Last updated: March 29, 2026
1.1 This Privacy Policy (hereinafter referred to as the �Policy�) sets forth in exhaustive detail the practices, procedures, and principles adopted by SriPrasadini Pvt Ltd, operating under the brand name MeeNidhi (collectively referred to as �we,� �us,� �our,� or the �Company�), concerning the collection, use, storage, processing, disclosure, protection, and management of your personal information and data. This Policy applies whenever you interact with our Digital Platform, including but not limited to our website, mobile applications, web applications, or any other digital interfaces (collectively, the �Digital Platform�), participate in our promotional campaigns, lucky draw events, or avail yourself of any associated services.
1.2 Our commitment to safeguarding your privacy and personal data is paramount and unwavering, grounded in strict adherence to the Digital Personal Data Protection Act, 2023 (DPDPA), the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and all other pertinent Indian laws, regulations, and international standards applicable to data protection. We recognize the sensitivity of personal information and strive to handle it with the highest levels of integrity, transparency, and accountability to build and maintain trust with our Users.
1.3 By accessing, registering on, or using the Digital Platform, submitting information, participating in lucky draws, or engaging with our services in any manner, you provide your explicit, informed, voluntary, and unambiguous consent to the data practices described in this Policy. If you do not agree with any aspect of this Policy, you must immediately discontinue all interactions with the Digital Platform to avoid any implication of consent. Continued use constitutes your binding agreement to this Policy.
1.4 This Policy is fully incorporated into and forms an inseparable part of our Terms of Use, and any capitalized terms used herein shall have the same meanings as defined in the Terms of Use unless explicitly stated otherwise. In the event of any conflict between this Policy and the Terms of Use, this Policy shall prevail with respect to privacy and data protection matters.
1.5 We reserve the right to amend, revise, or update this Policy at any time to reflect changes in our practices, legal requirements, or technological advancements, with such changes becoming effective immediately upon posting on the Digital Platform and updating the �Last Updated� date. It is your responsibility to review this Policy periodically, and your continued use after any modifications signifies your acceptance of the revised terms.
2.1 Personal Information. We collect data that directly identifies or can be used to identify you as an individual, including but not limited to your full legal name (comprising first, middle, and last names), email addresses, mobile phone numbers, alternative contact details, postal addresses, date of birth, gender, occupation, and, for Participating Shop Owners, shop names, legal entity details, business addresses, and tax identification numbers. This information is essential for account creation, verification, and service delivery.
2.2 Sensitive Personal Data or Information. Where necessary and only with your explicit consent or as required by law, we may collect sensitive categories of data, such as financial information (e.g., bank account details or payment card information for processing participation fees), government-issued identification numbers (e.g., Aadhaar, PAN for KYC compliance), or biometric data if implemented in future features. Such data is handled with enhanced security measures and used strictly for specified purposes like fraud prevention or legal compliance.
2.3 Usage and Technical Data. Automatically collected through your interactions with the Digital Platform, this includes Internet Protocol (IP) addresses, browser types and versions, operating systems, device identifiers (e.g., UDID, IMEI), access timestamps, pages viewed, navigation paths, clickstream data, session durations, error logs, and performance metrics. This data helps us optimize the Platform and understand user behavior.
2.4 Lucky Draw and Campaign-Specific Data. Information related to your participation, such as entry submissions, purchase verification details from Participating Shop Owners, winner selection records, prize claiming information, and any correspondence related to campaigns. This ensures fair administration and transparency in our promotional activities.
2.5 Demographic and Preference Data. Voluntarily provided or inferred data, including age ranges, geographic locations, interests, preferences, and feedback, which we use to personalize experiences and improve services without directly identifying you unless combined with personal information.
2.6 Aggregated and Anonymized Data. Non-personal, de-identified data compiled from multiple users for statistical analysis, such as trends in campaign participation or regional engagement metrics. This data cannot be re-identified to any individual and is used for business intelligence.
2.7 Other Data Sources. Information from third parties, such as social media integrations (if consented), analytics providers, or public records, to supplement our records for verification or enhancement purposes. We do not collect data from minors under 18 years, and any such data discovered is promptly deleted.
2.8 All data collection is guided by the principles of data minimization, purpose limitation, and lawfulness, ensuring we only gather what is necessary for legitimate business operations.
3.1 Direct Collection from Users. We obtain information directly from you through various channels, including registration forms, account setup processes, entry submissions for lucky draws, feedback surveys, contact forms, email communications, or in-person interactions at promotional events. This method ensures accuracy and consent at the point of collection.
3.2 Automated Collection Technologies. Utilizing cookies, web beacons, pixel tags, server logs, JavaScript, and similar tracking technologies to automatically capture usage data during your sessions on the Digital Platform. These tools help monitor interactions, improve functionality, and detect potential issues.
3.3 Third-Party Sources and Integrations. Data may be received from trusted third parties, such as Participating Shop Owners sharing customer purchase details for entry validation, payment processors confirming transactions, analytics services like Google Analytics for aggregated insights, or social media platforms if you link accounts with consent.
