Kheelona Robotics Privacy Policy (Beta)
Effective Date: October 28, 2025 (Last Updated: October 28, 2025)
Quick Summary for Parents:
- What We Collect: Parent account details (like name, contact, shipping info), child profile info (first name, age, pronouns), your child’s voice conversations with the Kheelona toy (audio recordings and text transcripts), and device/usage data (e.g. app version, IP address, cookies on our site).
- Why: We use this data to operate the toy and app, personalize your child’s experience, process orders and payments, improve our AI toy’s responses, and keep the service safe and secure. We do not use children’s data for advertising or sell any personal data.
- How Long: Audio recordings and transcripts are kept for about 3 years; account and purchase records for 7 years (for legal reasons). We delete or anonymize data when it’s no longer needed or upon request (subject to legal retention needs).
- Parental Controls: Only parents or guardians can create accounts, consent to data use, manage settings, and make purchases. The toy and app require parental consent to function. Parents can request deletion of their child’s recordings or account at any time. In this beta, you’ll need to email us for such requests (self-service tools are planned).
- Your Rights: You have the right to access, correct, or delete your data, withdraw consent (e.g. opt out of marketing), and raise any concerns. We have a Grievance Officer to address complaints.
- Contact Us: Questions or requests? Email legals@kheelona.com. Our Grievance Officer (details at the end) will help resolve any privacy issues promptly.
Beta Status (Limited Beta Launch)
Kheelona is currently in a limited beta launch. This means the toy, app, and services are still under development and may change as we improve the product. Features, data flows, and third-party service providers might evolve during this beta phase. We will clearly update this Privacy Policy (with a new "Last Updated" date) if we make material changes to how we handle your data, and we’ll notify parents of major updates (for example, via email or in-app notice) when required. Thank you for helping us test and improve Kheelona – we remain committed to protecting your and your child’s privacy throughout this beta period and beyond.
Scope of this Privacy Policy
This Privacy Policy explains how Kheelona Robotics Private Limited (“Kheelona,” “we,” “our” or “us”) collects, uses, shares, and protects personal information. It applies when you use our AI toy, the accompanying mobile app, our website (www.kheelona.com), and any other services or interactions with us (collectively, the “Services”).
Audience: Our Services are intended to be used by parents/guardians and their children. The AI toy is designed for children ages 2–8, but only parents or legal guardians are permitted to create accounts, manage settings, and provide information to us. We do not knowingly allow children to sign up or provide personal data directly to Kheelona without parental involvement. By using our Services, you acknowledge that you are an adult (parent or guardian) and will supervise your child’s use of the AI toy and app.
Jurisdiction: We primarily follow and comply with Indian privacy laws, including the Digital Personal Data Protection Act, 2023 (“DPDP Act”) and applicable rules under the IT Act (such as the Intermediary Guidelines and Digital Media Ethics Code Rules, 2021). We obtain verifiable parental consent for processing children’s data as required by law, and we implement safeguards for international data transfers as described below. This policy is governed by Indian law, and any disputes will be handled in accordance with applicable laws in India.
What Personal Data We Collect
We want you to understand what information we collect about you (the parent/guardian) and your child when you use Kheelona. Below we break down the types of data we collect into categories for clarity. If we ever need to collect something not listed here, we will update this Policy and, if necessary, ask for your consent.
1. Parent Account & Purchase Information
When you as a parent or guardian interact with Kheelona (for example, by creating an account or buying our toy), we collect the following information:
-
Contact Details: Your name, email address, and mobile phone number. We use these for account creation, login verification (we verify your number via OTP One-Time Password during sign-up/login), and to communicate with you about order updates or support.
-
Account Credentials: We use an OTP-based login for our mobile app to ensure that only you (the parent) can access the account. We do not use or store traditional passwords for authentication – instead, you’ll verify your identity via a code sent to your phone or email.
-
Shipping and Billing Information: Your shipping address and, if different, billing address. We need these to deliver the physical toy to you and for invoice records.
-
Order and Transaction Details: Records of what you purchased (the toy, accessories, etc.), order dates, and transaction amounts. We keep invoices and payment confirmations (with transaction IDs) for accounting and warranty support.
-
Payment Information: If you make a purchase, payment is processed securely by our payment partner Razorpay. Kheelona does not store your card or UPI details on our servers. Razorpay will handle your credit/debit card, UPI, or other payment data directly on their secure platform. We only receive a confirmation of payment and basic details like payment method (e.g., “Visa ending in 1234”, or UPI ID) and status.
-
Customer Support Communications: If you reach out to us for help (via email, chat, or phone), we will collect the information you provide during those interactions. This includes your contact info and the content of your queries or reports (for example, if you email support with an issue, we’ll have that email and our response). We use these to assist you and to improve our Services (e.g., fixing bugs you report).
2. Child Profile & Interaction Data
Our AI toy is used by children, but only with a parent or guardian setting things up and giving consent. We collect minimal information about your child necessary to personalize the experience and ensure their safety:
-
Child Profile: During setup, we ask for your child’s first name (or nickname), age, and preferred pronouns. We use this to personalize the toy’s interactions (for example, the toy might greet the child by name and use correct pronouns) and to tailor content to be age-appropriate. We do NOT require or collect a child’s last name, address, school info, or other identifying details.
-
Voice Conversations (Audio Recordings): When your child speaks to the Kheelona toy, the toy’s microphone will capture their voice so that the AI can respond. These audio recordings of the conversations between your child and the toy are collected. In normal operation, the toy listens when spoken to or activated by a wake word or button. We do not continuously eavesdrop when the toy is idle, and we do not activate any recording except for the purpose of the child interacting with the toy. However, please note that if others speak or background sounds occur during your child’s interaction, those could be incidentally recorded as part of the conversation.
-
Conversation Transcripts: The audio of your child’s conversations is sent to our servers and converted to text (this is done using our speech recognition and AI systems). We store the text transcripts of the dialogues between your child and the toy. These transcripts allow the toy’s AI to “remember” context within a session and also let you as a parent review what was discussed (for transparency and safety). For example, you might be able to see in the app what questions your child asked the toy and what answers were given.
-
Play and Usage Logs: We may log certain events about how your child interacts with the toy and app, such as which features or games they use, how frequently they interact, or any preferences they express to the toy (for instance, if the toy asks their favorite animal and they answer, we might note that preference to personalize future responses). These logs help us improve content and troubleshoot any issues (like if the toy frequently misunderstands a particular question).
-
Safety and Abuse Monitoring: Currently, we do not have any manual monitoring of individual conversations. We do not have staff or outsiders listening to your child’s voice recordings or reading transcripts on a regular basis. In this beta, analysis of conversations is automated. We may use automated tools to detect if the AI’s responses are appropriate or if the child says something that our system flags (for example, if a child says a bad word or something indicating distress, the system might respond accordingly or notify the parent). However, no human is routinely reviewing your child’s conversations as a part of our product improvement. If in the future we consider involving any form of human review for quality or safety, we will update this policy and seek additional consent if required. Rest assured, we treat children’s voice recordings and transcripts as highly sensitive and protect them accordingly.
3. Device, App, and Website Data
Like most tech products, we gather some data automatically from the devices and browsers you and your child use to access our Services. This includes:
-
Device Identifiers: If you use our mobile app, we collect information about the parent’s device such as the device model, operating system version, app version, unique device IDs or identifiers, and Kheelona toy serial number or device ID when you pair the toy. This helps us ensure compatibility and diagnose technical issues.
-
IP Address and General Location: When the toy or app connects to our servers (or when you visit our website), we log the device’s IP address. From the IP, we can infer a general location like city or state and the country. This helps us route you to the nearest server and provide the service efficiently. We do not collect or use precise GPS location from your phone or the toy. Location information is at a coarse level (e.g., knowing that a user is in Bangalore, India, but not their exact street).
