Privacy Policy

1. Introduction

Superhelp ("we," "our," or "us") operates a platform that connects customers with home and cleaning service providers in Kolhapur, Maharashtra, India. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, book services, or contact us. We are committed to protecting your privacy and handling your personal information in accordance with Indian data protection laws, including the Information Technology Act, 2000, its associated rules, and the Digital Personal Data Protection Act, 2023 (DPDP Act) where applicable. We follow principles of data minimization (collecting only what is necessary), lawful purpose, and transparency in our processing.

2. Legal Basis and Consent

We collect and process your personal data only where we have a lawful basis. For most of our services (e.g. booking, payments, support), processing is necessary to perform our contract with you. We also process data where required by law or for our legitimate interests (e.g. security, fraud prevention), in line with applicable regulations.

When and how we obtain consent:

• At the point of collection: When you provide your contact details, address, or other information to book a service or create an account, we treat that as your consent to use that data for the stated purpose (e.g. to complete the booking and communicate with you). We make the purpose clear at the time (e.g. via this policy and our Terms of Service).
• Explicit consent for optional uses: For uses that are not necessary for the core service—such as marketing emails or sharing your data with partners for their marketing—we obtain your explicit consent (e.g. a clear opt-in) before doing so. You can withdraw that consent at any time.
• Recording consent: Where required by law or best practice, we record that you have consented (e.g. timestamp and purpose), including for sensitive or optional processing. You can request information about the consent we hold for your data by contacting us.

Under the DPDP Act and similar frameworks, you have the right to withdraw consent or request correction and erasure of your personal data, subject to legal and legitimate business requirements. See the "Your Rights" section below.

3. Information We Collect

When you use Superhelp as a customer, we may collect:

• Contact Information: Name, phone number, and email address when you inquire, book, or register
• Service Details: Service address (within our Kolhapur service area), type of service (e.g. deep cleaning, regular cleaning), preferred date/time, and any special instructions you provide
• Booking and Transaction Data: History of bookings, payments, cancellations, and communications related to your services
• Communications: Records of your messages, calls, or emails with us or our team regarding bookings and support
• Device and Usage Information: IP address, browser type, device type, and how you use our website (e.g. pages visited, links clicked) for security and improving our services
• Feedback and Reviews: Any ratings, reviews, or feedback you choose to give us about our services or service providers

4. How We Use Your Information

We use the information we collect to:

• Process and manage your bookings, including sharing necessary details (e.g. name, address, contact) with the assigned service provider so they can perform the service
• Communicate with you about your bookings, confirmations, reminders, rescheduling, and support
• Process payments and maintain records required for billing, tax, and dispute resolution
• Improve our website, services, and customer experience
• Comply with legal obligations under Indian law (e.g. IT Act, tax, consumer protection)
• Detect and prevent fraud, abuse, or misuse of our platform
• Send you service-related updates or, if you have agreed, marketing communications (you can opt out at any time)

5. Data Security

We take reasonable technical and organizational measures to protect your personal information, including:

• Encrypted data transmission (e.g. SSL/TLS) where appropriate
• Secure storage and access controls for the data we hold
• Limiting access to your information to staff and service providers who need it to fulfill your bookings or support you
• Regular reviews and updates of our security practices
• Proper handling of OTP or other authentication used for your account or bookings

6. Data Sharing and Disclosure

We do not sell your personal information to third parties. We may share your information only in these situations:

• Service Providers: We share details necessary for your booking (e.g. name, phone, address, service type) with the service provider assigned to your job so they can perform the work and contact you if needed.
• With Your Consent: When you explicitly agree to sharing for a specific purpose
• Legal Compliance: When required by Indian law, court orders, or government authorities
• Service Partners: With trusted partners who help us run our business (e.g. payment processors, SMS/communication providers) under strict confidentiality and data protection commitments
• Security and Safety: To protect our rights, your safety, or to prevent fraud or misuse

7. Sensitive Personal Data and Payment Information

Under Indian law (including the IT Rules and the DPDP Act), certain data—such as financial or payment information—may be treated as sensitive. We handle such data with extra care:

• What we collect: We do not store your full card numbers or CVV on our servers. Payment details are entered through our payment partner’s secure page or API. We may store payment transaction identifiers, amounts, and status (e.g. paid, refunded) for billing and compliance.
• Consent and purpose: We collect and process payment-related data only to complete your transaction, process refunds, and comply with tax and financial regulations. Your use of our payment flow constitutes consent for this processing. We do not use payment data for marketing or unrelated purposes.
• Protection: All payment data in transit is encrypted (e.g. SSL/TLS). Our payment partner is contractually bound to comply with applicable security and data protection standards. We limit access to payment records to authorised personnel and only for the purposes stated above.
• Retention: Payment and financial records are retained as required by Indian law (e.g. tax, dispute resolution), typically for periods specified in our Data Retention section.

