ADDies

Privacy Covenants

Our solemn commitments to protect your privacy and data

Binding promises we make to every user of Apni Desi Dukaan

What Are Privacy Covenants?

Privacy Covenants are our binding, enforceable commitments to you regarding how we handle your personal data. Unlike general privacy policies that describe practices, these covenants represent solemn promises we make to every user of Apni Desi Dukaan.

These commitments go beyond legal requirements, reflecting our core values and the trust you place in us. We hold ourselves accountable to these standards and invite you to hold us accountable as well.

Our Promise to You

These covenants represent our unwavering commitment to your privacy. They are not aspirational goals but concrete obligations we fulfill every day. If we fail to uphold any covenant, we are accountable to you and committed to making it right.

Our Six Core Privacy Covenants

Covenant 1

Covenant of Transparency

We commit to complete transparency in how we collect, use, and protect your data.

Covenant 2

Covenant of Security

We commit to implementing and maintaining the highest standards of data security.

Covenant 3

Covenant of User Control

We commit to giving you complete control over your personal data.

Covenant 4

Covenant of Data Minimization

We commit to collecting only the data necessary to provide our services.

Covenant 5

Covenant of Consent

We commit to obtaining your explicit consent before collecting or using your data.

Covenant 6

Covenant of Accountability

We commit to being accountable for protecting your privacy and data.

Core Data Protection Principles

Lawfulness, Fairness & Transparency

We process data lawfully, fairly, and in a transparent manner

All data processing has a legal basis and is communicated clearly to users

Purpose Limitation

Data collected for specified, explicit, and legitimate purposes

We do not use data for purposes incompatible with original intent

Data Minimization

Only collect adequate, relevant, and necessary data

We limit data collection to what is strictly needed for service delivery

Accuracy

Maintain accurate and up-to-date personal data

We provide tools for users to keep their information current

Storage Limitation

Retain data only as long as necessary

We have clear retention policies and delete data when no longer needed

Integrity & Confidentiality

Ensure appropriate security of personal data

We implement robust security measures to protect against unauthorized access

Your Privacy Rights Under Our Covenants

Right to Access

View all personal data we hold about you

How to exercise: Request your data anytime through account settings

Right to Rectification

Correct any inaccurate or incomplete data

How to exercise: Update your information directly in your profile

Right to Erasure

Request deletion of your personal data

How to exercise: Submit a deletion request through support

Right to Portability

Receive your data in a portable format

How to exercise: Export your data from account settings

Right to Object

Object to certain data processing activities

How to exercise: Manage your privacy preferences in settings

Right to Restriction

Request restriction of data processing

How to exercise: Contact our privacy team for assistance

Our Response Commitments

Immediate Actions

Within 24 hours

  • Respond to urgent privacy concerns
  • Address security incidents
  • Provide emergency data access

Short-term Actions

Within 7 days

  • Process standard data requests
  • Update user information
  • Resolve privacy inquiries

Standard Actions

Within 30 days

  • Complete data deletion requests
  • Provide comprehensive data exports
  • Implement privacy preference changes

Enforcement & Accountability

These covenants are not merely aspirational statements - they are binding commitments that we take seriously. Here's how we ensure accountability:

Internal Oversight

  • Dedicated Data Protection Officer oversees compliance
  • Quarterly internal audits of privacy practices
  • Regular training for all employees on privacy commitments
  • Privacy impact assessments for new features

External Accountability

  • Annual third-party privacy audits and certifications
  • Transparent reporting of compliance metrics
  • User feedback mechanisms for privacy concerns
  • Cooperation with regulatory authorities

If We Breach Our Covenants

While we are committed to upholding these covenants at all times, we acknowledge that mistakes can happen. If we fail to meet any of our commitments:

1. Immediate Notification

We will notify affected users within 72 hours of discovering the breach, explaining what happened and what data was affected.

2. Corrective Action

We will immediately take steps to rectify the situation, prevent recurrence, and mitigate any harm caused to users.

3. Transparent Reporting

We will publish a detailed incident report explaining what went wrong, the impact, and our response actions.

4. User Remediation

We will work with affected users to address any harm or inconvenience caused and provide appropriate remediation.

Questions About Our Privacy Covenants?

Our Data Protection Officer and privacy team are here to answer any questions you have about our commitments or how we protect your data.

Address

Brij Vihar Colony, Barabanki, UP (225001)

Response time: Within 72 hours for all privacy-related inquiries