Privacy Policy

Introduction

Talonoid Technologies Private Limited ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our business plan generation platform ("Service") available at talonoid.com and through our mobile applications.

This policy applies to all users worldwide, including residents of the United States, European Union, United Kingdom, Canada, Australia, New Zealand, Singapore, India, and other jurisdictions. We comply with all applicable data protection laws including:

• • General Data Protection Regulation (GDPR) - EU/EEA
• • California Consumer Privacy Act (CCPA) - California, USA
• • Personal Information Protection and Electronic Documents Act (PIPEDA) - Canada
• • Privacy Act 1988 - Australia
• • Privacy Act 2020 - New Zealand
• • Personal Data Protection Act (PDPA) - Singapore
• • Information Technology Act 2000 - India

1.1 Personal Information

We collect information you provide directly to us:

• • Account Information: Email address, name (optional), profile picture (optional)
• • Business Plan Data: Business name, industry, location (ZIP code), financial projections, and other details you provide
• • Payment Information: Transaction history (processed securely by Razorpay; we do not store complete card details)
• • Communications: Messages you send to our support team

1.2 Automatically Collected Information

When you use our Service, we automatically collect:

• • Device Information: Device type, operating system, browser type
• • Usage Data: Pages visited, features used, time spent, click patterns
• • Location Data: General geographic location based on IP address (country/city level)
• • Analytics: Performance metrics, error logs, crash reports

1.3 Third-Party Data

We integrate with federal data sources (US Census Bureau, BLS, IRS, SBA) to provide economic data for your business plans. We do not share your personal information with these sources. We also use third-party services for authentication (Apple Sign-In) and payments (Razorpay), each governed by their own privacy policies.

We use your information for the following purposes:

• • Service Delivery: Generate business plans, manage your account, process transactions
• • Communication: Send transactional emails, support responses, and optional marketing communications (with consent)
• • Improvement: Analyze usage patterns to improve our Service and develop new features
• • Security: Detect fraud, prevent abuse, and protect against security threats
• • Legal Compliance: Comply with legal obligations, respond to lawful requests

2.1 Legal Basis for Processing (GDPR)

For EU/EEA users, we process your personal data based on: (a) your consent; (b) performance of our contract with you; (c) our legitimate interests in operating and improving our Service; and (d) compliance with legal obligations.

We do not sell your personal information. We may share your information with:

• • Service Providers: Cloud hosting, payment processing (Razorpay), analytics (if enabled)
• • Legal Requirements: When required by law, court order, or government request
• • Business Transfers: In connection with merger, acquisition, or sale of assets
• • With Your Consent: When you authorize sharing (e.g., sharing a business plan)

3.1 Cross-Border Data Transfers

Your data may be transferred to and processed in the United States. We implement appropriate safeguards including Standard Contractual Clauses (SCCs) for EU/EEA transfers and comply with applicable data transfer regulations.

We implement industry-standard security measures:

• • Encryption: 256-bit SSL/TLS encryption for data in transit; encryption at rest
• • Access Control: Row-level security (RLS) ensuring only you can access your data
• • Authentication: Secure OAuth (Apple Sign-In) and email/password authentication
• • Infrastructure: Hosted on secure cloud infrastructure with SOC 2 Type II compliance
• • Monitoring: Continuous security monitoring and vulnerability assessments

While we strive to protect your data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

5.1 For All Users

• • Access: Request a copy of your personal data
• • Correction: Request correction of inaccurate data
• • Deletion: Request deletion of your account and data
• • Portability: Export your data in a machine-readable format
• • Opt-Out: Unsubscribe from marketing communications

5.2 Additional Rights by Region

European Union / EEA (GDPR)

• • Right to restrict processing
• • Right to object to processing
• • Right to withdraw consent
• • Right to lodge a complaint with a supervisory authority

California (CCPA)

• • Right to know what personal information is collected
• • Right to know whether personal information is sold or disclosed
• • Right to say no to the sale of personal information
• • Right to equal service and price

Canada (PIPEDA)

• • Right to access and challenge accuracy of personal information
• • Right to withdraw consent at any time

Australia & New Zealand

• • Right to access and correction of personal information
• • Right to complain to the Privacy Commissioner

Singapore (PDPA)

• • Right to access and correct personal data
• • Right to withdraw consent

India (IT Act 2000)

• • Right to access personal information
• • Right to correction and deletion

5.3 How to Exercise Your Rights

To exercise your privacy rights, contact us at connect@talonoid.com. We will respond within 30 days (or as required by applicable law).

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide services. Upon account deletion request, we will delete your personal data within 30 days, except where retention is required by law (e.g., financial records for tax compliance). Anonymized, aggregated data may be retained indefinitely for analytics purposes.

7. Children's Privacy

Our Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at connect@talonoid.com.

8. Cookies & Tracking

We use essential cookies to operate our Service and provide core functionality. We may use analytics cookies (with your consent) to understand how users interact with our Service. You can manage cookie preferences through your browser settings. For more information, see our Cookie Policy (if applicable).

9. Policy Updates

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date. For significant changes, we will also send you an email notification. We encourage you to review this policy periodically.