Privacy Policy for Website or Mobile Application

The Privacy Policy is a document informing the users about the use, process, and disclosure of their personal information collected through a Website or Mobile Application. This document can be used for any type of industries including healthcare, finance, e-commerce, transportation, etc.

This Privacy Policy can be used for either Website or Mobile Application. It is mandatory for every Website/Application in India who collects and process personal information to have a Privacy Policy. Any Website/App that gathers any data about its users, even if it is simply through tracking their location, is required to have a Privacy Policy.

It is mandatory under the Information Technology Act 2000 to notify and get the consent of users before collecting and processing their information. Thus, the Privacy Policy has to be visible and understandable to the users.

The Sensitive Personal Data in India constitutes the following categories of the data: passwords, financial data, health data, official identifier, sex life, sexual orientation, biometric data, genetic data, transgender status, intersex status, caste or tribe, religious belief, political affiliation, or any other category of data specified by the concerned authority.

How to use this document?

This document is drafted as per the Indian laws and rules. It should be noted that this document only includes a Privacy Policy. Other related documents like Website Terms and Conditions and Cookies Policy need to be drafted separately. Terms and Conditions and Privacy Policy are separate documents.

Terms and Conditions define how the user can use the Website/Application and what are the obligations of the Users and the owners of the Website/Application. Terms and Conditions also include details about how the business works, delivery and return policy, the geographical location of the business, age restrictions, dispute resolution and so on. On the other hand, Privacy Policy is a detailed document explaining how the owner of the Website/Application deals with the personal information of the users such as the details about the uses of information, how the information is collected, what information is collected, retention and deletion of information, age restrictions, security methods adopted, etc.

This document specifies the following mandatory fields:

  • Type of personal and sensitive personal data or information collected;
  • Purpose of collection and usage of such information;
  • Disclosure of information to third parties;
  • The minimum age requirement to use the Website/App;
  • Reasonable security practices and procedures adopted.

Once the Privacy Policy is created it has to be published on the Website/App and need to make sure it is visible/accessible for the users. It is better to have a pop-up window asking the consent of the users to this policy.

Applicable laws

Although there is no exclusive data protection law in India, the privacy and data protection is mandated under Section 43A of Information Technology Act, 2000 read with Information Technology (reasonable security practices and procedures and sensitive personal data or information) Rules, 2011.

How to modify the template?

You fill out a form. The document is created before your eyes as you respond to the questions.

At the end, you receive it in Word and PDF formats. You can modify it and reuse it.

Facility life solution – FLS

The company deals in providing home loans for which the agents have to travel to the client locations.
The core functionality of the FLS app ease to track agent’s location and help agents to upload data while with the client.
Location tracking is required so as an agent will not be able to commit any fraud with the company or with the client.
With the help of tracking the admins can easily track the agents in case of doubt of fraud.
Also this is the core part of company’s operation to check whether the agent is actually visiting the client location or not.

The core functionality of the application includes uploading of data while the agent is visiting the client.
Agent’s device file permission is required so as the agent can easily upload the documents shared by the client on the application.
These documents will then be accessed by the admin and accordingly we can communicate the client if any more documents are required for processing the loan.
Uploading data on the application includes taking snapshots of the clients document, uploading soft copies of the documents provided by the client, taking picture of the client.


Location : we need location access in order to prevent the agents from doing fraud etc.

Files permission : we may request users to give read write access to the files in order to store the document from the application