Privacy policy

PennyDrive is a cloud storage service. This policy explains what personal data we collect, why we collect it, how we protect it, and the rights you have under India's Digital Personal Data Protection Act, 2023 ("DPDP Act").

1. Who we are

PennyDrive is operated as a sole proprietorship based in Indore, Madhya Pradesh, India. For the purposes of the DPDP Act, we are the Data Fiduciary responsible for your personal data.

If you have any questions about this policy or how we handle your data, contact us at support@pennydrive.in.

2. What we collect

From Google Sign-In

Your email address (verified by Google)
Your display name (the name on your Google account)
A Google-issued user identifier ("sub") that lets us recognise your account on return visits

We do not receive your Google password, contacts, calendar, or any Google account data beyond the three items above.

From Sign in with Apple (iOS only)

Your email address (real or Apple's private relay alias, depending on what you choose to share at sign-in)
Your name as you provide it to Apple at sign-in (only sent to us on your first sign-in; not on subsequent ones)
An Apple-issued user identifier ("sub") that lets us recognise your account on return visits

If you choose Hide My Email, Apple gives us a private relay alias (...@privaterelay.appleid.com) instead of your real email. We use it the same way as a regular email — for transactional notifications — and Apple forwards messages to your real inbox. We never see your real email in this case.

We do not receive your Apple ID password, payment methods, contacts, photos, or any other Apple account data beyond what is listed above.

From your use of the app

File metadata — filename, file size, SHA-256 hash, folder structure, upload and archive timestamps. We need this to list your files and show folder sizes.
Device information — device name, device type (Android or iOS), IP address, and session activity, used for session management and so you can remotely log out devices.
Usage logs — API request timestamps and error records used for security monitoring and service operation.
Billing records — subscription state, plan choice, billing cycle, and invoice history. Actual card or UPI credentials are handled entirely by our payment processor; we never see or store them.
Diagnostics — crash reports collected via our error-monitoring provider (Sentry) to find and fix bugs. These are de-identified — not linked to your name, email, or account.

What we never collect

The contents of your files for any purpose other than storage. We do not open, scan, or index your files for advertising, training, recommendations, or any product feature beyond the storage operations you ask for (upload, download, archive, retrieve, generate thumbnails).
Your location beyond the IP address attached to a sign-in event.
Contacts, SMS, microphone, camera (outside the file picker), or any data from other apps.

3. Why we collect it (purposes & legal basis)

What	Why	Legal basis
Email (or Apple private relay alias), display name, Google sub or Apple sub	Create and identify your account; send transactional notifications (retrieval ready, billing receipts, security alerts)	Performance of contract
File metadata	Operate the storage service — list files, enforce quotas, archive, retrieve	Performance of contract
Device + session info	Keep your account secure; let you review active sessions	Legitimate interest (security)
Usage logs	Detect abuse, investigate incidents, fix bugs	Legitimate interest (security and service quality)
Billing records	Process subscriptions, issue GST invoices, handle refunds (see our refund policy)	Performance of contract and legal obligation (tax)

You grant consent for these purposes when you complete the onboarding consent screen. Because this processing is what lets us run your account, you withdraw consent by deleting your account (see section 6). You can manage push notifications at any time from your device's notification settings.

4. Where your data is stored

Files are held in active storage when recently uploaded, and moved to cold (archive) storage when you choose to archive a folder.

Your data is encrypted in transit and at rest.

5. Who we share it with

We do not sell your data. We do not share it for advertising. We share strictly limited information with the following processors who help us operate the service:

Google — for sign-in only. Google receives no data from PennyDrive other than what you already share by signing in with your Google account.
Apple — for Sign in with Apple on iOS, and for the private relay email forwarding service when you choose Hide My Email. Apple receives no data from PennyDrive other than what you already share by signing in with your Apple ID.
Apple App Store and Google Play — billing processors for our iOS and Android apps respectively. Subscriptions and coin pack purchases are handled entirely by Apple or Google; payment credentials (card, UPI, bank) never reach us. They share back the minimal transaction metadata we need to credit your account.
Cloud infrastructure & push-notification providers — they host our service and deliver notifications on our behalf, under contractual safeguards.
Sentry — our error-monitoring provider, which receives de-identified crash reports (not linked to your identity) so we can fix bugs.

We may disclose information if legally compelled to do so (court order, government request under applicable law). Where legally permitted, we will notify you before doing so.

6. How long we keep it

While your account is active: we retain your data for as long as the account exists.
After account deletion: when you delete your account, we begin a 30-day purge. All files, thumbnails, metadata, and profile information are permanently removed within 30 days. This window exists for safety (accidental deletion recovery) and to complete any outstanding billing reconciliation.
Billing records: invoices and payment records are retained for 8 years after account deletion, as required by Indian tax law.
Security logs: retained for 90 days, then deleted.

7. Your rights under the DPDP Act

As a Data Principal, you have the right to:

Access — request a copy of the personal data we hold about you
Correct — ask us to correct inaccurate or outdated data
Erase — request deletion of your data, subject to legal retention requirements
Withdraw consent — manage push notifications in your device settings, or withdraw fully by deleting your account
Nominate — nominate someone to exercise your rights in case of your death or incapacity
Grievance redressal — raise a complaint with our grievance officer (see section 10) or, if unresolved, with the Data Protection Board of India

To exercise any of these rights, use the in-app controls in Account → Privacy & data, or email support@pennydrive.in. We respond within 7 working days and complete fulfilment within 30 days.

Requesting a data export. Email support@pennydrive.in with the subject line "Data export request" from the email address registered on your PennyDrive account. We will compile and send the personal data we hold about you — including your profile, file metadata, folder structure, archive and retrieval history, and subscription and billing records — in a machine-readable format within 30 days. The file bytes themselves are not included; they remain accessible through the app (regular download for active files, retrieval for archived files).

8. Security & breach notification

We use industry-standard security: encryption in transit and at rest, encrypted session tokens stored on your device's secure keystore, rate limiting, and automated monitoring for suspicious activity.

If we suffer a personal data breach that risks harm to you, we will notify you and the Data Protection Board of India within 72 hours, in accordance with the DPDP Act.

9. Children

PennyDrive is intended for users aged 18 and above. You confirm your age at sign-up. We do not knowingly collect data from anyone under 18. If you believe a minor has created an account, contact us and we will remove the account and associated data.

10. Grievance officer

PennyDrive Grievance Officer
Indore, Madhya Pradesh, India
Email: privacy@pennydrive.in

In accordance with the DPDP Act, the grievance officer is available to address concerns regarding the processing of your personal data. We aim to respond to grievances within 7 working days and resolve them within 30 days.

11. Changes to this policy

We may update this policy from time to time. If we make material changes, we'll notify you in-app and by email before the changes take effect. The version number and "last updated" date at the top of this page always reflect the current version.

12. Contact

General support: support@pennydrive.in

Grievance officer: privacy@pennydrive.in