Privacy Policy for Goa Jewelers Association Mobile App and Website

1. Introduction

The Goa Jewelers Association provides services through our mobile app and website to support our members, guests, and admins. These services include access to gold price tables, member management, attendance tracking (on the App), and communication through website forms. This Privacy Policy ensures transparency in how we handle your personal data across both platforms.

2. Definitions

• Personal Data: Any information that relates to an identified or identifiable individual (e.g., name, phone number, email address).
• Data Principal: The individual whose personal data is being processed (i.e., you, the user).
• Data Fiduciary: The entity that determines the purpose and means of processing personal data (i.e., Goa Jewelers Association).
• Processing: Any operation performed on personal data, such as collection, storage, use, sharing, or deletion.
• Consent: Your explicit agreement to the collection and processing of your personal data.

3. Personal Data We Collect

We collect various types of personal data depending on how you interact with our App and Website. The table below outlines the data collected:

4. How We Collect Your Personal Data

We collect personal data in the following ways:

• Directly from You:
  • Through registration or login processes on the App (e.g., phone number for OTP login).
  • Through attendance tracking features on the App.
  • Through forms on the Website (e.g., registration, contact, or inquiry forms).
• Automatically:
  • Through device information (e.g., IP address, device type) and usage data (e.g., pages viewed, features used) on both the App and Website.
  • Through cookies and similar technologies on the Website to track browsing behavior and preferences.

5. Purposes for Processing Your Personal Data

We process your personal data for the following legitimate purposes:

• To provide and manage membership services, including registration, login, and access to member-only features on both the App and Website.
• To record and manage attendance at Association events or meetings (App only).
• To display gold price tables and related information, as set by admins, on both the App and Website.
• To analyze usage data to improve the functionality and user experience of our App and Website.
• To respond to inquiries or messages submitted through the Website’s contact forms.

We do not use your personal data for purposes other than those listed above unless we obtain your explicit consent or as required by law.

6. Legal Basis for Processing

We process your personal data based on your explicit consent, which you provide when you register as a member, use specific features, or interact with our services. You may withdraw your consent at any time by contacting us (see Section 18: Contact Us). In some cases, we may process data without consent if permitted under the DPDP Act, such as for legal obligations.

7. Data Retention

• Member data (e.g., phone number, name, attendance records) is retained for the duration of your membership or as needed for legal or administrative purposes.
• Non-personal usage data may be retained for analytics but will be anonymized and aggregated to prevent identification.

When personal data is no longer needed, we securely delete or anonymize it in accordance with applicable laws.

8. Your Rights as a Data Principal

Under the DPDP Act, you have the following rights regarding your personal data:

• Right to Access: Request access to the personal data we hold about you.
• Right to Correction: Request correction or updating of inaccurate or incomplete personal data.
• Right to Deletion: Request deletion of your personal data, subject to legal or contractual obligations.
• Right to Nominate: Nominate someone to exercise these rights on your behalf in case of death or incapacity.

To exercise these rights, please contact us using the details in Section 18: Contact Us. We will respond to your requests promptly and in accordance with the DPDP Act.

9. Data Security

• Secure storage of data on servers located within India.
• Encryption of sensitive data during transmission (e.g., OTP for login).
• Access controls to ensure only authorized personnel (e.g., admins) can access member data.

While we strive to protect your data, no method of transmission or storage is completely secure. We are committed to maintaining robust safeguards.

10. Cross-Border Transfer

Currently, we do not transfer your personal data outside India. If international data transfers become necessary in the future, we will ensure compliance with the DPDP Act, including implementing appropriate safeguards or obtaining your consent as required.

11. Third-Party Services

We use third-party services to enhance the functionality of our App and Website. Specifically:

• App: We use [2factor.in] to send one-time passwords (OTPs) for authentication. Your phone number is shared with [2factor.in] solely for this purpose.
• Website: We may use analytics tools (e.g., Google Analytics) to understand user behavior and improve the Website’s performance.

By using our App or Website, you consent to the sharing of your data with these third-party services as necessary to provide our services. We ensure these services comply with the DPDP Act, and we encourage you to review their privacy policies for additional details.

12. Cookies and Similar Technologies

Our Website uses cookies and similar technologies to enhance your experience and collect information about how you use our site. Cookies are small text files stored on your device that help us remember your preferences, analyze traffic, and improve functionality. You can manage your cookie preferences through your browser settings, but disabling cookies may affect some features of our Website.

13. Gold Price Data

The gold price data displayed on our App and Website is set by the Association’s admins and does not involve the collection or processing of personal data. This data is provided for informational purposes and may be sourced from external market data.

14. Children’s Privacy

Our App and Website are not intended for use by children under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without verifiable parental consent, we will take steps to delete that information promptly.

15. Consent

By using our App or Website and providing your personal data, you consent to its collection, use, and processing as described in this Privacy Policy, including the sharing of your phone number with [2factor.in] for OTP authentication. You may withdraw your consent at any time by contacting us (see Section 18: Contact Us). Withdrawal of consent may limit your access to certain features of our services.

16. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. Significant changes will be communicated by posting the updated policy on our Website and in the App, with the “Last Updated” date revised accordingly. Your continued use of our services after such changes constitutes your acceptance of the updated Privacy Policy.

17. How to Access This Privacy Policy

This Privacy Policy is accessible on our Website under the “Legal” section and within the App under the “Settings” or “Legal” menu. We recommend reviewing it regularly to stay informed about how we handle your personal data.

18. Contact Us

For questions, concerns, or to exercise your rights under the DPDP Act, please contact us at [insert contact email or phone number]. We are committed to addressing your inquiries promptly and transparently.

19. International Users

Our Website may be accessed from outside India, but we are based in India, and our data protection practices are governed by Indian laws. By using our Website, you consent to the transfer, storage, and processing of your personal data in India in accordance with this Privacy Policy.