SkyBrance Logo

SkyBrance

Menu
WhatsApp
Your Privacy Matters

Privacy Policy

Last Updated: January 25, 2026

GDPR, CCPA & DPDP Compliant

1. Introduction

Welcome to SkyBrance Tech Private Limited ("Company", "we", "us", "our"). We are committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Services.

By using our Services, you consent to the data practices described in this policy. If you do not agree with this policy, please do not use our Services.

Jurisdiction & Compliance

This Privacy Policy complies with:

  • GDPR - General Data Protection Regulation (European Union)
  • CCPA/CPRA - California Consumer Privacy Act (United States)
  • DPDP Act 2023 - Digital Personal Data Protection Act (India)

Company Registration Details

Registered Office

Loknath Nagar, B.P Road,
Bagdogra, Darjeeling 734014,
West Bengal, India

Registration Numbers

  • CIN: U62099WB2025PTC284361
  • PAN: ABRCS8817N
  • TAN: CALS73275G
  • UDYAM: UDYAM-WB-06-0059700

Board of Directors

Rick Sarkar (Director) - DIN: 11395342
Saunak Dutta (Director) - DIN: 11395341

Contact Information

Email: info@skybrance.comPhone: +91 9332525641

2. Information We Collect

Information You Provide Directly

  • Account Information: Name, email address, mobile number, profile photo
  • Billing Information: Billing address, payment method details (processed securely by Razorpay/PayPal)
  • Identity Verification: Government-issued ID (Aadhaar, PAN) may be required for security and fraud prevention
  • Communications: Messages, feedback, support tickets you send to us

Information Collected Automatically

  • Device & Browser Data: IP address, browser type, operating system, device type, screen resolution
  • Usage Analytics: Page views, session duration, click patterns, feature usage via Google Analytics
  • Location Data: Approximate geographic location (country, city) derived from IP address
  • Authentication Tokens: Stored locally in browser for session management

SkyShare Link Shortener Data

When end-users click on shortened links created through SkyShare, we collect:

  • User-Agent String: Device type, browser, operating system
  • IP Geolocation: Processed in real-time for location analytics. We do NOT store full IP addresses
  • Referrer Data: Source of click (social media, search engine, etc.)

This data is used solely for analytics provided to link creators and to improve our Services. We respect end-user privacy.

3. How We Use Your Information

We use the information we collect for the following purposes:

Account Management

Create and maintain your account, verify identity (email/phone OTP), manage subscriptions

Payment Processing

Process transactions securely through Razorpay and PayPal, manage billing and invoices

Communications

Send transactional emails (OTPs, password resets), service updates, marketing communications (you can opt-out), security alerts

Analytics & Improvement

Analyze usage patterns via Google Analytics and Firebase Analytics to improve Services, understand user behavior, and develop new features

Security & Compliance

Validate URLs using Google Safe Browsing API, prevent fraud and abuse, comply with legal obligations, enforce Terms of Service

Notifications

Send browser push notifications (via Firebase Cloud Messaging) for important updates, alerts, and personalized content

4. Data Storage & Security

Data Storage Location

Your data is stored securely in:

  • Primary Database: MongoDB Atlas (Mumbai, India region) - All primary data resides in India
  • File Storage: Cloudflare Storage for profile photos and uploaded files

✓ We do NOT transfer your data internationally beyond necessary third-party services (Google, Firebase).

Security Measures

  • Encryption: Passwords hashed with bcryptjs/crypto, data encrypted at rest and in transit (TLS/SSL)
  • Access Controls: Role-based access controls (RBAC) limit employee access to sensitive data
  • URL Validation: All shortened URLs validated against Google Safe Browsing API before creation
  • Regular Audits: Security audits, vulnerability assessments, and infrastructure monitoring
  • Backup Systems: Automated backups retained for 30 days for disaster recovery

⚠️ Important: While we implement industry-standard security measures, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

5. Information Sharing & Disclosure

We DO NOT Sell Your Data

We will NEVER sell, rent, or trade your personal information to third parties for marketing purposes.

Third-Party Service Providers

We share data with trusted third-party services necessary for operations:

Google Services

Google Analytics, Firebase (Authentication, Analytics, Cloud Messaging), Google Safe Browsing API

Payment Processors

Razorpay and PayPal - for secure payment processing (PCI-DSS compliant)

Cloud Infrastructure

MongoDB Atlas (database), Cloudflare (storage, CDN), AWS SES (email delivery)

Legal Requirements

We may disclose information if required by law or in good faith belief that such action is necessary to:

  • Comply with legal obligations, court orders, or government requests
  • Protect and defend our rights, property, or the rights of others
  • Prevent fraud, security issues, or technical problems
  • Protect the personal safety of users or the public

Note: Our data security practices are designed to protect against unauthorized government access. We will notify you of legal requests unless prohibited by law.

6. Cookies & Tracking Technologies

We use tracking technologies to enhance user experience and analyze usage:

Local Storage

We store data locally in your browser for:

  • Authentication Tokens: To keep you logged in securely
  • User Preferences: Theme settings, language preferences, dashboard layout
  • User Experience Data: Recently viewed links, draft links, analytics preferences

Analytics Services

  • Google Analytics: Tracks page views, user demographics, traffic sources. You can opt-out using Google Analytics Opt-out Browser Add-on.
  • Firebase Analytics: App usage analytics, user behavior tracking, crash reporting
  • Firebase Cloud Messaging: Browser push notification delivery tokens

Browser Controls: You can control local storage and cookies through your browser settings. Note that disabling these may affect Service functionality.

