PRIVACY POLICY 

Effective Date: 12th May, 2018
Last Updated: 26th November, 2025

This Privacy Policy explains how Tanika Tech Jewels Pvt. Ltd. (“Jwero”, “we”, “us”, “our”) collects, uses, discloses, stores, and protects information when you:

  • visit jwero.ai or any related domains, mobile apps, APIs, or services (collectively, the “Platform”),
  • use Jwero products including E-commerce, CRM, Chats, Digital Gold interface, Automation, Loyalty & Rewards, Order Management, Product Management, Marketplaces, Integrations, and related features (“Services”), and
  • interact with us offline (such as through support and marketing).

Your privacy rights and choices are important to us. For global audiences, we incorporate principles from major data protection laws including the Indian Digital Personal Data Protection Act & Rules (DPDP Act & Rules) 2023/2025, GDPR (EU), CCPA/CPRA (California), and others where applicable.

By accessing or using the Platform or Services, you consent to the practices described in this Privacy Policy.

1. Information We Collect

A. Personal Information You Provide

We collect information you voluntarily provide when you:

  • create or manage a Jwero account
  • subscribe to a Service
  • contact support
  • participate in surveys or events
  • connect third-party tools

This may include:

  • Basic Identifiers: Name, business name, email address, phone number, physical address
    • Account Credentials: Username, password (hashed and encrypted)
    • Business Data: Business performance data, customer/lead lists, product details
    • Financial/Billing: Billing address and transaction records
    • Support Information: Communication logs with support teams
    • Third-Party Connected Data: Data accessed through opted-in integrations (e.g., Google data)

B. Automatically Collected Information

We collect data automatically through cookies and similar technologies when you:

  • visit jwero.ai
  • use our apps
  • interact with integrated channels

This includes:

  • Usage Data: Pages viewed, features used, timestamps
    • Device & Technical Data: IP address, browser type, OS, mobile carrier
    • Cookies & Tracking Technologies: Persistent and session cookies, local storage, analytics tags

Cookies may be classified as:

  • Strictly Necessary
  • Functional
  • Performance / Analytics
  • Optional Advertising / Tracking

You may manage cookie preferences through the cookie banner or your browser settings.

2. How We Use Your Information

We use Personal Information to:

  • Provide & maintain the Services — account management, authentication, feature access
    • Process billing & subscriptions
    • Improve and personalize the Platform & Services
    • Communicate with you (service updates, support responses)
    • Enable integrations with partners (e.g., Meta Business, Google, Shopify)
    • Prevent fraud and ensure safety
    • Analyze usage trends and optimize system performance

We do not sell your data for advertising purposes.

3. How We Share Information

We may share data with:

A. Service Providers

Third-party vendors who help with:

  • hosting & infrastructure
  • analytics and performance
  • billing and payments
  • email & messaging systems

These vendors are contractually bound to protect your data.

B. Partner Integrations

If you connect third-party services (e.g., Meta Business APIs, Google services):

  • Your data flows to those providers only with your explicit consent.
  • Use of these services is subject to their privacy policies, not this Policy.

C. Legal Requirements

We may disclose information:

  • to comply with law, court order, or enforcement
  • to protect rights, safety, property, or investigations

D. Business Transfers

In a merger or sale, user data may be transferred under confidentiality protections.

4. Third-Party Services & Integrations

Some parts of the Platform depend on third parties, including:

  • Meta Business / WhatsApp APIs
  • Google APIs (Sheets, Drive, Calendar, Tag Manager, Analytics)
  • Shopify, ERP connectors
  • Payment processors
  • SMS / email gateways

When a third party accesses data to deliver features:

  • We only grant the minimum necessary permissions.
  • You may revoke access at any time via settings or directly with the provider.

We are not responsible for how third parties handle or protect data under their own policies.

5. International Data Transfers

Your information may be processed or stored outside your country of residence, including:

  • India
  • United States
  • Other global infrastructure locations

Cross-border transfers are governed by applicable law. We implement safeguards as required by data protection law (e.g., standard contractual clauses or explicit consent).

6. Data Retention

We retain personal data:

  • as long as necessary to provide Services
  • as required by legal obligations
  • to resolve disputes
  • in accordance with our data retention policies

You may request deletion or restriction of processing (subject to legal exceptions).

7. Your Privacy Rights

Depending on your location, you may have rights such as:

  • Access & correction — see and correct your data
    • Deletion / erasure — request data be deleted
    • Data portability — receive your data in machine-readable format
    • Restrict processing — object to certain uses
    • Withdraw consent — for marketing or processing activities

To exercise rights, contact: care@jwero.ai

For non-Jwero accounts (e.g., purchases from merchants powered by Jwero), Jwero may act as processor and forward your request to the merchant.

8. Security Practices

We implement robust security measures such as:

  • encryption in transit & at rest
  • access management and monitoring
  • secure cloud hosting
  • regular security assessments

However, no system can be perfectly secure — transmission risks exist.

We encourage enabling:

  • strong passwords
  • two-factor authentication

9. Children’s Privacy

Our Services are not directed at children under the age of 13 (or local age of digital consent). We do not knowingly collect data from children.

10. Cookies & Tracking Technologies

We use cookies and similar technologies for:

  • Site functionality
  • Performance analytics
  • Optional marketing purposes (with consent)

Cookies may be managed via browser settings.

