Legal

Privacy Policy

Effective Date: 18 April 2026  ·  Last Updated: 18 April 2026
App: CreditBrahmastra  ·  Company: CreditBrahmastra  ·  Contact: privacy@creditbrahmastra.com

Overview

CreditBrahmastra ("we", "us", "our") is an AI-powered credit report intelligence platform that helps Indian users understand, analyse, and improve their credit health. This Privacy Policy explains what data we collect, why we collect it, how we use it, and your rights over it.

By using CreditBrahmastra, you agree to the collection and use of data as described in this policy.

Data We Collect

DataWhy we collect it
Mobile numberPrimary identifier; used to send OTP and link your account
OTP (one-time password)Verifies your mobile number; stored temporarily (5-minute TTL), then overwritten
Email addressOptional; for account recovery and report delivery notifications
PAN numberRequired to fetch your live bureau report via Roopya API
Credit report dataFetched from bureau APIs; used for analysis and stored as structured data
Credit analysis resultsAI-generated structured data extracted from your report
Subscription statusCurrent plan, payment source, and validity dates
Error logsVia Sentry for crash debugging — no PII beyond device OS/version

We do not collect: precise location, contacts, camera, microphone, call history, SMS content, device identifiers (IMEI/IDFA), or advertising identifiers.

How We Use Your Data

PurposeData used
Authenticate your identityMobile number, OTP
Fetch your credit bureau reportPAN number, mobile number (via Roopya)
Analyse your credit reportBureau report data
Store and display report historyAnalysis results, bureau, date
Process payments and manage subscriptionsRazorpay / Google Play tokens, plan data
Fix bugs and improve the serviceError logs (Sentry)

We do not use your data for targeted advertising, selling to third parties, or training AI models on your personal credit data.

Third-Party Services

ServicePurposeData shared
Roopya.moneyBureau report fetching (CIBIL, Equifax, Experian, CRIF)PAN, mobile number
RazorpayPayment processingMobile number, plan name, order IDs
Google Play BillingIn-app subscriptionspurchaseToken, product ID
SentryError monitoringError stack traces, device OS/version (no PII)
Azure / Groq / OpenRouterCredit analysis AIReport text only — no name or mobile shared
TelegramOptional bot notificationsTelegram user ID (only if you link your account)

Data Retention

Data typeRetention period
Credit analysis resultsUntil you delete your account
Mobile number / accountUntil you delete your account — on request to privacy@creditbrahmastra.com
Payment records7 years (legal / tax requirement)
OTP5 minutes (TTL enforced in database)
Error logs (Sentry)90 days

Data Security

Your Rights

Under the Digital Personal Data Protection Act 2023 (India), you have the right to access, correct, delete, or export your data. To exercise any right, email privacy@creditbrahmastra.com with subject "Data Request — [your mobile number]". We respond within 30 days.

Children's Privacy

CreditBrahmastra is intended for users aged 18 and above. We do not knowingly collect data from minors. Contact privacy@creditbrahmastra.com to report any such case.

Changes to This Policy

We may update this policy. Active users will be notified via in-app notification before changes take effect.

Contact

CreditBrahmastra
Privacy contact: privacy@creditbrahmastra.com
Response time: within 30 days