Graphy Privacy Policy

Last updated: 17th July 2021

This Privacy Policy (the “Policy”) describes the policies and procedures of Sorting Hat Technologies Private Limited Graphy Inc. (“Graphy” also referred to as “We” “Us” and “Our”) regarding the collection, use and disclosure of Your information when You use the Platform, the practices that We apply to Your information, and Your privacy rights and choices regarding Your information. In addition to the terms stated in the Terms of Use provided on the Platform, we are committed to protecting Your privacy. Only authorized representatives of Graphy and on a need-to-know basis only use any information received from You and as consented by You. We constantly review Our systems and data to secure Your personal information. If You do not agree with any provisions of this Policy and the Terms of Use, You should not access or use the Platform or engage in communications with Us and are required to leave the Platform immediately. By accessing and using the Platform, providing Your personal information, or by otherwise signalling Your agreement when the option is presented to You, You consent to the collection, use, and disclosure of information described in this Policy and Terms of Use and Graphy disclaims all the liabilities arising therefrom. If any information You have provided or uploaded on the Platform violates the terms of this Policy or Terms of Use, Graphy may be required to delete such information upon informing You of the same and revoke Your access if required without incurring any liability to You. Capitalized terms used but not defined in this Privacy Policy can be found in our Terms of Use. Please read this Privacy Policy carefully prior to accessing our Platform and using the Services. If you have any questions, please contact us at: privacy@graphyapp.co.

Table of contents

A. Applicability

This Policy applies to the processing of all Users who access our website https://graphy.com (the “Site”) and any features, subdomains, content, functionality, services, media, applications, or solutions offered on or through the site (collectively the “Platform”) and are therefore required to read and understand the Policy and Terms of Use before submitting any Personal Information (defined hereinafter). This includes, but is not limited to, individuals who create content or Cohort-Based-Courses on the Platform (referred to as “Graphers”) and end users of the Platform (referred to as “Learners”). For the purposes of this Policy, the terms “User”, “You”, or “Your” shall refer to any user of the Platform and includes all Graphers and Learners.

By submitting Personal Information, You are consenting to the collection, use and processing of such information in accordance with this Policy.

This Policy only applies to the Platform and any other services that are owned and operated by Graphy. Third party websites may place their own cookies or other files on the User’s computer or device, collect data or solicit personal information from the Users. Any personal information provided by You or automatically collected from You by a third party will be governed by that third party’s privacy policy and terms of use, for which Graphy is not responsible or liable. Accordingly, Graphy does not make any representations concerning the privacy practices or policies of such third parties or terms of use of such websites, nor does Graphy guarantee the accuracy, integrity, or quality of the information, data, text, software, sound, photographs, graphics, videos, messages or other materials available on such third-party websites. The inclusion or exclusion of any third-party website does not imply any endorsement by Graphy of such website, the website's provider, or the information on the website. Graphy encourages the User to read the privacy policies of each such website and the User understands that its solely such third party who is responsible to the User in this regard.

Graphy has taken reasonable precautions as per applicable laws and implemented industry standards to treat Personal Information as confidential and to protect it from unauthorized access, improper use or disclosure, deletion, modification and unlawful destruction or accidental loss of the Personal Information. However, the safety and security of your personal information also depends upon You. Where You use a password for access to required parts of the Platform, You are responsible for keeping Your password confidential. Do not share Your password with anyone.

B. Processors and Controllers

Graphy is the controller of personal information that it collects and processes in connection with the use of the Platform and the provision of the Services on the Platform. The kind of personal information we collect in connection with such use is detailed below.

When it comes to the Content that is uploaded, submitted or otherwise provided to the Platform by Graphers, such Graphers are the controllers with respect to any personal information included in their Content. Graphy only acts as a processor in this case and processes the Content on behalf of the Grapher.

When a Learner enrols in a Grapher’s Content, Graphy will provide the Grapher access to a limited set of personal information about such Learner, as defined below, to enable the Grapher to provide their services to the Learner. Graphers and Graphy each act as an independent controller with respect to their particular use of Learners Information (defined below), subject to the terms of this Privacy Policy, Data Processing Agreement and Terms of Use.