-
Network & System Info: We may collect network and diagnostics information such as the Wi-Fi or internet signal strength for the toy/app, time zone, language settings, and error codes. If the app or toy encounters a crash or error, a crash log or report may be sent to us containing technical details (like which part of the code failed) along with basic device info. These help us debug and improve stability.
-
Cookies and Website Usage: Our website uses cookies and similar tracking technologies. Cookies are small text files stored on your browser. We use them for:
-
Essential Functions: e.g., remembering your login session on our parent portal or keeping items in your cart. These cookies are necessary for the website to work and cannot be turned off (you can block them in your browser, but then some parts of the site may not work).
-
Analytics: We use tools like Google Analytics 4 to collect data on how our website is used – for example, which pages are visited, how long spent on site, etc. This helps us understand and improve the website experience. Analytics cookies collect information such as your IP (which Google may anonymize), browser type, and pages visited. We ask for your consent before setting analytics cookies, via our cookie banner. If you opt out, we won’t load these analytics tools.
-
Advertising/Marketing: We may use advertising pixels or cookies (such as Google Ads cookies or Meta Pixel from Facebook/Instagram) on our site. These allow us to show promotional ads about Kheelona to parents who visited our site, when they browse other websites or social media. For example, if you visit our site, later you might see an ad for Kheelona on Facebook – this is due to a cookie/pixel. Importantly, these are only used in contexts for adults (parents) – our toy and app do not display third-party ads to children, and we don’t use any child’s data for advertising. We obtain consent for marketing cookies via the banner. You can decline them, and the site will still function for basic use.
-
We provide a cookie consent banner when you first visit our site, allowing you to Accept, Reject, or Manage your cookie preferences. You can also adjust these preferences later at any time by clicking the “Cookie Settings” link in the website footer (or simply clearing cookies in your browser and revisiting to prompt the banner again). For more details, see our Cookies & Tracking section below.
-
App Analytics: In the mobile app, we may similarly collect usage analytics (e.g., which app screens are most used) to improve features. These might be collected via an analytics SDK integrated in the app. We will ask for your consent where required (for example, we might present a toggle or prompt in-app for analytics collection if it’s not essential to function). During beta, such analytics help us fix issues and enhance usability.
4. What We Don’t Collect
We deliberately do not collect certain kinds of data because they are not needed for our service or are especially sensitive. Unless explicitly mentioned above, here’s what we do NOT collect:
-
Precise Location: No GPS or live location tracking. The toy does not have GPS. We don’t know exactly where you or your child are, apart from general region via IP as described.
-
Cameras/Video or Photos: Our AI toy in its current version does not have a camera and cannot take photos or videos. (If a future version includes a camera for some feature, we will update this policy and likely require additional consent. But as of now, no visual data is collected.) We also do not ask you to upload photos/videos of your child.
-
Microphone use beyond the toy’s interactions: We do not access your phone’s microphone or any microphone except for the toy’s built-in mic during an interaction. The toy isn’t secretly recording— it only listens when it’s activated to respond to your child. We also do not record any ambient audio except what naturally occurs during the child-toy conversation.
-
Your Child’s Sensitive Personal Details: We don’t ask for or intentionally collect things like the child’s last name, address, school, friends’ names, precise birth date, or any government ID details. The profile is limited to first name/nickname, age, and pronouns. Please do not allow your child to share sensitive personal information with the toy (and if they do say something personal during a conversation, that info would be in the transcript/recording – you can always request it be deleted).
-
Contacts or Social Media Info: We do not access contacts on your phone, your social media accounts, or your child’s friends/family information. The toy cannot call or message others. Any sharing features will be parent-mediated if we introduce them.
-
Browsing of other apps: Our app does not scan your device for other app data, and our toy is not connected to the internet for general browsing. We only collect information as described to operate our specific Services.
-
Bluetooth/Wi-Fi Scans: Aside from connecting to your home Wi-Fi (which you set up for the toy via the app) and the necessary network data mentioned, we don’t collect data about other devices via Bluetooth or Wi-Fi scanning. For example, we don’t map out what other Bluetooth devices are nearby or anything like that.
If you ever have questions about whether we collect a certain type of information, please feel free to contact us. We aim to be transparent and collect only what is needed to provide a safe, enjoyable experience for your child.
How We Use Your Data (Purposes and Legal Bases)
We use the personal data we collect for various purposes in line with lawful bases allowed under the DPDP Act and other laws. In plain language, here’s how and why we use the data:
-
To Provide and Operate the Service: We use personal data to perform our contract with you – in other words, to make the toy and app work as intended. This includes using your child’s voice input and profile to generate AI responses and interactive content, using your account info to log you in and show you your child’s conversation history, and using address/payment info to process orders and deliver your toy. (Legal basis: Performance of contract with you, and explicit consent for processing your child’s voice data.)
-
Personalizing the Experience: We want the AI toy to address your child by name, remember their preferences (like favorite color or if they’re afraid of spiders), and give age-appropriate responses. We therefore use the profile info (name, age, pronoun) and past interactions to personalize the content. For example, if your child is 5 years old, the toy might use simpler language than it would for an 8-year-old. (Legal basis: Legitimate use expected by you as part of the service, and in some cases consent – e.g., you consent to us using profile data for personalization when you provide it.)
-
Maintaining a Conversation Log for Parents: One feature of our service is that parents (you) can access what questions your child is asking and what answers the AI toy is giving. We use the conversation transcripts and recordings to provide you this log through the parent app. This allows transparency – you can make sure the toy is engaging in appropriate dialogue. (Legal basis: Performance of our service for you; also your consent as a parent to process your child’s conversation data for this purpose.)
-
Customer Support: If you reach out with an issue, we will use the information about your account and device and the details you’ve given to troubleshoot and assist you. For example, if you say “the toy didn’t respond when my child said X,” we might look at the logs (with your permission) or replicate the issue to fix it. We also might use your email or phone to send you support updates. (Legal basis: Performance of contract – we’re helping deliver the service and fulfill our commitments to you; and legitimate interest in ensuring a good customer experience.)
-
Improvements and Analytics: We continually want to improve our AI models, toy features, and app. We analyze usage data, bug reports, and aggregated conversation patterns to see where we can do better. For instance, if many kids are asking the toy a question it can’t answer, that tells us we should teach the AI to handle that. Or we might analyze which stories or games in the toy are most popular to add more like them. Wherever possible, we use aggregated or pseudonymized data for this (meaning we look at trends across many users, not focusing on one child). During beta, analytics are crucial for us to refine the product. (Legal basis: Consent or legitimate uses. For example, we’ll seek consent for analytics cookies on the website. In the app, by using the beta you understand we’ll be collecting certain analytics – as a beta tester, you effectively consent to that. That said, we avoid any analysis that isn’t necessary for improving the service.) Importantly, we do not have humans listening to your child’s audio or reading transcripts as a part of regular improvement work, as noted. AI and statistical methods do the heavy lifting.
-
Voice Processing and AI Responses: This deserves special mention: our AI functionality involves sending your (or your child’s) queries to our language model service (Google’s Gemini 2.5 AI) to generate responses. We use your data (the conversation text, context like child’s age) in real time to get an answer from the AI and then send it back to the toy for your child to hear. We also use your child’s voice data to train/improve our speech-to-text recognition, but this is mainly done in automated fashion or with aggregated data. (Legal basis: Consent – by setting up the toy and agreeing to this policy, you consent to your child’s voice and conversation being processed by AI. We make this clear during onboarding. You can withdraw consent by stopping use of the toy and requesting deletion of data, though that means the toy’s core function would not work.)
-
Notifications and Communications: We will use your contact information to send you service-related communications. These include things like: notifications in the app (or via SMS/WhatsApp/email) about your order status, shipping updates, important account alerts (e.g., password resets or unusual activity), or announcements about changes to the service (like firmware updates for the toy). These are not promotional in nature, but necessary updates. (Legal basis: Performance of contract and legitimate interest in keeping you informed about the product you use.)
