AccordKit

Privacy Policy

Last updated: 22 August 2025 (IST)

Important Notice

This document is provided for informational purposes only and does not constitute legal advice. Please consult with a qualified attorney for legal guidance specific to your situation.

Who we are: AccordKit ("we", "us", "our") provides a cookie consent banner and a consent‑logging service for websites. This Privacy Policy explains how we handle personal data on accordkit.com (the "Site"), app.accordkit.com (the "App"), and via our script embedded on customer websites (the "Banner").

Contact: contact@accordkit.com

1) What we collect

We aim for data minimisation. We collect:

  • Account data (customers): name, email, password hash, company, billing details (from Razorpay), support messages.
  • Consent events (your site's visitors): a pseudonymous identifier, consent state by category, timestamps, and limited technical metadata required for integrity and auditing (e.g., version, locale). We do not collect your visitors' names or contact details through the Banner.
  • Site analytics (our marketing site/app): privacy‑friendly pageview metrics. No marketing pixels are loaded before consent.

2) Why we collect it (use of data)

  • Provide and secure the Service (create accounts, serve the Banner, store/export consent logs).
  • Process payments and send transactional emails (receipts, service notices).
  • Resolve support requests and improve reliability and performance.
  • Comply with legal obligations (tax, accounting, security).

3) Cookies & similar tech

  • The Banner sets cookies (or local storage) to remember consent state per category.
  • Our Site/App may set strictly necessary cookies to keep you logged in and to protect against abuse.

4) Legal basis / grounds

We process data as needed to perform the contract with our customers, based on consent where applicable (for the Banner), and for legitimate operational purposes such as security and fraud prevention, in line with applicable laws.

5) Payment processing

Payments are handled by Razorpay. Card and UPI data are collected and processed by Razorpay under their policies. We receive limited billing metadata (e.g., payer, status, amount, timestamps).

6) Data sharing & subprocessors

We share data with service providers who help us run the Service (e.g., hosting, email, payment processing). A current list of subprocessors will be published at /legal/subprocessors (coming soon). We do not sell personal data.

7) Data location & transfers

We use reputable cloud providers. Data may be stored or processed in locations different from your own jurisdiction, subject to contractual safeguards.

8) Security

We use technical and organizational measures including Row‑Level Security, append‑only logging, encryption in transit, access controls, and regular reviews. No system can be 100% secure.

9) Retention

  • Consent logs: default 24 months.
  • Account/billing records: for the duration of the account and as required by tax/accounting laws.
  • Support messages: as long as needed to resolve the request.

10) Your choices & rights

  • Customers (admins): You can access, correct, export, or delete your account data by emailing support@accordkit.com or via the App.
  • Visitors of our customers' sites: Contact the website you were visiting to exercise rights about your consent/cookies. We act as a processor/service provider for our customers in that context.

11) Grievance & contact

If you have a privacy concern, email contact@accordkit.com. We aim to respond within 2-3 business days.

12) Children

Our Service is not directed to children. If you believe a child's data is in our systems, contact us and we will take appropriate steps.

13) Changes to this Policy

We may update this Policy. The "Last updated" date will change, and material changes will be posted on the Site/App.