Privacy Policy

1. Consent and lawful processing

We process personal data on the basis of your consent where the DPDP Act requires it, or on another lawful ground where applicable. We do not collect personal data for undisclosed purposes.

Sign-in (social authentication): When you create or access an account via a provider such as Google or Apple, you authorise us to receive your email address and name from that provider. We use this information only to operate your account and personalise the Service (for example, saved items and preferences). We do not ask those providers for data beyond what you approve through the login flow.

Contact form (website): If you use the contact form, we collect the details you enter—typically your name, email address, subject line, and message—to read and respond to your enquiry. We do not use this channel for marketing lists unless we ask separately and you agree.

Push notifications: Where the Service offers push notifications (for example, a daily brief), we use a device token only if you opt in. You may withdraw that consent through device settings or in-app controls.

You may withdraw consent at any time. Withdrawal does not affect the lawfulness of processing that occurred before withdrawal. See Section 4 for erasure and account deletion.

2. Purposes of processing

We use personal data only for clear purposes, including:

• Service delivery: to show summaries, sync bookmarks or preferences, and operate features you choose to use.
• Notifications: to send optional pushes you have enabled.
• Support: to receive and answer messages sent via the contact form or other channels you use.
• Security and integrity: to protect accounts, investigate abuse, and comply with law where required.

We do not sell your personal data. We do not use it for cross-site targeted advertising in the conventional ad-tech sense.

3. Data minimisation and accuracy

We collect only what we reasonably need for the purposes above. We take reasonable steps to keep personal data accurate when we use it for those purposes. Browsing public pages without an account may still involve limited technical information that hosting and infrastructure providers process so the site can load (for example, IP address and browser type in server logs); we use such information only for security, debugging, and aggregate understanding of traffic where permitted.

4. Your rights under the DPDP Act

As a Data Principal, you have rights under the DPDP Act, including the following. We will respond in line with the Act and applicable rules.

Withdraw consent: You may withdraw consent where processing was consent-based. We will stop that processing unless another lawful ground applies.

Erasure: You may request deletion of your personal data. We will erase it when no exception applies (for example, legal retention). In our mobile app, use the account or profile area to delete your account where that option is available. You may also email us at hello@nonews.in with a clear request to delete your account or erase your data.

Access and correction: You may ask what personal data we process, for what purposes, and to whom it may be disclosed, and you may request correction of inaccurate or incomplete data. Contact us using the details below.

Grievance redressal: If you are not satisfied with our response, you may escalate in accordance with the DPDP Act, including to the Data Protection Board of India where applicable.

5. Sharing and processors

We may share personal data with service providers (processors) who help us host the Service, authenticate users, send notifications, or store data—under agreements that require them to protect the data and process it only on our instructions. We may disclose information if required by law, court order, or competent authority, or to protect the rights and safety of users and the public. If our business is reorganised (for example, a merger), we will provide notice where the law requires. We do not sell or rent personal data.

6. Retention and security

We retain personal data only as long as needed for the purposes described or as required by law. When you request erasure and no exception applies, we delete or anonymise data within the timelines the law requires.

We apply reasonable technical and organisational measures to protect personal data against unauthorised access, alteration, or loss. No online service can promise perfect security; if we become aware of an incident that materially affects you, we will address it in line with applicable law.

7. Children

The Service is not directed at children under 18. We do not knowingly collect personal data from children. If you believe we have, please contact us and we will take steps to delete such data.

8. Changes to this policy

We may update this Privacy Policy from time to time. We will post the revised policy on this page and update the “Last updated” date. For material changes, we may also notify you by reasonable means (for example, a notice in the app or by email). Continued use of the Service after the effective date means you acknowledge the updated policy.

9. Contact

Questions about this Privacy Policy or your personal data: hello@nonews.in or our contact page.