2.1 Direct Collection

• Information you provide when creating an account
• Details you enter when using the Services
• Data you submit through forms on our Site
• Information you provide in support requests
• Content you upload to the platform

2.2 Automatic Collection

• Technical data collected automatically when you use the Services
• Cookies and tracking technologies on our Site
• Log files and server data
• Mobile device information when using our apps

2.3 Third-Party Sources

• Integration platforms (Instagram, Facebook, WhatsApp, Google)
• Payment service providers
• Analytics and marketing tools
• Fraud prevention services
• Public databases

2.4 From Your Users (Customer Content)

• Information your end users provide through chat interactions
• Subscriber data you import into the platform
• Engagement and analytics data from your campaigns

3.1 To Provide and Operate the Services

• Create and manage your account
• Process your transactions and send billing invoices
• Deliver the Instagram automation features
• Enable integrations with third-party platforms
• Store and manage your content and data
• Provide customer support and respond to inquiries
• Send service-related notifications and updates

3.2 To Improve and Develop the Services

• Analyze usage patterns and trends
• Conduct research and development
• Test new features and functionality
• Debug and fix technical issues
• Optimize performance and user experience
• Develop new products and services

3.3 To Communicate with You

• Send transactional emails (receipts, confirmations, alerts)
• Provide customer support and respond to requests
• Send service announcements and updates
• Notify you of security issues or policy changes
• Send marketing communications (with your consent)
• Conduct surveys and request feedback
• Send event invitations and reminders

3.4 For Marketing and Promotional Purposes

• Send promotional emails and offers (you can opt-out)
• Display targeted advertisements
• Analyze marketing campaign effectiveness
• Conduct market research
• Promote new features and services
• You can opt-out of marketing communications at any time by clicking "unsubscribe" in emails or contacting support@briggo.in

3.5 For Security and Fraud Prevention

• Verify your identity and authentication
• Detect and prevent fraud, abuse, and illegal activity
• Monitor for security threats and vulnerabilities
• Enforce our Terms of Service
• Protect our rights, property, and safety
• Protect the rights and safety of our users and the public

3.6 For Legal and Compliance Purposes

• Comply with applicable laws and regulations
• Respond to legal processes (subpoenas, court orders)
• Cooperate with law enforcement and regulatory authorities
• Enforce our agreements and policies
• Resolve disputes and claims
• Maintain records as required by law
• Comply with tax and accounting obligations

3.7 For Business Operations

• Manage our relationship with business partners
• Conduct business transactions (mergers, acquisitions)
• Perform internal audits and quality control
• Maintain business records
• Exercise and defend legal rights

3.8 With Your Consent

• For any other purpose disclosed to you at the time of collection
• For purposes you explicitly consent to

4.1 Service Providers and Processors

We share data with third-party service providers who perform services on our behalf:

• Infrastructure and Hosting:
  • Cloud storage providers (AWS, Google Cloud, etc.)
  • Content delivery networks (CDNs)
  • Server and infrastructure providers
• Payment Processing:
  • Payment gateways (Razorpay, Stripe, PayPal, etc.)
  • Banking and financial institutions
  • Fraud prevention services
• Communication Services:
  • Email service providers (for sending transactional and marketing emails)
  • SMS gateway providers
  • Push notification services
  • Customer support platforms
• Analytics and Monitoring:
  • Analytics platforms (Google Analytics, Mixpanel, etc.)
  • Performance monitoring tools
  • Error tracking and debugging services
• Marketing and Advertising:
  • Marketing automation platforms
  • Advertising networks (Google Ads, Facebook Ads)
  • Social media platforms
  • CRM systems

4.2 Third-Party Integrations

• Instagram
• Facebook
• WhatsApp
• Google services
• Other messaging and social media platforms

You control which platforms you connect and what data is shared through integration settings.

4.3 Business Partners

• Joint event organizers and co-marketing partners
• Resellers and distribution partners
• Technology partners and integrations

4.4 Professional Advisors

• Lawyers and legal counsel
• Accountants and auditors
• Tax advisors
• Insurance providers
• Business consultants

4.5 Corporate Transactions

• Merger, acquisition, or sale of assets
• Reorganization or bankruptcy
• Financing or investment transactions

Your data may be transferred to the acquiring entity. You will be notified of any such transfer, and the new entity will be bound by this Privacy Policy.