-
Marketing (Opt-In): We do not send marketing emails or messages unless you opt-in. During account setup or on our website, you might be offered to sign up for our parent newsletter or to receive deals and tips. If you agree, we will use your email or WhatsApp to send occasional promotional communications — e.g., parenting tips related to the toy, new feature announcements, or special offers. You can unsubscribe at any time by clicking the “unsubscribe” link in emails or replying STOP to messages, or by contacting us. We won’t spam you, and we’ll never send marketing to children. (Legal basis: Consent – we only send these with your explicit consent, which you can withdraw any time.)
-
Security and Fraud Prevention: We use data to protect our users, children, and our company. This means monitoring for fraud (e.g., someone trying to hack accounts or use stolen credit cards), ensuring the toy and app are used in accordance with our Terms, and preventing misuse. For instance, we might detect if an IP address makes repeated failed logins and take action, or if someone tries to spoof as a parent to access a child’s data, we will block that. We also may use general info (like your city or device) to see if a login seems suspicious (e.g., account usually used in India sees a login attempt from another country – we might verify it’s you). Also, if content in a conversation triggers a serious red flag (like self-harm language or explicit content), we might intervene to ensure the child’s safety (for example, the toy might respond with a comforting message or we might alert the parent if appropriate). (Legal basis: Legitimate interests – ensuring security is in everyone’s interest, and our obligation. Also, in certain cases, legal obligation – e.g., complying with Indian law to not allow certain harmful content.)
-
Legal Compliance: Finally, we may use your data to comply with legal obligations. This includes maintaining records for tax and accounting (e.g., keeping invoice data for the required 7-year period under tax laws), verifying parental consent as required by the DPDP Act, and responding to lawful requests by authorities if we receive any (more on that in Data Sharing below). (Legal basis: Compliance with laws and regulations.)
We will not use personal data for any purpose that is not compatible with the above, unless we obtain additional consent or have a lawful basis to do so. In particular, we do not use children’s personal data for any form of targeted advertising or profiling beyond what’s necessary to have a conversation with the AI. If we ever need to process data for a new purpose, we will update this Policy and seek consent if required.
Third-Party Services and Processors
Kheelona relies on certain trusted third-party services (under contract with us) to operate our technology stack. We want you to know who they are, what they do for us, and what data might be involved. These third parties act as data processors on our behalf – they only use your data for the specific services we’ve hired them for, in line with this Privacy Policy. We have or will have Data Processing Agreements (DPAs) in place with each, ensuring they protect your data to standards required by Indian law and this Policy. Here’s a list of key third-party services we use (or plan to use) and their roles:
Service / Vendor | Purpose | Data Shared | Location (Region) |
|---|---|---|---|
Advertising
Platforms
(Google Ads,
Meta/Facebook) | We may use
these platforms
to show ads for
Kheelona to
parents (for
example, to
reach other
parents who
might be
interested or to
re-target website
visitors). We
upload or use
limited data for
this purpose,
never children’s
data. | We might use
cookies/pixels
on our site (as
described in
Cookies section)
which tell these
platforms that a
certain browser
visited our site.
We may also (in
future) use
hashed
identifiers (like a
scrambled
version of your
email or phone)
to create a
custom audience
for ads. This
data is only used
to find you on
their platform;
they don’t get
plain info. No
child-related
info is used for
ads. | Global – Google
and Meta
process
advertising data
primarily in the
US and other
jurisdictions
worldwide. We
rely on their
contractual
assurances as
they participate
in cross-border
data
frameworks. |
Shipping /
Logistics
Partner (e.g.,
Shiprocket) | (Planned)
Service to
handle pickup,
shipping, and
tracking of the
physical toys to
your address.
Rather than us
shipping each
item manually,
we’d use a
logistics platform
to streamline
deliveries. | Shipping
details: recipient
name, address,
phone number,
and order details
(e.g., weight of
package). This is
shared so the
courier can
deliver your
package and
contact you if
needed. | India – We will
use domestic
logistics
providers, so
your data stays
within India while
being used for
shipping. |
Customer
Support
Platform (e.g.,
Freshdesk/
Intercom) | (Planned) A
system to
manage support
tickets, FAQs,
and chat with
parents. This
makes it easier
for you to get
help and for us
to track and
respond to
issues. | If implemented,
support emails
or chats you
send may be
routed through
this platform.
That includes
your email
address and any
info you share in
the ticket/chat.
We may also log
your past orders
or account
status there to
assist you faster. | India or US –
We will opt for
an India-based
data center if
available
(Freshdesk, for
example, offers
India hosting).
Otherwise, data
might reside in
the US. We will
inform you when
we introduce this
service. |
Crash
Reporting (e.g.,
Sentry or
Firebase
Crashlytics) | (Planned) Tool to
automatically
report app
crashes or
errors. This
helps developers
see what went
wrong in the
code when a
crash happens
on your device. | Crash logs may
include device
type, app
version, and
technical info
about the error.
It might also
include a user
identifier
(random ID) to
group crashes,
and possibly the
last actions in
the app leading
to the crash. It
does not
intentionally
collect personal
content from the
app. | Likely US or EU
servers,
depending on
the service
(Sentry has EU
options;
Firebase
Crashlytics is
Google-run,
likely US). We
will choose a
service with
strong privacy
and will update
details when we
implement this. |
Google
Analytics 4 | Website and app
analytics. GA4
helps us
understand user
interactions
(e.g., how many
visitors we get,
which pages are
popular, app
engagement
metrics). We
have configured
it to respect
privacy as much
as possible (e.g.,
IP
anonymization). | Online
identifiers (like
a cookie ID or
device ID),
website usage
data (pages
visited, clicks,
time on page),
general location
(city, derived
from IP). No
direct personal
details like name
are sent. Google
may assign an
anonymous ID to
your browser/
app instance to
link pages
visited. | United States
and worldwide
– Google’s
analytics data is
typically
processed on
US servers or
other locations
as Google
operates
globally. |
Twilio /
WhatsApp
Business | Communication
service to send
you important
messages. We
use Twilio to
send SMS OTP
codes for
verifying your
phone number
during login/
signup. We may
also use
WhatsApp (via
Twilio’s API or
WhatsApp
Business) to
send order
updates or
support
messages if you
opt for that. | Your phone
number and the
content of the
message (e.g.,
“Your OTP is
123456” or “Your
Kheelona order
has shipped”).
We share only
what's needed to
deliver the
message. | Global (US/EU)
– Twilio’s
infrastructure is
primarily in the
US and Europe,
and WhatsApp’s
servers are
global.
Messages to
Indian numbers
are routed to
local carriers
ultimately |
Razorpay
(Payments) | Payment
gateway for
processing
orders (online
payments via
credit/debit
cards, UPI,
netbanking,
etc.). | Transaction data
necessary to
process the
payment: e.g.,
order amount,
your contact
info, and your
chosen payment
method details.
We do not see
full card
numbers or UPI
PINs – those are
entered on
Razorpay’s
secure form.
Razorpay may
also perform
fraud checks
using device info
or IP. | India –
Razorpay is an
India-based
processor; data
is generally
processed in
India. (They are
PCI-DSS
compliant for
card security.) |
Amazon Web
Services (AWS) | Cloud computing
used for specific
components
during beta
(limited use). For
instance, we
have a module
(e.g.,
“kheelonaConve
rsationChat”)
being tested on
AWS. | Possibly a
subset of
conversation
data or analytics
data processed
through our AWS
component
during beta
testing. We limit
what is sent
through AWS –
primarily data
necessary for
the feature being
tested. | Mumbai, India
(ap-south-1) –
The AWS
resources we
use are in India. |
Supabase
(Database) | Managed
database service
(built on
PostgreSQL)
that stores
structured data
for us, such as
user account
info, child
profiles, and
conversation
transcripts. | Account data
(parent name,
email, etc.), child
profile (name,
age, etc.),
conversation text
transcripts, and
other app data
are stored in the
database. | India – We use
a Supabase
service region in
India to keep
data within
country for the
primary
database. |
DigitalOcean
(Hosting &
Storage) | Cloud hosting for
our application
servers and
storage. This
includes our
main backend
that the app and
toy connect to,
and file storage
(DigitalOcean
Spaces) for
things like audio
recordings. | All types of
data are stored
or transmitted
via
DigitalOcean’s
infrastructure.
For example,
voice recordings
are stored in
DigitalOcean
Spaces. Our
servers that
process logins,
API calls, etc.,
also run on
DigitalOcean
droplets. | Singapore
(SGP1) – Our
storage bucket is
in Singapore.
(DigitalOcean
may also route
data through its
data center
network; we
choose regions
to minimize
latency for
India.) |
Google Cloud –
AI (Gemini) | AI language
model that
generates the
toy’s responses
to your child’s
questions or
commands. We
send
conversation text
to this service,
and it returns an
AI-generated
reply for the toy
to speak. | The text of your
child’s queries
and the AI’s
responses
(transcripts). We
may also send
context like
child’s age to
tailor responses.
No account or
identifying info
is sent, just
conversation
content. | Google’s servers
(which may be
located in the
United States or
other regions
outside India). |
Note: Services marked as “(Planned)” are not yet active in this beta phase. We include them here to be transparent about our intentions. As we integrate any new major vendor or service, we will update this Policy accordingly. Also, the above list may not include some infrastructure sub-processors that our providers use (for example, our cloud providers might use their own subcontractors for hardware maintenance, etc.), but in all cases, any such sub-processor is bound by equivalent data protection obligations.
Our Commitment: All third-party processors act under our instructions. They cannot use your or your child’s personal data for their own purposes. We ensure each vendor has strong security measures and privacy commitments (we review their privacy Advertising Platforms (Google Ads, Meta/Facebook) We may use these platforms to show ads for Kheelona to parents (for example, to reach other parents who might be interested or to re-target website visitors). We upload or use limited data for this purpose, never children’s data. We might use cookies/pixels on our site (as described in Cookies section) which tell these platforms that a certain browser visited our site. We may also (in future) use hashed identifiers (like a scrambled version of your email or phone) to create a custom audience for ads. This data is only used to find you on their platform; they don’t get plain info. No child-related info is used for ads. Global – Google and Meta process advertising data primarily in the US and other jurisdictions worldwide. We rely on their contractual assurances as they participate in cross-border data frameworks. Service / Vendor Purpose Data Shared Location (Region) policies and standards). Where your data is transferred to or stored in another country, we implement appropriate safeguards – for example, contractual clauses obligating the processor to protect the data to the standard of Indian law, and technical measures like encryption. We remain responsible for how these third parties handle your data, so if you have any concerns, you can contact us and we will address them.
Data Sharing and Disclosure
We do not sell or trade your personal information to unrelated third parties. We only share data in the following circumstances:
• With Service Providers (Processors): As detailed above, we share information with service providers who need it to perform tasks on our behalf – such as cloud hosting, AI processing, or payment processing. They are bound by confidentiality and may not use your data for anything except providing the service to us.
• Within Kheelona (Affiliates): If Kheelona Robotics Private Limited in the future has any affiliate companies or subsidiaries (for example, if we open a branch or have a parent company), we may share data within our corporate family. Any such entity will follow this same Privacy Policy.
• For Legal Reasons: We may disclose personal information if required to do so by law or legal process. For instance, if we receive a valid legal request from law enforcement or a government authority (such as a court order or notice under applicable law) to produce certain data, we will comply after verifying the request. Wherever possible or allowed, we will notify you of such requests. We may also disclose information if we believe in good faith that it’s necessary to prevent fraud or abuse, to protect the safety of anyone (e.g., addressing credible threats or self-harm situations), or to enforce our Terms of Service or other agreements.
• Business Transfers: If Kheelona is involved in a merger, acquisition, investment, financing, or sale of all or a portion of our business or assets, your data may be transferred to the new owner or partner as part of that deal. For example, if another company acquires us, the customer data would likely be one of the assets transferred. In such cases, we will ensure the new entity continues to honor the privacy commitments we have made. We will provide notice on our website (and, if feasible, via email) if your personal data becomes subject to a different privacy policy due to a business change.
• Aggregated or De-Identified Data: We may share information that has been aggregated (combined across many users) or anonymized (stripped of personal identifiers) with third parties. For example, we might publish a report that “X% of 5-year-olds using Kheelona love stories about space” – this would not identify any individual child or parent. Such data cannot be linked back to you and is not considered personal data. We use this kind of data for research, analysis, or marketing (to tell others about how our product is used, without revealing identities).
Importantly, we do not share children’s personal data with any third party for their own marketing or advertising purposes. We also refrain from any practice that would profile children for commercial gain. Any sharing of children’s data is solely to enable the core Services (like with our processors) or for safety/legal reasons as described.
If you have questions about third parties that may have access to your data, please contact us. We can provide further details and are happy to clarify how we keep your data safe when it must be shared.
Parental Consent and Controls
Because our users include young children, we follow a strict parental consent process and provide controls to parents over their child’s data:
• Account Creation by Parent: Only a parent or legal guardian can create an account in the Kheelona app or on our website. We do not allow children to sign up. During account creation, you will be asked to provide your contact information and agree to our Terms of Service and this Privacy Policy. By accepting, you give consent for us to collect and use your and your child’s data as described. We encourage you to review these terms carefully. If you do not agree, the Services cannot be used.
• Mobile Number Verification (OTP): To ensure that the person creating the account is indeed an adult (and to verify identity), we require phone number verification via OTP. When you sign up or log in, we send a one-time code to your registered mobile number. Entering this correctly confirms you have access to that phone (which generally implies you’re the authorized person). This helps prevent children or unauthorized persons from creating accounts. In the future, we may add additional verification steps if needed, but currently OTP serves as our verifiable parental consent mechanism.
• Child Profile Setup: After your account is made, you (the parent) create a profile for your child in the app. You provide their first name/nickname, age, etc. This step explicitly ties the child’s data to a parent account and signals that you consent to the child’s data being processed. If this step isn’t completed, the toy won’t function fully for that child.
• Supervision and Use: We design Kheelona to be used under parental supervision. While the toy aims to be a safe, child-friendly companion, it’s not a substitute for parental guidance. We advise that you keep the toy in common areas and periodically check the conversation logs (provided in-app) to stay informed about what your child and the AI toy discuss. You can also limit when and how the toy is used (e.g., turning it off at bedtime or not using it until the parent is available). The toy does not have any uncontrolled communication features (it can’t call others, go on the internet, etc.) so you can be assured interactions stay within the toy’s domain.
• Consent Withdrawal (Stopping Use): You have the right to withdraw your consent for processing your child’s personal data at any time. Practically, this means you can discontinue use of the toy and ask us to delete your child’s data (voice recordings, transcripts, profile) from our systems. To do this in the current beta, you will need to contact us (see Your Rights below for the process). We plan to introduce an in-app “Delete Account” or “Delete Data” feature to make this easier by the time of our full launch. Withdrawing consent will likely mean the toy’s services become unavailable, as we cannot operate without processing the voice data. We will inform you if any essential data must be kept even after withdrawal (e.g., some basic records for legal compliance).