If we process other categories of sensitive personal data as defined under applicable law, we will do so only with your explicit consent or where permitted by law, and we will apply appropriate technical and organisational safeguards.

8. Your Rights (Including Under DPDP Act)

We support your rights under Indian law, including the Information Technology Act and the Digital Personal Data Protection Act, 2023. As a customer, you have the right to:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your data, subject to legal and legitimate business needs (e.g. retention for disputes, tax, or compliance)
• Object: Object to certain uses of your information (e.g. marketing)
• Grievance: Lodge a complaint with our Grievance Officer or with the relevant data protection authority in India
• Data Portability: Request your data in a structured, machine-readable format where applicable

We process personal data only for lawful purposes and in a fair and transparent manner. We collect only what is necessary for the stated purposes (data minimization). To exercise these rights, contact us using the details in the "Contact Us" section below. We will respond within the timeframes required under applicable law (e.g. as prescribed under the DPDP Act and its rules).

9. Data Retention

We retain your personal information for as long as needed to provide our services, handle disputes, and comply with law. For example:

• Booking and customer records are kept while you use our services and for a reasonable period afterwards to address complaints, refunds, or legal claims
• Financial and tax-related records may be retained as required by Indian tax law (typically 6–7 years)
• Logs used for security or fraud prevention may be retained as per applicable law (e.g. IT Act requirements)

10. Cookies, Analytics and Third-Party Tracking

We may use cookies and similar technologies for the following purposes:

• Strictly necessary / functional: Cookies that are essential for the website to function (e.g. to remember your preferences, keep you logged in, or complete a booking). These do not require your consent under typical cookie rules but we mention them for transparency.
• Analytics: If we use analytics services (e.g. Google Analytics or similar) to understand how visitors use our site (e.g. pages visited, general traffic patterns), we will disclose that here and, where required by law, obtain your consent before activating such tracking. We use analytics only to improve our services and in a way that minimises identification of individuals. Currently we do not use third-party advertising or behavioural advertising cookies on our site.
• Advertising: We do not sell your data to advertisers. If we introduce advertising or ad-related tracking in the future, we will update this policy and, where required, obtain your consent before doing so.

You can adjust your browser settings to limit or block cookies. Note that blocking certain cookies may affect site functionality.

11. Third-Party Services

Our website or booking process may use third-party services (e.g. for payments, SMS, or analytics). Those services have their own privacy policies and may collect or process data on our behalf. We choose partners who meet reasonable data protection standards and comply with applicable Indian law. We do not use third-party advertising or ad-tracking on our site unless we have disclosed it in the "Cookies, Analytics and Third-Party Tracking" section above and, where required, obtained your consent.

12. International Data Transfers

Your data is primarily stored and processed in India. If we use service providers (e.g. cloud hosting, SaaS tools) that process or store data outside India, we will:

• Ensure that such transfers are permitted under Indian law (including the DPDP Act and any applicable rules)
• Put in place appropriate safeguards, such as standard contractual clauses, adequacy decisions, or other mechanisms recognised by Indian law
• Require those providers to protect your data in line with our commitments in this policy and applicable data protection standards

We will update this section if we begin using providers outside India so that you are aware of where your data may be processed and what safeguards apply.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the revised policy on this page and update the "Last updated" date. Your continued use of our website or services after changes means you accept the updated policy. We encourage you to review this page periodically.

14. Grievance Officer

Under the Indian IT Act, we have appointed a Grievance Officer. If you have any concern or complaint about this Privacy Policy or our use of your data, you may contact:

15. Contact Us

For any questions about this Privacy Policy or your personal information, please contact our customer support: