Privacy Policy

Vayil Technologies Private Limited ("Vayil", "we", "us") is committed to protecting your privacy. This Privacy Policy explains what personal information we collect, why we collect it, how we use and share it, and your rights — when you use Vayil: Renovate & Build (the customer app) or Vayil Vendor: Projects & Payments (the vendor/professional app), or our website at vayil.in.

By using our apps or services, you agree to the practices described here. If you do not agree, please discontinue use and contact us at support@vayil.in.

Customer App

Vayil: Renovate & Build

For homeowners booking renovation, repair, cleaning, and home services. Browse, quote, pay, and track projects.

Vendor App

Vayil Vendor: Projects & Payments

For service providers and contractors. Manage leads, submit quotes, track milestones, and receive secure payments.

Information We Collect

We collect different types of information depending on whether you are a Customer or a Vendor, and based on how you interact with our apps.

Category	Customer App	Vendor App
Identity	Name, phone, email	Name, photo, phone, email, business name
KYC / Verification	—	Govt. ID (Aadhaar/PAN), address proof, bank details
Location	Service address, pin code, device location (if permitted)	Business/service area, device location for job assignment
Project Data	Service type, requirements, photos, measurements, site details	Quotes, milestone updates, work progress photos/videos
Payment	Transaction ID, amount, payment method type	Bank account/UPI ID for payouts, payout history
Communications	In-app chat, support tickets, reviews/ratings	In-app chat, support tickets, portfolio images
Device & Technical	Device ID, OS version, app version, IP, crash logs	Same as Customer
Usage	Features used, search queries, booking history	Leads viewed, response rate, job activity

      Sensitive Data Notice
      Vendor KYC documents (Aadhaar, PAN, bank details) are treated as sensitive personal data, processed only for verification and payment with appropriate safeguards under the DPDP Act 2023 and SPDI Rules.
    

How We Collect Information

Directly from you — when you register, complete a profile, submit a project, upload photos, or contact support.
Automatically — via device sensors, log files, and in-app analytics when you use our apps.
Location services — only when you grant permission; you may restrict this in device settings at any time.
Camera / Storage access — only when you upload photos/videos for projects or your portfolio; we do not access your media library without your action.
From third parties — payment gateways (Razorpay or similar), Google (sign-in), and government verification services for KYC.

How We Use Your Information

Purpose	Legal Basis / Reason
Create and manage your account	Contractual necessity
Match customers with relevant vendors	Contractual / Legitimate interest
Process bookings, quotes, and milestones	Contractual necessity
Hold and release payments via escrow	Contractual necessity
Verify vendor identity & credentials (KYC)	Legal obligation / Contract
Send transactional notifications	Contractual / Consent
Provide customer support and dispute resolution	Legitimate interest
Improve platform features and safety	Legitimate interest
Fraud detection and platform integrity	Legal obligation / Legitimate interest
Promotions and offers (opt-in only)	Consent
Comply with Indian law (GST, RBI, court orders)	Legal obligation

We do not sell your personal data to third parties for their independent marketing purposes.

Sharing & Disclosure

We share your data only where necessary and with appropriate protections:

Between Customers and Vendors — name, contact (limited), project details, and work photos are shared to facilitate the booked service. Vendors do not receive full financial details of customers.
Payment Partners — e.g., Razorpay, Cashfree — for transaction processing and escrow management, governed by their own privacy policies.
KYC / Verification Providers — government APIs (DigiLocker, NSDL, etc.) for document verification. Minimal data, necessary purpose only.
Analytics Providers — anonymised/aggregated usage data to improve the platform (e.g., Firebase). No identifiable data is shared.
Legal & Regulatory — courts, law enforcement, or regulatory bodies when required by applicable law or to protect Vayil's legal rights.
Business Transfers — in the event of a merger or acquisition, your data may be transferred with appropriate notice.

