Privacy Policy

Introduction

Dynamic Signature India Pvt Ltd strives to meet the expectations of our Users by providing ChildSafe AI as a platform with ease of use and high security standards for the privacy of customer information. We follow the guidelines and obligations under the Digital Personal Data Protection Act, 2023 (DPDP Act) of India. This Privacy Policy describes our practices regarding the collecting, use, and sharing of information, which help us to support ChildSafe AI, features offered by the website and all of its affiliated Products or Services. It also describes how you may exercise your rights under the DPDP Act and how you may lodge a complaint with us or with the Data Protection Board of India (see Your Rights and Complaints).

Our Policies may be subject to change at our discretion without prior notice. All Users are directed to regularly review the Policies of the Platform to keep themselves updated. This Privacy Policy is incorporated into and subject to the Terms of Use.

By using or accessing the website or its affiliated Products or Services, the Users agree and accept the terms and conditions of the Privacy Policy. Mere use or access of the website and all its affiliated Products or Services by the User is an express consent to the use or disclosure of the User's personal information by us in accordance with this Privacy Policy. If the User does not agree to the Privacy Policy or Terms of Use, they are to refrain from accessing or using the website and all its affiliated Products or Services.

ChildSafe AI — Website and Affiliated Products or Services

The use and access of the ChildSafe AI website and all of its affiliated Products or Services, including the ChildSafe AI web application, chat services, School Solutions, and any other features, apps, technologies, software, or services offered by us under our Data Policy, are governed and bound by the Terms of Use and this Privacy Policy, which is incorporated into the Terms of Use.

Information We Collect

When Users use or access our website and affiliated Products or Services, we collect and store information provided by the Users to provide a safe, engaging, efficient, and customised experience on our Platform. To achieve this purpose, we collect information, including personal information.

Information and Content Users Provide

We collect the content, communications, and other information which Users provide while using our website and affiliated Products or Services. This includes:

• Account and profile information: Information provided when signing up for an account, such as parent or guardian phone number (used for verification), optional email address or Google sign-in where offered, child profile details (name, age, and other settings you choose to provide), and account credentials. When you sign in, we may record that you confirmed—via a required checkbox—that ChildSafe AI is used under the supervision of a parent, teacher, or guardian, together with a timestamp and (where applicable) a policy version string for audit purposes. We do not use Google sign-in to collect the account holder's date of birth as an age gate.
• User content: Content created or shared on our Platform, including chat messages, prompts, and other content you submit to our Services. This may also include metadata such as the date when content was created.
• Communications: Messages or communication with others through our Platform, and information you provide when you contact us (such as via email or support channels).
• Transaction information: If Users purchase or engage in financial transactions through our website or affiliated Products or Services, we collect information about the purchase or transaction including payment information (such as card details), billing and contact details, and account information.

Other Details We Collect and Log

As part of operating the ChildSafe AI application, we also collect and store the following:

• Chat sessions: Chat session titles, archived status, last active timestamps, and the profile associated with each session.
• Chat messages: Each user prompt and corresponding AI response, the companion mode used (e.g., companion, subject teacher, expert), timestamps, and when the AI uses web search to answer, the web sources or references it consulted.
• Session summaries: Rolling summaries of conversations that help provide context across longer chats.
• Long-term memories: Profile-scoped facts and preferences the AI remembers across sessions. We use long-term storage solely to personalise future conversations and learning. We do not conduct behaviour analysis of users of ChildSafe AI.
• OTP and verification data: One-time codes sent for phone verification, and reCAPTCHA or similar verification tokens when used (e.g., during onboarding).
• Browser and session data: Data stored in your browser (e.g., phone number, last login timestamp, companion mode preference) and server-side session identifiers that link your browser to your account.
• Chat history for context retrieval: Your queries and responses may be indexed in our search and storage systems so we can provide relevant context in ongoing conversations (for example, recent topics or earlier points discussed).
• Operational and security logs: We log certain events for safety, debugging, and security, including moderation or guardrail triggers when content is flagged or blocked, and access or error events as needed to protect and maintain our Services.

