Legal Document
Privacy Policy
Effective Date: 1 April 2025
Last Updated: 1 April 2025
Version 1.0
Your privacy matters. ZeroFIR.com ("ZeroFIR", "we", "us", or "our") is committed to protecting the personal information you share with us. This Privacy Policy explains what data we collect, how we use it, and the rights you have over your information. By using our website or mobile application, you agree to this policy.
ZeroFIR.com is an AI-powered platform that enables Indian citizens to draft First Information Reports (FIRs) in plain language. The platform is operated by The Imaginations, a venture studio registered in Surat, Gujarat, India. ZeroFIR serves as a civic-tech tool designed to make the FIR registration process accessible, transparent, and legally sound for every citizen of India.
This Privacy Policy applies to all digital touchpoints of ZeroFIR including the website at zerofir.com, the ZeroFIR mobile application (Android and iOS), and any related services, features, or content made available by us (collectively, the "Platform").
We collect the following categories of information when you use the Platform:
A. Information You Provide Directly
- FIR Details: Incident description, date, time, location, names of persons involved, and any other factual information you voluntarily enter to generate a draft FIR.
- Personal Identification: Your name, mobile number, email address, and city/state — collected when you register or submit a FIR draft.
- Evidence Files: Photographs or documents you optionally upload as supporting evidence to your FIR draft.
- Communication Data: Messages or queries you send us via contact forms, email, or WhatsApp.
B. Information Collected Automatically
- Device Information: Device type, operating system, browser type, IP address, and device identifiers.
- Usage Data: Pages visited, features used, time spent, clicks, and navigation paths within the Platform.
- Location Data: Approximate location derived from IP address; precise GPS location only if you grant explicit permission within the mobile app.
- Log Data: Server-side access logs, error reports, and crash analytics.
C. Information from Third Parties
- Firebase (Google) may provide anonymised crash reports and push notification tokens.
- Payment processors (if applicable) may share transaction confirmations; we do not store full payment card details.
We use the information collected for the following purposes:
| Purpose | Data Used |
|---|
| Generating AI-drafted FIR documents | Incident details, personal identifiers |
| Saving and retrieving FIR drafts | Account info, draft content |
| Sending notifications about draft status | Mobile number, email, device token |
| Improving AI accuracy and legal coverage | Anonymised FIR drafts (no PII) |
| Providing customer support | Communication data |
| Preventing fraud and abuse | Device info, IP address, usage data |
| Analytics and platform performance | Usage data, log data |
| Legal compliance and dispute resolution | As required by applicable law |
Important: We do NOT use your FIR content, incident narratives, or personal information for advertising, profiling for commercial sale, or sharing with political entities.
We process your personal data on the following legal grounds under applicable Indian law (including the Digital Personal Data Protection Act, 2023, where notified):
- Consent: When you voluntarily provide personal information to use the Platform or sign up for communications.
- Contractual Necessity: Processing required to provide the FIR drafting service you have requested.
- Legitimate Interests: For fraud prevention, platform security, and service improvement — provided such interests do not override your fundamental rights.
- Legal Obligation: Where we are required to retain or disclose data under applicable Indian laws, including orders from law enforcement or courts of competent jurisdiction.
We do not sell your personal data. We may share information in the following limited circumstances:
- Service Providers: We engage trusted third-party vendors (cloud hosting, AI API providers, SMS/email gateway) solely to operate the Platform, under data processing agreements that restrict their use of your data.
- Vakalat.com Lawyer Referral: If you choose to connect with a lawyer via our integrated referral feature, only the information you explicitly consent to share will be passed to Vakalat.com.
- Law Enforcement / Legal Process: We may disclose information in response to lawful orders, summons, or judicial directions from Indian law enforcement agencies or courts.
- Business Transfers: In the event of a merger, acquisition, or asset sale, your data may be transferred to the successor entity, subject to the same protections.
- Aggregated / Anonymised Data: We may publish aggregated, non-identifiable statistics about FIR usage patterns for civic research and platform improvement.
We retain your personal data only as long as necessary for the purposes described in this Policy or as required by applicable law:
- FIR Drafts: Retained on your account until you delete them or close your account.
- Account Information: Retained for the duration of your account plus a period of 3 years to meet legal obligations.
- Anonymised Usage Data: May be retained indefinitely for analytics purposes.
- Communication Logs: Retained for up to 1 year from the date of communication.
Upon account deletion, we will delete or anonymise your personal data within 30 days, except where retention is required by law.
We implement industry-standard technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:
- HTTPS/TLS encryption for all data in transit
- Encrypted storage of sensitive data at rest
- Role-based access controls limiting data access to authorised personnel only
- Secure token-based authentication (JWT) for user sessions
- Regular security audits and vulnerability assessments
- Firebase Cloud Security Rules for mobile application data
Note: No method of transmission over the internet is 100% secure. While we take all commercially reasonable precautions, we cannot guarantee absolute security of your data. You are responsible for maintaining the confidentiality of your login credentials.
As a user of ZeroFIR, you have the following rights with respect to your personal data:
- Right to Access: Request a copy of the personal data we hold about you.
- Right to Correction: Request correction of inaccurate or incomplete personal data.
- Right to Deletion: Request deletion of your personal data, subject to legal retention obligations.
- Right to Data Portability: Receive your data in a structured, commonly used format.
- Right to Withdraw Consent: Withdraw consent for data processing at any time, without affecting the lawfulness of processing before withdrawal.
- Right to Grievance Redressal: Lodge a complaint with us or, where applicable, with the competent data protection authority under the Digital Personal Data Protection Act, 2023.
To exercise any of these rights, please contact our Grievance Officer at [email protected]. We will respond within 30 days of receiving your request.
ZeroFIR is not directed at children under the age of 18. We do not knowingly collect personal information from minors. If you believe that a child under 18 has provided personal data to us, please contact us immediately at [email protected] so we can take appropriate steps to delete such data.
Our Platform may contain links to third-party websites, state police e-FIR portals, or partner services (including Vakalat.com). This Privacy Policy applies only to ZeroFIR. We are not responsible for the privacy practices of any third-party website or service. We encourage you to read the privacy policy of every website you visit.
Third-party services integrated with ZeroFIR include:
- Anthropic Claude API — AI text generation (data processed per Anthropic's usage policy)
- Firebase (Google LLC) — Push notifications, crash reporting, and cloud storage
- WhatsApp Business API — Optional FIR sharing via WhatsApp
- State Police e-FIR Portals — External links only; no data is shared automatically
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by:
- Posting the revised policy on zerofir.com with an updated "Last Updated" date
- Sending a notification via the mobile app or email (for registered users)
Your continued use of the Platform after the effective date of any revised policy constitutes your acceptance of the updated terms.
If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please contact our designated Grievance Officer: