Privacy Policy

1. Introduction

aftermarkets.in ("we", "us", "our") provides the website and its associated services including the iOS app, Telegram bot, MCP server, and API. This Privacy Policy describes how we collect, use, and protect your personal data in accordance with the Digital Personal Data Protection Act, 2023 (DPDPA) and the Information Technology Act, 2000.

2. Information We Collect

Account Data

When you create an account via email/password or Google Sign-In, we collect your email address, display name, and profile picture (if signing in with Google).

User-Generated Data

Screener configurations, watchlists, alerts, and preferences you save on our platform.

Payment Data

Payment information (card details, UPI, bank account) is processed directly by our payment processors. We do not store your full payment credentials. We retain transaction identifiers and billing history for record-keeping.

Usage Data

We collect page views, click events, device information, and user identifiers through a product analytics provider to understand how the platform is used and to improve it.

Technical Data

IP addresses, browser type, operating system, and request headers collected by our CDN and security provider for content delivery and protection against abuse.

Telegram Data

If you link your Telegram account with our bot, we store your Telegram user ID and chat ID to deliver filing alerts.

3. How We Use Your Information

• Provide, maintain, and improve our services
• Process subscription payments and manage billing
• Send alerts, notifications, and filing digests you have requested
• Analyse usage patterns to improve the product
• Comply with legal obligations and prevent fraud
• Respond to your inquiries and support requests

4. Third-Party Data Processors

We work with a limited set of reputable service providers to deliver aftermarkets.in. These fall into the following categories:

• Infrastructure, hosting, and security providers: to store data, deliver content, and protect against abuse.
• Authentication providers: to enable sign-in via email/password and third-party identity services.
• Payment processors: to process subscription payments on web and in-app purchases on iOS.
• Analytics providers: to understand product usage and improve the platform.
• AI model providers: to generate filing summaries and power the in-app chat.

Each processor receives only the minimum data necessary to perform its function and is contractually required to handle your data responsibly. Some of these providers operate infrastructure outside India.

We do not sell, trade, or rent your personal information to third parties. We may share aggregated, non-personally identifiable information for analytics purposes.

5. Cookies

• Session Cookies: Authentication tokens to maintain your login session.
• Analytics Cookies: Set by our analytics provider to track usage patterns and improve the product.
• Security Cookies: Set by our CDN and security provider for bot detection and DDoS protection.

We do not use advertising or tracking cookies from ad networks.

6. Data Retention

• Account Data: Retained while your account is active, plus 30 days after a deletion request to allow for recovery.
• Payment Records: Retained as required by applicable law (Information Technology Act, up to 8 years).
• Usage Analytics: Retained in aggregated form indefinitely.

7. Your Rights

Under the Digital Personal Data Protection Act, 2023, you have the right to:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Erasure: Request deletion of your personal data, subject to legal retention requirements.
• Nomination: Nominate another person to exercise your rights on your behalf.
• Withdraw Consent: Withdraw consent for data processing at any time.
• Grievance Redressal: File a complaint with our Grievance Officer or the Data Protection Board of India.

To exercise any of these rights, email contact@aftermarkets.in. We will respond within 30 days.

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including encryption in transit (TLS), secure infrastructure behind a web application firewall, and access controls limiting data access to authorised personnel only.

9. Children's Data

aftermarkets.in is not intended for users under 18 years of age. We do not knowingly collect personal data from minors. If you believe a minor has provided us with personal data, please contact us and we will delete it.

10. International Data Transfers

Your primary data (account, screeners, watchlists) is stored on servers located in India. Some of our third-party processors (including analytics, authentication, payment, and content-delivery providers) operate infrastructure outside India. By using aftermarkets.in, you consent to these transfers as described in the Third-Party Data Processors section above.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a notice on the website. The "Last updated" date at the top reflects the most recent revision.

12. Contact & Grievance Officer

For questions about this Privacy Policy or to exercise your data rights, contact:

Grievance Officer
Chainlytics Advisory Services LLP
Email: contact@aftermarkets.in