At AECORD [AECORD One Private Limited], we understand that your privacy matters. We value the trust you place in us when you share your personal data, and we are committed to handling that information with transparency, care, and integrity.

This Privacy Policy outlines the principles and practices we follow in the collection, use, storage, transfer, and disclosure of your personal data—including any sensitive personal information—when you access our website/Platform or engage with any of our services.

By visiting this website or using any feature of the AECORD Platform, you expressly acknowledge that you have read, understood, and agreed to the terms of this Privacy Policy. You further grant your consent to our collection, processing, retention, and lawful sharing of your personal information with our affiliates, partners, or service providers as required for operational, legal, and service-related purposes outlined in this Policy.

We reserve the right to update this Policy from time to time, and your continued use of our website or services following any such updates constitutes your acceptance of the revised terms.

1. Applicability

This privacy policy governs the personal information collected by AECORD exclusively through its own services, including data gathered via emails, text messages, and other forms of electronic communication exchanged within or arising from your use of these services.

This policy does not extend to any information you may choose to share with, or that may be collected by, independent third-party platforms, services, or providers that you may interact with through or alongside our services. We strongly recommend reviewing the privacy terms of such third parties directly to understand how your data may be used or handled by them.

2. Information we collect

Information You Provide Directly

The categories of personal information AECORD collects depend on how you interact with our Platform, the services you subscribe to, and the actions you take while using our features. We may collect and process the following types of data when you voluntarily provide them:

• When you register or create an account as a professional, seller or user on the AECORD Platform;
• When you access or browse our website;
• When you enrol in or make use of our service offerings, including consultation bookings and professional services;
• When you submit requests for support, information, or platform-related assistance;
• When you sign up for newsletters, product updates, or promotional content;
• When you participate in AECORD-led surveys, contests, referral programs, or promotional campaigns;
• When you submit reviews, testimonials, or feedback related to the services or your experience with AECORD;
• When you contact us via email, phone, online chat, or web forms for inquiries or complaints.

This may include but not limited to identifiers and professional credentials such as your full name, contact details, professional certifications, business entity information, profile photographs, payment details, communication preferences, and correspondence history etc.

Information We Collect from External Sources

In connection with providing and improving our services, AECORD may lawfully receive information about you from a variety of third-party sources, which may include:

• Analytics service providers, advertising partners, or communication tool integrations that track your interactions with AECORD’s content and services;
• Digital marketing affiliates or joint venture partners with whom we offer co-branded campaigns or lead-generation initiatives;
• Social networking platforms, when you authorise linking or data-sharing through those services.
• Public sources, such as professional databases, business directories, or government registries;
• Identity and fraud verification services, to validate your credentials and eligibility to use the Platform;
• Payment processors, insurers, or financial service providers, when you participate in payment or funding programs supported by AECORD;
• Supervisory authorities, regulators, and legal enforcement bodies, as permitted or required by law.

Categories of Data Collected

Across the methods described above, the data we collect may include:

• Identification details: Name, date of birth, title, profession, profile photo, identification documents;
• Contact information: Phone number, email address, physical or business address;
• Account and login credentials: Username, password, security questions, and login timestamps;
• Financial and transactional data: Billing address, payment method, transaction history, payout records, tax documentation;
• Device and access data: IP address, browser type, operating system, time zone settings, login times, device identifiers, cookies, and session metadata;
• Platform usage data: Booking history, service ratings, cancellation trends, messaging logs, and behavioural analytics within the Platform;
• Marketing and communication preferences: Your opt-ins, opt-outs, and preferences regarding promotional content or service notifications;
• Technical and diagnostic logs: Error messages, support interactions, chat transcripts, service downtime reports, and device-level diagnostics (e.g. screen resolution, connectivity status);
• Aggregated and pseudonymised insights: Statistical data used for feature enhancement, market research, and Platform optimisation. This data is not linked to any directly identifiable individual unless expressly stated.

3. How we use your information

AECORD processes your personal data in accordance with its role as a technology platform that connects users and sellers with design professionals and facilitates a range of activities from profile discovery and bookings to secure payments and service fulfilment. The information you provide, whether directly or through integrated third-party services, is used in multiple ways to ensure that your experience is seamless, personalised, and compliant with regulatory standards.

