PRIVACY POLICY

Effective Date: February 7, 2026Last Updated: February 7, 2026

This Privacy Policy describes how Nyaysopan, operated by Gohiggler Private Limited ("Company", "we", "us", "our"), collects, uses, stores, shares, and protects personal information when you use our mobile application and related services (the "Platform").

By using the Platform, you agree to the practices described in this Privacy Policy.

1. Scope and Legal Framework

1.1 Who This Policy Applies To

This Policy applies to:

  • Lawyers who offer services on the Platform.

  • Users/Clients who seek legal consultations.

  • Students who access educational content.

  • Visitors to our website or app.

1.2 Compliance

This Policy is designed to comply with:

  • The Information Technology Act, 2000 and Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.

  • Digital Personal Data Protection principles.

  • Google Play's User Data and Data Safety policies.

  • Apple App Store Review Guidelines and privacy requirements.

  • Industry-standard security and transparency practices.

1.3 Data Controller

Gohiggler Private Limited acts as the data controller for all personal data collected through the Platform.

2. Information We Collect

2.1 Information from Lawyers

We collect:

Identity and Professional Information:

  • Name, date of birth, gender (optional), photograph.

  • Contact details: email, phone number.

  • Bar Council ID, enrollment number, jurisdiction, specialization, years of practice.

  • Office/chamber address and contact details.

Identity Documents:

  • Government-issued IDs: Aadhaar, PAN, Advocate ID, Vakalatnama.

  • Other verification documents as required by applicable law.

Financial Information:

  • Bank account details or UPI ID for payouts.

  • Earnings, transaction history, withdrawal records, invoices.

Profile Content:

  • Biography, areas of practice, certifications, portfolio, and other uploaded materials.

2.2 Information from Users (Clients)

Basic Identifiers:

  • Name, phone number, email address.

Verification Information:

  • Aadhaar, PAN, or other identity documents (collected where required for KYC, fraud prevention, or regulatory compliance).

Optional Information:

  • Address, demographic details, additional profile information you choose to provide.

Consultation Data:

  • Metadata about consultations (date, time, duration, lawyer consulted, topics selected).

  • Documents you upload for legal review or signature.

2.3 Information from Students

  • Name, email address.

  • Academic records, mark sheets, entrance examination details and scores.

  • Educational information required for student-focused features.

2.4 Device and Technical Information

Automatically collected data includes:

  • Device identifiers (e.g., Android ID, IDFA), operating system version, device model, manufacturer.

  • IP address, general location (based on IP or device settings, if permissions granted).

  • App usage data, crash logs, diagnostic information, performance metrics.

  • Referrer data from app stores (e.g., install source, campaign information).

2.5 Communications Content

To operate the Platform and ensure safety:

In-App Chats:

  • Text messages exchanged between Users and Lawyers.

Voice Calls:

  • Call metadata (timestamp, duration, participants).

  • In certain cases, audio recordings or transcripts for moderation, security, dispute resolution, and legal compliance purposes.

Support Communications:

  • Emails, support tickets, feedback, and queries submitted to us.

2.6 Cookies and Similar Technologies

When you use our website or web components:

  • We may use cookies, web beacons, or similar technologies for authentication, analytics, security, and functionality.

  • Where required by law, we will obtain your consent before placing non-essential cookies.

You can manage cookie preferences through your browser settings.

3. How We Use Your Information

3.1 Legal Bases for Processing

We process personal data based on:

  • Consent: Where you provide clear, affirmative consent (e.g., for collecting sensitive IDs, processing voice/chat data, marketing communications).

  • Contractual Necessity: To provide the Platform, process payments, and perform our agreement with you.

  • Legal Obligation: To comply with tax, regulatory, law enforcement, and court requirements.

  • Legitimate Interests: To maintain platform security, prevent fraud, improve services, and defend our legal rights, provided these interests do not override your privacy rights.

3.2 Purposes of Processing

We use personal data for:

1. Account Management

  • Register and authenticate users, lawyers, and students.

  • Manage profiles, preferences, and account settings.

2. Lawyer Verification and Compliance

  • Verify identity, credentials, and eligibility of Lawyers.

  • Ensure compliance with Bar Council rules and regulatory requirements.

  • Conduct periodic re-verification.

3. Providing Services

  • Enable secure voice and chat consultations between Users and Lawyers.

  • Share necessary User information with Lawyers to provide legal services.

  • Route bookings, manage sessions, and facilitate follow-ups.

4. Payments and Financial Transactions

  • Process payments from Users and payouts to Lawyers through integrated payment processors.

  • Manage invoices, refunds, transaction records, and financial reporting.

5. Security, Fraud Prevention, and Policy Enforcement

  • Detect and prevent fraud, impersonation, unauthorized access, and misuse.

  • Monitor for sharing of contact information and off-platform circumvention.

  • Enforce Terms of Service and community guidelines.

  • Resolve disputes and handle complaints.

6. Analytics and Service Improvement

  • Monitor app performance, diagnose technical issues, and improve user experience.