• Deleting Recordings/Transcripts: We understand children may say all sorts of things, and as a parent you should have control. If you ever want specific conversation recordings or transcripts deleted, you can email us at legals@kheelona.com with your request. In beta, we handle these requests manually to ensure it’s done right. We will verify the request is from the account holder (for example, by contacting you at your registered email/phone). Then we will erase the specified data from our servers (or anonymize it if deletion is not feasible in backups, etc.). We will confirm with you once completed. In future, we aim to let you select and delete conversations directly in the app or download them for your records.
• Accessing and Reviewing Conversations: Currently, the parent app may show recent chat history. If you need a fuller history or want to review all data, you can request an export of your data via email. We can provide you the transcripts and any other personal data we have about you and your child (this is part of your rights under law). We plan to add a feature for you to download this yourself when the product matures.
• Email Newsletters and Preferences: If you opt-in to our newsletter or promotional emails, you have control over that subscription. Every email will contain an unsubscribe link. You can also manage preferences in your account settings (or by contacting us). We make sure opting out of marketing emails is easy and does not affect your use of the toy/app. Transactional emails (like an order receipt or important service notices) will still be sent as needed, but those are not marketing.
• Profile Editing: You can update your child’s profile info (name, age, pronoun) in the app’s settings at any time as they grow or if you made a typo. You can also update your own account info (like if you change your email or phone number) by contacting support if the app doesn’t have an edit option yet. Keeping info current helps us provide the right experience (e.g., as your child gets older, the AI can adjust content).
• Multiple Children: If you have more than one child using the toy, you will create separate profiles for each under your account. All the same protections and rights apply to each child’s data. You can manage multiple profiles in-app, and you have control over each child’s data individually.
• Future Enhancements: We are exploring additional verifiable parental consent measures to strengthen compliance (for example, a possibility of a small ₹1 charge to a credit card, or an Aadhaar-based age verification in the future). If we implement a new method, we will inform you and update the consent process. Our goal is to ensure that consent is always given by a genuine parent/guardian.
In summary, your involvement as a parent is key to our product. We empower you with oversight and choices regarding your child’s information. If something is not clear or if you need a control that you don’t see, please let us know – as a beta user, your feedback can directly influence what tools and features we add.
Data Retention Policy
We retain personal data only as long as necessary to fulfill the purposes described in this Policy (or as required by law), after which we delete or anonymize it. Different types of data have different retention periods. Here is an overview of how long we keep data:
Data Type | Retention Period |
|---|---|
Legal/Compliance Records | Varies. If data is needed for an
ongoing legal matter or
investigation, we keep it until that
matter is resolved (even if that
exceeds stated periods). For
example, if we receive a
preservation order from law
enforcement, we’ll retain specified
data as required. |
Marketing Communications
Records | 3 years from when you last
interacted. If you’ve opted into
emails, we may keep a record of
your consent and interactions
(opens/clicks) for 3 years for
compliance and to understand
engagement. If you unsubscribe,
we retain the info needed to honor
the opt-out (e.g., your email in a
suppression list) indefinitely to
ensure we don’t accidentally email
you. |
Crash Logs & Diagnostics | 3 years for routine diagnostic logs.
If logs are stored by a third-party
service (like Crashlytics), we
configure it to adhere to similar
retention or delete older data. |
Analytics & Usage Data | 3 years for raw analytics logs. We
may keep aggregated analytics
(which contain no personal data)
indefinitely to analyze long-term
trends. If you withdraw consent for
analytics, new data stops being
collected, and where feasible, we
delete or detach identifying info
from existing logs. |
Customer Support
Communications | 3 years from the date of resolution
of your inquiry. We retain support
emails/chats to help with future
issues and for training purposes. In
some cases, if a support issue
leads to a legal matter, records
might be kept until resolved. |
Order and Payment Records | 7 years (minimum) to comply with
tax, accounting, and financial
regulations in India. This includes
invoices, payment transaction
records, and your contact details
associated with orders. Even if you
delete your account, we may need
to keep these records until the 7-
year period lapses. We will,
however, archive them and restrict
access to only what's necessary
(e.g., accounting staff). |
Parent Account Information | As long as your account is active. If
you delete your account, we aim to
delete or anonymize personal info
within 30 days of confirmation.
Some basic data may be retained
as per legal requirements (see
below). |
Child Profile Information | For as long as the child’s account is
active. If you update information
(e.g., change age), we keep a log
of changes. If you delete the
account or remove a profile, we
delete that data within 30 days
(unless required to keep longer by
law). |
Text Transcripts of
Conversations | 3 years from the date of the
conversation. Similarly, transcripts
are deleted or anonymized after 3
years. In some cases, we may
retain aggregate stats (nonpersonal) about chats for product
improvement. |
Audio Recordings of
Conversations | 3 years from the date of recording.
After 3 years, voice files are
deleted from our active systems.
(We may retain anonymized
summaries or analysis, but not the
identifiable audio.) |
Account Deletion: If you request to delete your (and your child’s) account, we will initiate deletion of personal data associated with you. We try to complete such deletions within 30 days of verifying your request. Deletion includes audio recordings, transcripts, profiles, and account info. Exceptions: as noted, we will keep any information that we are legally obligated to retain (e.g., purchase records for financial compliance) or that is necessary to resolve disputes or enforce our agreements. If we retain data for these reasons, we will stop using it for any other purpose and keep it only for the required period. After that, it will be erased or anonymized.
Backup and Archives: Our systems may have backup databases or encrypted archives that are retained for reliability and disaster recovery. For instance, we keep periodic backups that cycle every ~30 days. If you delete data, it will be removed from active systems and won’t be used, but it might persist in backups until those backups expire and are overwritten. Our backup retention is typically 30 days, after which deleted data is fully purged. We do not restore backups for routine requests, only in emergency situations (e.g., data loss events). If a backup is restored, we will re-delete any data that was previously requested to be deleted as soon as practically possible.
We continuously evaluate our retention needs. We aim not to keep personal data longer than needed. If, for example, we find we can achieve the same business goals with shorter retention, we will adjust and update our policy. We will also securely dispose of any hardware or storage that is no longer used, to prevent any unintended data leaks. If you have specific questions about our retention practices (for example, “Has my child’s 3-year-old recording actually been deleted?”), feel free to reach out and we can provide confirmation.
Security Measures
We take the security of your and your child’s personal data very seriously. We have implemented a range of technical and organizational measures to protect against unauthorized access, alteration, disclosure, or destruction of data. Here are key security practices we follow:
• Encryption in Transit: All communication between your device (toy, app, or browser) and our servers is encrypted using HTTPS/TLS (Transport Layer Security) – we support TLS 1.2+ protocols. This means that data like voice recordings or login credentials are scrambled during upload/download so that eavesdroppers on the network cannot read it. For example, when the toy sends an audio recording to our server, it’s sent over an encrypted channel.
• Encryption at Rest: Personal data stored on our cloud servers is encrypted at rest. Our databases (e.g., Supabase PostgreSQL) and file storage (DigitalOcean Spaces) use encryption so that the underlying files on disk are not readable even if someone were to access the storage without authorization. In practice, this means even in the unlikely event that someone got hold of a hard drive from our cloud provider, they couldn’t extract meaningful data without the encryption keys.
• Access Controls: We limit access to personal data strictly to authorized personnel who need to know it to perform their job (principle of least privilege). For example, our development team might have access to aggregated analytics but not to raw audio files; our support team might access your account info when you have an open ticket, but they would not have access to unrelated data. All employee and contractor accounts with access to systems are protected with strong authentication (such as complex passwords and two-factor authentication).
• Admin and Developer Access Logging: We maintain logs of administrative access to sensitive systems. This means any time an engineer or administrator accesses production data, that action is recorded. We periodically review these logs to ensure there is no unauthorized or inappropriate access. During beta, our team is small, but as we grow, we’ll formalize these reviews and restrictions even more.