You as a Grapher acknowledge and agree that You are responsible for complying with all applicable laws and regulations related to the protection of personal information for which You are the controller. If You are a Learner whose personal information has been collected by a Grapher, please contact the Grapher directly and view the Grapher’s privacy policy if You have questions about how the Grapher uses Your personal information.

C. Information We Collect

We only collect information about You if we have a reason to do so — for example, to provide our Services on the Platform, to communicate with You, or to make our Services better.

We collect this information from three sources: if and when You provide information to us, automatically through operating our Services on the Platform, and from outside sources. Let us understand this a bit better-

Information we collect from You:

(a). Basic account information: In order to access certain features of the Platform, You will need to create an account and register with Us. We ask for basic information from You in order to set up Your account i.e., we require You to provide an email address and password, along with a username or name.

(b). Public profile information: If You create an account with us as a Grapher, we also collect the information that You provide for Your public profile on the Platform i.e., as a Grapher if You have an account on the Platform, Your username is part of that public profile, along with any other information you put into your public profile, like an “About Me” description; we also give You an option to upload Your photo and include links of Your social media & YouTube channels, websites, blogs, etc., which could help You build Your brand better on the Platform. Your public profile information is, as the word suggests, ‘public’, so please keep that in mind when deciding what information you would like to include.

The above information is collected so You can personalize Your new account, provide you access to the Platform, and we can send you invoices, updates, or other essential information. We do not sell Your personal information to third parties, and we do not use Your name or company in marketing statements without Your consent, either. We do not contact or solicit Your Learners/members directly and any correspondence with Your Learners will strictly be transactional, i.e., if there is an issue they're facing and want it resolved with us.

(c). Communication with us: When You write to us with a question or to ask for help, we'll keep that correspondence, and the email address, for future reference. When You browse pages on our Platform, we will track that for statistical purposes (like conversion rates and to test new designs). You may also provide us with information when you respond to surveys or when you otherwise communicate with us via form, email, phone, or otherwise, we store a copy of our communications (including any call recordings, if any, as permitted by applicable law).

Information we collect automatically:

(a) Log information: Like most online service providers, we collect information that web browsers, mobile devices, and servers typically make available, including the browser type, IP address, unique device identifiers, language preference, referring site, the date and time of access, operating system, and mobile network information. We collect log information when you use our Platform — for example, when you create or make changes to Your profile page or account on the Platform.

(b) Usage information: We collect information about Your usage of our Platform. In other words, we collect information about what You did when using the Platform. We also collect information about what happens when you use our Platform (e.g., page views, support document searches, features enabled for Your account, interactions with other parts of our Services) along with information about Your Supported Device (e.g., screen size, name of cellular network, and mobile device manufacturer). We use this information to provide our Platform to You, get insights on how people use our Platform so we can make our Platform better, and understand and make predictions about User retention.

(c) Location information: We may determine the approximate location of Your Supported Device from Your Internet Protocol (IP) address. We collect and use this information to, for example, calculate how many people visit our Services from certain geographic regions.

(d) Information from cookies & other technologies: We may collect information about You through the use of cookies and other similar technologies. A cookie is a string of information that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns.

Information we collect from other sources:
We might receive information about You from other sources. For example, as specified in our Terms of Use, our payment integration is with Stripe Inc. (“Stripe”) and Razorpay Software Private Limited (“Razorpay”). Since, we do not directly collect or process any of Your payments for purchases on the Platform, we do not collect any of Your financial information, such as credit card numbers, security codes, CVVs, or bank account information. However, when invoices or such other transactional documents that may contain Your financial information are processed by Stripe or Razorpay, we may receive a copy of the same. Our third-party payment processors are independent from Graphy and have their own privacy policies. For additional information about how Your payment information is processed and stored, we recommend that You review the applicable payment processor's privacy policy.

