HomeLegalDPDP Compliance

DPDP Compliance

Last Updated: March 2026

Note: For strict legal compliance, this document is primarily maintained and enforced in English.

Nirmaanly AI is fundamentally built for India. We are strictly committed to the privacy rights of Indian citizens and deeply adhere to the strict guidelines of the Digital Personal Data Protection (DPDP) Act, 2023.

1Data Localization Guarantee

We take data sovereignty seriously. All personal data collected by Nirmaanly AI from Data Principals located within India is securely stored, processed, and maintained in cloud facilities situated strictly within the territorial borders of India (specifically, Mumbai ap-south-1 availability zones).

We guarantee that we do not transfer, route, or mirror your personal information to offshore servers without verifiable, explicit regulatory adherence and informed consent.

2Lawful Basis of Processing & Consent

We ensure clear, affirmative consent before processing your personal data for our AI text-to-app generator. Nirmaanly AI does not use dark patterns or obscure legal jargon during signup. Under the DPDP Act, we process your data on the basis of:

  • Explicit Consent: Directly provided by you when creating an account or interacting with the builder.
  • Legitimate Use: To fulfill a legal obligation, network security, or fraud prevention.

You have the absolute right to withdraw consent at any point via the dashboard. Any data collected from children under 18 requires verifiable parental consent via OTP. Account deletion is a 1-click process that immediately triggers a cascading delete across all our internal databases.

3Data Principal Rights

As a Data Principal under the DPDP Act, you have the right to:

  • Right to Access: Ask us for a summary of personal data being processed.
  • Right to Correction/Erasure: Request the correction of inaccurate data or the erasure of your data when it is no longer necessary.
  • Right to Grievance Redressal: A guaranteed path to register complaints regarding our data practices.
  • Right to Nominate: Nominate another individual to exercise your rights in the event of your death or incapacity.

4Breach Notification Protocol

In the highly unlikely event of a personal data breach, Nirmaanly AI has established an incident response protocol. We are legally bound to intimate the Data Protection Board of India and directly notify all affected Data Principals detailing the nature of the breach and the mitigation measures taken, without undue delay.

5Grievance Officer

In accordance with DPDP rules, we have appointed a certified Data Protection Officer (DPO) and established a strict SLA-driven Grievance Redressal Mechanism to handle data disputes.

Grievance & Data Protection Officer

Name:Legal DPO Officer
Email:dpo@nirmaanly.com
Response:Under 48 working hours SLA
HQ:Bangalore, Karnataka, India