Information We Receive From Use of the Services

When you visit, use, or interact with the Services, we receive information about your visit, use, or interactions:

• Log data: Information your browser or device automatically sends, such as your Internet Protocol address, browser type and settings, the date and time of your request, and how you interact with our Services.
• Usage data: Information about your use and activity across the Services, such as the types of content you view or engage with, features you use, actions you take, time zone, country, dates and times of access, and type of computer or mobile device.
• Device information: Information about the device you use to access the Services, such as device name, operating system, device identifiers, and browser. This includes identifiers from apps or accounts you use.
• Location information: We may determine the general area from which your device accesses our Services (for example, based on IP address) for security reasons and to improve your experience, such as to protect your account by detecting unusual login activity or to provide more accurate or location-aware responses where you have chosen to provide such information.
• Cookies and similar technologies: We use cookies and similar technologies to operate and administer our Services and improve your experience. We store some information with cookies to help maintain your preferences across sessions, assist with authentication, and for security purposes. If you visit our login page, we may set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. When you log in, we may set cookies to save your login information and screen display choices. Login cookies may last for a limited period as configured; screen options cookies may last for a longer period. When you log out, the login cookies will be removed.

Information From Other Sources

We may receive information from other sources, such as trusted security and safety partners to protect safety and prevent fraud, abuse, and other threats to our Services.

Optional vs. Required Information

Some information is required for our Products to work (for example, phone number for verification and basic profile details). Other information is optional. If you choose not to provide certain optional information, the quality or personalisation of your experience may be affected. We are not responsible for any impact on your experience resulting from your decision to withhold optional information.

De‑identified and Aggregated Information

In some cases, information may be de-identified, aggregated, or anonymised so that it no longer identifies individuals. We use such information as described in this Policy. We do not attempt to re-identify de-identified or anonymised information, except where required by law.

How We Use Your Information

We use the information we collect for the following purposes:

• To provide and maintain our Services: We use your information to respond to your requests, process your prompts and chat content, provide age-appropriate and location-aware AI experiences, and deliver features you use.
• To personalize and improve your experience: We use your connections, preferences, interests, and activities to create personalized services that are unique and relevant to you and your child, and to provide tailored content and features.
• To improve and develop our Services: We use information we have to develop, test, and improve our website and affiliated Products or Services, including by conducting research, testing new features, and improving the AI models that power our services. We may use content you provide to improve model performance and safety, subject to our technical capabilities and internal policies.
• To promote safety, integrity, and security: We use information to verify accounts and activity, combat harmful conduct, detect and prevent spam and other bad experiences, maintain the integrity of our Services, and promote safety and security. This includes investigating suspicious activity or violations of our terms or policies.
• To communicate with you: We use information to send you service-related communications, respond when you contact us, and inform you about our policies and terms.
• To comply with legal obligations: We use information to comply with legal obligations and to protect the rights, privacy, safety, or property of our users, Dynamic Signature India Pvt Ltd, or third parties.

We may aggregate or de-identify information so that it no longer identifies you and use it for the purposes described above, such as to analyze how our Services are used and to improve them.

Long-term storage and no behaviour analysis: We use long-term storage (including profile-scoped memories) only to personalise future conversations and learning. We do not conduct behaviour analysis of users of ChildSafe AI.

Sharing of Information

We disclose your information in the following circumstances:

• Vendors and service providers: We disclose information to vendors and service providers who assist us in meeting business operations needs, including DigitalOcean, Google Cloud Platform (GCP), and Elasticsearch (chat history indexing and memory storage), and providers of content delivery, support, email, analytics, payment processing, and other technology services. These Data Processors operate under their own terms and conditions and privacy policies (see the Third-Party Links and Services section below for key providers and links to their policies). We do not share your chat content for marketing or advertising purposes.
• AI and model services: We send content to OpenAI (and, when configured, other model providers) for the purpose of providing AI responses, safety review (including content moderation), and improving our services. Content may be stored on our systems and our trusted service providers' systems.
• Search providers: When extra context is needed, we may use search providers such as Tavily to retrieve relevant information for AI responses. Queries and results may be processed by these providers.
• Government authorities or other third parties: We may share information with government authorities or other third parties when required to comply with a legal obligation, to protect and defend our rights or property, to detect or prevent fraud or other illegal activity, to protect the safety and security of our products and users, or to protect against legal liability.
• Business transfers: If the ownership or control of all or part of our website and affiliated Products or Services or their assets changes, we may transfer user information to the new owner.

We do not sell your data. We do not share your content for marketing or advertising purposes.

Legal Requests, Compliance and Preventing Harm

We access, preserve, use, and share your information when we believe it is necessary:

• In response to legal requests: Such as search warrants, court orders, subpoenas, production orders, or other valid legal process from government authorities, law enforcement, civil litigants, or other third parties.
• In accordance with applicable law: When we are legally obliged to disclose, retain, or process information under Indian law or other applicable jurisdictions.
• To promote safety and integrity: To protect the safety, security, and integrity of ChildSafe AI, our users, employees, property, and the public; to detect, prevent, or address fraud, abuse, illegal activity, or violations of our terms or policies; to investigate suspicious activity; or to protect against legal liability.