Service Fulfilment and Operational Execution

We use your personal information to deliver core platform functionalities such as allowing you to search, connect, and engage with architectural or design professionals [for sellers, use this platform to connect with the professionals to sell their products]. This includes managing your profile, booking appointments, confirming consultation schedules, enabling in-app or email communications with other users, and sending you timely updates about your engagements. When a service is scheduled or completed, we rely on your information to generate relevant documentation such as invoices, payment receipts, or appointment summaries. If you are a professional, we also use this information to facilitate client intake, display your availability, and process client feedback or reviews. This operational use of your data ensures that each transaction or interaction is both functional and recorded securely in accordance with platform policies.

Platform Stability, Improvement, and Troubleshooting

We continuously analyse how users interact with the Platform in order to enhance its functionality and reliability. Your data enables us to monitor system performance, identify and resolve technical issues, and respond to support tickets more effectively. When bugs are reported or usage anomalies are detected, we investigate the root cause by referring to system logs, session data, or diagnostic information tied to your account or device. This ongoing analysis helps us optimise server load, improve feature responsiveness, and ensure that downtime is minimised. Additionally, platform updates, feature upgrades, and security enhancements are all informed by aggregated data regarding how users navigate the system and where friction points arise.

Personalisation and User Experience Customisation

We aim to provide a personalised user experience that is responsive to your preferences, past behaviour, and service usage. Your data allows us to recommend design professionals, service categories, or educational content that may be relevant to your interests or project goals. This can include suggesting professionals in your geographic area, prioritising certain design specialities based on your previous searches, or highlighting seasonal offers that align with your activity history. Customisations may also be reflected in your dashboard, content feed, email notifications, or in-app alerts. If you have previously interacted with certain profiles, we may emphasise those or similar ones during future visits. Where consent has been provided, we may also use elements of your profile or activity (such as a review or testimonial) for limited public visibility to promote a community-driven network.

Compliance, Verification, and Legal Obligations

We collect and process certain data to fulfil obligations under Indian law and applicable global privacy frameworks. This includes verifying your identity, validating your business credentials, and recording your tax identifiers such as PAN or GSTIN, particularly if you are a service provider operating in a commercial capacity. We also retain billing and payment records for statutory reporting, audit readiness, and fraud monitoring. In cases involving compliance with financial regulators or enforcement of anti-money laundering rules, we may be required to share transaction records or verification details with authorised authorities. Data processed for legal compliance is handled with appropriate access controls and retained only for as long as required under applicable law.

Communication and User Support

We use your contact information and communication preferences to reach out to you for various service-related matters. This includes sending appointment confirmations, changes to booking status, and payment alerts. In cases where additional support is required, such as troubleshooting account access or resolving service complaints, our support team may use your email, phone number, or in-app chat history to understand the issue and deliver timely assistance. Communications may also relate to changes in our terms, service interruptions, feature rollouts, or security alerts. Where required, we may keep a record of these exchanges to improve service quality or assess complaint resolution outcomes.

Marketing, Promotions, and Consent-Based Engagement

We may occasionally use your information for marketing purposes, such as to inform you about new features, promotions, or industry news that may be relevant to your role as a professional or platform user. These communications may be customised based on your interaction history, search patterns, or service preferences. You will always have the ability to opt out of marketing messages through a clearly provided unsubscribe link or through your account settings. If you have expressly consented, we may collaborate with advertising partners or use third-party analytics tools to show you interest-based advertisements either on or off the Platform. These partners are required to use your data only in accordance with applicable data privacy laws and platform terms.

Security, Risk Prevention, and Account Integrity

Protecting the integrity of the Platform and its users is central to our data usage practices. We process device information, IP addresses, access timestamps, and usage signals to detect unauthorised access, session hijacking, or behaviour that may indicate misuse or fraud. For example, if multiple failed login attempts are detected or unusual transaction patterns are observed, your account may be temporarily suspended pending verification. We may also use algorithmic risk models or partner with third-party fraud monitoring services to evaluate suspicious activity or to validate large-volume bookings or payments.

Events, Contests, and Engagement Programs

When you choose to participate in any contest, feedback campaign, loyalty program, or co-branded initiative organised by AECORD or its partners, we will collect and process your participation data, submission details, and eligibility credentials. For winners, we may publish names or feedback with consent, and we retain campaign performance data for reporting and follow-up engagement. Participation is always voluntary, and separate terms may govern each event.

Contractual Enforcement and Revenue Recovery

We use your data to fulfil our contractual commitments to you, such as enabling the delivery of paid services or enforcing payment terms. If you are in breach of any financial obligation or if disputes arise, we may initiate collection communications or seek remedies through legal processes, using contact and transaction history data as supporting evidence. In cases of termination or suspension, we reserve the right to retain data for dispute resolution and debt recovery as permitted by law.