D. Use of platform/services by children

As stated in our Terms of Use, You must be at least 18 years of age to access the Platform and if You’re between 13 – 18 years, then parental/legal guardian’s permission is a must. We do not knowingly collect personally identifiable information from anyone under the age of 13. If You are a parent or guardian and You are aware that Your child has provided us with any such personal information, please contact us at privacy@graphyapp.co. If We become aware that we have collected personal information from anyone under the age of 13 without verification of parental permission, we will take steps to remove that information from our servers.

E. How we use and share the information we collect

❖ We use/process Your information in the following manner :

To provide our Platform: We use the Your information as collected by us to allow You to access the Platform and the services offered therein, including without limitation to set-up and maintain Your account, provide customer service, fulfil purchases through the Platform, verify User information and to resolve any glitches with our Platform. The legal basis for this processing is consent or, where applicable, our legitimate interests in the proper administration of our Platform, and/or the performance of a contract between You and Us.

To improve our Platform and maintain safety: We use Your information to improve and customize the Platform and services offered by us, including providing automatic updates to newer versions of our Platform and creating new features based on the Platform usage analysis. Further, we also use Your information to prevent, detect, investigate, and take measures against criminal activity, fraud, misuse of or damage to our Platform or network, and other threats and violations to Graphy’s or a third party's rights and property, or the safety of Graphy, its users, or others. The legal basis for this processing is consent or, where applicable, our legitimate interests in the proper administration of our Platform, and/or the performance of a contract between You and Us.

To market our Platform and communicate with You: We will use Your information in order to develop a more targeted marketing of our Platform, to communicate with You about our offers, new products, services or even receive Your feedback on the Platform. The legal basis for this processing is consent or, where applicable, our legitimate interests in the proper administration of our Platform, and/or the performance of a contract between You and Us.

To establish, exercise, or defend legal claims: We may process any of the personal information identified in this Policy when necessary for establishing, exercising, or defending legal claims, whether in court, administrative, or other proceedings. The legal basis for this processing is our legitimate interest in the protection and assertion of our legal rights, your legal rights, and the legal rights of others.

To manage risk and obtain professional advice: We may process any of the personal information identified in this Policy to manage risk or obtain professional advice. The legal basis for this processing is our legitimate interest in the proper protection of our business and Platform.

We may process Your personal information in connection with any of the purposes and uses set out in this Policy on one or more of the following legal grounds:

- Because it is necessary to perform the services You have requested or to comply with Your instructions or other contractual obligations between You and us;

- To comply with our legal obligations as well as to keep records of our compliance processes;

- Because our legitimate interests, or those of a third-party recipient of Your personal information, make the processing necessary, provided those interests are not overridden by Your interests or fundamental rights and freedoms;

- Because You have chosen to publish or display Your personal information on a public area of the Platform, such as a comment area;

- Because it is necessary to protect Your vital interests;

- Because it is necessary in the public interest; or

- Because You have expressly given us Your consent to process Your personal information in a particular manner.

We do not use personal information for making any automated decisions affecting or creating profiles other than what is described in this Policy.

❖ We share the information collected as mentioned above only in the manner specified hereinbelow. We do not sell or otherwise disclose personal information we collect about You for monetary or other valuable consideration.

Information shared with Graphers:

(a) To allow the Graphers to provide their services to their Learners, we share the following information of Learners (“Learner Information”) with Graphers:
(i). Account information on the Platform, including a Learner’s name and email address;
(ii). Information about a Learner’s enrolment and participation in the Content, course/session completion status, quiz results (if any) and certificates (if any and applicable) taught by the Grapher;
(iii). Any messages a Learner exchanges with the Grapher through the Platform.

Graphy will provide Learner Information to Graphers only if a Learner has enrolled for the Grapher’s Content on the Platform. Please note that, except as stated above, we do not share any other information about Learners with the Graphers. Any additional information that is shared by a Learner with a Grapher is done so at the discretion of the Learner. However, Stripe and Razorpay (respectively), our third-party payment processors, may share the information relating to purchases made by You on the Platform, including invoices, the amount paid, Your address, or other billing information regarding a Grapher’s Content with the Grapher. Please review terms and conditions and privacy policy of both Stripe and Razorpay (as applicable) to understand more about how they may collect, process, and use personal information provided by You to Stripe and/or Razorpay.
(b) Graphers are responsible for protecting Learner Information that they collect and for processing that information in accordance with applicable data protection laws. If You (as a Learner) have any questions about a Grapher’s privacy practices, You should contact the Grapher directly and ask to review such Grapher’s privacy policies.

