GST Legal Assistant

AI-Powered Legal Research

LoginRegister

Privacy Policy

How we collect, use, and protect your personal information

Effective Date: November 2, 2025

1. Introduction

This Privacy Policy explains how we collect, use, store, and protect your personal information when you use the GST Legal Assistant service ("Service").

2. Information We Collect

2.1 Registration Information

  • Name
  • Email address
  • Mobile number
  • City/Location

2.2 Usage Information

  • Questions you ask
  • Answers provided
  • Date and time of queries
  • Number of queries
  • Login times

2.3 Technical Information

  • IP address
  • Browser type and version
  • Device information
  • Operating system
  • Referring URLs

2.4 Information We Do NOT Collect

  • Aadhaar number
  • PAN number
  • GST registration number
  • Financial information
  • Payment details (service currently free)

3. How We Use Your Information

3.1 To Provide the Service

  • Process your queries
  • Generate AI responses
  • Display relevant legal information

3.2 To Improve the Service

  • Analyze usage patterns
  • Improve AI accuracy
  • Identify common queries
  • Develop new features

3.3 To Communicate

  • Send service updates
  • Notify about downtime or maintenance
  • Respond to support requests
  • Send important legal updates (opt-in)

3.4 To Ensure Security

  • Prevent fraud and abuse
  • Monitor for suspicious activity
  • Enforce Terms of Service

4. Data Sharing

4.1 With Third Parties

We share data with:

OpenAI (USA)

  • Data shared: Query text only
  • Purpose: Semantic search embeddings
  • Privacy Policy: openai.com/privacy

Anthropic (USA)

Hostinger (Hosting Provider)

  • Data shared: All data stored on servers
  • Purpose: Infrastructure hosting

4.2 We Do NOT Share With

  • Marketing companies
  • Data brokers
  • Social media platforms
  • Government (except as required by law)

4.3 Legal Requirements

We may disclose information if required by:

  • Court order or subpoena
  • Law enforcement requests
  • Legal obligations under Indian law

5. Data Retention

5.1 Account Data

  • Retained until you delete your account
  • Deleted within 30 days of account deletion

5.2 Query Logs

  • Retained for 90 days for service improvement
  • Anonymized after 90 days for analytics

5.3 Analytics Data

  • Anonymized data retained for 1 year
  • Used for usage trends and improvements

5.4 Backups

  • Backups retained for 30 days
  • Backups deleted automatically after retention period

6. Data Security

6.1 Security Measures

  • HTTPS encryption for all data transmission
  • Password hashing (bcrypt)
  • Database encryption at rest
  • Regular security updates
  • Access control and authentication
  • Firewall protection

6.2 Limitations

No system is 100% secure. We cannot guarantee:

  • Complete security from hackers
  • Protection from unauthorized access
  • Zero data breaches

6.3 Your Responsibility

  • Keep your password secure
  • Don't share account credentials
  • Log out on shared devices
  • Report suspicious activity

7. Your Rights

7.1 Right to Access

You can request a copy of your personal data.

7.2 Right to Correction

You can update your profile information anytime.

7.3 Right to Deletion

You can request account deletion at any time. Contact: privacy@nabsai.com - We will delete within 30 days.

7.4 Right to Export

You can request export of your query history.

7.5 Right to Opt-Out

  • You can opt-out of marketing emails (if any)
  • You can choose not to provide optional information

8. Cookies & Tracking

8.1 Cookies We Use

  • Essential cookies - Required for Service functionality (authentication)
  • Analytics cookies - Track usage patterns (optional)

8.2 Third-Party Cookies

  • Vercel (hosting) may set cookies
  • You can disable cookies in browser settings

9. Children's Privacy

The Service is not intended for users under 18 years of age. We do not knowingly collect data from minors.

10. International Data Transfers

Your data may be transferred to and processed in countries outside India:

  • USA (OpenAI, Anthropic servers)
  • EU (Hosting infrastructure)

These transfers are necessary for providing the Service.

11. Changes to Privacy Policy

We may update this Privacy Policy. We will notify you via:

  • Email to registered address
  • Notice on the Service

Continued use constitutes acceptance of changes.

12. Contact Us

For privacy questions or requests:

  • Email: privacy@nabsai.com
  • Support: support@nabsai.com

Version 1.0 | Effective Date: November 2, 2025

← Back to Home