Privacy Policy for Website/s and Platform:
1. Introduction:
This Privacy Policy ("Policy") governs the manner in which iuraverse Technologies Pvt Ltd, a Company incorporated under the Companies Act, 2013 with its registered office at 16/A, Phase 1, A-1, Budh Vihar, Pooth Kalan, Rohini, North Delhi - 110086 (hereinafter referred to as "Company", "We", "Us", or "Our"), collects, uses, processes, discloses, stores and protects the Personal Data of users (hereinafter referred to as "You", "User", "Client", "Professional", or "Data Principal") who access the website/s such as www.beingvakil.com; www.iuraverse.com; www.platform.beingvakil.com; www.beingvakil.in or any website/s belonging to the Company or utilize the services offered on the Being Vakil's technology Platform ("Platform" hereinafter).
Being Vakil is a proprietary brand of the Company that facilitates access to justice by connecting users with a diverse range of verified legal and compliance professionals, including Advocates, Chartered Accountants (CAs), Company Secretaries (CSs), Insolvency Resolution Professionals (IRPs), and other qualified service providers.
This Policy is framed in compliance with applicable laws, including but not limited to:
- The Digital Personal Data Protection Act, 2023 (DPDP Act);
- The Information Technology Act, 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011;
- Any other applicable laws, rules, and guidelines governing privacy and data protection in India.
By accessing or using the Website or Platform, You consent to the terms of this Policy and agree to be bound by it.
2. Definitions:
For the purposes of this Policy:
- "Personal Data" means any data about an individual who is identifiable by or in relation to such data.
- "Sensitive Personal Data" includes financial information, health data, biometric data, sexual orientation, caste or tribe, and official identifiers such as Aadhar.
- "Data Principal" means the individual to whom the personal data relates.
- "Processing" includes collection, recording, organisation, storage, updating, use, analysis, transmission, disclosure, and erasure of data.
- "Grievance Officer" refers to the person appointed by the Company under the DPDP Act to address data-related grievances.
3. Scope and Applicability:
This Policy applies to:
- Users accessing or registering on the Website and/or Platform;
- Users who create an account or engage with the Platform;
- Professionals who register and are onboarded to offer their services;
- Individuals who provide personal or business information through the Platform for legal, compliance, or advisory services;
- Users accessing the Website and/or Platform through a browser or mobile device.
4. Types of Data Collected:
a. Data Provided by Users:
- Identification Data: Full name, gender, date of birth, photograph, nationality, profession, and contact details.
- Case-related data: Case related documents including but not limited to any business document, Contract/Agreement, Articles, Business Licenses, Business KYCs etc.
- Contact Details: Email address, Phone number, Physical address.
- Account Credentials: Username, Password (hashtag/encrypted), profile preferences.
- Professional Details: Bar Council IDs, CA/CS/IRP Registration Numbers, Practice areas, qualifications, experience, liceses.
- Transactional Information: Payment history, invoices, UPI ID, Bank Account information, GSTIN, PAN.
- Document Uploads: Contracts, Agreements, Compliance Documents, KYC data, and court-related materials.
- Communication Records: Emails, Chats, Call Recordings (if any), grievance redressal tickets, feedback forms.
b. Automatically Collected Data:
- Device & Usage Data: IP address, browser type, operating system, geolocation data (approximate), device identifiers.
- Cookies & Analytics Data: Session logs, referrals URLs, clickstream data, time spent, pages visited.
C. Third-Party Data Sources:
- Government KYC APIs, regulatory authorities;
- Identity verification and e-sign platforms;
- Payment gateways and financial institutions;
- Publically available legal databases.
5. Legal Basis for Processing:
Our lawful basis for processing your data includes:
- Consent: You have given explicit consent for one or more specific purposes;
- Contractual Necessity: Data processing is required to perform our obligations under a Contract;
- Legal Obligation: Processing is necessary for compliance with legal obligations or regulatory mandates;
- Legitimate Interest: We may process data for fraud prevention, service improvement, dispute resolution, or business continuity;
- Vital Interest: Where processing is necessary to protect your vital interests or those of another person.
6. Purpose of Data Collection and Use:
We use your personal data for the following purposes:
- Account creation, authentication, and profile management;
- Matching clients with suitable professionals based on availability and expertise;
- Providing legal and compliance services, document automation, digital signing, and escrow management;
- Sending transactional emails, alerts, case updates, and appointment confirmations;
- Providing customer support and handling grievances;
- Conducting internal research, platform analytics, and performance optimization;
- Complying with orders from courts, regulators, or law enforcement agencies.
