NewCompanyAlert ("we", "us", or "our") operates the NewCompanyAlert platform at newcompanyalert.in. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services.
1. Information We Collect
1.1 Personal Information
When you create an account or use our services, we may collect:
- Account information: Name, email address, phone number, company name
- Authentication data: Password (stored as a secure hash), Google OAuth profile data (if you sign in with Google)
- Payment information: UPI transaction IDs, payment order IDs, and transaction records. We do not store your bank account details directly — UPI payments are processed through secure banking channels.
- Usage data: Subscription history, credit transactions, DIN lookup history, CSV download records
1.2 Automatically Collected Information
- Log data: IP address, browser type, device information, pages visited, timestamps
- Cookies: We use essential cookies for authentication and session management
2. How We Use Your Information
We use the collected information for the following purposes:
- To create and manage your account
- To process payments and deliver subscription services
- To send daily CSV data files via email
- To process DIN director lookup requests
- To communicate service updates, billing notifications, and support responses
- To detect and prevent fraud, abuse, and security incidents
- To improve our platform and develop new features
- To comply with legal obligations
3. Data Sharing and Disclosure
We do not sell your personal information. We may share data with:
- Payment processors: UPI payment networks and payment gateways for processing your payments securely
- Cloud providers: Amazon Web Services (AWS) for file storage (S3) and email delivery (SES)
- Legal authorities: When required by law, court order, or government regulation
4. Data Storage and Security
- Your data is stored on secure PostgreSQL databases with encrypted connections
- Passwords are hashed using bcrypt with a cost factor of 12
- API endpoints are protected with JWT authentication and rate limiting
- All communication is encrypted via HTTPS/TLS
- Payment signatures are verified using HMAC SHA256
- We implement security headers (Helmet.js), HPP protection, and input validation
5. Data Retention
We retain your personal data for as long as your account is active or as needed to provide services. If you request account deletion, we will remove your personal information within 30 days, except where retention is required by law (e.g., payment records for tax compliance).
6. Your Rights
You have the right to:
- Access the personal data we hold about you
- Correct inaccurate or incomplete data via your account settings
- Delete your account and associated data by contacting support
- Export your data in a portable format
- Withdraw consent for optional data processing at any time
7. Cookies Policy
We use essential cookies and localStorage tokens for authentication and session management. We do not use third-party tracking or advertising cookies. If you sign in with Google, Google's own cookie policies apply to the Google Sign-In widget.
8. Third-Party Services
Our platform integrates with the following third-party services:
- UPI / Payment Gateway — Payment processing via secure UPI and banking networks
- Google OAuth — Social login (Google Privacy Policy)
- Amazon Web Services — Cloud infrastructure (AWS Privacy Policy)
9. Children's Privacy
NewCompanyAlert is a B2B service not intended for individuals under 18 years of age. We do not knowingly collect personal information from minors.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify registered users via email of any material changes. The "Last updated" date at the top indicates when the policy was last revised.
11. Contact Us
If you have questions about this Privacy Policy or wish to exercise your rights, contact us at:
- Email: support@newcompanyalert.in
- Website: newcompanyalert.in