Launch pricing7-day trial is open. Web from Rs 999/mo, WhatsApp from Rs 1,999/mo, Growth from Rs 2,999/mo.Launch pricing7-day trial is open. Web from Rs 999/mo, WhatsApp from Rs 1,999/mo, Growth from Rs 2,999/mo.
Tezzap
Legal

DPDP-Aware Data Protection

Last updated: 2026-04-28

This page explains how Kameswar Digital Services("Tezzap") uses DPDP-aware practices for the Digital Personal Data Protection Act, 2023(DPDP Act) — India's comprehensive data-protection law. For the exact statutory text, refer to official government publications below.

1. Who we are under DPDP

Under Section 2(i) of the DPDP Act, Tezzap operates as a Data Fiduciary— meaning we determine the purposes and means of processing your personal data. You, as the person whose data is processed, are the Data Principal (Section 2(j)).

2. Our lawful basis

We rely on consent (Section 6) for all personal data we collect from you. Before we process any personal information, we will:

  • State the specific purposes of processing in clear language.
  • Show clear consent or request notices at collection points.
  • Log consent evidence such as date, time, IP, and wording where the flow collects it.
  • Allow you to consent to specific purposes (follow-up, marketing) separately.

3. Your Rights as a Data Principal

Under Chapter III of the DPDP Act, you have the following enforceable rights:

  • Right to access (Section 11): request a summary of personal data we hold about you. Email support@tezzap.comwith the subject "DPDP Access Request".
  • Right to correction (Section 12): request we correct, complete, or update inaccurate data.
  • Right to erasure (Section 12): request we delete your personal data. Use our self-service form at /data-deletion for Tezzap prospect records, or email us for tenant/account records. We action verified requests within applicable timelines.
  • Right to grievance redressal (Section 13): raise a complaint with our Grievance Officer (see below) before approaching the Data Protection Board.
  • Right to nominate (Section 14): nominate another individual to exercise these rights on your behalf in the event of your death or incapacity. Email us to register a nominee.
  • Right to withdraw consent: any time, with effect as easy as giving it. Withdrawal does not affect processing already done.

4. Our Duties as Data Fiduciary

  • Notice (Section 5): we give you clear notice before collection — what we collect, why, and how to exercise your rights.
  • Data minimization: we collect only what the stated purpose needs.
  • Purpose limitation:we don't use your data for purposes beyond what you consented to.
  • Accuracy: we take reasonable steps to keep your data accurate.
  • Storage limitation:trial user data is purged 90 days after inactivity; lead data after 18 months unless you've opted into ongoing marketing.
  • Security safeguards (Section 8(5)): reasonable technical safeguards such as encrypted transport, managed database security, role-based access control, and audit logs.
  • Breach notification (Section 8(6)): in the event of a personal data breach, we will notify the Data Protection Board and affected users within 72 hours.

5. Children's Data (Section 9)

Tezzap is a B2B product intended only for businesses. We do not knowingly collect data from individuals under 18. If we become aware that we hold data of a child, we will delete it without undue delay.

6. Cross-Border Data Transfers (Section 16)

Your data is primarily stored in the Asia-Pacific region (Supabase Postgres, ap-northeast-1 / Tokyo, AWS infrastructure). Some AI processing may occur in the United States (Google Gemini, Anthropic Claude). By using Tezzap, you consent to these cross-border transfers. We only transfer to jurisdictions with adequate safeguards or where the transfer is permitted under DPDP Act rules.

7. Grievance Officer

Under Section 10, we have appointed a Grievance Officer to address your concerns. Contact:

  • Email: support@tezzap.com
  • Subject line:"DPDP Grievance"
  • SLA: acknowledgment within 48 hours, resolution within 30 days.

If your grievance is not resolved to your satisfaction, you may escalate to the Data Protection Board of India under Section 27 of the DPDP Act.

8. Data Protection Board of India

The statutory regulator for DPDP Act complaints. Visit:

9. Reference Links

10. Updates to this page

DPDP Rules are still being finalized by the Government of India. We will update this page as the regulatory framework evolves. Material changes will be emailed to registered users.

This page is for informational purposes. It is not legal advice. For specific legal questions about your rights under the DPDP Act, consult a qualified advocate.