Privacy Policy

Privacy Policy

This policy explains what personal information GetNyay collects when you use our platform, how we use and protect it, and your rights over that data.

Effective date: May 29, 2026  ·  GetNyay / Wealth Building Academy LLC

Table of Contents

1. Introduction & Scope

GetNyay is an AI-assisted consumer complaint drafting platform operated by Wealth Building Academy LLC (“we,” “our,” or “us”). This Privacy Policy describes how we collect, use, store, share, and protect personal information when you access or use our website at https://getnyay.in (the “Platform”).

By creating an account or using the Platform in any way, you acknowledge that you have read and understood this policy. If you do not agree, please discontinue use and contact us to delete your account.

This policy applies to all users of the Platform regardless of location, though it is primarily designed for Indian consumers who use the service to draft complaints.

2. Company Information

GetNyay is a product of Wealth Building Academy LLC, a limited liability company registered in the State of Illinois, United States of America. The Platform is operated exclusively online at https://getnyay.in.

For all privacy-related matters, contact us at: privacy@getnyay.in

3. Data We Collect

We collect personal data in several categories depending on how you use the Platform:

3.1 Account Information

  • Full name (as provided at registration)
  • Email address (used for account authentication and communication)
  • Phone number (optional, if provided)
  • Account password (stored in hashed form by Supabase Auth — we never see or store plaintext passwords)
  • Registration date and last login timestamp

3.2 Complaint Information

  • Complaint category and sub-category (e.g., banking fraud, telecom billing)
  • Company or institution name you are complaining against
  • Description of the incident or grievance
  • Monetary amount involved
  • Incident dates and reference numbers (order IDs, transaction IDs, policy numbers)
  • Complaint draft text generated with AI assistance
  • Escalation history and complaint status

3.3 Uploaded Evidence & Documents

  • Files, images, PDFs, or screenshots you upload as supporting evidence
  • File metadata (filename, file size, upload timestamp, MIME type)

Important: Do not upload highly sensitive documents

Do not upload documents containing passwords, OTPs, full credit/debit card numbers (PAN), CVV codes, Aadhaar card scans (unless strictly necessary), or any other credentials that could enable account takeover or financial fraud. Our platform is a drafting tool — it does not require this level of sensitive information.

3.4 Payment Information

Payments on the Platform are processed by Stripe, Inc. We do not store your full card number, CVV, or bank account details. When you complete a payment, Stripe shares with us:

  • Confirmation that a successful payment occurred
  • The Stripe session ID and payment intent ID
  • Amount charged and currency
  • Your billing email address (if provided to Stripe)
  • Payment status (paid, failed, refunded)

Stripe’s full privacy policy is available at stripe.com/privacy.

3.5 Usage & Analytics Data

  • Pages visited, features used, and navigation patterns (collected via Google Analytics 4 with your consent)
  • Complaint drafting steps completed
  • Errors encountered and support interactions
  • Time and duration of sessions

3.6 Technical & Device Information

  • IP address (anonymised before storage in analytics)
  • Browser type and version
  • Operating system
  • Device type (mobile, desktop, tablet)
  • Referring URL
  • Country/region (inferred from IP)

4. Attorney Account & Client Data

This section applies only to Attorney Max subscribers

If you register as an attorney on the GetNyay Attorney Max plan, additional data is collected and processed as described below. This section also explains how we handle data that attorneys enter on behalf of their clients.

4.1 Attorney Account Data

  • Full name and email address (used for authentication and subscription management)
  • Mobile phone number (optional, for account recovery and notifications)
  • Attorney subscription plan, billing cycle, trial start date, and subscription status
  • Stripe customer ID and subscription ID (no card numbers stored)
  • Usage metrics: documents generated, templates created, client records managed
  • Audit logs of actions taken within the attorney dashboard (document creation, client additions, template uploads)

4.2 Client Data Entered by Attorneys

Attorneys use the Platform to manage client information and generate legal documents on behalf of clients. When an attorney enters client data into the Platform, that data is processed by GetNyay as a data processor on behalf of the attorney (the data controller).