Information shared with Learners and other users on the Platform:
When a Grapher creates an account and makes available Content on the Platform, the information contained in a Grapher’s public profile and Grapher’s Content will be viewable to users who are given access to Your profile and Content.
Please note that all information shared by a Grapher, whether as part of a Grapher’s public profile or Content, in Discussion Forums, or other public portions of the Platform, is deemed as public information. Since the same is publicly available, we cannot control how others treat it; so please keep that in mind when deciding what information You choose to include, and refrain from sharing Your sensitive personal information and those of others.

Other ways we may share Information:

(a) Affiliates and Subsidiaries:We may disclose information about You to our affiliates, subsidiaries and other businesses under the same control and ownership, and their respective officers, directors, employees, accountants, attorneys, or agents, who need the information to help us provide our Platform or process the information on our behalf. We require our subsidiaries to follow this Privacy Policy for any personal information that we share with them.

(b) Third-party vendors: We may share information about You with third-party vendors or service providers (including consultants, payment processors, and other service providers) who need the information in order to provide their support services to us, or to provide their services to You on our behalf. These services may include providing customer support, performing business and sales analysis, supporting our website functionality, facilitating payment processing, and supporting contests, surveys, and other features offered on our Platform. Such third-party vendors are not allowed to use the information for any purpose other than what it was provided for and they are required to process and use theinformation in accordance with this Privacy Policy.

(c) Legal Disclosures: We may disclose information about you in response to a court order, or other governmental request. Without imitation to the foregoing, we reserve the right to disclose such information where we believe in good faith that such disclosure is necessary to:
(i). comply with applicable laws, regulations, court orders, government and law enforcement agencies’ requests;
(ii). protect and defend Graphy’s or a third party's rights and property, or the safety of Graphy, our users, our employees, or others; or
(iii). prevent, detect, investigate and take measures against criminal activity, fraud and misuse or unauthorized use of our Platform and/or to enforce our Terms of Use or other agreements or policies.

To the extent permitted by law, we will attempt to give You prior notice before disclosing Your information in response to such a request.

(d) Business transfers: In the event Graphy undergoes any merger, acquisition, or sale of company assets, in part or in full, by another company, or in the unlikely event that Graphy goes out of business or enters bankruptcy, user information would likely be one of the assets that is transferred or acquired by a third party. If any of these events were to happen, this Privacy Policy would continue to apply to your information and the party receiving Your information may continue to use Your information, but only consistent with this Privacy Policy.

(e) Advertising and Analytics Partners: We may share usage data with third-party advertisers, advertisement networks, and analytics providers through cookies and other similar technologies.

(f) With Your Consent: We may share and disclose information with your consent or at your direction.

Your information may be shared for reasons not described in this policy, however, we will inform You before we do the same.

F. Duration for which your information is stored

Mostly, when You delete any of the information provided by You or when You delete Your account, on the Platform, the same will be deleted from our servers too. However, in certain cases, we will retain Your information for as long as it is required for us to retain for the purposes stated hereinabove, including for the purpose of complying with legal obligation or business compliances.

Note: If You belong to a country where the GDPR applies or if You are a Californian resident and if You wish to exercise any of Your rights (as specified in Section H below) to access, modify and delete all information stored about You, then You may do so by writing to us atprivacy@graphyapp.co.

G. Your choices


Limit the information You provide: You always have an option to choose the information You provide to us, including the option to update or delete Your information. However, please note that lack of certain information may not allow You access to the Platform or any of its features, in part or in full. For example: information required for Your registration on the Platform.
Limit the communications You receive from us: Further, You will also have the option to choose what kind of communication You would like to receive from us. However, there may be certain communications that are required for legal or security purposes, including changes to various legal agreements, that you may not be able to limit.
Reject Cookies and other similar technologies:You may reject or remove cookies from Your web browser; You will always have the option to change the default settings on Your web browser if the same is set to ‘accept cookies’. However, please note that some of the Services offered on the Platform may not function or be available to You, when the cookies are rejected, removed or disabled.

