We believe privacy is a right, not a feature. This policy explains exactly what data we collect, how we use it, and the controls you have over it.
Last updated: March 12, 2026 · Effective: March 12, 2026
Contents
Account Information
When you create an account, we collect your name, email address, and password. You may optionally provide a profile picture and billing information if you subscribe to a paid plan.
Usage Data
We automatically collect information about how you interact with Apragya, including the agents you use, prompts you submit, outputs generated, session duration, and feature engagement. This helps us improve our services and personalize your experience.
Device & Technical Data
We collect your IP address, browser type, operating system, device identifiers, and log data. This information is used for security monitoring, fraud prevention, and service optimization.
Payment Information
Payment card details are processed by our PCI-DSS compliant payment processors (Razorpay, Stripe). We store only the last four digits of your card number and billing address for your records.
Service Delivery
We use your data to provide, maintain, and improve Apragya's AI agents and enterprise applications, process your requests, authenticate your account, and deliver the outputs you generate.
Communications
We may send you transactional emails (receipts, password resets), service updates, and — if you opt in — newsletters and product announcements. You can unsubscribe at any time.
Safety & Security
We use your data to detect and prevent fraud, abuse, spam, and other harmful activity. We may review AI-generated content to ensure compliance with our Acceptable Use Policy.
Analytics & Improvement
Aggregated and anonymised usage data helps us understand which agents are most valuable, identify bugs, and prioritise new features. We never sell your personal data.
We Do Not Sell Your Data
Apragya does not sell, rent, or trade your personal information to third parties for their marketing purposes — ever.
Service Providers
We share data with trusted vendors who help us operate our platform (e.g. cloud hosting, payment processing, email delivery). These partners are bound by strict data processing agreements.
AI Model Providers
Prompts you submit may be processed by third-party AI model providers (such as OpenAI, Anthropic, Google). These providers have their own privacy policies and we select only partners with strong data protection commitments. Your prompts are never used to train third-party models without your explicit consent.
Legal Requirements
We may disclose your information if required by law, court order, or government authority, or to protect the rights, property, or safety of Apragya, our users, or the public.
Encryption
All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. Our infrastructure is hosted on SOC 2 Type II certified cloud providers.
Access Controls
Access to user data is restricted on a need-to-know basis. Employees with access undergo background checks and regular security training.
Incident Response
We maintain a dedicated security incident response plan. In the event of a data breach that affects your personal data, we will notify you within 72 hours as required by applicable law.
Access & Portability
You may request a copy of all personal data we hold about you at any time by contacting privacy@apragya.ai.
Correction & Deletion
You can update your account information at any time in your settings. You may request deletion of your account and associated data — we will process this within 30 days.
GDPR & CCPA Rights
If you are a resident of the European Economic Area or California, you have additional rights including the right to object to processing, restrict processing, and lodge a complaint with your local supervisory authority.
Cookies
You can control cookie preferences through your browser settings or our Cookie Preference Centre. Note that disabling certain cookies may affect functionality.
Account Data
We retain your account data for as long as your account is active. After account deletion, we remove personal data within 30 days, except where required by law to retain it longer.
Generated Content
Content you generate using our AI agents is retained for 90 days to enable you to retrieve past outputs. You can delete individual outputs at any time from your dashboard.
Privacy Enquiries
For any privacy-related questions, requests, or concerns, please contact our Data Protection Officer at privacy@apragya.ai or by writing to: Apragya, Data Protection Officer, Chennai, Tamil Nadu, India.