Legal

Privacy Policy

Last updated: March 2026

1. Introduction

The VoBot Developers ("VoBot," "we," "us," or "our") is committed to protecting the privacy and personal data of our users, clients, and website visitors. This Privacy Policy explains how we collect, use, disclose, store, and protect your information when you visit our website thevobot.in or use our services. This policy is compliant with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023 of India.

2. Information We Collect

2.1 Information You Provide Directly

  • Phone Number: Required for account registration and OTP-based authentication via Firebase Authentication.
  • Full Name: Collected during account setup or service ordering.
  • Email Address: Used for order confirmations, delivery of digital assets, and communications.
  • Company Name & Details: If you represent a business, we may collect your organization name, designation, and business address.
  • GST Information: Goods and Services Tax Identification Number (GSTIN) for invoicing purposes, if applicable.
  • Payment Information: Transaction details processed securely through our payment partner Cashfree. We do not store your card numbers, UPI IDs, or banking credentials on our servers.
  • Project Requirements: Descriptions, files, images, content, and other materials you provide for service delivery.

2.2 Information Collected Automatically

  • Device Information: Browser type and version, operating system, device type, and screen resolution.
  • Usage Data: Pages visited, time spent on pages, click patterns, and navigation paths collected via Firebase Analytics.
  • IP Address: Collected for security, fraud prevention, and analytics purposes.
  • Cookies & Local Storage: Used to maintain session state, preferences, and analytics tracking.

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Delivery: To process orders, deliver digital services, communicate project updates, and provide support.
  • Account Management: To create and manage your user account, verify your identity, and enable secure access.
  • Payment Processing: To facilitate transactions, generate invoices, and manage billing through Cashfree.
  • Communication: To send order confirmations, delivery notifications, support responses, and important service announcements.
  • Analytics & Improvement: To understand how users interact with our platform, improve our services, and optimize user experience using Firebase Analytics.
  • Marketing: With your consent, to send promotional offers, newsletters, and information about new services. You may opt out at any time.
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes.
  • Security: To detect, prevent, and address fraud, abuse, security risks, and technical issues.

4. Firebase & Google Services

We use the following Firebase and Google services:

  • Firebase Authentication: Manages user registration and login via phone OTP. Firebase stores your phone number, unique user ID, and authentication metadata on Google's servers.
  • Cloud Firestore: Our database for storing user profiles, orders, project details, and service records. Data is stored on Google Cloud infrastructure with encryption at rest and in transit.
  • Firebase Analytics: Collects anonymized usage data to help us understand user behavior and improve our platform. This may include automatically collected events, user properties, and audience data.
  • Google reCAPTCHA: Used during phone authentication to prevent automated abuse. reCAPTCHA may collect hardware and software information and send it to Google for analysis.

Google's data practices are governed by the Google Privacy Policy.

5. Data Sharing & Third Parties

We do not sell, rent, or trade your personal information. We may share data with the following categories of third parties:

  • Cashfree Payments: Our payment gateway partner that processes all financial transactions. Cashfree receives payment-related information necessary to complete transactions and is PCI-DSS compliant.
  • Google / Firebase: As described above, for authentication, database, and analytics services.
  • Service Providers: Trusted partners who assist in delivering services (e.g., hosting providers, email services) under strict confidentiality agreements.
  • Legal Requirements: We may disclose information if required by law, court order, or government authority, or to protect the rights, property, or safety of VoBot, our users, or the public.

6. Cookies & Tracking Technologies

Our website uses the following cookies and tracking technologies:

  • Essential Cookies: Required for website functionality, session management, and security. These cannot be disabled.
  • Firebase Analytics Cookies: Used to collect anonymized usage statistics and user behavior data.
  • reCAPTCHA Cookies: Set by Google reCAPTCHA during phone authentication to verify human users.
  • Local Storage: Used to store user preferences and session data on your device.

You can manage cookie preferences through your browser settings. Disabling certain cookies may affect website functionality.

7. Data Security

We implement industry-standard security measures to protect your personal data:

  • All data transmitted between your browser and our servers is encrypted using TLS/SSL (HTTPS).
  • Firebase and Firestore provide encryption at rest and in transit for all stored data.
  • Payment processing is handled by PCI-DSS compliant Cashfree — we never store sensitive payment credentials.
  • Access to personal data is restricted to authorized personnel on a need-to-know basis.
  • We conduct regular security reviews and follow reasonable security practices as prescribed under the IT Act, 2000.

While we take all reasonable measures, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security of your data.

8. Your Rights

Under applicable Indian data protection laws, you have the following rights:

  • Right to Access: Request a copy of the personal data we hold about you.
  • Right to Correction: Request correction of inaccurate or incomplete personal data.
  • Right to Deletion: Request deletion of your personal data, subject to legal and contractual obligations that may require us to retain certain records.
  • Right to Withdraw Consent: Withdraw consent for marketing communications or non-essential data processing at any time.
  • Right to Grievance Redressal: Lodge a complaint about our data practices through our Grievance Redressal process.

To exercise any of these rights, contact our Data Protection Officer at privacy@thevobot.in. We will respond within 30 days of receiving your request.

9. Data Retention

  • Account Data: Retained for as long as your account is active. Upon account deletion, personal data is removed within 90 days, except where retention is required by law.
  • Order & Transaction Records: Retained for a minimum of 8 years as required under Indian tax and accounting regulations.
  • Analytics Data: Anonymized analytics data may be retained indefinitely for statistical and improvement purposes.
  • Communication Records: Support and correspondence records are retained for 3 years from the date of last communication.

10. Children's Privacy

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If we discover that we have inadvertently collected data from a minor without appropriate parental consent, we will take steps to delete such data promptly. If you believe a minor has provided us with personal information, please contact us at privacy@thevobot.in.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. The updated policy will be posted on this page with a revised "Last updated" date. For material changes, we will notify registered users via email or platform notification. We encourage you to review this policy periodically.

12. IT Act 2000 Compliance

This Privacy Policy is published in accordance with:

  • Section 43A of the Information Technology Act, 2000
  • Rule 4 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
  • Applicable provisions of the Digital Personal Data Protection Act, 2023

13. Contact — Data Protection Officer

For any privacy-related queries, concerns, or requests, please contact:

We are committed to resolving privacy concerns promptly and transparently.