We may retain your information for an extended period when it is the subject of a legal request or obligation, governmental investigation, or investigation of possible violations of our terms or policies.

Data Transfers

Your information may be transferred to, stored, or processed in countries other than your country of residence, including countries where Dynamic Signature India Pvt Ltd, our affiliates, or our service providers operate. Data protection laws in those countries may differ from those in your jurisdiction. By using our Services, you consent to such transfer. We take steps to ensure that your information receives an adequate level of protection wherever it is processed.

Does Anyone View My Content?

A limited number of authorized personnel, as well as trusted service providers subject to confidentiality and security obligations, may access user content only as needed for: (1) investigating abuse or a security incident; (2) providing support if you reach out with questions about your account; (3) handling legal matters; or (4) improving our services, including model performance and safety. Access to content is subject to technical access controls and limited to authorized personnel on a need-to-know basis. We monitor and log access to user content.

Please do not enter sensitive information that you would not want reviewed or used.

Retention

We retain your information for as long as we need to provide our Services to you, or for other legitimate business purposes such as resolving disputes, safety and security reasons, or complying with our legal obligations. How long we retain information depends on the type of data, how we use it, and applicable law.

Information we retain for longer for legitimate security, safety, or legal reasons: In some cases, we need to retain information for longer, for example because we are legally required to, to address fraud and abuse, for security reasons, or for financial record-keeping purposes. This includes circumstances where specific Content or your account is subject to a legal request or obligation, governmental investigation, or investigations of possible violations of our terms or policies. We may retain information from accounts disabled for terms violations for a period as necessary to prevent repeated abuse or other violations.

Request for erasure of personal data

To request erasure of your personal data, please write to us at contact@childsafe.in and contact@safebrowse.ai. We will process your request and complete the erasure within 30 days, except where retention is required by law. Please note that we will not hand over or provide your personal data to you or any complainant as part of this erasure process; we will delete it from our systems.

Data Breach Notification

In the event of a personal data breach that compromises the confidentiality, integrity, or availability of your personal data, we will notify the Data Protection Board of India and each affected Data Principal as required under the DPDP Act and the rules made thereunder.

Withdrawal of Consent

Where consent is the basis for processing your personal data, you may withdraw your consent at any time. Upon withdrawal, we will, within a reasonable time, cease processing your personal data and erase it unless retention is required by law. To withdraw consent or request erasure, please write to contact@childsafe.in and contact@safebrowse.ai.

Security Measures

Dynamic Signature India Pvt Ltd has stringent security measures in place to protect the loss, misuse, and alteration of the information under our control. Whenever you change or access your account information, we offer the use of a secure server. Once your information is in our possession we adhere to strict security guidelines, protecting it against unauthorized access.

We implement commercially reasonable technical, administrative, and organizational measures designed to protect information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or email transmission is ever fully secure or error free. You should take special care in deciding what information you provide to the Services. We are not responsible for circumvention of any privacy settings or security measures, whether on our Services or on third-party systems, or for the actions of third parties.

Your Responsibility for Content

You are responsible for the content you create, share, or submit through our Services. When you share content with others or use features that allow sharing, those recipients may be able to copy, save, or redistribute that content. We are not responsible for how others use content you have shared. Please consider carefully what you share and with whom.

Your Account Responsibilities

Upon using the website, Users are responsible for maintaining the confidentiality of their account and password and for restricting access to their computer to prevent unauthorized access to their account. Users agree to accept responsibility for all activities that occur under their account or password. Users should take all necessary steps to ensure that the password is kept confidential and secure and should inform us immediately if they have any reason to believe that their password has become known to anyone else, or if the password is being, or is likely to be, used in an unauthorized manner.

Children

ChildSafe AI is designed for use by children under parental or lawful guardian supervision. Under the Digital Personal Data Protection Act, 2023 (DPDP Act), a “child” means an individual who has not completed eighteen years of age. We process personal data of children only after obtaining verifiable consent of the parent or lawful guardian, including through our account creation and phone verification process. Use of ChildSafe AI and affiliated Products or Services is available only to persons who can form a legally binding contract under the Indian Contract Act, 1872. If you are a minor (under 18 years), you may use ChildSafe AI only with the involvement of your parent or lawful guardian.