4.6 Legal Requirements and Protection

• In response to court orders, subpoenas, or legal processes
• To comply with applicable laws and regulations
• To cooperate with law enforcement and regulatory authorities
• To enforce our Terms of Service and agreements
• To protect our rights, property, and safety
• To protect the rights, property, and safety of our users and the public
• To detect, prevent, or address fraud, security, or technical issues

Before disclosing information to authorities, we carefully verify the legitimacy of requests and disclose only what is legally required.

4.7 With Your Consent

We may share your information for any other purpose with your explicit consent or at your direction.

4.8 Aggregated and Anonymized Data

We may share aggregated, de-identified, or anonymized data that cannot reasonably be used to identify you:

• For research and analytics purposes
• To describe our Services to partners and investors
• For marketing and promotional purposes
• For industry benchmarking

5.1 Our Role as Data Processor

When you use our Services to collect and manage information about your end users, subscribers, or customers (collectively "Subscriber Data"):

• You are the Data Controller responsible for Subscriber Data
• We are the Data Processor acting only on your instructions
• We process Subscriber Data solely to provide the Services to you

5.2 Your Responsibilities as Data Controller

As the Data Controller, you are responsible for:

• Obtaining all necessary consents from your subscribers
• Providing appropriate privacy notices to your subscribers
• Ensuring lawful collection and processing of Subscriber Data
• Honoring subscriber rights (access, deletion, etc.)
• Complying with all applicable data protection laws (GDPR, CCPA, Indian laws, etc.)
• Implementing appropriate security measures
• Responding to data subject requests from your subscribers

5.3 Data Processing Terms

For customers who require a formal Data Processing Agreement (DPA):

• We offer a standard DPA that incorporates Standard Contractual Clauses (where applicable)
• Request a DPA by contacting support@briggo.in
• Enterprise customers may negotiate custom DPA terms

5.4 Subscriber Rights and Requests

We have no direct relationship with your subscribers. Any subscriber who wishes to:

• Access their personal data
• Correct or update their information
• Delete their data
• Object to processing
• Exercise other privacy rights

Should contact YOU directly as the Data Controller. You are responsible for responding to such requests within legally required timeframes.

If a subscriber contacts us directly, we will refer them to you.

5.5 Sub-Processors

We use sub-processors (third-party service providers) to help provide the Services. A list of current sub-processors is available at briggo.in/sub-processors.

We will:

• Notify you of any new sub-processors (at least 30 days in advance where possible)
• Ensure all sub-processors have appropriate data protection agreements
• Remain liable for sub-processor compliance

6.1 Where Your Data May Be Stored

Your personal data may be stored and processed in:

• India (our primary data centers and operations)
• Other countries where our service providers maintain facilities

By using our Services, you acknowledge and consent to the transfer of your data to countries that may have different data protection laws than your jurisdiction.

6.2 Transfers Outside India

When we transfer data outside India, we implement appropriate safeguards:

• Standard Contractual Clauses (SCCs) approved by regulatory authorities
• Adequacy decisions (where applicable)
• Binding Corporate Rules (where applicable)
• Certifications and codes of conduct
• Your explicit consent (where required)

6.3 Your Rights Regarding Transfers

If you have concerns about international data transfers, contact us at support@briggo.in to discuss available options.

7.1 Active Account Data

We retain your personal data for as long as:

• Your account remains active
• Necessary to provide the Services
• Required to fulfill the purposes described in this Privacy Policy

7.2 After Account Termination

When you terminate your account:

• Active system data: Deleted within 90 days
• Backup systems: Data may persist up to 180 days
• Legal and compliance data: Retained as required by law

7.3 Specific Retention Periods

• Account Information: Duration of account + 90 days (or longer if required by law)
• Financial Records: Minimum 7 years (as required by Indian tax and accounting laws)
• Communication Records: Duration of account + 1 year (or longer if needed to resolve disputes)
• Technical Logs: 12-24 months (for security and debugging purposes)
• Marketing Data: Until you opt-out or request deletion (whichever is earlier)
• Legal Hold Data: Duration of legal matter + applicable statute of limitations

7.4 Anonymized and Aggregated Data

We may retain anonymized or aggregated data indefinitely for:

• Analytics and research
• Product development
• Business intelligence

Such data cannot be used to identify you.

