CreditBrahmastra ("we", "us", "our") is an AI-powered credit report intelligence platform that helps Indian users understand, analyse, and improve their credit health. This Privacy Policy explains what data we collect, why we collect it, how we use it, and your rights over it.
By using CreditBrahmastra, you agree to the collection and use of data as described in this policy.
| Data | Why we collect it |
|---|---|
| Mobile number | Primary identifier; used to send OTP and link your account |
| OTP (one-time password) | Verifies your mobile number; stored temporarily (5-minute TTL), then overwritten |
| Email address | Optional; for account recovery and report delivery notifications |
| PAN number | Required to fetch your live bureau report via Roopya API |
| Credit report data | Fetched from bureau APIs; used for analysis and stored as structured data |
| Credit analysis results | AI-generated structured data extracted from your report |
| Subscription status | Current plan, payment source, and validity dates |
| Error logs | Via Sentry for crash debugging — no PII beyond device OS/version |
We do not collect: precise location, contacts, camera, microphone, call history, SMS content, device identifiers (IMEI/IDFA), or advertising identifiers.
| Purpose | Data used |
|---|---|
| Authenticate your identity | Mobile number, OTP |
| Fetch your credit bureau report | PAN number, mobile number (via Roopya) |
| Analyse your credit report | Bureau report data |
| Store and display report history | Analysis results, bureau, date |
| Process payments and manage subscriptions | Razorpay / Google Play tokens, plan data |
| Fix bugs and improve the service | Error logs (Sentry) |
We do not use your data for targeted advertising, selling to third parties, or training AI models on your personal credit data.
| Service | Purpose | Data shared |
|---|---|---|
| Roopya.money | Bureau report fetching (CIBIL, Equifax, Experian, CRIF) | PAN, mobile number |
| Razorpay | Payment processing | Mobile number, plan name, order IDs |
| Google Play Billing | In-app subscriptions | purchaseToken, product ID |
| Sentry | Error monitoring | Error stack traces, device OS/version (no PII) |
| Azure / Groq / OpenRouter | Credit analysis AI | Report text only — no name or mobile shared |
| Telegram | Optional bot notifications | Telegram user ID (only if you link your account) |
| Data type | Retention period |
|---|---|
| Credit analysis results | Until you delete your account |
| Mobile number / account | Until you delete your account — on request to privacy@creditbrahmastra.com |
| Payment records | 7 years (legal / tax requirement) |
| OTP | 5 minutes (TTL enforced in database) |
| Error logs (Sentry) | 90 days |
Under the Digital Personal Data Protection Act 2023 (India), you have the right to access, correct, delete, or export your data. To exercise any right, email privacy@creditbrahmastra.com with subject "Data Request — [your mobile number]". We respond within 30 days.
CreditBrahmastra is intended for users aged 18 and above. We do not knowingly collect data from minors. Contact privacy@creditbrahmastra.com to report any such case.
We may update this policy. Active users will be notified via in-app notification before changes take effect.
CreditBrahmastra
Privacy contact: privacy@creditbrahmastra.com
Response time: within 30 days