CitizenU Privacy Policy

Effective Date: June 14, 2025

Last Updated: May 11, 2025

1. Introduction

Welcome to CitizenU! This Privacy Policy explains how CITIZENU MICROBLOGGING PRIVATE LIMITED("CitizenU," "we," "us," or "our"), a Make in India certified startup headquartered in Mumbai, India, collects, uses, shares, and protects your personal information when you use our website (citizenu.me), mobile applications, and related services (collectively, the "Service").

Our mission is to provide an authentic social media experience built on trust and mandatory one-to-one user verification. This policy outlines how we handle your information, particularly sensitive data collected for verification, in compliance with India's Digital Personal Data Protection Act, 2023 (DPDPA).

By using our Service, you consent to the practices described herein and our Terms of Service.

2. Information We Collect

2.1 Information You Provide Directly

Account Registration: Username, email address, phone number, date of birth (to verify age eligibility).

Mandatory Verification Data:

  • Information from DigiLocker with your explicit consent (e.g., name, DOB, masked Aadhaar or Virtual ID, address).
  • Aadhaar details as permitted by UIDAI guidelines, collected minimally and securely.
  • Any alternative verification methods offered will be clearly explained at the time of collection.

Profile Information: Optional profile picture, display name, bio, location.

User Content: Posts, images, videos, direct messages ("Klacks").

Communications: Messages you send to us (e.g., support requests).

2.2 Information Collected Automatically

Usage Data: Interaction with the Service including content viewed and actions taken.

Device and Connection Information: Device model, OS, browser type, IP address, mobile network details, device identifiers, location (with consent).

Log Data: Server logs capturing usage and connection details.

Cookies and Similar Technologies: To operate and improve the Service, maintain security, remember preferences, and personalize content.

2.3 Information from Third Parties

Primarily from your direct input and DigiLocker (with consent). Third-party data collection only as necessary or required by law.

3. How We Use Your Information

  • Provide and operate the Service including account management and communication.
  • Verification: Strictly to confirm your identity and prevent fraudulent activity.
  • Maintain platform security, detect abuse, and enforce policies.
  • Communicate important service-related notifications and respond to inquiries.
  • Improve and develop the Service based on user interaction data.
  • Comply with legal obligations under applicable laws.
  • Use your data for other purposes only with your explicit consent.

Important: Verification data is never used for advertising, profiling, or any non-verification purposes.

4. Direct Messages (DMs)

  • Stored and processed to deliver messages securely.
  • Generally private, but may be accessed by authorized personnel for investigations, legal compliance, or reports of policy violations.
  • Not currently end-to-end encrypted but protected by other technical safeguards.

5. How We Share Your Information

  • Public Information: Your public profile and posts are visible to others.
  • Service Providers: Third-party vendors assisting in platform operations under strict confidentiality agreements.
  • Legal Requirements: Disclosures to comply with laws, protect safety, or enforce rights.
  • Business Transfers: Data may be transferred in mergers, acquisitions, or sales, subject to confidentiality and legal compliance.
  • Aggregated Data: De-identified data shared for research or analysis.
  • With Your Consent: Other sharing only with explicit permission.

Note: Sensitive verification data is shared only with specialized verification partners under strict confidentiality or when legally compelled.

6. Data Storage and Security

Data Location: Primarily stored on servers in India, complying with data localization laws.

Security Measures: Robust technical, administrative, and physical controls including encryption, access restrictions, and audits to protect your data.

Verification Data: Subject to enhanced security per UIDAI and DPDPA requirements; access limited to vetted personnel.

7. Data Retention

  • Account Data: Retained while your account is active.
  • Verification Data: Retained only as necessary to maintain verified status and meet legal obligations; securely deleted or anonymized thereafter.
  • User Content: May be retained even after account deletion, possibly anonymized, or if legally required.
  • Log Data: Retained for a limited period for security and analysis, then deleted or anonymized.

Account deletion requests are processed in accordance with applicable laws and retention policies.

8. Cookies and Similar Technologies

Use of session and persistent cookies, first-party and potentially third-party cookies for authentication, preferences, security, analytics, and feature measurement.

Users can manage cookie preferences via browser settings but disabling cookies may impact Service functionality.

See our dedicated Cookie Policy for detailed information.

9. Your Rights and Choices

Under the DPDPA and other applicable laws (including GDPR where relevant), you have rights including:

  • Access to your personal information and processing details.
  • Correction of inaccurate or incomplete data.
  • Request deletion of personal data (subject to legal retention obligations).
  • Grievance redressal for privacy concerns.
  • Nomination of a representative to exercise rights on your behalf in case of incapacity.
  • Manage and withdraw consent for data processing.

To exercise these rights, contact our designated Grievance Officer (details below).

10. Children's Privacy

Our Service is not intended for individuals under 18 years old. We do not knowingly collect data from children under 18 without verified parental consent. Any inadvertent collection will be promptly deleted.

11. International Data Transfers

If personal data is transferred outside India, appropriate safeguards (such as contractual clauses or adequacy decisions) are implemented to ensure legal compliance and data protection.

12. Grievance Officer and Contact Information

For privacy-related concerns or requests:

Grievance Officer: vinod kumar

Email: support@citizenu.me

Address: CITIZENU MICROBLOGGING PRIVATE LIMITED, lotus court, 19/20, Jamshedji Tata Road, Churchgate, Mumbai, Maharashtra 400020

For general inquiries: support@citizenu.me

13. Changes to This Privacy Policy

We may update this policy periodically. Changes will be reflected by updating the "Last Updated" date and, if significant, by providing additional notice (e.g., website announcement or in-app notification).

Continued use of the Service after changes constitutes acceptance.

14. Final Note

We take your privacy seriously and are committed to transparency and giving you control over your information.

Thank you for trusting CitizenU.

CITIZENU MICROBLOGGING PRIVATE LIMITED

Registered Office: CitizenU office lotus court, 19/20, Jamshedji Tata Road, Churchgate, Mumbai, Maharashtra 400020

© 2025 CitizenU Microblogging Private Limited. All rights reserved.