• Employee Training and Policies: Our team members are trained on data privacy and security practices, especially regarding children’s data. We have internal policies to prevent any misuse of data – for instance, employees are not allowed to download or share raw personal data outside our secure systems. Any violation of these policies can result in disciplinary action.
• Secure Development Practices: We build our software with security in mind. This includes regular code reviews, using updated frameworks, and avoiding known vulnerabilities. We sanitize and encrypt data as appropriate in the application workflow (for example, sensitive fields may be additionally encrypted at the application level).
• Testing and Scanning: We plan regular vulnerability scans of our systems and will conduct penetration testing at least annually (or before major releases). In a beta phase, we run automated security testing tools on our code and infrastructure. Any issues found are prioritized for fixing. We also keep our software dependencies up to date to patch security issues.
• Firewalls and Network Security: Our servers are protected by firewalls and network monitoring. We restrict access to our databases to a minimal set of IP addresses and services. Unusual network activity (like repeated failed login attempts or suspicious payloads) is flagged by our systems.
• Backups and Recovery: As mentioned in Data Retention, we maintain encrypted backups. We also have a disaster recovery plan – meaning if there’s a major issue (like data center outage or data corruption), we have procedures to restore functionality quickly, with minimal data loss. Backups are stored securely (encrypted and with access control). We periodically test restoring from backups to ensure data integrity
• Vendor Security: We choose reputable vendors (like Google, DigitalOcean, etc.) that have robust security programs. We review their security documentation. For example, DigitalOcean holds industry-standard certifications (like ISO 27001) and Razorpay is PCI DSS compliant for payment security. Our Data Processing Agreements with vendors require them to implement appropriate security measures and notify us if they experience any breach affecting our data.
• Incident Response: Despite all precautions, no system is 100% immune to incidents. We have an incident response plan. If we suspect or detect a data breach or security incident, we will: 1) Immediately work to contain and mitigate it (e.g., by shutting down affected systems, revoking compromised credentials, etc.), 2) Investigate to determine the scope and root cause, and 3) Notify affected users and authorities as required by law. Under the DPDP Act and other regulations, we aim to notify the relevant authorities and users of a breach within 72 hours of becoming aware of it (if it meets the threshold of harm, etc.). We will provide information on what happened, what data is affected, what we are doing about it, and what you may need to do. We will also take steps to prevent a recurrence.
• Continuous Improvement: Security is an ongoing effort. We will continuously update our safeguards as new threats emerge and as our company grows. We may also obtain third-party security audits or certifications in the future to validate our practices. Remember, you also play a role in security. Keep your account credentials (like OTPs or any future passwords) confidential. Monitor your account and let us know if you see anything suspicious (like unknown devices accessing the app, etc.). We will work with you to keep the platform safe.
International Data Transfers
We are based in India, and we endeavor to store data in India where feasible (for example, our primary database is in India). However, some of our processing involves international data transfers:
• Cloud Storage and Servers: Your data (including audio recordings) is stored in DigitalOcean’s Singapore data center. Singapore is an international location; however, it is generally considered to have strong data protection standards. We transfer data there to ensure reliable service and backups.
• AI Processing (Google): When our AI model (Google Gemini) processes conversation text, that data is sent to Google’s servers which may be located in the United States or other countries outside India. Similarly, Google Analytics and other Google services typically involve transferring data to the U.S.
• Communications & Others: If we send an SMS via Twilio or use a service like Freshdesk for support, those interactions may route data to servers outside India (e.g., US or EU) as described in the Third-Party section.
• Cross-Border Safeguards: The Digital Personal Data Protection Act, 2023 allows transfers of personal data outside India except to certain restricted countries (the government may notify such restrictions). We comply with this by mainly using services in jurisdictions with robust data protection, or by ensuring contracts that uphold Indian law standards. For every cross-border transfer, we take steps such as:
Contractual Protections: We have agreements with our processors that include data protection clauses. These require the processor to protect the data to the same level as required under Indian law (and, often, they also comply with international standards like GDPR). If India provides standard contract terms or other mechanisms, we will adopt those.
• Encryption & Security: As noted under Security, data is encrypted in transit. So, when it flows to or from another country, it’s protected from interception. Some data (like the content of conversations) is also end-to-end encrypted within our system until it reaches the AI processor.
• Selective Routing: We try to keep data regional when possible. For instance, our choice of Supabase’s India region means the bulk of data storage stays in India. We only send data out of country when necessary for the function (like using a specialized AI service or sending an email via an international service).
• Processor Vetting: We choose established companies (Google, DigitalOcean, etc.) that have a track record of data protection. Many of these companies participate in international frameworks for data transfer (for example, though not directly applicable to India, Google complies with EU SCCs and similar frameworks, indicating a high standard of care).
• By using our Service, you understand that your and your child’s data may be transferred to and processed in countries other than India. These countries may have data protection laws different from India’s, but we will ensure that your data is given adequate protection wherever it is processed. We monitor any updates in law: if India’s government specifies certain whitelisted countries or barred destinations for personal data, we will adjust our practices to comply (for example, not storing data in any prohibited locations).
If you have questions about cross-border data specifics (e.g., “Is my data going to country X?”), we can provide detailed answers. Our goal is transparency and compliance in all data transfers.
Children’s Privacy & Safety Commitments
Protecting children’s privacy is at the core of what we do. Our policies and practices reflect the special care required when handling data of young users:
• Parental Management: As stressed, a child cannot create an account or use the online services without a parent or guardian. We require verifiable parental consent for any collection of personal data from children, in line with India’s DPDP Act (and similar principles to international child privacy laws). This means you are always in control of what data we have about your child.
• No Direct Contact with Children: We do not communicate with children outside of the toy’s interactions. For example, we don’t send emails to children, we don’t allow children to enter free-form personal info in apps, and any notifications about the service go to the parent. The child’s experience is limited to the toy’s voice conversations and perhaps on-screen content in the parent-controlled app (if the child uses the app under your supervision)
• No Targeted Ads to Kids: We do not show any advertising to children through our toy or app. There are no banner ads, no commercial breaks, nothing of that sort. Our marketing efforts (like retargeting ads or emails) are strictly directed to parents/guardians, not to children. We also do not profile your child for advertising or any other commercial purpose. For example, we’re not going to take the fact that your child likes dinosaurs and try to sell that info or target dinotoy ads at them.
• No Sale or Unauthorized Sharing of Kids’ Data: We do not sell, rent, or lease personal information of children to anyone. We share the child’s data only as needed to operate the service (with the processors listed, under tight controls). We do not provide children’s data to third-party advertisers or data brokers.
• Content Moderation and Safety: We program our AI and toy content to be child-friendly. There are filters in place to prevent the AI from using profanity or discussing inappropriate topics. If a child tries to ask something that the AI is not meant to handle (like a question of an adult nature or something dangerous), the AI will respond with a gentle refusal or deflection. We also ensure the toy’s character itself is designed to encourage positive behavior (for instance, it might remind children to ask a parent before doing something potentially unsafe).
• No Manual Surveillance: As mentioned, we do not have staff or random people listening in on your child’s conversations with the toy. We consider those interactions private between your child, the toy (AI), and you (who can review logs). Our improvement processes use automated analysis. In exceptional cases, if a serious safety concern is flagged by our system (for example, if it appears a child might be in immediate danger or is being abused), we may manually review that specific situation and involve appropriate authorities to protect the child. However, such intervention would be rare and done with utmost caution and legal guidance.
• Parental Access: You have the right to see what your child has been telling the toy and what the toy has been saying. We provide that access to ensure you can always audit our AI’s behavior and ensure it aligns with your values and expectations. If you ever see something in the content that concerns you, please notify us – we can adjust the AI to avoid such responses in the future.
