USer Privacy Policy
Effective Date: 16.06.2025
βSpotted (AAR Tech Ventures Private Limited) ("Spotted", "we", "us", or "our") respects the privacy of its users and is committed to protecting their personal and transactional data.
This Privacy Policy explains how we collect, use, store, and share your information when you access or use our mobile application, website, and related services (collectively referred to as the "Platform").
β
1. Information We Collect
a. Personal Information
Name, phone number, email address
Location (GPS or IP-based) User profile image or device-specific data (when permitted)
b. Payment & Transactional Data
Virtual Payment Address (VPA)
UPI Transaction ID, timestamp, amount, and merchant details
Cashback eligibility and reward status.
c. Usage Data
App interaction logs
Scan and payment frequency
Post engagement (likes, shares, views)Device type, OS version, and session analytics
β
2. Purpose of Data Use
We use the collected data to:
Facilitate secure UPI-based QR payments
Determine cashback eligibility and reward issuance
Generate and publish Spotted Posts (user-tagged location/activity content)
Enhance user experience through personalization and analytics
Provide real-time support, fraud detection, and abuse mitigation
β
3. Data Storage and Retention.
Data is stored on ISO 27001-certified infrastructure.
Personally Identifiable Information (PII) is encrypted using AES-256.TLS 1.3 is enforced for all client-server communication.
Transactional logs are retained for a minimum of 180 days or as mandated by RBI/NPCI.
User posts may remain public unless deleted by the user or flagged.
β
4. Data Sharing and Disclosure
We may share your data with:
NPCI-certified TPAPs/PSPs for UPI transaction processing
Merchants for attribution of rewards and reporting
Third-party vendors for cloud hosting, analytics, or fraud control (bound by data processing agreements)
Government or legal authorities if required under law or regulatory obligation
βNote: We do not sell or rent your data to advertisers or third parties.
β
5. User Control and Consent
You control whether a post is published during the transaction journey.
You may request deletion of your account and associated data by emailing support@tryspotted.com.
Consent is collected explicitly before accessing location, camera, or contact data.
Users can opt-out of push notifications and marketing messages from settings.
β
6. Cookies and Tracking
We may use secure, encrypted cookies for session management.
No third-party ad trackers are integrated.
Analytics tools (e.g., Mixpanel, Firebase) may collect anonymized usage metrics.
β
7. Childrenβs Privacy
Spotted does not knowingly collect personal information from users under the age of 13. If we discover such information has been collected inadvertently, we will delete it promptly.
β
8. Data Collection for Safety & Law Enforcement
Protection of Minors
Spotted is committed to the safety of children. While our app is intended for 13+, we take proactive steps to ensure our platform is not used to harm minors.
Scanning and Moderation:
We reserve the right to use automated tools and human review to scan uploaded content for illegal material, specifically Child Sexual Abuse Material (CSAM).
Legal Disclosure:
In accordance with child safety laws, we will share user data (including IPaddresses, account details, and content) with legal authorities and organizations like NCMEC if we have a good faith belief that a crime involving a minor hasoccurred.
Point of Contact:
For any safety-related inquiries, our designated Child Safety Point of Contact canbe reached at tech@tryspotted.com.
β
9. Data Breach Protocol
In case of a data breach:
Affected users will be notified within 72 hours
An incident report will be shared with regulatory bodies if required
Compromise scope, rectification steps, and action plans will be communicated transparently.
β
10. Changes to this Policy
We may update this Privacy Policy to reflect operational, legal, or regulatory changes. Users will be notified via app update or email.
β
11. Contact Information
For any privacy concerns, data deletion requests, or complaints, please contact:AAR Tech Ventures Pvt. Ltd.
βEmail: support@tryspotted.com
βBy continuing to use the Spotted Platform, you acknowledge that you have read and understood this Privacy Policy.
