Contact Us

Welcome to Defyd India Pvt. Ltd. (“Company”, “we”, “our”, or “us”). Your privacy is important to us, and we are committed to protecting it. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our services through our website (defyd.com)






1. General


1.1 This document is an electronic record in terms of the Information Technology Act, 2000 and rules thereunder, as applicable, and the amended provisions pertaining to electronic records in various statutes as amended by the Information Technology Act, 2000. This electronic record is generated by a computer system and does not require any physical or digital signatures.


1.2 This document is published in accordance with the provisions of Rule 3 (1) of the Information Technology (Intermediaries guidelines) Rules, 2011, which require publishing the rules and regulations, privacy policy, and Terms of Use for access or usage of Defyd website defyd.com (“Website”).


1.3 The domain names defyd.com are owned and operated by Defyd India Pvt. Ltd., having its corporate office at Level 1, Zonah Neptune, Road No. 36 Near Peddamma Gudi Temple Jubilee Hills, Hyderabad, 500033 – India. For the purpose of this Privacy Policy (“Policy”), the terms ‘We’, ‘Us’, and ‘Our’ refer to the Company as the context so requires.


1.4 For the purpose of this Policy:

  • The term ‘You’ & ‘User’ shall mean any legal person or entity accessing or using the services provided on this website, who is competent to enter into binding contracts, as per the provisions of the Indian Contract Act, 1872.
  • The terms ‘Party’ & ‘Parties’ shall respectively be used to refer to the User and the Company individually and collectively, as the context so requires.

1.5 The headings of each section in this Policy are only for the purpose of organizing the various provisions under this Policy in an orderly manner and shall not be used by either Party to interpret the provisions contained herein in any manner. The headings have no legal or contractual value.


1.6 The use of the website by the User is solely governed by this Policy as well as the Terms of Use of the website (“Terms”, available at https://www.defyd.com/terms), and any modifications or amendments made thereto by the Company from time to time, at its sole discretion. Visiting any part of the website and/or using any of the services provided on the website shall be deemed to signify the User’s unequivocal acceptance of this Policy and the aforementioned Terms, and the User expressly agrees to be bound by the same. The User expressly agrees and acknowledges that the Terms and Policy are co-terminus, and that expiry/termination of either one will lead to the termination of the other.


1.7 The User unequivocally agrees that this Policy and the aforementioned Terms constitute a legally binding agreement between the User and the Company, and that the User shall be subject to the rules, guidelines, policies, terms, and conditions applicable to any service that is provided by the website, and that the same shall be deemed to be incorporated into the Terms and shall be treated as part and parcel of the same. The User acknowledges and agrees that no signature or express act is required to make these Terms and the Policy binding on the User, and that the User’s act of visiting any part of the website constitutes the User’s full and final acceptance of the Policy and the aforementioned Terms.


1.8 The Parties expressly agree that the Company retains the sole and exclusive right to amend or modify the Policy and the aforementioned Terms without any prior permission or intimation to the User, and the User expressly agrees that any such amendments or modifications shall come into effect immediately. The User has a duty to periodically check the Policy and Terms, and stay updated on their provisions and requirements. If the User continues to use the website following such a change, the User will be deemed to have consented to any and all amendments/modifications made to the Policy and Terms. Insofar as the User complies with the Policy and Terms, he/she is granted a personal, non-exclusive, non-transferable, revocable, limited privilege to enter, access, and use the website.


2. Collection of Personal and Other Information


2.1 The User expressly agrees and acknowledges that the Company collects and stores the User’s personal information, which is provided by the User from time to time on the website. This includes but is not limited to the Full name, email address, contact number, browsing history, and preferences. The Company uses this information to provide services, enhance user experience, and improve security.


2.2 The User is aware that the Company may automatically collect certain technical information based on the User’s interaction with the website. This may include IP address, device type, browser type, operating system, access times, and usage logs. This data is used for analytics, sales, security monitoring, and service improvements.


2.3 If the User chooses any services from the website, the Company may collect transactional details, including payment method, billing address, and purchase history, for order fulfillment and fraud prevention.