  • Client name and contact information entered by the attorney
  • Case details, complaint categories, and matter descriptions entered by the attorney
  • Documents and templates generated by the attorney for or about clients
  • Files uploaded by the attorney as client evidence or supporting documents
  • Notes and case annotations entered by the attorney

Attorney responsibility for client data

Attorneys are responsible for ensuring they have the appropriate consent, authority, and legal basis to enter client data into the Platform. GetNyay processes client data entered by attorneys solely to provide the attorney dashboard service and does not use client data for any other purpose.

Attorneys must not enter client data that they do not have the right to share with a third-party technology platform. By entering client data, attorneys represent that they have the necessary legal authority and client consent to do so under applicable professional conduct rules and data protection law.

4.3 Attorney Subscription Records

  • Stripe subscription ID and plan type (Free Trial, Attorney Max)
  • Subscription start date, trial end date, renewal date
  • Payment history (Stripe transaction IDs, amounts, payment status)
  • Cancellation date and reason (if provided)

5. How We Use Your Data

We use collected data for the following purposes:

  • Creating and managing your account
  • Generating and storing your complaint drafts and legal documents
  • Processing payments via Stripe and unlocking purchased content
  • Managing attorney subscriptions, free trials, renewals, and cancellations
  • Providing the attorney dashboard: client management, document generation, template library
  • Processing client data entered by attorneys to deliver the attorney dashboard service
  • Sending transactional emails (account confirmation, payment receipts, subscription notifications)
  • Responding to your support queries and grievances
  • Improving the accuracy and quality of complaint templates and legal document generation
  • Detecting and preventing fraud, abuse, or misuse of the Platform
  • Complying with applicable laws, including tax and financial record-keeping obligations
  • Conducting aggregate, anonymised analytics (via Google Analytics 4, with your consent) to understand Platform usage

We do not sell your personal data to third parties. We do not use your complaint content for advertising targeting. We do not share complaint details with the companies you are complaining against.

6. AI Processing Disclosure

AI-Assisted Drafting

When you use our complaint drafting feature, the information you enter — including the complaint category, company name, incident description, and amounts — may be processed by third-party AI language models to generate a draft complaint letter.

We use AI providers including Anthropic (Claude) and OpenAI to assist with content generation. When your complaint data is sent to these providers for processing, it is subject to their data processing terms. We instruct these providers to process data only for the purpose of generating the requested complaint draft and not for model training.

AI-generated complaint drafts are logged in our system for quality assurance, fraud detection, and platform improvement purposes. Logs may be reviewed by our team in anonymised or pseudonymised form.

Please do not include unnecessary personal details, passwords, OTPs, or financial credentials in the complaint description fields you submit for AI processing.

7. Data Sharing & Third-Party Providers

We share personal data only with trusted third-party providers necessary to operate the Platform. These providers are contractually prohibited from using your data for their own purposes:

Stripe, Inc.

Payment processing

Processes payments for complaint unlocks. Stripe is PCI-DSS Level 1 certified. Stripe stores card details; we do not.

Supabase, Inc.

Database, authentication, and file storage

Stores your account data, complaint records, and uploaded files. Supabase is SOC 2 compliant and uses Row Level Security to isolate user data.

Vercel, Inc.

Web hosting and deployment

Hosts the GetNyay web application. Vercel may process request logs and edge network traffic.

Cloudflare, Inc.

CDN and DDoS protection

Provides content delivery, caching, and security. Cloudflare may process request metadata including IP addresses.

Anthropic PBC / OpenAI, LLC

AI language model providers

Process complaint input data and legal document inputs to generate draft text. Used only when AI drafting features are invoked.

Google LLC

Analytics (Google Analytics 4)

Collects anonymised usage data when you consent to analytics cookies. Measurement ID: G-6JNGT4LH58. IP anonymisation is enabled. Data is not used for advertising. See policies.google.com/privacy.

We may also share personal data if required to do so by applicable law, court order, or regulatory authority, or to protect the rights, safety, or property of GetNyay or its users.

8. International Data Transfers

GetNyay is operated from the United States (Illinois) and uses US-based cloud service providers. When you use the Platform from India, your personal data is transferred to and processed in the United States.

