Last updated: 20 May 2026
Contact Convoy (“we”) provides a B2B app for scanning and managing business-card leads. This policy explains how we handle personal data under applicable Indian law, including the Digital Personal Data Protection Act, 2023 (DPDP Act) where it applies.
Your company's plan sets monthly Card Credits and team member limits. See pricing and Terms §2.
We process data to provide the Service, enforce Card Credit limits, send OTP and transactional emails, improve AI accuracy, prevent fraud, and comply with law. Legal bases include contract performance, legitimate business interests, and consent where required (e.g. marketing emails to your leads — your responsibility as Customer).
We use trusted processors: cloud hosting (VPS), MongoDB, email (e.g. Resend), payment (Razorpay), AI (Google, Groq, etc.), image storage (e.g. Cloudinary), and push (Firebase). They process data only on our instructions. We do not sell contact databases.
We retain data while your account is active and as needed for legal obligations. You may request deletion of your Company Account; we will complete verifiable requests within 30 days unless retention is required by law.
We use HTTPS, access controls, company-domain login, and admin approval. No method is 100% secure; notify us promptly of suspected breaches.
Depending on applicable law, you may request access, correction, deletion, or grievance redressal. Contact support@contactconvoy.in. You may lodge a complaint with the Data Protection Board of India when operational under the DPDP Act.
The Service is for business users aged 18+. We do not knowingly collect children’s data.
We may update this policy; material changes will be posted here with a new date.
Email: support@contactconvoy.in · Phone: +91 98989 96496