Privacy Policy

NyayaVeda AI is an Indian legal research platform operated by its development team. For privacy inquiries, contact: bhargavabhay182@gmail.com

From Firebase Authentication:

• Email address (from Google account)
• Display name
• Profile photo URL
• Firebase UID (anonymous identifier)

From your use of the Service:

• Legal research query text (stored for your history feature)
• AI-generated response (stored for your history feature)
• Query metadata: confidence score, citation score, timestamps
• Performance metrics: latency, token count (no query content)

Security audit logs (hashed only):

• MD5 hash of query text (not reversible — we cannot recover your query from this)
• SHA-256 hash of IP address (GDPR-compliant — not reversible)
• Event type (login, query, blocked, payment)

• To provide the legal research service you requested
• To maintain your query history and bookmarks
• To enforce rate limits and plan quotas
• To process subscription payments via Razorpay
• To detect and prevent abuse, injection attacks, and fraud
• To improve the AI model and retrieval quality (aggregate stats only)

We do NOT use your queries to train AI models without explicit consent.

Your data is stored in a PostgreSQL database hosted on servers in India or within AWS/GCP regions with GDPR-equivalent protections. We apply:

• TLS 1.3 encryption in transit
• AES-256 encryption at rest
• Row-level security — each user can only access their own queries
• Firebase Authentication for identity — we never store passwords
• All Razorpay payments processed on Razorpay's PCI-DSS compliant infrastructure

We do not share your data with any other third parties, advertisers, or data brokers.

You have the right to:

• Access: Request a copy of all data we hold about you
• Deletion: Delete your account and all associated data from Settings → Delete Account, or by emailing us
• Correction: Update your profile information at any time
• Portability: Export your query history as JSON from the History page
• Opt-out: Stop using the Service at any time

To exercise any of these rights, email bhargavabhay182@gmail.com. We will respond within 30 days.

• Query history: retained until you delete it or close your account
• Security audit logs (hashed): 90 days
• Payment records: 7 years (required by Indian accounting law)
• Account data: deleted within 30 days of account deletion request

We use only essential cookies: a session token cookie to maintain your authentication state. We do not use advertising or tracking cookies. You may disable cookies in your browser, but this will prevent you from staying logged in.

The Service is not intended for users under 18. If you believe a minor has registered, contact us immediately at bhargavabhay182@gmail.com and we will delete the account.

We will notify registered users by email of material changes to this Privacy Policy. Your continued use after the effective date constitutes acceptance.

For privacy concerns, data requests, or grievances under the Information Technology Act, 2000 and rules thereunder:

Email: bhargavabhay182@gmail.com

Response time: within 30 days as required by IT Act Rules.