In line with our obligations under the DPDP Act, we do not undertake processing of personal data that is likely to cause any detrimental effect on the well-being of a child. We do not conduct tracking, behavioural monitoring, or targeted advertising directed at children.

A Note About AI Accuracy

Services like ChildSafe AI generate responses by predicting the words most likely to appear next based on a user's request. In some cases, the output may not be the most factually accurate. You should not rely on the factual accuracy of output from our models. Dynamic Signature India Pvt Ltd does not guarantee the accuracy, completeness, or suitability of AI-generated content for any particular purpose. Parents and guardians are responsible for supervising their children's use of our Services and for any reliance on the information provided. If you have questions or concerns about information in our Services, please contact us.

Third-Party Links and Services

Our website and affiliated Products or Services may link to other websites or integrate third-party services that may collect or process information about you. Key service providers we use include:

• OpenAI — AI model and content moderation services (see OpenAI's privacy policy)
• Elasticsearch — Chat history indexing and memory storage (see Elastic's privacy statement)
• Tavily — Real-time web search when extra context is needed (see Tavily's privacy policy)
• DigitalOcean — Hosting and cloud infrastructure (see DigitalOcean's privacy policy)
• Google Cloud Platform (GCP) — Cloud infrastructure and services (see Google Cloud's privacy notice)

Dynamic Signature India Pvt Ltd is not responsible for the privacy practices, data handling, or content of those third parties. Your use of third-party services is subject to their own terms and privacy policies. We encourage you to review those policies before using our Services.

Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will publish an updated version and effective date on this page. For material changes, we will provide notice as required by applicable law, which may include an in-product notification or notice on our website. Your continued use of the Services after the effective date of any changes constitutes your acceptance of the updated policy. If you do not agree to the changes, you must stop using the Services.

Your Rights and Complaints

Under the Digital Personal Data Protection Act, 2023 (DPDP Act), you have rights in relation to your personal data, including the right to access, correct, complete, update, or erase your personal data, and the right to withdraw consent. To exercise these rights, please send your request to contact@childsafe.in and contact@safebrowse.ai. We will send an initial reply within 30 days of the date of submission of your request.

Right to access: You may request a summary of the personal data we process and the processing activities we undertake, as well as the identities of Data Fiduciaries and Data Processors with whom we have shared your personal data. Send your request via email to the addresses above; we will respond within 30 days with the information in a clear format, subject to any exceptions under the DPDP Act.

Account deactivation and data removal

To request account deactivation or permanent removal of your data, please write to contact@childsafe.in and contact@safebrowse.ai. Account deactivation will be completed within 30 days. Permanent removal of your data will be completed within 90 days.

Grievance redressal

We have an effective grievance redressal mechanism. If you have any complaint or concern about the processing of your personal data or our compliance with the DPDP Act, please send your grievance to contact@childsafe.in and contact@safebrowse.ai. We will respond with an initial reply within 30 days of the date of submission.

Complaint to the Data Protection Board of India

If you are not satisfied with our response to your grievance, you may make a complaint to the Data Protection Board of India. You must first exhaust the opportunity of redressing your grievance with us before approaching the Board. The Board conducts its proceedings in digital form. For the manner and process of lodging a complaint with the Board, please refer to the rules and notifications issued under the DPDP Act, including on the official website of the Ministry of Electronics and Information Technology or the Data Protection Board of India.

Right to nominate

Under the DPDP Act, you have the right to nominate another person to exercise your rights in the event of your death or incapacity. The nominee must be one of: a parent, grandparent, sibling, spouse, or legal heir. To nominate someone, you must provide a government-approved document proving your relationship with the nominee. We may ask for supplementary documentation if the initial document is not satisfactory; we will respond within 30 days if we require additional proof. The nominated person will have the right only to (a) delete your account, or (b) remove your previous conversation details. We will not grant any other rights (such as access or portability) to the nominee. Account deletion will be carried out within 30 days of a valid request; deletion of conversation history will be carried out within 90 days. Please send nomination requests to contact@childsafe.in and contact@safebrowse.ai. Management reserves the right to not accept a request if the document proving relationship is not found satisfactory; in such cases, we will respond within 30 days to request supplementary documentation.

Contact Us

If you have any questions or concerns about this Privacy Policy or our practices, please contact us at contact@childsafe.in and contact@safebrowse.ai. You may also use our contact form. Dynamic Signature India Pvt Ltd is the data controller responsible for the processing of your information as described in this policy.