2.4 If the User posts messages, reviews, or feedback on the website, such content may be collected and stored by the Company indefinitely. The Company may use this information to improve services, resolve disputes, and comply with legal obligations.


2.5 The User is aware that personal correspondence such as emails, customer service interactions, and feedback submitted to the Company may be collected and stored for record-keeping, dispute resolution, and service enhancement purposes.


2.6 User to provide valid personal information for verification and service eligibility.

2.7 The Company may conduct optional surveys requiring the User to provide demographic information such as zip code, age, and income bracket. This data is used to personalize services and improve offerings.


2.8 The User acknowledges that any reviews submitted for products or services may be publicly displayed along with the User’s name and relevant details to assist other Users in making informed decisions. The Company reserves the right to moderate or remove reviews that violate website guidelines.


2.9 The Company reserves the right to remove or moderate any content, reviews, or feedback submitted by the User without prior notification, ensuring compliance with legal and community standards.


3. Cookies and Tracking Technologies


3.1 We use cookies and similar tracking technologies to enhance user experience, improve website performance, and analyze usage trends. These technologies help us understand user behavior and preferences, enabling us to provide a more personalized experience.


3.2 Cookies are small text files stored on the User’s device that assist in various functionalities, such as remembering login credentials, saving user preferences, and ensuring secure transactions. Users can manage or disable cookies through their browser settings, but this may affect certain website functionalities.


3.3 We use different types of cookies for various purposes:

  • Essential Cookies : Necessary for website functionality and security.
  • Analytical Cookies : Help us understand user interaction and improve services.
  • Marketing Cookies : Used for personalized advertisements and promotional content.
  • Third-Party Cookies : Some features, such as embedded videos and social media integrations, may use third-party cookies governed by their respective privacy policies.

3.4 By using the website, the User consents to our use of cookies. The User can manage preferences through the cookie settings tool on the website or by adjusting browser settings.


3.5 We do not store sensitive personal information in cookies. All collected data is securely processed and used in compliance with applicable data protection laws.


4. Sharing and Disclosure of Personal Information


4.1 Selling, renting, or trading user data We do not sell, rent, or trade User data. However, we share personal information with third parties under specific circumstances to comply with Indian legal requirements, ensure service functionality, and protect user rights.


4.2 Legal Compliance and Government Requests We disclose personal data if required by Indian law, including but not limited to:

  • Information Technology Act, 2000 and its amendments
  • Digital Personal Data Protection Act, 2023
  • Right to Information Act, 2005
    (if applicable in specific cases)
  • Orders from courts, government authorities, or law enforcement agencies

We comply with all legal obligations and provide user data only when mandated by law.


4.3 Third-Party Service Providers We share user data with third-party service providers who help us:

  • Offer Service based on requirement 
  • Offer customer support services
  • Deliver personalized advertisements in compliance with applicable laws

These partners must follow strict data protection measures under Indian and international privacy laws.


4.4 Business Transfers If we undergo a merger, acquisition, or asset sale, we transfer user data to the new entity. The new entity remains bound by this Privacy Policy or a policy offering equivalent protection.


4.5 Security Measures for Data Sharing We use encryption, contractual obligations, and strict access controls when sharing data with third parties, ensuring compliance with the Digital Personal Data Protection Act, 2023 and international standards.


4.6 Compliance with Draft Digital Personal Data Protection Act, 2025 We align our data-sharing practices with the Draft Digital Personal Data Protection Act, 2025 (DPDP 2025), which includes:

  • Purpose Limitation: We only share user data when necessary for specific, lawful purposes.
  • Data Minimization: We limit data sharing to only the required information.
  • Accountability: Third-party recipients must comply with strict security protocols and data protection agreements.
  • Cross-Border Data Transfers: We ensure that user data transferred outside India meets the same level of protection required under DPDP 2025.
  • Right to Redressal: Users can request details of their shared data and challenge unlawful disclosures.

4.7 Breach Notification We take data security seriously and comply with breach notification requirements under DPDP 2025 and other applicable laws. In the event of a data breach, we will:

  • Assess the Impact: Immediately investigate the nature and extent of the breach.
  • Notify Authorities: Inform relevant regulatory authorities as per legal mandates.
  • Inform Affected Users: If required by law, notify users whose data has been compromised.
  • Mitigate Risks: Implement corrective measures to prevent further unauthorized access.