  • Analyze usage patterns, develop new features, and conduct research.

7. Legal and Regulatory Compliance

  • Respond to lawful requests from authorities, courts, or regulators.

  • Comply with tax, accounting, and reporting obligations.

  • Cooperate with investigations and enforce legal rights.

8. Communication

  • Send service-related notifications (account alerts, booking confirmations, policy updates).

  • Respond to queries, support requests, and complaints.

  • Send promotional communications (only with your consent; you may opt out at any time).

We do not:

  • Sell, rent, or trade personal data to third parties for their marketing purposes.

  • Use voice or chat content for advertising or behavioral profiling unrelated to platform safety.

4. Voice and Chat Monitoring

4.1 Automated Analysis

To prevent misuse and enforce policies:

  • Voice calls and chat messages may be automatically analyzed using technology-driven systems (e.g., keyword detection, pattern recognition).

  • This analysis helps detect prohibited conduct, including sharing of contact information, fraud, harassment, and other violations.

4.2 Limited Purposes

Monitoring is used strictly for:

  • Policy enforcement and user safety.

  • Fraud detection and prevention.

  • Dispute resolution between Users and Lawyers.

  • Legal and regulatory compliance.

4.3 Human Review

Voice and chat data is not routinely reviewed by humans. Manual review may occur only when:

  • Necessary to investigate a reported violation, dispute, or safety concern.

  • Required by law enforcement or court order.

  • Required to protect the rights, safety, or property of users or the Company.

4.4 No Use for Advertising

We do not use voice or chat content for:

  • Advertising or marketing profiling.

  • Training AI models for unrelated commercial purposes.

  • Behavioral targeting or analytics unrelated to platform safety.

5. How We Share Your Information

We may share personal data with the following parties:

5.1 Between Users and Lawyers

  • We share limited User information with Lawyers as necessary to provide legal services (e.g., name, contact details, consultation details).

  • Lawyer profile information is shared with Users to help them make informed choices.

5.2 Service Providers and Processors

We engage trusted third-party service providers to assist with:

  • Payment processing and financial services.

  • Cloud hosting and infrastructure (e.g., AWS, Google Cloud, Azure).

  • Analytics and performance monitoring.

  • Customer support tools and communication platforms.

  • Identity verification and KYC services.

  • Email and SMS delivery services.

These providers are contractually required to:

  • Process data only on our instructions.

  • Maintain appropriate security measures.

  • Not use data for their own purposes.

5.3 Affiliates and Group Companies

We may share data with our affiliates or group companies for operational, compliance, support, and business purposes, subject to similar protections.

5.4 Legal and Regulatory Authorities

We may disclose personal data when required by:

  • Law, regulation, legal process, or court order.

  • Government or law enforcement requests.

  • To protect our rights, safety, property, or that of our users or the public.

5.5 Business Transfers

In the event of a merger, acquisition, restructuring, sale of assets, or bankruptcy, personal data may be transferred as part of the transaction. We will notify affected users and ensure continued protection under this Policy or an equivalent policy.

5.6 With Your Consent

We may share information with third parties where you have provided explicit consent.

We do not:

  • Disclose personal data to third parties for their independent marketing without your consent.

  • Share more data than necessary to fulfill the purposes described in this Policy.

6. International Data Transfers

If personal data is transferred outside India (for example, to cloud servers or service providers in other jurisdictions), we will:

  • Ensure the recipient provides an adequate level of data protection.

  • Use appropriate contractual safeguards (e.g., Standard Contractual Clauses).

  • Comply with applicable legal requirements for cross-border data transfers.

7. Data Retention and Deletion

7.1 Retention Periods

We retain personal data:

  • For as long as your account remains active.

  • As necessary to provide services and fulfill the purposes described in this Policy.

  • As required by law, regulation, tax, accounting, or legal obligations.

  • For a reasonable period to prevent fraud, resolve disputes, enforce agreements, and protect legal rights.

Specific retention periods include:

  • Transaction and financial records: Up to 7 years (or as required by law).

  • KYC and verification documents: Duration of account + up to 5 years.

  • Communications and support records: Up to 3 years after resolution.

  • Technical logs and analytics: Up to 2 years.

7.2 Account and Data Deletion

How to Request Deletion:

You may request deletion of your account and personal data:

  • Through in-app settings (Settings > Account > Delete Account).

  • By emailing us at admin@gohiggler.com with the subject line "Account Deletion Request."

What Happens After Deletion Request:

  • We will delete or anonymize personal data that is not required to be retained for legal, regulatory, or legitimate business purposes.

  • Certain data may be retained where legally required (e.g., transaction records for tax compliance, records related to ongoing disputes or investigations).

  • Deletion is typically completed within 30 days, subject to technical and legal requirements.

Data Retention After Deletion:

  • Backup copies may persist in our systems for up to 90 days but will not be accessible for operational use.

  • Aggregated or anonymized data that cannot identify you may be retained indefinitely for analytics and research.