Analytics, Development, and Platform Research

Aggregated and anonymised data may be analysed to inform platform decisions such as which features to build, refine, or sunset. We also conduct user flow mapping and session replay (where permitted) to understand how features are being used and which paths lead to higher engagement. These analytics help us make informed product decisions and tailor our investments in design, infrastructure, and onboarding improvements.

Regulatory Disclosures and Law Enforcement Requests

In accordance with statutory obligations, we may provide user data to law enforcement, regulators, or government agencies when formally requested through legal channels. This may include transaction records, communication logs, identity verification data, and account activity logs. We disclose only what is necessary and always evaluate such requests for legal validity before processing them.

Financial Transactions and Eligibility Checks

Where the Platform integrates services such as enabling and onboarding sellers or subscription billing partnerships, we may request sensitive data such as PAN, Aadhaar, business licenses, or credit history. With your explicit consent, this information may be shared with partner institutions for the purpose of eligibility assessment, underwriting, or KYC validation. Your access to these services may be limited if you decline to share the requested information or do not meet the qualifying criteria determined by the financial institution.

Surveys, Research, and Voluntary Feedback

From time to time, AECORD or its research partners may invite you to take part in surveys or interviews to help us better understand our users’ needs. These may collect data on satisfaction, industry preferences, demographic background, or business challenges. You may also be asked for voice or video responses, which are collected only with your prior permission. Participation in such studies is optional and governed by ethical standards of consent, anonymisation, and limited retention.

Purpose-Specific and Consent-Based Uses

We may process your personal information for any additional purpose that is clearly communicated at the point of collection, provided you have given informed and unambiguous consent. In such cases, your consent can be withdrawn at any time by contacting us, subject to any applicable legal or contractual obligations that require us to retain or continue processing the data.

4. Sharing your information

At AECORD, we take the confidentiality of your personal data seriously. However, there are situations where it becomes necessary to share your information with external entities to ensure the delivery, expansion, and legal operation of our services. This section outlines the circumstances and categories of third parties with whom your personal data may be disclosed, always in alignment with applicable laws and industry-standard safeguards.

Internal Group Disclosures and Business Support Providers

Personal information collected through the Platform may be shared with our parent entities, affiliates, or any company within the AECORD corporate group, where such access is necessary to support centralised service delivery, security protocols, or business oversight. These entities are bound by contractual obligations to process the information solely for internal administrative and service-related purposes.

We may also disclose your information to trusted vendors and business partners who assist us in maintaining and enhancing the Platform. This includes, but is not limited to, infrastructure hosting partners, payment service providers, customer support software vendors, marketing agencies, digital communication facilitators, analytics providers, insurers, logistics vendors (where applicable), and professional advisors. These third parties are contractually obligated to treat your personal information with strict confidentiality and are not permitted to use the data for their own independent purposes.

In the event that AECORD is involved in a business restructuring, such as a merger, acquisition, asset transfer, or insolvency proceeding, we may transfer your data to the relevant successor entity. Should such a transition occur, any acquiring organisation will assume the rights and obligations pertaining to your data as outlined in this Policy and relevant agreements.

Disclosures for Business Facilitation and Marketing Partnerships

We may share limited personal information with third-party partners whose services are offered through or alongside AECORD, especially where these offerings enhance your user experience. For example, if a bank, non-banking financial institution, or insurance provider offers a service embedded within AECORD, we may share relevant data with that provider to facilitate eligibility checks, activation, or usage of the associated service. Where appropriate, we may also share aggregated or pseudonymised data with co-marketing partners to deliver tailored advertisements, recommendations, or special offers. All such disclosures are governed by contractual obligations restricting the recipient’s use of your data to the purposes we authorise.

We may also disclose your data where necessary to provide the services or information you request from us, including referrals, collaborative projects, service partnerships, or when you explicitly interact with a third-party service through the Platform. Additionally, we may disclose information where the purpose of the disclosure is clearly explained at the time you submit the data, and you proceed voluntarily.

Engagement with Third-Party Vendors and Service Integrations

In order to ensure effective service delivery, we rely on a range of external vendors who provide supporting infrastructure for specific features. These vendors may be involved in facilitating direct communications such as emails, SMS messages, or mobile push notifications that inform you of service availability, upcoming consultations, payment reminders, or promotional campaigns. Voice input processing, usage tracking, error diagnostics, and in-app personalisation may also be supported through third-party software or cloud platforms.