3.4 Device and Location-Based Collection. Through mobile applications or browser permissions, we collect device-specific information and, with explicit consent, geolocation data to provide location-based services, such as nearby shop recommendations or campaign notifications.
3.5 Passive Collection. Information inferred from your behavior, such as preferences derived from browsing history or interaction patterns, always in compliance with consent requirements.
3.6 At every collection point, we provide clear notices about the data being collected, its purposes, and your rights, ensuring transparency and allowing you to make informed decisions.
3.7 We do not engage in covert surveillance or collect data without a lawful basis, and all methods comply with DPDPA requirements for consent and notice.
4.1 Provision and Enhancement of Services. To enable core functionalities, such as account management, enrollment in promotional campaigns, processing lucky draw entries, winner notifications, prize distributions, and overall service delivery, based on contractual necessity and your consent.
4.2 Communication and User Support. For sending transactional emails, SMS alerts, updates on campaigns, responses to inquiries, customer support resolutions, and newsletters, relying on legitimate interests or consent where applicable.
4.3 Marketing and Personalization. With your explicit opt-in consent, to deliver targeted promotions, personalized recommendations, and advertising tailored to your interests, including retargeting via third-party networks, while providing easy opt-out mechanisms.
4.4 Analytics, Research, and Improvement. To analyze usage trends, measure campaign effectiveness, conduct internal research, and enhance the Digital Platform�s features, security, and user experience, grounded in legitimate business interests.
4.5 Compliance, Fraud Prevention, and Security. To verify identities, prevent fraudulent activities, detect security threats, comply with legal obligations (e.g., tax reporting, anti-money laundering), and enforce our Terms of Use, based on legal requirements and legitimate interests.
4.6 Aggregation for Business Insights. To create anonymized datasets for reporting, forecasting, and strategic planning, ensuring no re-identification risks, under legitimate interests.
4.7 Other Legitimate Purposes. Any additional uses shall be compatible with the original collection purpose, with fresh consent sought for incompatible uses, and all processing aligned with DPDPA�s principles of fairness and accountability.
4.8 We do not use your data for automated decision-making that produces legal effects without human oversight or your consent, and we regularly review purposes to ensure ongoing relevance.
5.1 With Service Providers and Vendors. We share data with carefully vetted third-party processors (e.g., cloud hosting providers, payment gateways like Razorpay, analytics firms like Google) under binding data processing agreements that mandate confidentiality, security, and purpose-limited use, ensuring they act only on our instructions.
5.2 In Business Transfers or Reorganizations. In the event of a merger, acquisition, restructuring, asset sale, or similar corporate event, your data may be transferred as a business asset, with prior notice provided where feasible and protections maintained under successor entities.
5.3 For Legal and Regulatory Compliance. Disclosure to government authorities, law enforcement, courts, or regulators when required by law, such as in response to subpoenas, court orders, audits, or investigations, always minimizing data shared to what is necessary.
5.4 To Protect Rights and Prevent Harm. Sharing with legal advisors, consultants, or third parties to defend against claims, enforce rights, prevent fraud, or mitigate risks to us, our Users, or the public, based on legitimate interests.
5.5 Public Disclosures for Transparency. Limited public sharing of winner details (e.g., names, shop associations) in lucky draw announcements to ensure fairness and avoid disputes, with consent obtained where required.
5.6 With Your Consent. Any other sharing only occurs with your explicit prior consent, such as integrations with social media or partner promotions.
5.7 We prohibit the sale, rental, or commercial trading of your personal data and ensure all recipients comply with equivalent data protection standards, conducting due diligence on sharing partners.
5.8 International sharing, if any, is subject to adequacy decisions or standard contractual clauses to safeguard data.
6.1 We employ a multi-layered approach to security, including administrative safeguards (e.g., employee training, access policies), technical measures (e.g., encryption in transit and at rest using AES-256, firewalls, intrusion detection systems), and physical protections (e.g., secure data centers with restricted access).
6.2 Data is stored on compliant servers located in India, with role-based access controls ensuring only authorized personnel can view or process information on a need-to-know basis.
6.3 In the unfortunate event of a data breach, we follow DPDPA-mandated protocols, including prompt notification to affected Users and the Data Protection Board within specified timelines, along with remedial actions to mitigate harm.
6.4 Users are encouraged to contribute to security by using strong, unique passwords, enabling two-factor authentication where available, and reporting any suspected unauthorized access immediately to admin@meenidhi.com.
6.5 While we implement industry-leading practices to protect your data, no system can guarantee absolute security against all threats, and we disclaim liability for breaches resulting from factors beyond our reasonable control, such as sophisticated cyberattacks.
6.6 Regular security audits, vulnerability assessments, and compliance reviews are conducted by independent third parties to maintain robust protections.