7.5 Legal Obligations

We may retain data longer than specified periods when:

• Required by applicable law or regulation
• Necessary to comply with legal obligations
• Required for litigation or dispute resolution
• Needed to protect rights, safety, or property
• Necessary to enforce our agreements

7.6 Data Deletion Requests

To request early deletion of your data, contact support@briggo.in. We will delete your data as soon as reasonably possible, subject to:

• Technical feasibility
• Legal retention requirements
• Legitimate business needs
• Backup and disaster recovery cycles (up to 180 days)

8.1 Rights Available to All Users

• Access: You can request access to your personal data we hold.
• Correction: You can request correction of inaccurate or incomplete data.
• Deletion: You can request deletion of your personal data (subject to legal retention requirements).
• Data Portability: You can request a copy of your data in a structured, machine-readable format.
• Opt-Out of Marketing: You can opt-out of marketing communications at any time.
• Account Settings: You can update your account information and preferences directly in your account settings.

8.2 How to Exercise Your Rights

To exercise any of these rights:

• Email: support@briggo.in
• Subject Line: "Privacy Rights Request - [Type of Request]"
• Include:
  • Your full name
  • Email address associated with your account
  • Account ID (if applicable)
  • Specific request details
  • Proof of identity (we may request additional verification)
• Response Time: We will respond within:
  • 30 days for most requests
  • 45 days for complex requests (with notification of extension)
  • As required by applicable law (e.g., 1 month for GDPR requests)

8.3 Identity Verification

To protect your privacy, we will verify your identity before processing requests. We may request:

• Government-issued ID
• Confirmation of email ownership
• Answer to security questions
• Other verification methods

8.4 Limitations on Rights

Your rights may be limited or denied if:

• Required by law or legal obligation
• Necessary for legal claims or defense
• Would adversely affect the rights of others
• Request is manifestly unfounded or excessive
• Data has been anonymized and cannot be re-identified

We will explain the reason for any limitation or denial.

9.1 What Are Cookies

Cookies are small text files stored on your device when you visit our Site. They help us provide, protect, and improve our Services.

9.2 Types of Cookies We Use

• Essential Cookies (Always Active):
  • Authentication and security
  • Account functionality
  • Load balancing
  • Fraud prevention

  These are necessary for the Site to function and cannot be disabled.

• Functional Cookies (Always Active):
  • Remember your preferences
  • Provide enhanced functionality
  • Remember language settings
• Analytics Cookies (Can Be Disabled):
  • Google Analytics
  • Usage pattern analysis
  • Performance monitoring
  • Error tracking
• Marketing Cookies (Can Be Disabled):
  • Facebook Pixel
  • Google Ads
  • LinkedIn Insight
  • Retargeting campaigns

9.3 Other Tracking Technologies

• Web Beacons/Pixels: Small graphic images that track email opens and web page visits.
• Local Storage: Browser storage for preferences and temporary data.
• Session Storage: Temporary storage cleared when you close your browser.
• SDKs (in Mobile Apps): Software development kits for analytics and functionality.

9.4 Third-Party Cookies

• Google Analytics
• Facebook
• LinkedIn
• Other analytics and advertising partners

These third parties have their own privacy policies governing cookie use.

9.5 Cookie Management

Browser Settings: You can control cookies through your browser settings:

• Block all cookies
• Block third-party cookies
• Delete cookies
• Receive notifications when cookies are set

Note: Disabling essential cookies may affect Site functionality.

Opt-Out Tools:

• Google Analytics Opt-Out: tools.google.com/dlpage/gaoptout
• Network Advertising Initiative: optout.networkadvertising.org
• Digital Advertising Alliance: optout.aboutads.info
• Email Tracking: To opt-out of email tracking pixels:
  • Disable images in your email client
  • Unsubscribe from marketing emails

9.6 Do Not Track Signals

Our Site does not currently respond to "Do Not Track" browser signals. However, you can use the opt-out tools above to control tracking.