• Age-Appropriate Experience: We ask for age because we tailor the vocabulary, topics, and complexity of interactions. For example, a 3-year-old might get more playful, simple language, whereas an 8-year-old could have more educational and challenging content. This also means if an older child’s account is being used by a younger sibling, the content might not perfectly match their understanding – so ideally set the correct age for each child. We do not allow a child to lie about their age to get more mature content; since the parent sets the age, we trust you to provide the correct info.
• Guardian Data Fiduciary Compliance: Under the DPDP Act, organizations dealing with children’s data have heightened responsibilities. We adhere to those by obtaining parental consent, not causing harm to children’s well-being, and not tracking or behaviorally monitoring children beyond what’s needed for the service. We also will refrain from any detrimental processing – meaning we won’t, for example, serve content that is harmful or exploitative to children, and we won’t allow the data to be misused in ways that could negatively affect a child.
• If a Child Contacts Us Directly: Occasionally, a child might attempt to reach out (say, they find our support email and write to us). If we can identify that the sender is a child, we will not collect personal info from them. We will respond by asking them to have their parent or guardian contact us. We’ll then delete the child’s communication. Our channels (like support and social media) are intended for adults, and we moderate them accordingly.
• External Safety Measures: The toy is designed to be COPPA-inspired (Children’s Online Privacy Protection Act, a U.S. law) compliant for a global standard, even though our primary compliance is with Indian law which covers children up to 18. This means we treat all minors’ data with high protection. If we expand services beyond India, we will also comply with those local children’s privacy laws.
• Reporting Mechanism: If you believe we have unknowingly collected information from a child without parental consent or violated a child’s privacy rights, please notify our Grievance Officer immediately. We will take prompt action to investigate and delete any non-compliant data.
In essence, our business is built around children, which means earning and keeping parents’ trust is paramount. We strive to create a safe digital environment for kids to play and learn, while giving parents full visibility and control.
Your Rights and Choices
As a user (and data principal, under the DPDP Act), you have several rights regarding your personal data and your child’s personal data. We are committed to honoring these rights. Here’s a summary of your key data protection rights and how you can exercise them:
• Right to Access: You can ask us to confirm whether we are processing your personal data, and if so, request a copy of that data. For example, you can request, “Send me all the information you have about me and my child.” We will provide this, usually in a digital format (like a PDF or CSV file). This is sometimes called the right to portability as well – you have the right to get your data and even transfer it to another service.
• Right to Correction: If any personal data we have is incorrect or outdated, you have the right to have it corrected or updated. For instance, if your phone number has changed or we recorded the wrong birth year for your child, let us know and we will fix it. In many cases, you can directly edit basic profile info in the app, but if not, we’ll handle it upon request.
• Right to Deletion (Right to Erasure): You can request deletion of personal data that we hold, in certain circumstances. You may ask us to delete specific information (like a particular conversation recording) or delete your entire account and all associated data. We will carry out deletion requests unless we have a lawful reason to keep the data (as explained in Data Retention, e.g., some records for legal compliance). We will inform you of what has been deleted and if anything had to be retained. Once deleted, your data will typically be unrecoverable, so ensure you have any copies you want before requesting account deletion.
• Right to Withdraw Consent: Where we rely on your consent to process data (for example, for using your child’s voice recordings, or sending marketing emails), you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing done before you withdrew, but it means we will stop the specific activities going forward. For example, if you withdraw consent for us to keep voice recordings, we will stop recording new audio (though that means the toy’s functionality will be limited, or we might need to deactivate the service if voice processing is core). We’ll also delete the previously collected audio unless another legal basis applies for keeping it. Similarly, if you had consented to marketing, withdrawing means we stop sending you marketing emails/SMS.
• Right to Grievance Redressal: If you have any grievance or concern about how we are handling your or your child’s data, you have the right to complain to our Grievance Officer (contact details provided in the Contact section). For example, if you feel a request wasn’t handled properly or you have an issue with our practices, let the Grievance Officer know. We will acknowledge your complaint and address it in a timely manner (typically within 15 days). If you are not satisfied with the outcome, or if we don’t respond in the set time, you can escalate the complaint to the Data Protection Board of India (once it is operational under the DPDP Act) or the appropriate authority under other applicable laws. We really encourage you to come to us first, so we can resolve it directly.
• Right to Nominate (Succession of Rights): The DPDP Act provides that you can nominate another individual to exercise your data rights on your behalf in case of your death or incapacity. This is like assigning a trusted person who could, for example, request deletion of your data if something happens to you. While this scenario is hopefully unlikely to be needed, we want you to know the law provides for it. If you wish to designate a nominee, you can do so by emailing us with the nominee’s details and relationship to you. We may require some verification and documentation for such arrangements to ensure they are legally valid.
• Additional Choices – Cookies and Communications: As discussed in earlier sections, you have choices about cookies (you can opt out of non-essential ones) and communications (opt out of marketing, etc.). These choices are also your right. We comply with any Do-Not-Track or similar signals to the extent feasible (though standard is still evolving). If our app collects any data beyond what’s necessary, we will provide in-app settings to control that too.
How to Exercise Your Rights: The primary way to make any request is to contact us at legals@kheelona.com. For certain requests (like accessing or deleting data), we might provide forms or in-app options in the future, but during beta, email is the reliable channel. Please include in your request: the specific right you want to exercise, details about what you need (e.g., which data to correct or delete), and enough information for us to verify your identity.
Verification Process: We need to verify that any request is coming from the rightful person (you or an authorized representative like your nominee or legal guardian). For example, if you email from your registered email or initiate from the app while logged in, that helps verify. We might ask you to confirm a code sent to your phone or answer a security question (like last four digits of a saved payment method or date of last order) to ensure it’s you. This is to protect your privacy – we wouldn’t want someone else to impersonate you and get your data.
Timeline: We aim to respond to and fulfill requests promptly. Under Indian law, we intend to acknowledge complaints within 24 hours and resolve them within 15 days. For data access/correction/deletion requests, we’ll try to complete them within 15-30 days, depending on complexity. If we need more time (up to an additional 30 days, for example), we will let you know the reason (perhaps your data set is large, or we need clarification).
Limitations: In some cases, we might decline or delay a request if it falls under an exemption. For example, if deleting certain data would impede an ongoing legal obligation or if we cannot verify the requester’s identity. If so, we’ll explain why (unless legally barred from explaining). We will not discriminate against you for exercising your rights – meaning we won’t deny you the service or provide inferior service just because you made a data request. However, note that deletion or consent withdrawal might affect your ability to continue using the service (since the toy relies on data processing to function). We hope this empowers you to feel in control of your and your child’s personal information. If anything is unclear or you need help with exercising your rights, just ask – we’re here to help.
Cookies & Tracking Technologies
This section provides more detail on how we use cookies and similar technologies on our website and (to a lesser extent) in our app:
What are Cookies? Cookies are small text files placed on your browser or device when you visit a website. They serve a variety of functions, like remembering your preferences or tracking your visits. We also use analogous technologies such as web beacons (tiny graphics that send info) or local storage in apps.
Categories of Cookies We Use:
• Essential Cookies: These are necessary for our website to function. For example, if our site has a login for the parent dashboard or a shopping cart, an essential cookie keeps you logged in as you navigate pages or remembers the items in your cart. These cookies do not gather information for marketing or analytics. They are generally first-party cookies (set by kheelona.com). Without them, basic services you expect might not work. Because they are necessary, they’re typically exempt from consent requirements – though you can still block them via browser settings if you wish (but features may break).
• Analytics Cookies: These cookies collect information about how visitors use our site. We use Google Analytics 4, which sets cookies to understand page popularity, site entry/exit points, etc. The information collected (like page URL, time spent, device type) helps us improve the website’s design and content. Google Analytics in our setup does not collect personally identifying information – we utilize IP masking and do not send Google any names or emails. The data is aggregated. However, since analytics are not strictly necessary for the site to work, we treat these cookies as non-essential, meaning we ask for your consent before using them.