7. Your Privacy Rights

You have the following rights regarding your personal data:

Access & Export

Request a copy of your data in JSON format through your dashboard settings

Correction & Update

Update your profile information, email, mobile number through account settings

Deletion

Request account deletion via settings. Data retained for 30 days, then permanently deleted

Marketing Opt-Out

Unsubscribe from marketing emails via "Unsubscribe" link or email preferences

Push Notification Control

Manage browser push notifications through browser settings or dashboard preferences

Exercise Your Rights: Contact us at privacy@skybrance.com to exercise any of these rights. We will respond within 30 days.

8. GDPR Compliance (European Union)

For Users in the European Union

If you are located in the EU, you have additional rights under the General Data Protection Regulation (GDPR).

Legal Basis for Processing

  • Consent: Account creation, marketing communications, browser push notifications
  • Contract Performance: Providing Services, processing payments, account management
  • Legitimate Interests: Fraud prevention, security, service improvement, analytics
  • Legal Obligation: Tax compliance, law enforcement requests

Your GDPR Rights

Right to Access

Obtain confirmation of data processing and access to your personal data

Right to Rectification

Correct inaccurate or incomplete personal data

Right to Erasure ("Right to be Forgotten")

Request deletion of your personal data (30-day process)

Right to Data Portability

Receive your data in structured, machine-readable format (JSON)

Right to Object

Object to processing based on legitimate interests or for direct marketing

Right to Restrict Processing

Limit how we process your data in certain circumstances

Lodge a Complaint: You have the right to lodge a complaint with your local Data Protection Authority if you believe we have violated GDPR.

9. CCPA Rights (California Residents)

For California Residents

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).

Your CCPA Rights

Right to Know

Request disclosure of categories and specific pieces of personal information collected

Right to Delete

Request deletion of personal information (with certain exceptions)

Right to Opt-Out of Sale

We do NOT sell your personal information. This right does not apply as we do not engage in data sales.

Right to Non-Discrimination

We will not discriminate against you for exercising your CCPA rights

Right to Correct

Request correction of inaccurate personal information (CPRA)

Right to Limit Use of Sensitive Data

We only use sensitive data (ID documents) for essential services (identity verification)

How to Exercise Your Rights

  • Email: privacy@skybrance.com
  • Verification: We will verify your identity before processing requests
  • Authorized Agent: You may designate an authorized agent to make requests on your behalf
  • Response Time: We will respond within 45 days of request verification

10. DPDP Act Compliance (India)

For Indian Residents

We comply with the Digital Personal Data Protection Act, 2023 (DPDP Act) for processing personal data of Indian citizens.

Consent Management

  • Free & Informed Consent: We obtain explicit consent for data collection and processing
  • Purpose Specification: Data is collected only for specified, legitimate purposes
  • Consent Withdrawal: You can withdraw consent at any time through account settings
  • Data Minimization: We collect only necessary data for Service provision

Data Principal Rights

Right to Access & Correction

Access your personal data and request corrections through dashboard

Right to Data Portability

Download your data in JSON format

Right to Erasure

Request deletion after consent withdrawal (30-day process)

Grievance Redressal

Contact Data Protection Officer at privacy@skybrance.com

Data Fiduciary Details:

Company: SkyBrance Tech Private Limited
CIN: U62099WB2025PTC284361
Contact: privacy@skybrance.com | +91 9332525641

11. Data Retention Policy

Active Account Data

While your account is active, we retain your data to provide Services:

  • Profile Data: Retained until account deletion or update
  • Link Analytics: Retained for the duration of your subscription
  • Transaction Records: Retained for 7 years for tax/legal compliance

Account Deletion Process

30-Day Retention Period

When you request account deletion, your data enters a 30-day retention period:

  • Days 1-30: Account deactivated, data retained for recovery if requested
  • Day 31: Permanent deletion from production database
  • Backups: Removed from backups within 30 days after deletion

Exceptions: We may retain certain data longer if required by law (e.g., financial records for tax compliance, legal disputes).

Inactive Account Policy

Accounts inactive for 5 years (no login activity) may be automatically deleted:

  • We will send email notifications at 4.5 years of inactivity
  • Final warning 30 days before deletion
  • Logging in at any time resets the 5-year period

12. Children's Privacy

Age Requirement: 13+ Years

Our Services are NOT intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

Policy for Minors (Ages 13-17)

  • Parental Consent: Users aged 13-17 must obtain parental or guardian consent before using Services
  • Limited Features: Payment features restricted to users 18+ or with verified parental consent
  • Parental Access: Parents/guardians can request access to, correction of, or deletion of their child's data

If You Believe a Child Under 13 Has Provided Data

If you become aware that a child under 13 has provided us with personal information, please contact us immediately:

Email: privacy@skybrance.com
Subject: "Child Privacy Concern"

We will take steps to delete such information within 48 hours of verification.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

How We Notify You

  • Email Notification: Material changes will be communicated via email to registered users
  • Dashboard Banner: Prominent notice displayed in dashboard for 30 days
  • "Last Updated" Date: Updated at the top of this policy
  • Version History: Previous versions available upon request

Continued Use = Acceptance: Your continued use of Services after policy updates constitutes acceptance of the revised policy. If you disagree with changes, please discontinue use and request account deletion.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Email Contacts

Phone & Address

Phone

+91 9332525641

Business hours: 10 AM - 6 PM IST (Mon-Fri)

Registered Office

Loknath Nagar, B.P Road,
Bagdogra, Darjeeling 734014,
West Bengal, India

CIN: U62099WB2025PTC284361
PAN: ABRCS8817N | TAN: CALS73275G
UDYAM: WB-06-0059700

Data Protection Officer

For GDPR, CCPA, or DPDP Act inquiries, contact our Data Protection Officer:

privacy@skybrance.com

We will respond to all inquiries within 30 days (45 days for CCPA requests).