When you participate in surveys, contests, or promotional activities, vendors handling those campaigns may receive your contact and response data exclusively for that purpose. Payment gateways, transaction processing firms, and financial intermediaries are also permitted access to transactional data strictly as required to fulfil your payment instructions, manage refunds, or evaluate risk. In all such cases, we ensure that these providers adhere to data protection obligations consistent with this Policy.

Legal Disclosures and Law Enforcement Requests

There may be circumstances where we believe, in good faith, that sharing your personal data is legally necessary. This includes responding to formal legal requests such as subpoenas, court orders, or regulatory directives, as well as cooperating with investigations initiated by enforcement agencies or data protection authorities. Where there is credible evidence of unlawful activity, threats to personal safety, violations of our Terms of Service, or abuse of our systems, we may share data with the appropriate authorities to protect users, third parties, and the integrity of the Platform.

Additionally, we may disclose information to assert or defend our legal rights, resolve disputes, or enforce our Terms of Use, particularly where billing and contractual enforcement measures are involved. This includes recovery of dues, addressing intellectual property violations, or initiating legal proceedings in response to fraudulent activities.

Interactions with Social Media Platforms

If you choose to engage with AECORD through social networking tools—such as logging in using a social media account, sharing content directly to your feed, or using integrated “Like” or “Follow” features—your activity may be visible to your social network depending on the privacy settings of that platform. In such cases, any data shared with or collected by the social media platform is governed by that third party’s privacy policy, and we encourage you to review those terms before engaging.

Protection of Platform Interests and Other Users

In exceptional circumstances, we may disclose your personal data to prevent harm to our rights, our users, or public safety. This includes cooperating with cybersecurity teams or fraud prevention units, sharing threat indicators with external intelligence partners, or participating in anti-fraud consortiums to address coordinated attacks or data manipulation attempts. When risk is posed to the financial or reputational integrity of the Platform or its ecosystem, AECORD reserves the right to proactively engage with industry bodies or authorised intermediaries to mitigate further damage.

Consent-Based and Voluntary Disclosures

Finally, we may disclose your information for any other purpose that is explicitly authorized by you. If we introduce new services or data-sharing arrangements not covered by this Policy, we will present you with clear information and request your consent before proceeding. You are free to decline such requests, and your core access to AECORD’s services will not be restricted based solely on refusal to participate in additional disclosures that require opt-in.

5. Use of Cookies

To enhance your experience on the AECORD Platform and deliver services more effectively, we utilise small text files known as cookies. These are stored on your device’s browser and help us recognise your preferences, understand how you interact with different features, and enable the smooth operation of certain functionalities such as user login, session continuity, and navigation customisation.

Cookies serve as anonymous identifiers and do not provide us with direct access to your device or its contents. Instead, they store basic information such as browser type, language preferences, pages visited, and time spent on the Platform. This information helps us improve platform performance, tailor content, and present you with recommendations aligned to your interests.

In addition to AECORD’s own cookies, we also work with selected third-party service providers—such as analytics platforms, marketing affiliates, and advertising networks—who may set their own cookies when you visit or engage with parts of the Platform. These third-party cookies may collect usage data to support campaign measurement, behavioural targeting, and content optimisation. While AECORD takes care to collaborate with trusted partners, we do not control the technologies or data practices employed by these external entities, and their use of cookies is governed by their own privacy policies.

Please be aware that some features of the Platform may not function optimally if cookies are disabled. Most web browsers accept cookies automatically, but you can adjust your settings to block or remove them if you prefer. We recommend reviewing your browser’s help section to manage cookie preferences or to set alerts when cookies are being placed. We also encourage you to review the privacy notices of any third-party services you interact with during your use of AECORD, especially when engaging with embedded tools, linked platforms, or marketing content. Please refer to our cookie notice for more information on how we use them.

6. Data Security & User Responsibility

At AECORD, we are committed to maintaining the confidentiality, integrity, and availability of the personal data entrusted to us. We implement a combination of technical, organisational, and administrative safeguards designed to protect your information from unauthorised access, misuse, alteration, or disclosure. These measures include encryption protocols, access controls, multi-layered authentication mechanisms, and secure data storage environments monitored for vulnerabilities and threats.

When you access your AECORD account or submit sensitive information through our Platform, the data is transmitted over secure channels employing encryption technologies where applicable. We routinely review and update our internal security practices to align with industry standards and to mitigate potential threats as they evolve. Our systems are hosted in environments that adhere to best practices in physical and network security, and access to user data is strictly limited to authorised personnel with a legitimate operational need.