7.1 Right to Access and Portability. You have the right to request confirmation of whether we process your data, access details of the data held, and receive a copy in a structured, commonly used, machine-readable format for portability to another controller.
7.2 Right to Correction and Update. If your data is inaccurate, incomplete, or outdated, you may request rectification, with us verifying and updating it promptly.
7.3 Right to Deletion or Erasure. Subject to legal retention obligations, you can request the deletion of your data when it is no longer necessary for the purposes collected or if you withdraw consent.
7.4 Right to Withdraw Consent. Where processing relies on consent, you may withdraw it at any time without affecting prior lawfulness, though this may limit or terminate services.
7.5 Right to Object or Restrict Processing. You can object to processing based on legitimate interests (e.g., marketing) or request restrictions during dispute resolutions or verifications.
7.6 Right to Nominate. Under DPDPA, you may nominate an individual to exercise your rights in case of death or incapacity.
7.7 Complaint and Redressal. If dissatisfied, you can lodge a complaint with our Data Protection Officer or escalate to the Data Protection Board of India.
7.8 To exercise any rights, submit a verifiable request to admin@meenidhi.com, including proof of identity; we will respond within 30 days (or extended as per law), free of charge except for manifestly unfounded or excessive requests.
7.9 We may deny requests if they infringe on others� rights, violate laws, or are not verifiable, providing reasons for denial.
8.1 We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law (e.g., 5-7 years for financial records under the Income Tax Act, 1961, or Companies Act, 2013).
8.2 Retention periods are determined based on factors like contractual needs, legal obligations, dispute resolution, and business requirements, with periodic reviews to delete obsolete data.
8.3 Upon expiration of retention periods or valid deletion requests, data is securely erased or anonymized using irreversible methods, ensuring no recovery.
8.4 Backup copies may be retained for disaster recovery but are subject to the same deletion timelines once restored.
8.5 Users are notified of retention practices at collection points, and we maintain logs of retention decisions for accountability.
9.1 Primary data processing and storage occur within India to comply with localization requirements under applicable laws.
9.2 Should any data be transferred internationally (e.g., to cloud providers with global infrastructure), we ensure adequate protections through mechanisms like standard contractual clauses, binding corporate rules, or adequacy decisions from the Data Protection Board.
9.3 Users accessing the Digital Platform from outside India consent to such transfers and processing under Indian laws, waiving any conflicting jurisdictional protections.
9.4 We conduct transfer impact assessments for cross-border flows to mitigate risks and ensure equivalent security levels.
10.1 We use cookies and similar technologies (e.g., session cookies for functionality, persistent cookies for preferences, analytics cookies for performance tracking) to enhance user experience, remember settings, and gather insights.
10.2 Types include essential cookies (required for operation), performance cookies (for analytics), functional cookies (for personalization), and targeting cookies (for ads), with detailed descriptions in our cookie banner.
10.3 Upon first visit, a cookie consent banner allows you to manage preferences, with options to accept, reject, or customize; consents are stored and can be withdrawn anytime via settings.
10.4 Browser settings can block or alert on cookies, but this may impair Platform functionality; third-party cookies (e.g., from advertisers) are governed by their policies.
10.5 We do not use cookies for cross-site tracking without consent and comply with do-not-track signals where feasible.
11.1 The Digital Platform is not intended for or directed at children under the age of 18, and we do not knowingly collect, process, or store personal data from minors.
11.2 If we become aware of any data from a minor (e.g., through parental notification or verification), we will immediately delete it and terminate associated accounts, with no liability for prior processing.
11.3 Parents or guardians discovering unauthorized use by a minor should contact us at admin@meenidhi.com for prompt resolution.
11.4 We implement age-gating mechanisms during registration to prevent minor access, in line with child protection laws.
12.1 We may update this Policy to address evolving practices, user feedback, legal changes, or technological developments, with revisions posted on the Digital Platform and the �Last Updated� date modified.
12.2 For material changes affecting your rights (e.g., new data uses), we will provide prominent notices via email, in-app alerts, or homepage banners, allowing you to review and consent or discontinue use.
12.3 Non-material changes (e.g., clarifications) take effect immediately, and continued use implies acceptance.
12.4 We recommend bookmarking this Policy and reviewing it regularly, as ignorance of changes does not excuse non-compliance.
13.1 For any questions, concerns, requests, complaints, or feedback regarding this Policy, your data, or our practices, please contact our designated Data Protection Officer (DPO):
Data Protection Officer
SriPrasadini Pvt Ltd d/b/a MeeNidhi
Registered Office: Hyderabad, Telangana, India
Email: admin@meenidhi.com
Phone:
13.2 We commit to acknowledging your inquiry within 7 business days and providing a substantive response within 30 days, escalating complex issues as needed.
13.3 If unsatisfied with our resolution, you may approach the Data Protection Board of India or relevant authorities for further redressal.
13.4 All communications are treated confidentially, and we maintain records of interactions for compliance and improvement purposes.