Privacy Policy

Introduction

Welcome to Annapurna Consultancy ("we", "our", or "us"), headquartered in Bolangir, Odisha, India. We are committed to protecting your personal information and your right to privacy.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website annapurnaconsultancy.in or use any of our services, including recharge, bill payment, Digital Signature Certificate (DSC), PAN card, banking, government portal, and API services.

Information We Collect

We collect information you provide directly to us, information collected automatically, and information from third parties where applicable.

Information you provide:

• Full name, email address, phone number, and mailing address when you register or contact us
• PAN number, Aadhaar details, or other government-issued ID for specific services
• Bank account details, UPI IDs, or payment information for transaction processing
• Business name, GSTIN, and merchant details for merchant onboarding
• API credentials and integration details for developer/partner accounts
• Any other information you voluntarily submit through our forms or communications

Information collected automatically:

• IP address, browser type, device type, and operating system
• Pages visited, time spent on site, and referring URLs
• Cookies and similar tracking technologies
• Transaction logs, API call records, and usage data

How We Use Your Information

We use the information we collect for the following purposes:

• To process and complete transactions, recharges, and bill payments on your behalf
• To verify your identity and comply with KYC requirements under RBI guidelines
• To provide, maintain, and improve our services and APIs
• To send transaction confirmations, receipts, and service-related notifications
• To respond to your enquiries, support requests, and complaints
• To detect, prevent, and investigate fraudulent or unauthorized activity
• To comply with legal obligations under the IT Act 2000, DPDP Act 2023, and other applicable regulations
• To send promotional communications where you have provided explicit consent
• To generate anonymized analytics for platform improvement

Sharing of Information

We do not sell your personal data. We may share your information only in the following circumstances:

• Service Partners: Payment processors, recharge operators (Airtel, Jio, Vi, BSNL, etc.), BBPS operators, and financial institutions required to fulfill your transactions
• Government & Regulatory Bodies: UIDAI, NSDL/UTIITSL for PAN services, CCA for DSC, RBI-licensed entities, and other statutory authorities as required by law
• API Partners: Information shared with registered API partners is governed by their individual agreements and our partner data processing terms
• Legal Requirements: When required by court order, law enforcement, or governmental authority
• Business Transfer: In connection with a merger, acquisition, or sale of assets, with prior notice provided to you

Data Security

We implement industry-standard technical and organizational measures to protect your personal information against unauthorized access, loss, alteration, or disclosure.

• TLS/SSL encryption for all data in transit
• AES-256 encryption for sensitive data at rest
• Regular security audits and vulnerability assessments
• Role-based access controls limiting data access to authorized personnel only
• Two-factor authentication for all administrative systems
• Compliance with RBI's IT security framework for payment service providers

No method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. In the event of a data breach affecting your rights, we will notify you as required by applicable law.

Cookies & Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our platform.

• Essential cookies: Required for the website to function, including session management and security tokens
• Analytical cookies: Help us understand how visitors use our site (e.g., page views, bounce rates)
• Functional cookies: Remember your preferences and settings for a personalized experience

You can control or disable cookies through your browser settings. Note that disabling certain cookies may affect the functionality of our services.

Your Rights

Under the Digital Personal Data Protection Act, 2023 (DPDP Act) and other applicable Indian law, you have the following rights:

• Right to Access: Request a copy of the personal data we hold about you
• Right to Correction: Request correction of inaccurate or incomplete personal data
• Right to Erasure: Request deletion of your personal data, subject to legal and regulatory retention requirements
• Right to Withdraw Consent: Withdraw consent for processing where consent is the legal basis, without affecting prior lawful processing
• Right to Grievance Redressal: File a complaint with our Data Protection Officer or the Data Protection Board of India
• Right to Nominate: Nominate another individual to exercise your rights in the event of death or incapacity

To exercise any of these rights, please contact us at support@annapurnaconsultancy.in. We will respond within 30 days.

Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this policy, or as required by applicable law.

• Transaction records: 7 years (as required under RBI and Income Tax regulations)
• KYC documents: 5 years from end of business relationship
• Account information: Duration of active account plus 3 years
• Communication logs: 2 years
• Cookie and analytics data: Up to 12 months

Upon expiry of the applicable retention period, data is securely deleted or anonymized in accordance with our internal data destruction policy.

Third-Party Links

Our website and services may contain links to third-party websites, payment gateways, government portals, or operator platforms. These third parties have their own privacy policies, and we accept no responsibility for their content or data practices.

We encourage you to review the privacy policy of every external site you visit before providing any personal information.

Children's Privacy

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected data from a child, please contact us immediately and we will take prompt steps to delete such information.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other operational reasons. When we make material changes, we will:

• Update the "Last updated" date at the top of this page
• Notify registered users via email for significant changes
• Post a prominent notice on our website homepage for 30 days following major updates

Your continued use of our services after any change constitutes acceptance of the updated policy. We encourage you to review this page periodically.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Business Name: Annapurna Consultancy
• Address: Bolangir, Odisha, India
• Email: support@annapurnaconsultancy.in
• Phone: +91 9776683232
• Business Hours: Monday – Saturday, 9:00 AM – 6:00 PM IST