7. Disclosure and Sharing of Personal Data:
We do not sell or trade your personal data. However, we may share data under strict confidentiality conditions with:
a. Service Providers and Processors:
- Cloud hosting providers, CRM platforms, legal research tools;
- Payment gateways and financial intermediaries;
- KYC and identity verification vendors.
b. Engaged Professionals:
- Advocates, CAs, CSs, IRP whom you engage via Platform and/or Website;
- Only relevant information necessary to fulfill the services is shared.
c. Legal or Regulatory Authorities:
- Upon receiving lawful requests under applicable laws;
- For the purposes of litigation, enforcement, or compliance.
d. Business Transfers:
- In the event of a merger, acquisition, restructuring, or transfer of business, your data may be transferred with appropriate safeguards.
8. Data Storage, Retention, and Deletion:
- Personal Data is stored on a secure cloud infrastructure within India.
- We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required under applicable laws.
- User accounts can request data deletion by contacting the Grievance Officer. The "Grievance Policy" is provided here: https://www.iuraverse.com/grievance-policy. Deletion will be subject to audit, statutory, or contractual obligations.
- Anonymised data may be retained for Platform and/or Website insights and research.
9. User Rights Under the Digital Personal Data Protection Act, 2023 (DPDP Act)
You have the following rights with respect to your personal data:
Right to Access: Obtain a copy of your personal data held by us;
Right to Correction: Request correction of any inaccurate or outdated information;
Right to Erasure: Seek deletion of your personal data, subject to legal and regulatory exceptions;
Right to Grievance Redressal: Lodge complaints regarding processing or misuse of data;
Right to nominate: Nominate another person to exercise rights in case of death or incapacity.
To exercise your rights, you may write to the Grievance Officer at the contract mentioned in the "Grievance Policy".
10. Cookies and Tracking Technologies:
Our Website and Platform use cookies to:
- Authenticate sessions and secure login;
- Personalize user experience and remember preferences;
- Improve service delivery for analytics and user interface.
Users may disable cookies via browser settings; however, certain features may become unavailable or function improperly.
11. Data Security and Safeguards:
We implement reasonable security practices in line with industry standards and statutory mandates:
- Multi-factor authentication for professionals;
- Role-based access control and audit logs;
- Regular vulnerability assessments and data security audits;
- Data breach protocols and disaster recovery plans.
12. Cross-Border Transfers:
At present, user data is stored on servers located in India. Any future transfer of data outside India will be done in compliance with:
- Cross-border transfer guidelines under the DPDP Act;
- Binding contractual obligations with transferee parties;
- Adequecy decisions or government-permitted frameworks.
13. Children's Privacy:
The Platform and Website is not intended for use by persons under the age of 18. We do not knowingly collect data from minors. If we learn that we have inadvertently collected data from a minor without appropriate consent, we will promptly delete such data.
14. Changes to this Privacy Policy:
We reserve the right to update this Policy periodically to reflect changes in technology, legal requirements, or Platform/Website enhancements. Material changes will be notified through email or prominent notice on the website.
Your continued use of the Platform after such updates signifies your acceptance of the revised Policy.
15. Grievance Officer and Contact Information:
Pursuant to the provisions of DPDP Act, the Company has appointed a Grievance Officer to address your concerns:
Grievance Officer: Mr Akshay Sathe
Email: akshay@iuraverse.com
Phone: +91 9619871393
Postal Address: WeWork Vaswani Chambers, 1st Floor, Desk ID:HD-512, 264-265, Dr Annie Besant Rd, Municipal Colony, Worli Shivaji Nagar, Worli, Mumbai, Maharashtra 400030.
16. Contact Us:
For any questions, clarifications, or complaints regarding this Privacy Policy or data handling practices, you may reach us at:
iuraverse Technologies Pvt Ltd
Email: office@iuraverse.com
Website: www.iuraverse.com, www.beingvakil.com
Address: WeWork Vaswani Chambers, 1st Floor, Desk ID:HD-512, 264-265, Dr Annie Besant Rd, Municipal Colony, Worli Shivaji Nagar, Worli, Mumbai, Maharashtra 400030.
Note: In case of any conflict with the Privacy Policy on the Platform and Website, this Privacy Policy shall supersede.
Last Updated: 20/05/2025