H. Your rights

Depending on where You are situated, You may have certain rights in respect of Your personal information accorded by the laws of the country You are situated in, as detailed hereinbelow.

Please note, if You are a Learner who wishes to exercise his/her rights under the applicable data privacy laws in respect of Your Information that is controlled by the Grapher, then You will need to contact the respective Grapher directly.

❖ EU/EEA Rights:

If you are located in the European Union (EU) or European Economic Area (EEA), you have the following rights under the General Data Protection Regulation (GDPR). All requests should be sent to the address noted in the “Contact Us” section of this Policy and we will fulfil requests to the extent required by applicable law.

(i). Right to access Your personal data – You have the right to receive confirmation as to whether or not personal data concerning You is being processed and, where that is the case, access to the personal data can be sought;

(ii). Right to Rectification – Our goal is to keep Your personal information accurate, current and complete. Please contact us if You believe Your information is not accurate or it changes;

(iii). Right to Erasure – In some cases, You have a legal right to request that we erase Your personal data;

(iv). Right to object to Processing - You have the right to object to our processing of Your personal data under certain conditions;

(v). Right to restrict processing- You have the right to request that we restrict the processing of Your personal data, under certain conditions;

(vi). Right to Data Portability– You have the right to request that we transfer the data that we have collected to another organization, or directly to You, under certain conditions;

(vii). Right to make a complaint to a government supervisory authority – If You believe we have not processed Your personal information in accordance with applicable provisions of the GDPR, we encourage Youto contact us at privacy@graphyapp.co. You also have the right to make a GDPR complaint to the relevant Supervisory Authority or seek a remedy through the courts. A list of Supervisory Authorities is available at: https://edpb.europa.eu/about-edpb/board/members_en. If You need further assistance regarding Your rights, please contact us using the contact information provided below and we will consider Your request in accordance with applicable law.

We collect and process personal information about You only where we have a legal rationale to do so. Specific legal rationale applied for the same will depend on the type of personal information collected and the context in which the same is being processed, including the services involved.

❖ California Consumer Privacy Act (“CCPA”):

If You are a California State Resident, then You have the following rights-

(i). The right to access the personal information that we hold on You;

(ii). The right to know what personal data we intend on collecting from them before the point of collection;

(iii). The right to opt in or out of marketing, analytics, and other similar activities;

(iv). The right to equal services without discrimination; and

(v). The right to request deletion of personal data.

The above rights, the manner in which You can exercise the same and the category of and the manner in which we collect Your information, are detailed below.

1. CCPA NOTICE AT COLLECTION:

For purposes of the CCPA, in collecting the information described above, we collect the categories of personal information listed below from you:

(i). Identifiers: We may collect Your name, email address, username, unique personal identifier, and Internet Protocol (IP) address. We use Identifiers as set forth in the “How We Use and Share the Information Collected” section of this Policy, like Your name, contact information, and device and online identifiers.

(ii). Characteristics of personal information described in the California Customer Records statute: We may collect Your name, email address, username, unique personal identifier, and gender. We use Categories of Personal Information described in the California Consumer Records statute as set forth in the “How We Use and Share the Information Collected” section of this Policy.

(iii). Internet or other electronic network activity information: We collect cookies as described in our Cookies Policy, we will automatically receive information from Your browser and Your device, which includes the date and time of Your visit to the Platform as well as your location, Internet Protocol (IP) address, domain server, browser type, access time, and data about which pages You visit on the Platform. We use Internet or other electronic network activity information as set forth in the “How We Use and Share the Information Collected” section of this Policy.

(iv). Geolocation data: We may collect your IP address. We use Geolocation Data as set forth in the “How We Use and Share the Information Collected” section of this Policy. (such as your location based on your IP address);

(v). Audio, electronic, visual or similar information: We may collect your profile picture or other audio or visual information uploaded as content to the Platform. We use Audio, electronic, visual or similar information as set forth in the “How We Use and Share the Information Collected” section of this Policy.

