-party data brokers.

3.1 Account and Service Delivery

  • Creating, maintaining, and managing your user account.
  • Authenticating your identity when you log in.
  • Enabling you to post content, interact with other users, follow accounts, and use all Social Network features.
  • Delivering push notifications, in-app alerts, and email communications related to your account activity.
  • Processing your requests, responding to your support queries, and resolving disputes.

3.2 Personalization and Content Recommendations

  • Personalizing your content feed, discovery page, and suggested accounts based on your interests, activity, and location.
  • Recommending communities, groups, and trending content relevant to your preferences.
  • Tailoring the in-app experience based on your device type and usage patterns.

3.3 Safety, Security, and Integrity

  • Detecting and preventing fraud, fake accounts, spam, harassment, and policy violations.
  • Enforcing our Terms of Service and Content Guidelines.
  • Investigating reports submitted by users about potential violations.
  • Protecting the security of your account and the platform as a whole.
  • Verifying user identity where required for trust and safety features.

3.4 Analytics and Improvement

  • Understanding how users interact with features to improve product design and performance.
  • Analyzing crash reports and error logs to fix bugs and technical issues.
  • Measuring the effectiveness of content moderation and safety systems.
  • Conducting internal research and development to build new features and modules.

3.5 Legal Compliance

  • Meeting our legal obligations under applicable Indian law and international regulations.
  • Responding to lawful requests from government authorities, law enforcement, or courts.
  • Establishing, exercising, or defending legal claims.

5. Data Storage and Security

5.1 Where Your Data is Stored

Your data is stored on secure cloud servers hosted on industry-leading cloud platforms that comply with internationally recognized security standards. Data may be stored on servers located within India or in other jurisdictions where our cloud partners operate, subject to appropriate data transfer safeguards.

5.2 Security Measures

  • Encryption in Transit: All data transmitted between your device and our servers is encrypted using TLS (Transport Layer Security) protocols.
  • Encryption at Rest: Sensitive data fields including authentication tokens, phone numbers, and personal identifiers are encrypted using AES-256 encryption or equivalent.
  • Access Controls: Access to production data is restricted to authorized personnel on a need-to-know basis, with multi-factor authentication required for all administrative access.
  • Vulnerability Management: We conduct periodic security assessments, penetration testing, and code audits to identify and remediate security vulnerabilities.
  • Incident Response: We maintain a documented data breach response plan and will notify affected users in accordance with applicable legal requirements.
  • Monitoring: Our infrastructure is monitored continuously for unauthorized access, anomalous behavior, and potential security threats.

5.3 Security Limitations

While we employ strong technical and organizational safeguards, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security of your information. You also play a role in security by keeping your account credentials confidential and using strong passwords.

6. Data Retention Policy

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce agreements.

  • Active Account Data: Retained for as long as your account remains active.
  • Deleted Content: Removed from public view immediately; residual copies in backups deleted within 30 days.
  • Chat Messages: Retained to enable message history; copies may remain in encrypted server backups for up to 90 days after deletion.
  • Account Deletion: Core personal identifiers deleted within 90 days; certain data may be retained up to 180 days for fraud prevention.
  • Legal Hold: Data subject to an active legal hold is retained for the duration specified by that legal process.
  • Analytics and Logs: Anonymized and aggregated analytics data may be retained indefinitely as it cannot be used to identify individual users.

7. Sharing and Disclosure of Information

7.1 Public Content

Any content you post publicly on the Social Network is visible to other users. Please exercise care in what you share publicly, as we cannot control how other users may use or share publicly available content.

7.2 Service Providers

We engage trusted third-party service providers who are permitted to process your data only as instructed by us and are contractually bound by confidentiality obligations. Categories include:

  • Cloud infrastructure and hosting providers
  • Analytics and crash reporting services
  • Push notification delivery services
  • Identity verification services (for future modules)
  • Customer support platforms
  • Payment processing providers (for future wallet and commerce modules)

7.3 Legal Disclosures

We may disclose your information to government authorities, law enforcement agencies, or courts when required to do so by applicable law, court order, or legal process. We will notify you of such requests where legally permitted.

7.4 Business Transfers

If the Application undergoes a merger, acquisition, restructuring, or sale of assets, your information may be transferred to the acquiring entity. We will provide notice of any such transfer and the choices available to you.

7.5 With Your Consent

We may share your information in any other manner that you explicitly consent to at the time of disclosure.

7.6 What We Never Do

Our Data Sharing Commitments

  • We do NOT sell your personal data to advertisers or data brokers.
  • We do NOT share your private messages with third parties except as required by law.
  • We do NOT allow third parties to access your data for their own advertising purposes without your consent.
  • We do NOT use your biometric data for any commercial or advertising purpose.