11. Changes to This Policy

We may update this Privacy Policy to reflect:

  • product changes
  • legal developments
  • operational practices

We will notify you of material changes via:

  • email
  • notice on Platform

12. Contact Information

If you have questions about this Policy or your privacy rights, contact:

Tanika Tech Jewels Pvt. Ltd.
Address: 14/15, Sagar Darshan, Opp. Rajesh Hotel,
Devchand Nagar, Bhayandar West, Mumbai, Maharashtra 401101, India
Email: care@jwero.ai

13. Use of Artificial Intelligence (AI) and Machine Learning

Some Jwero features use artificial intelligence, machine learning, large language models (LLMs), and automation tools.

We may use:

  • in-house AI systems
  • third-party AI service providers
  • anonymised and aggregated datasets
  • user prompts and messages (subject to configuration)

We use AI to power features such as:

  • automated chats and responses
  • workflow automation
  • product recommendations
  • message classification
  • analytics and predictions
  • writing assistance in communications

Important points

  • AI-generated outputs may sometimes be inaccurate or inappropriate
  • Outputs should not be treated as professional advice
  • Customer administrators must review important decisions made using AI
  • You are responsible for content sent to your customers via AI tools

We do not allow AI to:

  • independently take financial custody
  • create legally binding commitments to users
  • execute irreversible business actions without your control

AI training

We may use:

  • anonymised
  • pseudonymised
  • aggregated

data to improve models and platform performance.

Where third-party AI providers are used:

  • their privacy policies also apply
  • we do not control their independent use of training data

14. Lawful Basis for Processing (Global Standard)

Depending on your jurisdiction, we rely on one or more of the following legal grounds:

  • Consent — when you give clear consent
  • Contract — to provide Services you subscribed to
  • Legitimate Interest — fraud prevention, security, improvement
  • Legal Obligation — accounting, reporting, law enforcement requests

For sensitive jurisdictions (EU/UK/EEA), these lawful bases are aligned with GDPR principles.

15. India-Specific Terms (DPDP Act Compliance)

For users in India, we comply with:

  • Digital Personal Data Protection Act, 2023
  • DPDP Rules 2025 and amendments

DPDP consent requirements

Where required by law, consent is:

  • free
  • specific
  • informed
  • unambiguous
  • revocable

You may withdraw consent at any time by emailing care@jwero.ai or via account settings.

Grievance Officer (India)

We designate a grievance officer to address privacy complaints in India.

Grievance Officer Email: care@jwero.ai

16. EU/UK Users (GDPR/UK-GDPR)

If you are located in the EU or UK:

  • you may lodge a complaint with your data protection authority
  • we may appoint an EU/UK representative when required
  • your rights under GDPR include:
    • right to access
    • right to rectification
    • right to erasure
    • right to restrict processing
    • right to portability
    • right to object
    • rights related to automated decision-making

We do not engage in automated decision-making producing legal effects without human involvement.

17. United States Users (CCPA/CPRA/State Laws)

For residents of California and similar U.S. states:

  • we do not sell personal information
  • we do not share data for cross-context behavioral advertising
  • you have the right to:
    • know categories of data collected
    • request deletion
    • request correction
    • opt-out of certain uses
    • not be discriminated for exercising rights

Where applicable, we will respond within legally required timelines.

18. Chat, Messaging & Communication Data

For Jwero Chats & Messaging Automation modules:

We may process:

  • chat transcripts
  • communication content
  • attachments shared over chat
  • bot and agent responses
  • messaging metadata (time, channel, device)

Message content belongs to the Customer business, not Jwero.

We use this data to:

  • deliver communication services
  • improve conversational features
  • detect spam or abuse
  • comply with applicable telecom regulations

We do not use message content for advertising profiling.

19. Digital Gold & Financial Data Handling

For Digital Gold interfaces:

  • Jwero is not a seller or custodian
  • KYC, AML and financial compliance are handled by the respective partners
  • Jwero processes only technical integration data

This may include:

  • transaction references
  • status updates
  • wallet IDs or masked numbers

Payment instrument details are processed by payment partners, not stored by Jwero unless necessary and legally permitted.

20. Data Breach & Incident Notification

We maintain incident response procedures.

If a data breach occurs that may materially affect you:

  • we will notify you within a reasonable timeframe
  • we will provide:
    • nature of breach
    • likely consequences
    • recommended protective measures

We will also comply with legally required authority notifications where applicable.

21. Where Jwero Acts as Data Controller vs Processor

Jwero may act as:

Data Controller

when we:

  • operate jwero.ai
  • manage marketing communications
  • manage your platform account

Data Processor

when we:

  • process your customers’ data on your behalf
  • store CRM records entered by you
  • handle chat communications

In such cases, you (the business) are the Data Controller and responsible for lawful collection.

A Data Processing Agreement (DPA) can be executed upon request.

22. Do We Sell Data?

No.
We do not:

  • sell personal data
  • rent personal data
  • disclose for advertising monetization

We may use anonymised aggregated data for:

  • analytics
  • service improvement
  • security research

23. Marketing Communications

We may send:

  • service notifications
  • transactional system alerts
  • product updates
  • optional marketing emails

You may opt out of marketing anytime via unsubscribe link or email request.

You cannot opt-out of:

  • essential service emails
  • security alerts
  • billing communications

24. Your Responsibilities

You are responsible for:

  • complying with your local laws
  • obtaining consent from your customers
  • configuring your own privacy notices
  • securing accounts with strong credentials

If you upload personal data into Jwero, you confirm you have:

  • lawful basis
  • rights to process
  • rights to share with us

25. How to Contact Us

For privacy queries, complaints, or rights requests:

📧 care@jwero.ai