(vi). Inferences: We may make inferences based upon the personal information collected (such as likelihood of retention or attrition). We use Inference information as set forth in the “How We Use and Share the Information Collected” section of this Policy.

2. CCPA DATA PRACTICES DURING THE LAST 12 MONTHS:

(a) Personal Information Collected: As described in this Policy, we have collected the categories of personal information listed below during the preceding 12 months:

(i) Identifiers

(ii) Characteristics of personal information described in the California Customer Records statute

(iii) Internet or other electronic network activity information

(iv) Geolocation data

(v) Commercial information

(vi) Audio, electronic, visual, thermal, olfactory, or similar information

(vii) Inferences

(b) Categories of Sources: We have collected the personal information identified in this Policy from You and our payment processors.

(c) Business and Commercial Purposes for Collecting: We have collected the categories of personal information listed above for the following purposes:

(i). Operate the Platform;

(ii). Provide our services to you;

(iii). Honor our Terms of Use and contracts;

(iv). Ensure the privacy and security of our Platform and services;

(v). Manage our relationships with you;

(vi). Communicate with you;

(vii). Analyze use of the Platform and our services;

(viii). Enhance your experience;

(ix). Track visits to the Platform;

(x). Provide you with a more personal and interactive experience on the Platform; and

(xi). Usage analytics purposes.

(d) Personal Information Sold: We have not sold categories of personal information during the preceding 12 months.

(e) Personal Information Disclosed for a Business Purpose: We have disclosed for a business purpose the categories of personal information listed below during the preceding 12 months:

(i). Identifiers

(ii). Characteristics of personal information described in the California Customer Records statute

(iii). Internet or other electronic network activity information

(iv). Geolocation data

(v). Commercial information

(vi). Audio, electronic, visual, thermal, olfactory, or similar information

(vii). Inferences

We have disclosed each category of personal information to the following categories of third parties: (1) corporate parents, subsidiaries, and affiliates; (2) advisors (accountants, attorneys); (3) service providers (data analytics, data storage, mailing, marketing, website and platform administration, technical support); and (4) operating systems and platforms.

3. CONSUMER RIGHTS AND REQUESTS UNDER THE CCPA

The CCPA gives consumers the right to request that we (1) disclose what personal information we collect, use, disclose, and sell, and (2) delete certain personal information that we have collected or maintained. You may submit these requests to us as described below, and we honor these rights where they apply.

If a request is submitted in a manner that is not one of the designated methods for submission, or if the request is deficient in some manner unrelated to our verification process, we will either (1) treat the request as if it had been submitted in accordance with the designated manner, or (2) provide You with specific directions on how to submit the request or remedy any deficiencies with the request, as applicable.

(a) Request to Know: As a California resident, You have the right to request: (1) the specific pieces of personal information we have collected about You; (2) the categories of personal information we have collected about You; (3) the categories of sources from which the personal information is collected; (4) the categories of personal information about You that we have sold and the categories of third parties to whom the personal information was sold; (5) the categories of personal information about You that we disclosed for a business purpose and the categories of third parties to whom the personal information was disclosed for a business purpose; (6) the business or commercial purpose for collecting, disclosing, or selling personal information; and (7) the categories of third parties with whom we share personal information. Our response will cover the 12-month period preceding our receipt of a verifiable request.

(b) Request to Delete: As a California resident, You have a right to request the erasure/deletion of certain personal information collected or maintained by us. As described herein, we will delete your personal information from our records and direct any service providers (as defined under applicable law) to delete Your personal information from their records. However, we are not required to honor a deletion request if an exemption applies under the law.

(c) Submitting a Request:

(i) Submission of Instructions: You may submit a request by email to privacy@graphyapp.co. Regarding requests to delete, we may present you with the choice to delete select portions of your personal information, but a global option to delete all personal information will be offered and more prominently presented.

