Konnicard Konnicard
Start free
Legal

Privacy Policy

How KonniCard (operated by Konni Labs Pvt. Ltd.) collects, uses and safeguards your information.

Last updated: 10 April 2026

1. Introduction

KonniCard ("we", "us", "our") is a digital business card service operated by Konni Labs Private Limited, a company incorporated in India and registered at Gurugram, Haryana. This policy describes what personal information we collect when you visit konnicard.com or use our services, how we handle that information, and the rights you have under Indian law, including the Digital Personal Data Protection Act, 2023 (DPDP Act).

By creating an account or continuing to use KonniCard, you confirm that you have read and understood this policy. If you do not agree with any part of it, please do not use the service.

2. Information we collect

We collect the minimum information needed to operate the service:

Information you provide

  • Account details — name, email address, phone number, password (hashed).
  • Profile content — photos, bio, social links, gallery images you upload to your card.
  • Payment details — processed directly by Razorpay; we never see or store your card number or UPI credentials.
  • Support correspondence — emails, chat messages and attachments you send us.

Information collected automatically

  • Device and browser data — user agent, approximate location (city-level), referrer URL.
  • Usage data — pages viewed, cards scanned, links clicked, and timestamps.
  • Lead capture submissions on your public card (these belong to you, not us).

3. How we use your information

We process personal data only for specific, legitimate purposes:

  • Providing and maintaining your digital card and dashboard.
  • Processing payments, issuing invoices and preventing fraud.
  • Sending service notifications (password resets, security alerts, billing receipts).
  • Improving the product — we look at aggregate, non-identifying usage patterns.
  • Responding to support requests.
  • Complying with Indian legal and tax obligations.

We do not sell your personal data. Ever. We do not share it with advertisers.

4. Cookies

We use a small number of cookies to keep you signed in, remember your preferences, and measure aggregate traffic. A full list and your controls are documented in our Cookie Policy.

5. Third parties we work with

To run the service we rely on a handful of trusted vendors, each bound by their own privacy commitments:

  • Razorpay Software Pvt. Ltd. — payment processing (India).
  • Amazon Web Services (AWS Mumbai region) — hosting and storage.
  • Amazon SES / Postmark — transactional email delivery.
  • Cloudflare — CDN, DDoS protection.
  • Plausible Analytics — privacy-friendly, cookie-free traffic analytics.

6. Payments and Razorpay

All paid subscriptions are processed by Razorpay, a RBI-regulated payment aggregator. When you subscribe, your payment instrument details (card, UPI ID, net-banking) are entered directly on Razorpay-secured pages and never touch our servers. We store only a transaction reference, amount, GST breakdown and masked payment method (e.g. last 4 digits of a card) for our accounting.

7. Data retention

We keep your account data as long as your account exists. If you delete your account, we erase your profile and uploaded media within 30 days, except where Indian law requires us to keep records (e.g. tax invoices under the GST Act must be retained for 8 years). Backups are purged on a rolling 90-day cycle.

8. Your rights under the DPDP Act

Under the Digital Personal Data Protection Act, 2023, you may at any time:

  • Access the personal data we hold about you.
  • Correct inaccurate or incomplete information.
  • Erase your personal data (the "right to be forgotten").
  • Withdraw any consent you previously gave.
  • Nominate another person to exercise these rights in the event of your death or incapacity.
  • Raise a grievance with our Grievance Officer (see Section 12).

You can exercise most of these from Dashboard → Settings. For anything else, email our Grievance Officer.

9. International data transfers

Your data is primarily stored on AWS servers in the Mumbai (ap-south-1) region. In limited cases — email delivery, customer support tools — data may be processed in the United States or European Union. We only transfer data to countries that provide an adequate standard of protection, as notified by the Central Government under the DPDP Act.

10. Children

KonniCard is not intended for users under the age of 18. We do not knowingly collect data from minors. If you believe a child has created an account, write to us and we will delete the account and associated data promptly.

11. Changes to this policy

We may update this policy to reflect product or legal changes. If changes are material, we will notify you by email and/or an in-product notice at least 14 days before they take effect. The "Last updated" date at the top of this page will always reflect the current version.

12. Contact us

Questions, requests or concerns? Write to our Grievance Officer:

Grievance Officer: Ms. Isha Kapoor
Address: Konni Labs Pvt. Ltd., Tower B, Cyber Hub, DLF Phase 2, Gurugram, Haryana 122002, India

We respond to DPDP-related requests within 30 days.