Privacy Policy
Yi One App (com.yi.app) — Last updated: 26 March 2025
Prepared in accordance with the Digital Personal Data Protection Act, 2023 (India) and applicable Google Play policies.
1. Who We Are (Data Fiduciary)
CodeEdge Tech & Ventures Pvt Ltd (“we,” “us,” or “our”) is the Data Fiduciary under the Digital Personal Data Protection Act, 2023 (“DPDP Act”). We determine the purpose and means of processing your personal data through the Yi One mobile application.
- Registered Office: CodeEdge Tech & Ventures Pvt Ltd, India
- Email: privacy@codeedgetech.com
- Website: https://codeedgetech.com
You, as the user of the app, are the Data Principal under the DPDP Act.
2. Consent and Legal Basis
We process your personal data based on your free, specific, informed, and unambiguous consent, obtained at the time of registration or when you use specific features. By using the Yi One app and providing your data, you consent to the collection and processing described in this policy.
Your right to withdraw consent: You may withdraw your consent at any time by contacting us at privacy@codeedgetech.com or using the in-app settings. Withdrawal of consent is as easy as giving it. Upon withdrawal, we will cease processing your personal data and delete it in accordance with Section 5 below, unless retention is required by law. Please note that withdrawal of consent will not affect the lawfulness of processing carried out before the withdrawal.
3. Personal Data We Collect
We collect only the personal data that is necessary for the specified purposes. The categories of data we collect include:
Information you provide directly:
- Name and email address
- Phone number
- Profile photo (if provided)
- Organisation or club membership details
Information collected automatically:
- Device type, operating system, and version
- Unique device identifiers
- App usage patterns and interaction data
- Crash logs and performance diagnostics
Device permissions: The app may request access to:
- Camera — for profile photos and in-app image capture
- Storage — for saving and uploading files
- Notifications — for sending you relevant updates and alerts
Each permission is requested only when needed and can be revoked at any time through your device settings.
4. Purpose of Data Processing
We process your personal data only for specific, clear, and lawful purposes:
- To provide, operate, and maintain the Yi One application
- To create and manage your user account
- To send notifications, updates, and administrative messages
- To respond to your inquiries and provide customer support
- To monitor and improve app performance and user experience
- To detect, prevent, and address technical issues or security threats
- To comply with applicable laws and legal obligations
We will not process your personal data for any purpose beyond what is stated above without obtaining your fresh consent.
5. Data Retention and Erasure
We retain your personal data only for as long as it is needed to fulfil the purposes described above, or as required by law. Specifically:
- Your data will be erased when you withdraw consent, unless retention is mandated by law.
- Your data will be erased when it is reasonable to assume that the specified purpose is no longer being served.
- Upon account deletion or a verified erasure request, we will delete or anonymise your data within 30 days.
6. Data Sharing and Disclosure
We do not sell, trade, or rent your personal data. We may share your data only in the following limited circumstances:
- Data Processors: With trusted third-party service providers who process data on our behalf (e.g., cloud hosting, analytics). All Data Processors are engaged under a valid contract and are bound by confidentiality and data protection obligations consistent with the DPDP Act.
- Legal Requirements: When required by law, regulation, court order, or governmental authority.
- Safety: To protect the rights, property, or safety of our users, the company, or the public.
- Business Transfers: In connection with a merger, acquisition, or sale of assets, where your data would remain subject to this privacy policy.
7. Cross-Border Data Transfer
Your personal data may be stored and processed on servers located outside India (e.g., cloud infrastructure providers). Any such transfer is carried out in compliance with the provisions of the DPDP Act and applicable rules. We will not transfer your personal data to any country or territory restricted by the Central Government of India.
8. Data Security
We implement reasonable security safeguards to protect your personal data, including:
- Encryption of data in transit (TLS/SSL) and at rest
- Access controls and authentication mechanisms
- Regular security assessments and monitoring
While we take all reasonable measures, no system is completely secure. In the event of a personal data breach, we will promptly notify the Data Protection Board of India and affected Data Principals in the manner prescribed under the DPDP Act.
9. Your Rights as a Data Principal
Under the DPDP Act, 2023, you have the following rights:
- Right to Access: You may request a summary of the personal data we hold about you and the processing activities associated with it.
- Right to Correction: You may request correction or completion of inaccurate or incomplete personal data.
- Right to Erasure: You may request deletion of your personal data, subject to legal retention requirements.
- Right to Withdraw Consent: You may withdraw your consent at any time. The process for withdrawal is as easy as giving consent.
- Right to Nominate: You may nominate another individual to exercise your rights on your behalf in the event of your death or incapacity.
- Right to Grievance Redressal: You have the right to raise a grievance with our Grievance Officer (see Section 11 below) and, if unsatisfied, with the Data Protection Board of India.
To exercise any of these rights, please contact our Grievance Officer using the details in Section 11.
10. Children’s Privacy
In accordance with the DPDP Act, we treat any individual below the age of 18 years as a child. We will:
- Not process personal data of children without verifiable consent from a parent or lawful guardian.
- Not undertake tracking, behavioural monitoring, or targeted advertising directed at children.
- Not process personal data of children in any manner that is likely to cause harm to them.
If we become aware that we have collected data from a child without proper parental consent, we will take steps to delete that information promptly.
11. Grievance Officer
In compliance with the DPDP Act, 2023, we have designated a Grievance Officer to address your concerns regarding the processing of your personal data:
Grievance Officer
CodeEdge Tech & Ventures Pvt Ltd
Email: grievance@codeedgetech.com
We will acknowledge your grievance within 48 hours and aim to resolve it within 30 days. If you are not satisfied with our response, you may file a complaint with the Data Protection Board of India.
12. Third-Party Services
The app may contain links to or integrations with third-party services. These services have their own privacy policies and we are not responsible for their data practices. We encourage you to review the privacy policies of any third-party service before providing your personal data.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Any material changes will be communicated to you through the app or via email before they take effect. The updated policy will be posted on this page with a revised “Last updated” date. Continued use of the app after changes constitutes acceptance of the revised policy.
14. Contact Us
For any questions or concerns about this Privacy Policy or our data practices:
- Company: CodeEdge Tech & Ventures Pvt Ltd
- General Enquiries: privacy@codeedgetech.com
- Grievance Officer: grievance@codeedgetech.com
- Website: https://codeedgetech.com