Despite these protections, it is important to acknowledge the inherent limitations of transmitting information over the internet. While we make every reasonable effort to safeguard your data, no method of electronic communication or storage is entirely immune from risk. By continuing to use the AECORD Platform, you accept that some level of vulnerability is unavoidable due to the nature of online systems and acknowledge that complete data security cannot be absolutely guaranteed.

We also emphasise that security is a shared responsibility. You are responsible for maintaining the confidentiality of your login credentials and must take reasonable steps to prevent unauthorised access to your account. This includes using strong passwords, avoiding reuse of credentials across different services, and promptly notifying us if you suspect any misuse, unauthorised login, or compromise of your account information.

7. Age Restrictions and Eligibility to Use the Platform

The AECORD Platform is designed for use by individuals who are legally competent to enter into binding contracts under applicable law. In India, this generally includes individuals who are at least 18 years of age, as per the Indian Contract Act, 1872. Accordingly, by accessing or registering on AECORD, you confirm that you have attained the minimum legal age required to contract independently and are not barred from accessing the Platform under any prevailing legal provision.

We do not knowingly solicit, collect, or retain personal information from anyone who is below 18 years of age unless the use of our services is expressly permitted under local law and the individual is acting under the direct supervision of a parent or legally appointed guardian. If you are a minor as defined under applicable law and wish to use the Platform, you must do so with the full knowledge and oversight of your parent or guardian, who will be deemed responsible for all activity carried out on the account.

If we discover or are made aware that a user profile or data submission has originated from someone who does not meet the applicable age threshold, and such use is not in compliance with the supervision requirement, we reserve the right to suspend or delete the account without prior notice. In such cases, all associated personal data will be removed from our systems in accordance with our data retention and deletion policy.

We encourage parents and guardians to monitor the online activities of minors and to contact us if they believe that personal data may have been submitted to AECORD by someone under the age of 18 without proper authorization.

8. Data Retention and Account Closure

AECORD provides users with the ability to manage their account settings, including the option to deactivate or close their account, through the settings section of the Platform. If you wish to permanently delete your personal data associated with your account, you may submit a formal request by contacting our designated Grievance Officer, whose details are provided under this Policy.

Upon receiving a valid deletion request, we will take steps to process the request in accordance with applicable legal and operational requirements. However, users should note that account closure does not necessarily result in the immediate or complete deletion of all associated information. Certain categories of data may be retained for a limited period after account deactivation in order to comply with legal obligations, resolve disputes, enforce our terms, or support investigations into misuse or violations of our policies.

We retain personal information only for as long as is reasonably necessary to fulfil the purpose for which it was collected, or as mandated by law or regulatory guidelines. Once data is no longer required for operational, legal, audit, or compliance purposes, we either securely delete it or convert it into an anonymised format that can no longer be used to identify an individual. Such anonymised data may be retained for longer durations to assist with analytics, service improvement, statistical research, or business insights.

Additionally, we may archive certain user information where necessary to detect or prevent fraudulent activity, investigate abuse of the Platform, or fulfil obligations in connection with taxation, litigation, or law enforcement inquiries. The retention of such data is handled with strict access controls and used solely for the limited and justified purposes permitted under this Policy and applicable laws.

9. Updates to This Privacy Policy

AECORD may periodically revise this Privacy Policy to reflect evolving legal requirements, advancements in technology, modifications in our data handling practices, or updates to the features and functionality of our Platform.

All revisions to this Policy will be published on this page, and the updated version will bear a new effective date to help you track changes. We encourage you to review this section from time to time to stay informed about how we are safeguarding your information and adapting our practices.

Your continued use of the AECORD Platform after any changes are published constitutes your acknowledgement and acceptance of the revised terms. In cases where the changes significantly alter your rights or our obligations—such as updates involving new categories of data use or expanded third-party sharing—we may also notify you through communication channels, such as email or platform notifications.

If you disagree with any modification, you are free to discontinue use of the Platform and may contact us to deactivate or delete your account. However, if you choose to continue using the services after the updated Privacy Policy is posted, it will be assumed that you have read, understood, and agreed to the updated terms.

10. Grievance Officer

In compliance with the Information Technology Act, 2000 and the applicable rules framed thereunder, AECORD has appointed a designated Grievance Officer to address concerns, complaints, or queries related to the handling of personal data or this Privacy Policy. The contact details of the Grievance Officer are provided below:

Name of the Grievance Officer: Varun Harish
Designation: Customer Representative
Office: #52, Rama Towers, Hebbal, Bangalore 560024, India
E-mail: support@aecord.com