1. Introduction

Welcome to HarGharPG ("we," "us," or "our"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web-based property management platform.

HarGharPG is operated by Cohesyn and is designed for PG (Paying Guest) and co-living operators in India. By using our Service, you agree to the collection and use of information in accordance with this Privacy Policy.

2. Information We Collect

2.1 Information You Provide

When you register for an account or use our Service, we collect:

Account Information: Name, email address, phone number, company/property name
Property Information: Number of PGs, locations, city, property details
Tenant Data: Information about tenants that you input into the system, including names, contact details, room assignments, payment records, KYC documents, images, and identification documents
Financial Information: Payment details for subscription fees (processed securely through Razorpay, our payment gateway partner)
Communication Data: Messages, notices, and other content you create or send through the Service
Google Drive Access: Authorization tokens and permissions to access your Google Drive account for storing and retrieving Customer Data

2.2 Automatically Collected Information

When you use our Service, we automatically collect:

Usage Data: How you interact with the Service, features used, time spent, pages viewed
Device Information: IP address, browser type, device type, operating system
Log Data: Access times, dates, error logs, and system performance data
Cookies and Tracking: We use cookies and similar technologies to enhance your experience (see Section 7)

2.3 Third-Party Information

We may receive information from third-party services you connect to HarGharPG, such as Razorpay (our payment processor) or communication platforms (e.g., WhatsApp integration).

3. How We Use Your Information

We use the collected information for the following purposes:

Service Provision: To provide, maintain, and improve the HarGharPG platform
Account Management: To create and manage your account, process subscriptions, and handle billing
Communication: To send you service-related notifications, updates, and support responses
Customer Support: To respond to your inquiries, troubleshoot issues, and provide assistance
Analytics: To analyze usage patterns, improve features, and enhance user experience
Security: To detect, prevent, and address security issues, fraud, or unauthorized access
Legal Compliance: To comply with applicable laws, regulations, and legal processes
Marketing: To send you promotional communications (with your consent, and you can opt-out anytime)

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

4.1 Service Providers

We may share information with third-party service providers who perform services on our behalf, such as:

Payment processing companies (specifically Razorpay for subscription and payment processing)
Cloud hosting and data storage providers
Email and communication service providers
Analytics and monitoring services
Customer support platforms

These providers are contractually obligated to protect your information and use it only for the purposes we specify.

4.2 Legal Requirements

We may disclose your information if required by law or in response to:

Court orders, subpoenas, or legal processes
Government requests or regulatory requirements
Enforcement of our Terms of Service
Protection of our rights, property, or safety
Prevention of fraud or security threats

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity, subject to the same privacy protections.

5. Data Security and Storage

5.1 Security Measures: We implement industry-standard security measures to protect your information:

Encryption: Data is encrypted in transit using TLS 1.2 or higher protocols, and data at rest is encrypted using AES-256 or equivalent encryption standards
Access Controls: Role-based access controls and authentication mechanisms to limit access to personal information on a need-to-know basis
Secure Infrastructure: Data stored on secure servers with regular security updates and patches
Authentication: Strong password requirements and optional two-factor authentication
Monitoring: Continuous monitoring for security threats, vulnerabilities, and unauthorized access attempts
Security Audits: Regular security assessments and vulnerability testing
Incident Response: Established procedures for detecting, responding to, and mitigating security incidents

5.2 Google Drive Storage:

Customer Data, including sensitive files such as tenant KYC documents, images, and identification documents, is stored on your Google Drive account, not on HarGharPG servers
HarGharPG accesses your Google Drive through secure API connections (OAuth 2.0) only to facilitate Service functionality
We do not store sensitive files, documents, or images on our servers
You retain full ownership and control of all data stored on your Google Drive
Google Drive's security measures and terms of service apply to data stored on your Google Drive account
You are responsible for securing your Google Drive account, including using strong passwords, enabling two-factor authentication, and managing access permissions

5.3 Data Processing: HarGharPG acts as a data processor on your behalf. We process Customer Data only:

In accordance with your instructions and for the purpose of providing the Service
As necessary to comply with applicable laws and regulations
To maintain and improve the Service
As described in this Privacy Policy

5.4 Security Limitations: However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information using industry-standard security measures, we cannot guarantee absolute security. You are also responsible for:

Maintaining the confidentiality of your account credentials
Securing your Google Drive account and access credentials
Implementing appropriate access controls for your Google Drive data
Notifying us immediately of any unauthorized access or security breach

5.5 Incident Response: In the event of a security incident or data breach affecting your information:

We will investigate the incident promptly and take appropriate remedial measures
We will notify affected customers within 72 hours of becoming aware of a breach that affects their Customer Data, as required by applicable law
We will cooperate with relevant authorities and comply with data breach notification requirements under Indian data protection laws
We will provide reasonable assistance to help you address the impact of any security incident

5.6 Third-Party Services: The Service integrates with third-party services (including Google Drive and Razorpay). We are not responsible for the security practices of these third parties. You should review and comply with their respective terms of service and privacy policies.