4.8 User Consent We obtain explicit user consent before collecting, processing, or sharing personal data, as mandated by DPDP 2025 and other applicable Indian laws. Our consent framework includes:

  • Informed Consent: Users receive clear, concise information about data collection, usage, and sharing.
  • Granular Consent: Users can choose which types of data processing they agree to.
  • Right to Withdraw: Users can withdraw consent at any time via account settings or by contacting our Grievance Officer.
  • Parental Consent: For users below 18, we require parental or guardian approval for data processing.

Failure to provide consent for essential services may limit access to the services.

Users can report security concerns to our Grievance Officer for prompt action.

These measures reinforce our commitment to privacy, security, and user control under evolving Indian legal standards.


5. Data Storage and Retention


5.1 Storage of Personal Data We store user data on secure servers located within India, as required under the Digital Personal Data Protection Act, 2023 (DPDP 2023). Where necessary, we may store backup copies in international data centers, ensuring compliance with Indian data localization requirements.


5.2 Retention Period We retain user data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law. We follow these retention guidelines:

  • Transactional Data: Retained for a minimum of seven (7) years as per financial and taxation laws.
  • User Accounts: Retained until the user requests deletion or after three (3) years of inactivity.
  • Customer Support Data: Retained for up to five (5)years to resolve disputes and improve service.
  • Legal Compliance: Retained as long as required under Indian legal provisions, including audits and regulatory requirements.

5.3 Secure Disposal of Data When personal data is no longer required, we securely delete or anonymize it. Our disposal methods comply with DPDP 2025 and follow industry best practices, including data encryption and overwriting mechanisms.


5.4 User Rights to Data Deletion Users can request the deletion of their personal data by:

  • Submitting a request through their account settings.
  • Contacting our Grievance Officer with a formal deletion request.

We process deletion requests in compliance with DPDP 2025 and retain only legally required information post-deletion.

These measures ensure our full compliance with Indian legal frameworks, protect user data, and promote responsible data management.


6. Data Security Measures

6.1 Commitment to Security We implement strong security measures to protect user data from unauthorized access, alteration, disclosure, or destruction. Our security framework aligns with the Digital Personal Data Protection Act, 2023 (DPDP 2023) and Draft Digital Personal Data Protection Act, 2025 (DPDP 2025).


6.2 Encryption Standards We use AES-256 encryption for data storage and TLS 1.2 or higher for data transmission to ensure confidentiality and integrity.


6.3 Access Control We implement strict access controls, ensuring only authorized personnel can access user data based on the principle of least privilege. Employees undergo periodic security training and background verification to uphold data protection standards.


6.4 Security Audits and Compliance We conduct regular third-party security audits, vulnerability assessments, and penetration testing to identify and address potential risks. Our security practices comply with:

  • Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
  • CERT-In Guidelines for Data Protection and Cybersecurity
  • DPDP 2023 and DPDP 2025 regulations

6.5 Incident Response Plan We maintain a well-defined Incident Response Plan (IRP) to manage and mitigate security breaches. If a security incident occurs:

  • We investigate and assess the impact immediately.
  • We notify affected users and regulatory authorities in compliance with DPDP 2025.
  • We implement corrective measures to prevent recurrence.

6.6 User Responsibility in Security Users must:

  • Use strong, unique passwords for their accounts.
  • Enable two-factor authentication (2FA) where applicable.
  • Report any suspicious activity to our Grievance Officer immediately.

Our security measures align with industry best practices and Indian legal standards to ensure user data remains protected at all times.


7. User Rights and Control


7.1 Right to Access Users can request access to the personal data we store about them. Upon verification, we will provide a copy of the requested data in compliance with the Digital Personal Data Protection Act, 2023 (DPDP 2023) and Draft Digital Personal Data Protection Act, 2025 (DPDP 2025).


7.2 Right to Correction Users can request corrections to inaccurate or outdated personal data. We will verify the request and make necessary updates within the legally stipulated timeframe.


