1. Introduction and scope MeetMeUp.in (“MeetMeUp”, “It”, “we”, “us”, “our”) provides an interest-based social networking platform (the “Platform” or the “site”). This Privacy Policy explains how we collect, use, disclose and protect the personal data of users (“you”, “your”). It applies to all users located in India and to any processing of digital personal data governed by Indian law.

2. Our role & compliance We are the Data Fiduciary (as used in the Digital Personal Data Protection Act, 2023). We process personal data to operate the Platform, deliver features (profile, interest matching, messaging), improve services and meet legal obligations.

3. Personal data we collect We collect the following categories of personal data depending on the features you use:
- Account & identity: name, email, phone number, username, password (hashed).
- Profile details: profile photo, bio, interests, date of birth, gender (optional), location (city/country if you provide).
- Communications: messages, chat history, photos or files you send through the Platform (user-generated content).
- Usage & analytics:device & browser metadata, IP address, app usage, performance logs, crash reports.
- Payment & billing (optional): payment instrument details (handled via payment gateway), transaction records, invoices.
- Support & verification: KYC or identity verification data if you voluntarily share it.
- Derived / automated data: match recommendations, scoring, tags and other inferred attributes created from your inputs (profiling/AI outputs).
- Sensitive data: We do not ask for special categories of sensitive personal data (health records, sexual life, biometric data) during normal onboarding. If you provide such information accidentally or via free-text in messages/posting, it will be processed only where necessary and with explicit consent or as permitted by law.

4. Legal basis for processing We rely primarily on your consent to process personal data for the purposes described below. In addition, we may process personal data where permitted by law for: performance of a contract, compliance with legal obligations, prevention/detection of fraud or cyber incidents, and other legitimate purposes described in the DPDP Act and related rules.

5. Purposes of processing We use personal data for: - Account creation, authentication and account recovery. - Providing core features: profile display, search, suggested friends, chat delivery. - Running recommendation & matching features (including AI-based matching introduced in v2). - Moderation, safety and enforcement (detecting abusive behaviour, responding to reports). - Analytics, product improvement and A/B testing. - Processing payments and refunds (if you make purchases). - Legal compliance, dispute resolution and fraud prevention.

6. Automated decision-making & profiling We use automated systems to provide match recommendations and suggestions based on your interests and activity. Such profiling does not make final decisions that materially affect you (e.g., account suspension decisions are reviewed by a human). You may request information about how profiling affects you and may opt out of non-essential profiling where feasible.

7. Sharing, processors & third parties We do not sell personal data. We may share your data with: - Service providers / processors(hosting, analytics, email, messaging, payment gateways) who process data on our instructions. - Third parties you choose to connect(e.g., social integrations, contacts import). - Law enforcement or regulators where compelled by lawful order or for safety reasons. -In connection with corporate changes (sale, merger, reorganization) — subject to confidentiality and legal protections. We require processors to implement appropriate security measures and to process data only on our directions.

8. Cross-border transfers Your data may be stored or processed outside India (cloud provider regions). Under applicable law the Central Government may restrict transfers to certain countries. We will adopt contractual and technical safeguards where required by law and will provide notice of cross-border transfers in this Policy.

9. Data retention & deletionWe retain personal data only as long as necessary to provide services, for the purposes described above, to comply with legal obligations, or to resolve disputes. Typical retention examples (you should confirm these operationally): - Profile & account data: retained while account is active + 180 days after deletion (or as required by law). - Chat messages / content: retained only for as long as your account remains active. If you delete a message or a conversation, it is permanently removed from our active systems within a reasonable period. Backup copies may persist temporary (upto 90 days) for security and recovery purposes. Non personal logs and analytics data may be retained for 12–24 months to improve product performance, prevent abuse, and ensure security. When you request account deletion, we will erase your personal data unless retention is required for legal compliance or legitimate business reasons. Some residual copies may remain in backups for a limited period.

10. Security measures We implement reasonable technical and organisational measures to protect data: encryption in transit, access controls, vulnerability management, logging and monitoring and secure development practices. If we detect a personal data breach we will follow applicable notification procedures.

11. Personal data breach & notification In the event of a suspected or confirmed personal data breach, we will take immediate remedial action and assess its impact. Under the Digital Personal Data Protection Act, 2023, and draft rules, data fiduciaries are required to notify the Data Protection Board of India (and, where relevant, affected individuals) about reportable breaches. We are committed to making such notifications without undue delay and in accordance with applicable regulatory timelines (draft guidance recommends within 72 hours of becoming aware of the breach).

12. Rights of users (Data Principals) Under Indian law you have rights including (subject to conditions): - Right to access information about personal data we process about you and the purposes. - Right to correction, completion and updating of your personal data. - Right to erase of personal data that is no longer necessary or where consent is withdrawn. - Right to data portability where applicable. - Right to file a grievance with our Grievance Officer and to approach the Data Protection Board. To exercise your rights, contact our Grievance Officer at contact@meetmeup.in. We will respond within the timelines prescribed by applicable law.

13. Children The Platform is not for users under 18 years.We do not knowingly collect personal data of children under 18. If we become aware we will delete such data immediately. We do not accept parental consent as a basis for account creation or data processing for users under 18 years.

14. App tracking & Storrage MeetMeUp does not use browser cookies. Instead, we use JSON Web Tokens (JWTs) and secure local storage to manage user authentication, maintain active sessions, and ensure a seamless login experience.JWTs are stored securely on the user’s device and are used only to verify identity and provide access to the app. They are not shared with or used to track users across any other websites or applications. We may also maintain limited server logs and aggregated analytics to monitor system performance, prevent misuse, and improve reliability. These logs do not personally identify users. You can clear or reset stored data anytime through your device or app settings.

15. Changes to this Policy We may update this Policy. Material changes will be posted with a new effective date and (where required) we may obtain fresh consent.

6. Contact & grievanceGrievance Officer: Sneha Raisinghaney Email: contact@meetmeup.in Address: 2/2 Satya Jivan, Kurla, Mumbai-400070 If you are not satisfied with our response you can approach the Data Protection Board and/or the courts as permitted by law.

17. How to contact us via Email: contact@meetmeup.in