Legal · Privacy
Privacy Policy
Last updated: June 2026 · Effective: January 2024
Muqira is built on the principle that privacy is a design choice, not a legal checkbox. We collect the minimum amount of data necessary to build great products and handle it with care.
01
Who we are
Muqira Technologies ("Muqira", "we", "our", "us") is the entity responsible for your personal data.
Registered address: Mumbai, Maharashtra, India
Represented by: Anita R., Chief Executive Officer
Contact: [email protected]
Muqira is a company registered in India. We process personal data as a "Data Fiduciary" under India's Digital Personal Data Protection Act, 2023 (DPDP Act) for users located in India.
If you are located in the European Economic Area (EEA) or United Kingdom, Muqira acts as the data controller under the General Data Protection Regulation (GDPR / UK GDPR) for the purposes of your data.
02
What we collect
We collect only what we genuinely need to operate our products:
• Account information (name, email address) when you register for a Muqira product
• Usage data to improve product functionality (aggregated and anonymised where possible)
• Support communications when you contact us
• Payment information, processed securely through third-party providers — we never store card details or payment instrument data
• Technical data such as IP address, browser type, and device type, collected automatically when you use our products
• Cookies and similar tracking technologies as described in our Cookie Policy
We do not collect sensitive personal data (as defined under GDPR Article 9) unless strictly required and consented to. We do not collect data to build advertising profiles. We do not sell your data. Ever.
03
Lawful basis for processing
Under GDPR, we process your personal data on the following lawful bases:
• Contract performance (Article 6(1)(b)): Processing necessary to provide you with Muqira products and services you have signed up for
• Legitimate interests (Article 6(1)(f)): Fraud prevention, network security, product improvement, and direct marketing to existing customers
• Consent (Article 6(1)(a)): Where we ask you to opt in, such as for marketing emails or non-essential analytics
• Legal obligation (Article 6(1)(c)): Where we are required to retain data for tax, accounting, or regulatory purposes
Under India's DPDP Act, 2023, we process personal data on the basis of your consent, obtained through clear affirmative action at signup, or for "legitimate uses" recognised under the Act (such as providing a service you have requested, or compliance with law).
You may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.
04
How we use it
We use the information we collect to:
• Operate, maintain, and improve our products
• Process payments and manage subscriptions
• Send transactional emails (account confirmations, receipts, important product notices)
• Respond to support requests and inquiries
• Detect and prevent fraud, abuse, and security incidents
• Understand aggregate usage patterns to guide product decisions
• Comply with legal obligations
We will not use your email for unsolicited marketing without your explicit consent. You may unsubscribe from any marketing communications at any time.
05
Data sharing
Muqira does not sell, rent, or trade your personal data with third parties.
We work with a small number of trusted sub-processors who process data on our behalf under written data processing agreements (DPAs):
• Payment processing: Razorpay Software Private Limited (PCI-DSS compliant)
• Infrastructure and hosting: Cloudflare, Inc.
• Error monitoring: third-party error tracking services
• Email delivery: transactional email providers
Each sub-processor is contractually prohibited from using your data for any purpose other than providing services to Muqira. We review sub-processors regularly and maintain an up-to-date list available on request at [email protected].
We may disclose your data if required by law, court order, or a legitimate request from a government authority with jurisdiction over Muqira.
06
International transfers
Muqira and some of our sub-processors operate internationally. Where personal data is transferred outside the EEA or UK, we ensure appropriate safeguards are in place, including:
• Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy decisions where applicable
• UK International Data Transfer Agreements (IDTAs) where applicable
By using our products, you acknowledge that your data may be processed in countries outside your country of residence.
07
Your rights
Depending on your location, you have the following rights regarding your personal data:
Under GDPR (EEA / UK):
• Right of access — obtain a copy of the personal data we hold about you
• Right to rectification — correct inaccurate or incomplete data
• Right to erasure ("right to be forgotten") — request deletion of your data
• Right to restrict processing — limit how we use your data
• Right to data portability — receive your data in a structured, machine-readable format
• Right to object — object to processing based on legitimate interests or for direct marketing
• Right not to be subject to automated decision-making
Under CCPA (California residents):
• Right to know what personal information is collected, used, shared, or sold
• Right to delete personal information
• Right to opt-out of the sale of personal information (we do not sell data)
• Right to non-discrimination for exercising your rights
Under India's DPDP Act, 2023 (Indian residents):
• Right to access a summary of your personal data and the processing activities carried out
• Right to correction, completion, updating, and erasure of your personal data
• Right to grievance redressal — you may raise a complaint with our Grievance Officer before approaching the Data Protection Board of India
• Right to nominate another individual to exercise your rights on your behalf in the event of death or incapacity
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days (GDPR), 45 days (CCPA), or as required under the DPDP Act. We may ask you to verify your identity before processing a request.
If you are in the EEA or UK, you also have the right to lodge a complaint with your local data protection authority. If you are in India, you may lodge a complaint with the Data Protection Board of India after first raising it with our Grievance Officer at [email protected].
08
Cookies
We use essential cookies required for our products to function (authentication, security, session management). We do not use third-party advertising or tracking cookies by default.
Where analytics cookies are used, they are privacy-preserving, do not identify individual users across websites, and do not share data with advertising networks.
Full details are available in our Cookie Policy. You can manage your preferences at any time through your browser settings or our cookie preference centre.
09
Data retention
We retain your personal data for as long as your account is active or as necessary to provide our services.
Upon account deletion:
• Personal data is deleted within 30 days
• Anonymised usage data may be retained indefinitely for product analytics
• Financial records and transaction data are retained for 7 years as required by applicable tax and accounting law
• Data held under legal hold or regulatory obligation is retained for the applicable statutory period
You may request deletion of your account at any time via your account settings or by emailing [email protected].
10
Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction. These measures include:
• Encryption of data in transit (TLS 1.2+) and at rest
• Access controls and least-privilege principles
• Regular security reviews and vulnerability assessments
• Incident response procedures
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and affected individuals without undue delay, as required by law.
11
Changes to this policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email (if you have an account) and by posting a notice on our website at least 30 days before the change takes effect.
The "Last updated" date at the top of this page indicates when this policy was last revised. Continued use of our products after changes take effect constitutes acceptance of the revised policy.
12
Contact
For all privacy-related inquiries, requests, or complaints:
Email: [email protected]
Grievance Officer (India / DPDP Act): [email protected]
Response time: within 5 business days for general inquiries; within 30 days for formal rights requests
Muqira Technologies
Mumbai, Maharashtra, India
Represented by: Anita R., Chief Executive Officer
[email protected]
muqira.com