8. Third-Party Services and SDKs

The Application integrates certain third-party SDKs and services that may independently collect data subject to their own privacy policies:

  • Firebase (Google): Used for push notifications, crash analytics (Crashlytics), and performance monitoring. Subject to Google's Privacy Policy.
  • Google Analytics for Firebase: Used for aggregated, anonymized usage analytics. Subject to Google's Privacy Policy.
  • Google Sign-In / OAuth: Used as an optional authentication mechanism. Subject to Google's Terms of Service.
  • Content Delivery Networks (CDN): Used to cache and deliver media content efficiently. CDN providers may log request metadata including IP addresses.

We are not responsible for the data practices of third-party services. We encourage you to review the privacy policies of any third-party services linked to or integrated with our Application.

9. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal data. We honor these rights for all users regardless of jurisdiction:

9.1 Access and Portability

You have the right to request a copy of the personal data we hold about you. You may access most of your data directly within the Application through your account settings. For a comprehensive data export, submit a request through the in-app support channel.

9.2 Correction

You have the right to correct inaccurate or incomplete personal information. You may update most profile information directly within the Application.

9.3 Deletion

You have the right to request deletion of your personal data. You may delete your account at any time through account settings. Refer to the Account Deletion Policy for full details.

9.4 Objection and Restriction

You may object to certain types of processing, including processing based on legitimate interests, and request that we restrict processing of your data in certain circumstances.

9.5 Withdrawal of Consent

Where processing is based on your consent, you may withdraw that consent at any time through your device settings or through in-app settings. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.

9.6 Opt-Out of Personalized Recommendations

You may opt out of interest-based content recommendations through your account settings. You will still see content, but it will be less personalized.

9.7 How to Exercise Your Rights

To exercise your data rights, use the in-app Settings menu, submit a request through the Report a Problem feature, or contact us through the support channel. We will respond to all verified requests within 30 days.

10. Children's Privacy

The Application is not intended for use by individuals under the age of 13 years. We do not knowingly collect personal information from children under 13. Users between the ages of 13 and 18 may use the Application only with the consent and supervision of a parent or legal guardian.

If we become aware that we have inadvertently collected personal information from a child under 13, we will take immediate steps to delete such information. If you believe we have collected information from a minor in violation of this policy, please contact us immediately through the in-app reporting system.

11. Module-Specific Privacy Considerations

CURRENTLY ACTIVESocial Network Module
  • Content Visibility: Posts marked as "Public" are visible to all users. Posts marked as "Private" or "Followers Only" are visible only to approved followers.
  • Story Data: Stories are visible for 24 hours and then hidden from public view. The underlying media file is deleted from our servers within 30 days of expiry.
  • Profile Discoverability: Your username and profile photograph are discoverable by other users. You may control additional discoverability settings through your privacy settings.
  • Interaction Data: Likes, comments, shares, and follows create visible activity records associated with your account.
  • Location Tags: If you choose to tag a location in a post, that location information becomes part of the post's public metadata.
PLANNED FUTURE MODULEMatrimony Module

When activated, the Matrimony module will collect additional sensitive personal data including religion, caste, educational qualifications, income range, family details, and identity verification documents. This data will be subject to heightened security measures and will not be shared with any party other than matched profiles, as explicitly authorized by the user. Full privacy terms will be published prior to activation.

PLANNED FUTURE MODULEMarketplace Module

The Marketplace module will collect transactional data including purchase history, shipping addresses, payment method identifiers (not full card numbers), and seller account details. This data will be processed by our payment processing partners under their applicable security standards. Full privacy terms will be published prior to module activation.

PLANNED FUTURE MODULEGig Platform Module

The Gig Platform module will collect work history, skill profiles, location data for gig matching, earnings records, and identity verification details for workers. This data will be used solely for gig matching, payment processing, and platform safety. Full privacy terms will be published prior to activation.

PLANNED FUTURE MODULECareer Hub / EdTech Module

The Career Hub module will collect resume data, career history, educational background, skill assessments, and learning progress data. This data will be used for job matching, course recommendations, and career development services. Full privacy terms will be published prior to activation.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations. When we make material changes, we will notify you through the Application via a prominent in-app notification or system message at least 15 days before the changes take effect.

Your continued use of the Application after the effective date of an updated Privacy Policy constitutes your acceptance of the revised policy. If you do not agree with the updated policy, you should discontinue use of the Application and delete your account.

13. Contact Us

If you have any questions, concerns, or requests related to this Privacy Policy or our data practices, please contact us through the in-app Support and Feedback section. We are committed to responding to all privacy-related inquiries within 30 days. For complaints that have not been resolved through our internal process, you may escalate to the relevant data protection authority in your jurisdiction.