Privacy Policy

1. Information We Collect

1.1 Information You Provide Directly

• Account Information: When you create an account, we collect your name, email address, and profile photo (if you sign in via Google).
• Contact Form Data: If you contact us, we collect your name, email, and the content of your message.
• Payment Information: When you subscribe to a paid plan, your payment details (credit/debit card number, billing address) are collected and processed directly by Razorpay Software Private Limited — our payment processor. We do not store, process, or have access to your full card details. We only receive a confirmation of payment status, subscription ID, and billing email from Razorpay.

1.2 Information Collected Automatically

• Analytics Data: Pages visited, time on site, geographic location (country/city level), browser type, device type, and referral source — collected via Google Analytics.
• Usage Data: Tool usage counts and rate-limit tracking (stored server-side, tied to your account or IP).
• Cookies & Local Storage: Theme preference (dark/light), login session tokens, rate-limit counters, and analytics cookies.

1.3 Text Input (Not Collected)

All text you enter into our tools is processed entirely in your browser. We never transmit, store, or read the content you type. Your documents and text never leave your device. For AI-powered tools (Rewriter, Hook Generator, Script Writer), text is sent to the AI model provider (OpenRouter) for processing — but it is not stored by us after the response is delivered.

2. How We Use Your Information

• Account management: To create and maintain your account, authenticate your identity, and manage your subscription.
• Payment processing: To process subscription payments and send invoices/receipts via Razorpay.
• Service improvement: To understand usage patterns and improve our tools via analytics.
• Customer support: To respond to your queries and resolve issues.
• Legal compliance: To comply with applicable laws, regulations, and legal processes under Indian law.

3. Disclosure of Information to Third Parties

We do not sell your personal data. We share information only with the following categories of third parties, and only to the extent necessary:

• Razorpay — Our payment processor. Receives your billing details to process subscription payments. (Razorpay Privacy Policy)
• Google (Firebase) — For user authentication (login via Google), database storage (account plan, usage data). (Firebase Privacy Policy)
• Google Analytics — For aggregated and anonymised website analytics. (Google Privacy Policy)
• OpenRouter — AI-powered tools send text prompts to AI models via OpenRouter for processing. Text is not stored after the response is returned. (OpenRouter Privacy Policy)
• Cloudflare, Inc. — For website hosting, content delivery, and DDoS protection. (Cloudflare Privacy Policy)
• Law Enforcement: We may disclose your information if required to do so by law, court order, or government request under Indian jurisdiction.

4. Data Security

We implement reasonable security practices and procedures as required under the Information Technology Act, 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011. These include:

• All data transmitted between your browser and our servers is encrypted using TLS/SSL (HTTPS).
• Payment processing is handled by Razorpay, a PCI-DSS compliant payment processor — the highest level of payment security certification.
• User authentication is handled via Firebase Authentication with industry-standard OAuth 2.0 protocols.
• Server-side security includes CORS restrictions, rate limiting, input validation, and comprehensive security headers (HSTS, CSP, X-Frame-Options).
• Text processing for the Humanizer, Pattern Remover, and Paragraph tools happens entirely client-side — your content never reaches our servers.

5. Data Retention

We retain your account information for as long as your account is active. If you delete your account or request data deletion, we will remove your personal data within 30 days, except where retention is required by law. Payment records are retained as required under the Indian Income Tax Act and GST regulations.

6. Your Rights

Under the Information Technology Act, 2000 and the Digital Personal Data Protection Act, 2023, you have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate personal data
• Request deletion of your personal data ("right to be forgotten")
• Withdraw consent for data processing at any time
• Opt out of analytics tracking (use browser extensions like uBlock Origin)
• Unsubscribe from emails (link provided in every email)
• Lodge a complaint with the appropriate Data Protection authority

To exercise any of these rights, contact us at support@verbixo.com.

7. Children's Privacy

Our service is not directed to children under 18. We do not knowingly collect personal information from children under 18. If you believe we have collected such information, please contact us immediately and we will delete it.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For significant changes, we will also notify you via email.

9. Grievance Officer

In accordance with the Information Technology Act, 2000, the name and contact details of the Grievance Officer are provided below:

10. Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of India, including the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023. Any disputes shall be subject to the exclusive jurisdiction of the courts in New Delhi, India.