(ii) Verification Process: We are required by law to verify the identities of those who submit requests to know or to delete. To determine whether the individual making the request is the consumer about whom we have collected information, we will verify Your identity by matching the identifying information provided by You in the request to the personal information that we already maintain about You. As a part of this process, you will be required to provide your name and [INSERT DATA ELEMENTS TO VERIFY IDENTITY]. account number, address, and telephone number. We will inform you if we cannot verify your identity. Please note-

· If we cannot verify the identity of the person making a request for categories of personal information, we may deny the request. If the request is denied in whole or in part for this reason, we will provide a copy of, or direct You to, our Privacy Policy.

· If we cannot verify the identity of the person making the request for specific pieces of personal information, we are prohibited from disclosing any specific pieces of personal information to the requestor. However, if denied in whole or in part for this reason, we will evaluate the request as if it is seeking the disclosure of categories of personal information about the consumer.

· If we cannot verify the identity of the person making a request to delete, we may deny the request. If there is no reasonable method by which we can verify the identity of the requestor to the degree of certainty required, we will state this in our response and explain why we have no reasonable method by which we can verify the identity of the requestor.

(iii) Authorized Agents: Authorized agents may submit requests via the methods identified in this Policy. If You use an authorized agent to submit a request to know or a request to delete, we may require You to: (1) provide the authorized agent with signed permission to do so; (2) verify Your identity directly with us; and (3) directly confirm with us that You provided the authorized agent permission to submit the request. However, we will not require these actions if You have provided the authorized agent with power of attorney pursuant to the California Probate Code.

(iv) Excessive Requests: If requests from a User are manifestly unfounded or excessive, in particular because of their repetitive character, we may either (1) charge a reasonable fee, or (2) refuse to act on the request and notify the User of the reason for refusing the request. If we charge a fee, the amount will be based upon the administrative costs of providing the information or communication or taking the action requested.

(v) CCPA Non-Discrimination: You have the right not to receive discriminatory treatment by us due to Your exercise of the rights provided by the CCPA. We do not offer financial incentives and price or service differences, and we do not discriminate against Users/consumers for exercising their rights under the CCPA.

I. Information Security

● We work to protect the security of Your information during transmission by using Secure Sockets Layer (SSL) software, which encrypts information You input in addition to maintaining security of Your information as required under applicable laws.
● We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personal information (including sensitive personal information). Our security procedures mean that we may occasionally request proof of identity before we disclose personal information to You.
However, no form or method of data storage or transmission system is fully secure, and we cannot guarantee that security provided by such system(s) is absolute and that Your information will not be accessed, disclosed, or destroyed in the event of a breach of any of our security measures.
● It is important for You to protect against unauthorized access to or use of Your password and to Your computer and if You have any reason to believe that Your password has become known to anyone else, or if the password is being, or is likely to be, used in an unauthorized manner, You must immediately change Your password or inform us, so that we are able to help You stop or prevent such unauthorized access. Be sure to sign off when You finish using a shared computer.

J. Modification to privacy policy

Our business changes constantly and our Policy may change from time to time. We may emailperiodic reminders of our notices and conditions, unless you have instructed us not to, but we encourage You to check our Platform frequently to see the recent changes. Unless stated otherwise, our current Policy applies to all information that we have about You and Your account. We stand behind the promises we make, however, and will not materially change our policies and practices to make them less protective of customer information collected in the past without Your consent.

K. Grievances

If you have any questions about this Policy, wish to exercise your rights, concerns about privacy or grievances at Platform, please register your complaint with a thorough description via email to privacy@graphyapp.co addressed to our grievance officer Ms. Brahmi Chandrasekaran (Manager-Legal) or via a registered post to:

For queries/concerns from or regarding Graphers from India:
Sorting Hat Technologies Pvt Ltd
Maruti Infotech Centre, 3rd Floor, A-Block, Domlur, Koramangala Inner Ring Road, Bangalore- 560 071, Karnataka, India.

For queries/concerns from or regarding Graphers from outside India:
Graphy INC
Vistra (Delaware) Ltd
3500 South Dupont HWY
Dover, Kent, DE 19901
User GuidelinesTermsPrivacy