These transfers are carried out under applicable data protection frameworks. Our service providers maintain standard contractual clauses, SOC 2 compliance, and industry-standard security measures to protect your data during international transfer.

By using the Platform, you acknowledge and consent to the transfer of your personal data to the United States for the purposes described in this policy.

9. Data Retention

We retain personal data for as long as necessary to provide the service and fulfil legal obligations:

  • Guest/unauthenticated drafts: temporary drafts generated without an account are deleted automatically after 48 hours
  • Registered user documents: retained while your account is active, plus 30 days after account deletion to allow for recovery
  • Attorney account data and client records: retained while the subscription is active, plus 30-day recovery period after cancellation or deletion
  • Payment records (Stripe transaction data): retained for a minimum of 7 years to meet financial record-keeping obligations
  • Uploaded evidence files: retained while your account is active and for 30 days after deletion
  • Server and access logs: retained for up to 90 days for security and abuse detection purposes
  • Security event logs: retained for 12 months
  • Audit logs (attorney dashboard actions): retained for 24 months
  • AI usage logs: retained for up to 12 months in anonymised or pseudonymised form

For detailed information on deletion requests, see our Data Retention & Deletion Policy.

10. Data Security & Limitations

We implement industry-standard security measures to protect your personal data:

  • All data in transit is encrypted using TLS/HTTPS
  • Database-level encryption at rest via Supabase
  • Row Level Security (RLS) in our database ensures users can only access their own data
  • Authentication handled by Supabase Auth with secure session tokens
  • Payment data handled entirely by Stripe — we never receive card numbers
  • Access to production data is restricted to authorised personnel only

Security Limitations

No online system is 100% secure. While we take extensive precautions, we cannot guarantee absolute security against all cyber threats. In the event of a data breach that may affect you, we will notify affected users as required by applicable law.

11. Your Privacy Rights

Depending on your location and applicable law, you may have the following rights regarding your personal data:

  • Right to Access: Request a copy of the personal data we hold about you
  • Right to Correction: Request correction of inaccurate or incomplete data
  • Right to Deletion: Request deletion of your account and associated data (subject to legal retention requirements)
  • Right to Data Portability: Request your complaint data in a machine-readable format
  • Right to Withdraw Consent: Withdraw consent for AI processing where applicable
  • Right to Object: Object to processing of your data for certain purposes

To exercise any of these rights, email privacy@getnyay.in with your registered email address and the specific request. We aim to respond within 30 days.

We may need to verify your identity before fulfilling a request. Some data may be retained beyond deletion requests where required by law (e.g., payment records).

12. Children & Minors

GetNyay is not for minors

The Platform is intended for users who are 18 years of age or older. We do not knowingly collect personal data from individuals under the age of 18. If you are under 18, please do not create an account or submit any personal information through the Platform.

If we become aware that we have inadvertently collected data from a minor under 18, we will delete it promptly. If you believe a minor has used the Platform, please notify us at privacy@getnyay.in.

13. Sensitive Information Warning

Do not upload the following

  • Full credit or debit card numbers, CVV codes, or PINs
  • One-Time Passwords (OTPs) or authentication codes
  • Internet banking usernames and passwords
  • Full Aadhaar card scans (unless absolutely required for your specific complaint)
  • Passport details, PAN card numbers beyond what is directly relevant
  • Any credentials that could enable account access or financial fraud

GetNyay does not require this category of information to draft a complaint. Including such data in uploaded evidence or complaint descriptions creates unnecessary security risk for you. You are solely responsible for any consequences arising from uploading excessively sensitive information to the Platform.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. When we make material changes, we will:

  • Update the effective date at the top of this page
  • Notify registered users by email for significant changes
  • Display a notice on the Platform for a reasonable period following the update

Continued use of the Platform after a policy update constitutes acceptance of the revised terms. If you do not accept the updated policy, you may close your account by contacting us.

15. Contact & Privacy Queries

For any privacy-related questions, requests, or concerns:

Privacy queries: privacy@getnyay.in

General support: support@getnyay.in

Grievance Officer: grievance@getnyay.in

Wealth Building Academy LLC · Illinois, USA · https://getnyay.in

Ask GetNyay AI