      Non-Circumvention & Data Use
      Vendor access to customer contact information is solely for fulfilling the booked project. Using customer data for unsolicited marketing or off-platform solicitation is prohibited and may result in account termination.
    

Payment & Escrow Data

Vayil uses a third-party payment gateway and escrow system. We do not store full card numbers or CVV codes on our servers. Payment data is tokenised and handled by our PCI-DSS compliant payment partner.

Transaction records (amount, date, status, method type) are retained for financial and legal compliance — typically 8 years as per Indian accounting law.
Vendor bank/UPI details are stored in encrypted form solely for payout purposes.
Escrow hold and release records are maintained for dispute resolution and audit purposes.

Cookies & Tracking Technologies

Our website (vayil.in) uses cookies and similar technologies. Our mobile apps use device identifiers and in-app analytics SDKs for the following purposes:

Essential operation — keeping you logged in, remembering preferences.
Analytics — understanding how features are used to improve them.
Push notifications — sending booking and payment alerts (you may opt out in device settings).

You can manage cookie preferences via our Cookie Settings page on the website, or adjust app notification permissions in your device settings.

Data Retention

Data Type	Retention Period
Active account data	Duration of account activity + 12 months after deletion request
Project & transaction records	8 years (statutory financial records)
KYC / identity documents (Vendors)	As required by law / RBI / regulatory directive
Chat & communication logs	24 months from last activity
Crash logs & technical diagnostics	90 days
Deleted account data	Anonymised within 30 days; financial records retained as above

Data Security

We implement industry-standard security measures to protect your data:

TLS/HTTPS encryption for all data in transit
Encryption at rest for sensitive data (KYC, bank details)
Role-based access controls — only authorised personnel access personal data
Regular security audits and vulnerability assessments
Incident response procedures for data breaches, including regulatory notification as required by law

      Your Responsibility
      Keep your account credentials confidential. Notify us immediately at support@vayil.in if you suspect unauthorised access to your account.
    

Your Rights

Under the Digital Personal Data Protection Act, 2023 (India) and applicable law, you have the following rights:

👁️

Access

Request a summary of personal data we hold about you.

✏️

Correction

Request correction of inaccurate or incomplete personal data.

🗑️

Erasure

Request deletion of your account and associated personal data (subject to legal retention requirements).

🚫

Withdraw Consent

Withdraw marketing consent at any time via app settings or by emailing us.

📦

Data Portability

Request a copy of your data in a commonly used format (where technically feasible).

📋

Grievance Redressal

Raise a complaint with our Grievance Officer (details in Section 13).

To exercise any of these rights, email privacy@vayil.in with your registered account details. We will respond within 30 days.

Children's Privacy

Our apps and services are intended for users who are 18 years of age or older. We do not knowingly collect personal information from anyone under 18. If you believe a minor has created an account or provided us personal data, please contact us at support@vayil.in and we will promptly delete the information.

Third-Party Links & Services

Our apps may contain links to third-party websites or integrate third-party services (e.g., maps, payment gateways). This Privacy Policy does not cover those third parties. We encourage you to review their privacy policies before sharing personal data with them. Vayil is not responsible for third-party privacy practices.

Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will:

Update the "Effective Date" at the top of this page
Send an in-app notification or email to registered users
Where required by law, seek fresh consent

Your continued use of the apps after the effective date constitutes your acceptance of the updated policy.

Contact

If you have questions, concerns, or requests regarding this Privacy Policy, please contact:

Role	Details
Privacy / Data Queries	privacy@vayil.in
General Support	support@vayil.in
Response Time	Within 30 days of receiving your request

If your concern is not resolved within 30 days, you may escalate to the Data Protection Board of India once constituted under the DPDP Act, 2023, or other applicable regulatory authority.

Questions About Your Privacy?

Our team is here to help. We respond to all privacy requests within 30 days.

📧 privacy@vayil.in support@vayil.in View Your Rights →