Refy9

Privacy & Data Protection Policy

Privacy & Data Protection Policy

Last updated: 2025

Refy9 Innovations Private Limited, a company incorporated under the Companies Act, 2013, having its registered office in India [Ahmedabad] (hereinafter referred to as 'Refy9', 'Company', 'we', 'us' or 'our')

"User", "you", or "your" refers to any individual who accesses, downloads, registers on, or uses the Refy9 mobile application, website, or any related services offered by the Company, whether as a registered or unregistered user)

"Services" means the mobile application, website, Tech powered styling assistance, wardrobe management features, recommendations, and any other products or services offered by Refy9 from time to time.

1. Introduction

Refy9 Innovations Private Limited, ("Refy9", "we", "us", "our") values your privacy and is committed to protecting personal data in a transparent, lawful, and secure manner.

This Privacy & Data Protection Policy explains:

  • what personal data we collect,
  • why and how we use it,
  • how long we retain it,
  • how we protect it,
  • the rights available to you, and
  • how to contact us or raise concerns.

This Policy applies to all users of the Refy9 platform, including minors and users located outside India.

By accessing or using Refy9, you acknowledge that you have read and understood this Policy.

2. Who We Are (Data Fiduciary / Controller)

Refy9 is responsible for determining the purpose and means of processing personal data on the Refy9 platform.

Registered Address

Refy9 Innovations Private Limited

130, Aswamegh Co Op, Society, Kalhar Exotica, Sola, Ahmedabad- 380060

Gujarat, India

Contact: info@refy9.com

3. Scope of This Policy

This Policy applies to personal data processed through:

  • Refy9 mobile and web applications,
  • Refy9 website,
  • community and social features,
  • messaging features,
  • optional third-party integrations,
  • customer support and communications.

This Policy does not apply to third-party websites, retailers, or services accessed via links on Refy9.

4. Categories of Personal Data We Collect

4.1 Data You Provide Directly

You may choose to provide:

  • name and email address,
  • profile details and preferences,
  • wardrobe items and outfit images,
  • posts, comments, and interactions,
  • messages sent to approved contacts,
  • feedback, support queries, or reports.

You control what content you upload and share.

4.2 Data from Connected Third-Party Services (With Consent)

If you voluntarily connect supported third-party services (such as Google), we may access limited, structured data strictly necessary to deliver requested features.

This may include:

  • basic profile information,
  • calendar or contact metadata (read-only),
  • structured purchase or return information derived from receipts,
  • sanitized product images where available.

We do not access or store:

  • raw email bodies,
  • free-form message content,
  • attachments beyond permitted structured data,
  • payment card details,
  • shipping addresses or tracking numbers.

Access is governed by your explicit consent and can be withdrawn at any time.

4.3 Automatically Collected Technical Data

We automatically collect limited technical and usage information, such as:

  • device and operating system details,
  • IP address (for security and fraud prevention),
  • app version and performance metrics,
  • interaction logs and crash reports.

This data is used to maintain platform reliability, security, and performance.

5. Why We Process Personal Data

We process personal data only for legitimate purposes, including to:

  • operate and maintain the platform,
  • deliver requested features and services,
  • personalize user experience,
  • enable optional integrations,
  • support community interactions,
  • improve platform quality and safety,
  • prevent misuse, fraud, or abuse,
  • comply with legal obligations.

We do not sell personal data, operate data brokerage services, or use personal data for third-party advertising.

7. Automated and Decision-Support Features

Refy9 may use automated or algorithmic systems to:

  • generate recommendations,
  • organize content,
  • highlight insights,
  • improve usability.

These features are intended to assist users and do not replace independent judgment. Outputs may be imperfect, incomplete, or subjective.

8. Children and Minors

Refy9 is not intended for children under the age of 13.

Users between 13 and 18 years of age should use the platform with parental or guardian guidance. We take additional care when processing data relating to minors and apply stricter safety and moderation standards.

If we become aware that personal data of a child has been collected unlawfully, we will take reasonable steps to delete it.

9. Data Sharing and Service Providers

We may share personal data with trusted service providers who support platform operations, such as:

  • cloud infrastructure providers,
  • analytics and error-monitoring services,
  • customer support tools.

All such providers are contractually required to:

  • process data only under our instructions,
  • maintain confidentiality,
  • implement appropriate security safeguards,
  • refrain from selling or misusing data.

We remain responsible for processing carried out on our behalf.

10. International Data Transfers

Refy9 operates globally. Where personal data is processed outside India:

  • appropriate safeguards are applied,
  • access is restricted,
  • data is handled consistently with this Policy and applicable law.

We monitor regulatory requirements relating to cross-border transfers and update our practices as required.

11. Data Retention

We retain personal data only for as long as necessary for legitimate purposes.

In general:

  • account data is retained while your account is active,
  • disconnected third-party data is deleted within defined periods,
  • deleted accounts are purged or anonymized within reasonable timeframes,
  • logs and backups are retained only as required for security and operations.

Refy9 has no obligation to retain user content after deletion.

12. Data Security

We implement reasonable technical and organizational measures, including:

  • encryption in transit and at rest,
  • access controls and role-based permissions,
  • monitoring and logging,
  • secure infrastructure environments.

No system is entirely risk-free. You acknowledge and accept residual risk inherent in digital platforms.

13. Data Breaches

In the event of a personal data breach, we will:

  • investigate promptly,
  • contain and remediate the incident,
  • notify affected users and authorities where legally required,
  • take corrective measures to prevent recurrence.

14. Your Rights

Subject to applicable law, you may:

  • request access to your personal data,
  • request correction or updating,
  • request deletion or anonymization,
  • withdraw consent,
  • disconnect integrations,
  • seek information about processing,
  • submit grievances or complaints.

Users can raise such a request on trust@refy9.com and Refy9 will process such requests in accordance with applicable laws and internal data retention policies.

15. Grievance Redressal

A designated Grievance Officer will address privacy-related concerns.

Contact: trust@refy9.com

Response Time: within statutory timelines

16. Intermediary Status and User Content

Refy9 acts as an intermediary under Indian law. Users are responsible for content they upload or share. We do not endorse user content and are not liable for it, subject to applicable legal obligations.

17. Changes to This Policy

We may update this Policy to reflect changes in law, technology, or platform features. Significant updates may be communicated through the platform or by other reasonable means.

Continued use of Refy9 after updates constitutes acceptance.

18. Contact Us

For privacy or data protection queries:

Email: trust@refy9.com