• Advertising Cookies (Marketing Cookies): If you consent, we use cookies/ pixels from advertising platforms (like Google Ads and Facebook/Meta). These track that your browser visited our site or took certain actions (like visited the pricing page). This allows us to later show you targeted advertisements on those platforms. For instance, Google’s cookie might enable us to show you a Kheelona ad when you search for kids’ toys, because you visited our site. These cookies might also measure ad campaign effectiveness (telling us if an ad resulted in you visiting or signing up). We do not use advertising cookies in any way that targets children – they are only present on pages intended for adults (like the marketing pages of our website). We obtain your opt-in consent for these cookies. If you do not accept, you’ll simply see generic ads or no Kheelona ads, and it won’t affect your use of our site.
• Functionality Cookies: These remember choices you make to personalize our site (like language preference if we support multiple languages, or a toggle for dark mode). Currently, our site is primarily in English and we may not have many of these yet, but if we do implement preferences, a cookie might store that. These cookies might be considered essential or semi-essential because they improve your experience. We may bundle them under essential for consent purposes if they don’t track you outside our site.
Cookie Consent Banner: On your first visit to kheelona.com (and periodically as required or if you clear cookies), you’ll see a banner or pop-up asking you to consent to cookies. You will have options such as: • “Accept All” – which enables analytics and marketing cookies in addition to essential ones. • “Reject Non-Essential” – which will refuse analytics/marketing cookies, allowing only essential ones. • “Manage Preferences” – where you can choose category by category (for example, allow analytics but not marketing, or vice versa).
We strive to make this compliant with Indian guidelines and global standards (while India doesn’t have a specific cookie law, the IT Act and DPDP emphasize consent for non-essential data collection, so we follow that approach).
How to Change Preferences: If at any time you want to change your cookie settings, you can do so by clicking the “Cookie Settings” link (typically in the footer of our site). That will bring back the preferences dialog. Or, you can clear cookies from your browser and revisit the site to get the banner again. Additionally, most browsers have settings to block or delete cookies. You can use those to control cookies on all sites. (For example, you can typically find cookie settings under Privacy in your browser settings, and you might even set it to block third-party cookies by default.)
Impact of Disabling Cookies: If you disable all cookies, our site may not remember your session or certain preferences, which could degrade functionality (e.g., you might have to login each time, or the cart might not work). But if you only disable analytics/ marketing, you shouldn’t notice much difference in functionality – just that your visit isn’t being counted in analytics and you won’t get targeted ads from us.
In-App Tracking: Our mobile app doesn’t use “cookies” per se, but it may use similar concepts (like an advertising ID on your device or an analytics SDK). If we implement analytics in the app, we will present an in-app privacy setting or mention during onboarding to ask for your consent, especially for any tracking beyond core functionality. You might have seen some apps ask “Allow tracking” on iOS, for instance – we currently do not track users across third-party apps, and have no third-party ad SDKs in the app. If that changes, we will be upfront and follow required consent flows.
Do Not Track: “Do Not Track” (DNT) is a browser setting that indicates a preference not to be tracked across websites. The industry hasn’t adopted a universal standard for DNT. However, our practice is to respect your privacy choices: if DNT is enabled, we treat it as an opt-out of third-party tracking to the extent we can. In practical terms, if we detect DNT, we would not load marketing pixels for that session. Analytics might still run since it’s first-party and anonymized, but since you can opt-out of analytics via our banner anyway, DNT is effectively covered by that mechanism too.
For more details or any questions on our use of cookies, feel free to contact us. We can provide a list of specific cookies in use if needed (name, purpose, duration, etc.). Also, our separate Cookie Policy/Notice (if linked on the site) provides a concise breakdown.
Beta Status and Changes to this Policy
Because Kheelona’s service is in beta, things are changing relatively quickly – and that means this Privacy Policy might need updates more frequently than a typical established service. Here’s what you should know:
• “Beta” Means Evolving: During this beta phase, we may introduce new features, change how certain data flows work, or onboard new service providers. For any material change in data handling, we will update this Privacy Policy accordingly. We indicate the effective date at the top so you know when it was last revised. We encourage beta users to check the Privacy Policy periodically to stay informed.
• Notification of Changes: If a change is significant (for example, we start collecting a new category of personal data or start using data in a new way that you wouldn’t expect under the current policy), we will provide a more prominent notice. This could be an email to registered parents, an in-app alert, or a banner on our website. In some cases, we might ask for fresh consent if required by law (e.g., if we were to start doing something that legally requires opt-in consent). Minor changes (like clarifications or grammatical fixes) may not be individually communicated, but the updated policy will always be available on our site.
• Your Acceptance of Changes: By continuing to use the toy, app, or website after a new Privacy Policy has become effective, you will be deemed to have accepted the updated practices. We will always note the “Last Updated” date so you can tell if it changed since your last read. If you do not agree with a change, you have the right to stop using the Services and request deletion of your data. We hope to never put you in a position where a policy change is objectionable – our philosophy is to respect user privacy and any changes will remain consistent with that.
• Version History: For transparency, we can provide previous versions of the Privacy Policy upon request (and in the future, we may maintain an archive on our website). This allows you to see what changed. During beta, expect the policy to iterate as we refine both our product and how we describe our practices. We value any feedback on the policy too – if something is unclear or you have suggestions for improvement, let us know! Beta is a two-way street. • Future Launch: When we exit beta and go to a full public launch, we will remove the “Beta” labels and possibly have a more finalized Privacy Policy. We will let all existing users know when that transition happens and highlight any differences.
In short, we will not reduce your rights under this Privacy Policy without your consent. Any update will be to further clarify, improve protections, or accommodate new services (with appropriate safeguards). Your trust is our priority, and we will act accordingly.
Contact Us & Grievance Redressal
We are here to answer your questions and address your concerns about privacy and data security. If you need to contact us for any reason related to this Privacy Policy or your personal data, please use the following details:
• Email (General Privacy Inquiries): legals@kheelona.com You can reach out via email for any requests (access, deletion, etc.), questions about our practices, or feedback. We typically respond within a few business days.
• Grievance Officer (India Specific): As per the IT Rules 2021 and DPDP Act, we have appointed a Grievance Officer to address any grievances you have regarding our handling of personal data. Name: Apoorva Sahu Title: Director & Grievance Officer Address: Kheelona Robotics Private Limited, No. 18, Ground Floor, N S Palya, BTM Layout, Bannerghatta Road, Bangalore South, Karnataka, India, 560076. Contact Email: legals@kheelona.com (Attn: Grievance Officer) Contact Phone: [Not publicly listed – please email to arrange a call if needed] Response Time: We will acknowledge receipt of your grievance within 24 hours and aim to resolve it within 15 days, as mandated by Indian regulations. If a delay is expected, we will inform you of the reason and progress.
• Postal Mail: You may also send written letters to our registered address (provided above). Please mark the envelope with “Attn: Privacy Officer” or “Attn: Grievance Officer” so it reaches the right team. Do note that postal inquiries may take longer to reach us, so email is usually faster.
If you’re contacting us to exercise a specific right (like accessing data or deleting something), please provide enough info for us to locate your account (e.g., the email or phone number you used to sign up) and verify you (we might reply asking for a bit more verification if needed, as discussed).
We are committed to resolving any issues amicably and transparently. In the unlikely event that you feel your concerns were not addressed satisfactorily by us, and you are in India, you can escalate to the Data Protection Board of India (once operational) or under the grievance mechanism of the IT Rules to the relevant authority. We truly hope that won’t be needed, and we’ll do our best to make things right.
Thank you for reading our Privacy Policy. We know it’s long, but we believe you deserve a thorough explanation of how we protect your and your child’s data. Your child’s safety and your trust in Kheelona are absolutely essential to us. If anything is unclear, don’t hesitate to reach out. Happy playing and learning with Kheelona!