9.7 Cookie Policy

For detailed information, see our Cookie Policy at [briggo.in/cookie-policy]

10.1 Third-Party Websites and Services

Our Services may contain links to third-party websites, services, and applications:

• Social media platforms
• Payment processors
• Integration partners
• Resource websites
• Partner sites

We are not responsible for:

• Privacy practices of third-party sites
• Content on third-party sites
• Security of third-party sites
• Terms of use of third-party sites

10.2 Third-Party Privacy Policies

Third-party services have their own privacy policies. We encourage you to review:

• Instagram/Facebook: facebook.com/privacy
• Google: google.com/privacy
• WhatsApp: whatsapp.com/privacy
• Payment processors' privacy policies

10.3 Social Media Plugins

Our Site may use social media plugins (Facebook Like, Twitter Share, etc.). These plugins may:

• Set cookies
• Track your browsing behavior
• Collect information about your visit

We do not control these plugins. Review the privacy policies of respective platforms.

10.4 Integration Risks

When you connect third-party accounts (Instagram, Facebook, etc.) to our Services:

• You grant us permission to access certain data from those platforms
• Those platforms' privacy policies govern what they share with us
• You can revoke access at any time through platform settings or our account settings

10.5 No Endorsement

Links to third-party sites do not constitute endorsement by Briggo.

11.1 Age Restriction

Our Services are NOT intended for individuals under 18 years of age.

We do not knowingly collect personal information from anyone under 18.

11.2 Parental Responsibility

We encourage parents and guardians to:

• Monitor their children's online activities
• Teach children about online privacy
• Use parental control tools

11.3 Accidental Collection

If we learn that we have collected personal information from someone under 18:

• We will delete that information promptly
• We will terminate the account
• We will not use the information for any purpose

11.4 Parental Rights

If you are a parent or guardian and believe your child under 18 has provided us with personal information:

Contact us immediately at: support@briggo.in

Include:

• Child's name and email
• Your relationship to the child
• Proof of parental authority

We will investigate and take appropriate action within 48 hours.

11.5 No Sale of Minor Data

We do not sell personal information of minors under 18 (nor do we sell any personal information).

12.1 Security Measures

We implement reasonable technical and organizational measures to protect your personal data:

Technical Safeguards:

• Encryption in transit (TLS/SSL)
• Encryption at rest for sensitive data
• Secure authentication mechanisms
• Regular security updates and patches
• Firewalls and intrusion detection systems
• Access controls and authentication
• Secure APIs and integrations

Organizational Safeguards:

• Employee training on data protection
• Background checks for employees with data access
• Confidentiality agreements with staff and contractors
• Access limited to need-to-know basis
• Regular security audits and assessments
• Incident response procedures
• Vendor security assessments

Physical Safeguards:

• Secure data center facilities (via hosting providers)
• Physical access controls
• Environmental controls

12.2 Payment Security

Payment information is processed by PCI-DSS compliant payment processors. We do not store full payment card details on our servers.

12.3 Limitations of Security

Despite our efforts, no security measures are 100% secure. We cannot guarantee:

• Absolute security of data transmission over the internet
• Prevention of all unauthorized access
• Protection against all security breaches

We do not warrant or represent that your data will be protected against loss, misuse, or alteration by third parties.

12.4 Your Security Responsibilities

You are responsible for:

• Maintaining confidentiality of your password
• Using strong, unique passwords
• Not sharing your account credentials
• Logging out after using shared devices
• Keeping your contact information current
• Enabling two-factor authentication (where available)
• Reporting suspicious activity immediately
• Installing security updates on your devices
• Using secure networks when accessing the Services

If you suspect unauthorized access to your account, immediately:

• Change your password
• Contact us at support@briggo.in
• Review recent account activity

12.5 Third-Party Security

We cannot control or guarantee the security practices of:

• Third-party platforms you integrate (Instagram, Facebook, etc.)
• Payment processors
• Your own devices and networks
• Your end users' devices and networks

12.6 Security Questions

If you have questions about the security of your personal data, contact support@briggo.in.