8. Data Security

We implement industry-standard security measures to protect personal data, including:

Technical Safeguards:

  • Encryption of data in transit using HTTPS/TLS.

  • Encryption of sensitive data at rest where appropriate.

  • Secure APIs and authentication mechanisms.

Organizational Safeguards:

  • Role-based access controls and least-privilege principles.

  • Regular security audits and vulnerability assessments.

  • Employee training on data protection and confidentiality.

  • Logging and monitoring of access to sensitive data.

Physical Safeguards:

  • Secure data centers with access controls and monitoring (for self-hosted infrastructure).

  • Use of reputable cloud service providers with certified security standards (e.g., ISO 27001, SOC 2).

Incident Response:

  • We maintain incident response procedures to detect, respond to, and mitigate security breaches.

  • In the event of a data breach affecting your personal data, we will notify you and relevant authorities as required by law.

Limitations:

  • While we take reasonable safeguards, no system is completely secure. We cannot guarantee absolute security of your data.

  • You are responsible for maintaining the security of your account credentials and device.

9. Your Rights and Choices

Subject to applicable laws, you have the following rights:

9.1 Access

You may request a copy of the personal data we hold about you.

9.2 Correction

You may request correction or updating of inaccurate, incomplete, or outdated data.

9.3 Deletion

You may request deletion of your account and personal data, subject to legal and legitimate business retention requirements.

9.4 Restriction and Objection

In certain cases, you may restrict or object to specific processing activities (e.g., marketing communications, certain data uses).

9.5 Data Portability

Where technically feasible and required by law, you may request a copy of your data in a structured, commonly used, machine-readable format.

9.6 Consent Withdrawal

Where processing is based on consent, you may withdraw your consent at any time. This will not affect the lawfulness of processing based on consent before withdrawal.

9.7 How to Exercise Your Rights

To exercise any of these rights, contact us at:

We may need to verify your identity before responding. We aim to respond within 30 days of receiving a valid request.

10. Children's Privacy

The Platform is not intended for individuals under the age of 18. We do not knowingly collect personal data from minors.

If we become aware that we have inadvertently collected personal data from a child, we will:

  • Take reasonable steps to delete such data.

  • Deactivate the account if necessary.

If you believe a minor has provided personal data to us, please contact us at admin@gohiggler.com.

11. Third-Party Services and Links

11.1 Third-Party Integrations

The Platform integrates with third-party services (payment gateways, analytics providers, cloud storage, etc.). These services have their own privacy policies and terms. We are not responsible for their practices.

11.2 External Links

The Platform may contain links to third-party websites or services. We are not responsible for their content or privacy practices. You should review their policies before interacting with them.

11.3 Third-Party SDKs and Analytics

We may use third-party SDKs or analytics tools (e.g., Firebase, Google Analytics) to collect usage data and improve services. These tools operate under their own privacy policies and comply with applicable data protection requirements.

12. Marketing Communications

12.1 Consent

We may send you promotional emails, SMS, or push notifications about new features, offers, or services, but only with your consent.

12.2 Opt-Out

You may opt out of marketing communications at any time by:

  • Clicking "unsubscribe" in emails.

  • Replying "STOP" to SMS messages.

  • Adjusting notification preferences in app settings.

  • Contacting us at admin@gohiggler.com.

12.3 Transactional Communications

You cannot opt out of essential service-related communications (e.g., account alerts, booking confirmations, security notices), as these are necessary for the operation of the Platform.

13. Transparency and No Deceptive Practices

In line with app store policies and regulatory requirements:

  • We provide accurate and truthful information about our data practices.

  • In-app disclosures about data collection and use are clear, prominent, and timely.

  • We do not use deceptive techniques to obtain access to device data or evade app review processes.

  • Our Privacy Policy, app store disclosures (Google Play Data Safety, Apple App Privacy), and in-app notices are consistent with our actual practices.

If our data practices change materially, we will update this Policy and, where required by law, obtain renewed consent.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or app store policies.

How We Notify You:

Material changes will be communicated through:

  • In-app notification or banner.

  • Email to your registered address.

  • Posting the updated Policy on our website with a new "Last Updated" date.

Your Acceptance:

Your continued use of the Platform after the effective date of changes constitutes acceptance of the updated Policy. If you do not agree to the changes, you must stop using the Platform and may request deletion of your account.

15. Contact and Grievance Redressal

For questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact:

Gohiggler Private Limited

  • Email: admin@gohiggler.com

  • Grievance Redressal Officer: [Jayvardhan singh kelawat]

  • Address: [1527 , Manoharpura Badgaon Udaipur Rajasthan 313001]

  • Response Time: We aim to respond within 3 business days.

For urgent privacy concerns (e.g., suspected data breach, unauthorized access), please email us immediately with "URGENT – Privacy Concern" in the subject line.

16. Consent

By using the Platform, you acknowledge that you have read, understood, and agree to this Privacy Policy and consent to the collection, use, storage, sharing, and processing of your personal data as described herein.

If you do not agree, you must not use the Platform.