6. Data Retention

We retain your information for as long as necessary to:

Provide the Service to you
Comply with legal obligations
Resolve disputes and enforce agreements
Maintain business records as required by law

When you cancel your account, we will retain your data for a reasonable period (typically 30-90 days) to allow for account recovery, then delete or anonymize it in accordance with applicable laws.

You may request deletion of your data at any time by contacting us, subject to legal retention requirements.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

Remember your preferences and settings
Authenticate your session
Analyze usage patterns and improve the Service
Provide personalized content

You can control cookies through your browser settings. However, disabling cookies may limit some functionality of the Service.

We use both session cookies (deleted when you close your browser) and persistent cookies (remain until deleted or expired).

8. Your Rights and Choices

Under applicable Indian data protection laws, you have the right to:

Access: Request a copy of your personal information
Correction: Update or correct inaccurate information
Deletion: Request deletion of your personal information
Portability: Request transfer of your data to another service
Objection: Object to certain processing activities
Withdraw Consent: Withdraw consent for data processing where applicable

To exercise these rights, please contact us using the information provided in Section 12.

You can also manage your account settings, update your profile, and opt-out of marketing communications through your account dashboard.

9. Data Ownership, Processing, and Tenant Data Responsibility

9.1 Data Ownership: You (the PG owner) retain full ownership of all Customer Data, including:

Tenant information, including KYC documents, images, and personal identification documents
Property details, room assignments, and occupancy records
Financial records, rent collection data, and billing information
All other data, content, and materials uploaded or created through the Service

9.2 Data Processor Relationship: HarGharPG acts solely as a data processor on your behalf. We:

Process Customer Data only in accordance with your instructions and for the purpose of providing the Service
Do not claim any ownership rights to your Customer Data
Do not use Customer Data for any purpose other than providing the Service, except as required by law or with your explicit consent
Do not share Customer Data with third parties except as described in Section 4 of this Privacy Policy
Implement appropriate technical and organizational measures to protect Customer Data

9.3 Google Drive Access and Revocation:

If you revoke Google Drive access or if such access is terminated for any reason, HarGharPG will immediately cease accessing your Google Drive
You will be notified of the access termination
Certain Service features that depend on Google Drive access may become unavailable
Your Customer Data remains on your Google Drive and is not affected by access revocation
You may need to re-authorize Google Drive access to restore full Service functionality

9.4 Tenant Data Responsibility: As a PG operator using HarGharPG, you act as the data controller for tenant information and are responsible for:

Obtaining proper consent from tenants before entering their information into the system
Complying with applicable data protection laws regarding tenant data, including the Information Technology Act, 2000, and any applicable data protection regulations
Ensuring the accuracy and security of tenant information
Informing tenants about how their data is being used, including disclosure that data is stored on your Google Drive
Handling tenant data requests and complaints appropriately, including requests for access, correction, or deletion
Maintaining appropriate security measures for your Google Drive account where tenant data is stored
Complying with any legal obligations regarding data retention and deletion

9.5 Data Controller vs. Processor: While we provide the platform and process data on your behalf, you act as the data controller for tenant information you input. We act as a data processor and handle the data according to your instructions, this Privacy Policy, and applicable data protection laws.

10. Children's Privacy

HarGharPG is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately, and we will take steps to delete such information.

11. International Data Transfers

Your information is primarily stored and processed on servers located in India. However, some service providers may process data in other countries.

When data is transferred outside India, we ensure appropriate safeguards are in place to protect your information in accordance with applicable data protection laws.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

We will notify you of material changes by:

Posting the updated Privacy Policy on our website
Sending an email notification to your registered email address
Displaying a notice within the Service

Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy. We encourage you to review this Privacy Policy periodically.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Company: Cohesyn
Website: cohesyn.in
Service: HarGharPG
Email: Please use the contact form on our website or reach out through your account dashboard

We will respond to your inquiries within a reasonable timeframe, typically within 30 days.

14. Governing Law and Dispute Resolution

14.1 Governing Law: This Privacy Policy is governed by and construed in accordance with the laws of India, including the Information Technology Act, 2000, and any applicable data protection regulations. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded.

14.2 Jurisdiction: Any disputes, controversies, or claims arising from this Privacy Policy or our data practices shall be subject to the exclusive jurisdiction of the courts in Hyderabad, Telangana, India. You irrevocably consent to the personal jurisdiction of such courts and waive any objection to venue in such courts.

14.3 Compliance: We strive to comply with applicable Indian data protection laws and regulations. This Privacy Policy is designed to meet the requirements of the Information Technology Act, 2000, and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, as well as any future data protection legislation that may be enacted in India.