13.1 Our Commitment

We take data breaches seriously and have incident response procedures in place.

13.2 What We Will Do

In the event of a data breach that affects your personal information, we will:

Immediate Actions (Within 24-48 Hours):

• Contain and investigate the breach
• Assess the scope and impact
• Take steps to prevent further unauthorized access
• Preserve evidence

Notification (As Required by Law):

• To Affected Users: Within 72 hours of discovering the breach (or as required by applicable law)
• To Authorities: As required by Indian law, GDPR, or other applicable regulations
• To Partners: If their data is affected

13.3 What We Will Tell You

Our breach notification will include:

• Description of what happened
• Types of data involved
• Approximate number of affected individuals
• Potential consequences
• Measures we've taken to address the breach
• Steps you can take to protect yourself
• Contact information for questions

13.4 How We Will Notify You

We will notify you via:

• Email to your registered address
• In-app notification
• Notice on our website
• Other appropriate methods as required by law

13.5 Your Responsibilities After a Breach

If we notify you of a breach:

• Change your password immediately
• Monitor your accounts for suspicious activity
• Be alert for phishing attempts
• Review your account activity
• Consider enabling additional security measures
• Follow our recommended protective actions

13.6 Reporting Security Issues

If you discover a security vulnerability:

• Email: support@briggo.in
• Include:
  • Description of the vulnerability
  • Steps to reproduce (if applicable)
  • Potential impact
  • Your contact information

We appreciate responsible disclosure and will investigate all reports promptly.

14.1 Right to Modify

We reserve the right to update or change this Privacy Policy at any time to reflect:

• Changes in our Services or business practices
• Legal or regulatory requirements
• Technological developments
• Industry best practices
• Customer feedback

14.2 Notice of Material Changes

For material changes that significantly affect your privacy rights:

• We will notify you at least 30 days in advance via:
  • Email to your registered address
  • Prominent notice on our Site
  • In-app notification
• We will clearly explain what has changed
• We will provide the effective date of changes

Material changes include:

• New purposes for data collection or use
• Sharing data with new categories of third parties
• Significant changes to your rights
• Changes to data retention periods
• New types of data collected
• Changes to security practices

14.3 Notice of Non-Material Changes

• For non-material changes (clarifications, minor updates, corrections):
• We will update the "Last Updated" date at the top of this policy
• Changes will be effective immediately upon posting
• We may (but are not required to) notify you

14.4 Your Acceptance of Changes

By continuing to use the Services after changes take effect, you accept the updated Privacy Policy.

If you do not agree to the changes:

• Stop using the Services
• Close your account
• Contact us with concerns at support@briggo.in

14.5 Reviewing Changes

We encourage you to:

• Review this Privacy Policy periodically
• Check the "Last Updated" date
• Read update notifications carefully
• Contact us with questions

14.6 Prior Versions

We may maintain prior versions of this Privacy Policy for your reference. Request previous versions by emailing support@briggo.in.

14.7 Effective Date

This Privacy Policy was last updated on the date shown at the top of this document and is effective as of that date.

15.1 General Privacy Inquiries

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices:

• Email: support@briggo.in
• Subject Line: "Privacy Inquiry - [Brief Description]"

15.2 Security Issues

For security-related concerns or to report vulnerabilities:

• Email: support@briggo.in
• Subject Line: "Security Issue - [Brief Description]"

15.3 Data Subject Rights Requests

To exercise your privacy rights (access, deletion, correction, etc.):

• Email: support@briggo.in
• Subject Line: "Privacy Rights Request - [Type of Request]"
• Include:
  • Your full name
  • Email address associated with your account
  • Account ID (if applicable)
  • Specific request details
  • Verification information

15.4 Legal and Compliance

For legal notices, law enforcement requests, or compliance matters:

• Email: support@briggo.in

15.5 General Customer Support

For non-privacy-related questions:

• Email: support@briggo.com
• Website: https://briggo.in/contact