7.3 Right to Data Portability Users can request their personal data in a structured, machine-readable format to transfer it to another service provider, as permitted by DPDP 2025.


7.4 Right to Withdraw Consent Users can withdraw previously given consent for data collection or processing at any time. Withdrawing consent may affect the availability of certain services, but we will honor the request and discontinue non-essential processing immediately.


7.5 Right to Object to Processing Users can object to the processing of their personal data for direct marketing, automated decision-making, or profiling purposes. Upon objection, we will cease processing such data unless legally required.


7.6 Right to Erasure (Right to be Forgotten) Users can request deletion of their personal data when it is no longer needed for its original purpose, if consent has been withdrawn, or if processing is unlawful. We will process such requests while ensuring compliance with legal retention obligations under DPDP 2023 and other applicable Indian regulations.


7.7 Right to Lodge a Complaint Users can file complaints regarding data privacy violations with our Grievance Officer. If unsatisfied with the resolution, they can escalate the matter to the Data Protection Board of India under DPDP 2025.

We process all requests under this section in accordance with applicable Indian data protection laws, ensuring compliance and user empowerment.


8. Grievance Redressal Mechanism


8.1 Filing Complaints Users can report concerns related to data privacy, security breaches, or policy violations by submitting a complaint to our Grievance Officer. We investigate all complaints in accordance with the Digital Personal Data Protection Act, 2023 (DPDP 2023) and the Draft Digital Personal Data Protection Act, 2025 (DPDP 2025).


8.2 Grievance Officer Contact Information

  • Name: Arun Dugganapally
  • Email : grievance@defyd.com
  • Phone: 89777 85310
  • Office Address: Level 1, Zonah Neptune, Road No. 36, Near Peddamma Gudi Temple, Jubilee Hills, Hyderabad, 500033 – India

8.3 Complaint Resolution Timeline

  • We acknowledge complaints within 24 hours of receipt.
  • We investigate and resolve complaints within 15 working days , unless an extension is required.
  • If a user is unsatisfied with the resolution, they can escalate the issue to the Data Protection Board of India under DPDP 2025 .

9. Governing Law and Jurisdiction


9.1 Compliance with Indian Laws This Privacy Policy complies with Indian legal frameworks, including but not limited to:

  • Information Technology Act, 2000 and its amendments
  • Digital Personal Data Protection Act, 2023
  • Draft Digital Personal Data Protection Act, 2025
  • Indian Contract Act, 1872

9.2 Dispute Resolution If disputes arise regarding this Privacy Policy or data processing practices, we resolve them through a two-step dispute resolution process:

Step 1: Mediation Parties attempt to resolve the dispute amicably through mediation within 30 days of notifying the issue.

Step 2: Arbitration If mediation fails, disputes proceed to arbitration in accordance with the Arbitration and Conciliation Act, 1996. The arbitration shall:

  • Be conducted in English .
  • Take place in Hyderabad, India .
  • Be final and binding on all parties.

9.3 Jurisdiction The courts of Hyderabad, India shall have exclusive jurisdiction over disputes related to this Privacy Policy or data protection concerns.

These measures ensure legal compliance, user protection, and a structured resolution framework for data privacy issues.


10. Updates to Privacy Policy

10.1 Policy Updates and Modifications We periodically update this Privacy Policy to reflect changes in laws, technology, and business practices. Users will be notified of significant changes through:

  • Email notifications (if registered)
  • Service announcements
  • Pop-up alerts upon login

10.2 User Responsibility to Review Updates Users must review policy updates periodically. Continued use of our service after changes take effect implies acceptance of the revised policy.


10.3 Compliance with Indian Legal Requirements All modifications align with Digital Personal Data Protection Act, 2023 (DPDP 2023) and Draft Digital Personal Data Protection Act, 2025 (DPDP 2025).


11. Contact Information


Users can contact us for any privacy-related concerns:

  • Company Name: DefyD India Pvt. Ltd.
  • Grievance Officer: Mr Arun Dugganapally
  • Email: grievance@defyd.com
  • Phone: 89777 85310
  • Office Address: Level 1, Zonah Neptune, Road No. 36, Near Peddamma Gudi Temple, Jubilee Hills, Hyderabad, 500033 – India