Membrain LogoHome

Membrain Privacy Policy (India)

Last updated: 14 December 2025
Applies to: Users in India using the Membrain website, PWA, and mobile-web application (the “Platform”).

This Privacy Policy explains how Membrain collects, uses, stores, and protects personal data in accordance with the Digital Personal Data Protection Act, 2023 (India) and other applicable laws.

This policy is for general informational purposes and does not constitute legal advice.

1. Who We Are

  • Membrain (“we”, “us”, “our”) is a building protection platform that enables digital assessment, system recommendations, execution governance, and long-term building records.
  • Legal Entity: Membrain Infrasolutions Private Limited
  • Registered Address: Vadodara, Gujarat, India
  • Primary Contact (Privacy & Support): support@membrainapp.in
  • General Helpdesk: help@membrainapp.in
  • Grievance Officer (India): support@membrainapp.in

2. Scope (India Only)

  • This Privacy Policy applies to users located in India. It is framed with reference to Indian data protection laws, including the Digital Personal Data Protection Act, 2023 (DPDP Act).
  • If you are located outside India, please do not access or use the Platform.

3. Personal Data We Collect

A. Information You Provide

  • Account & identity data: name, mobile number (OTP-based login), email address (if provided)
  • Assessment & project data: site address, areas assessed, problem descriptions, measurements
  • Media & documents: photographs, videos, drawings, measurement sheets, recommendations, invoices, digital warranties, feedback
  • Support communications: messages, emails, and attachments shared with support
  • If you upload personal data relating to another individual (e.g., tenant or owner), you confirm that you have the authority to do so.

B. Information Collected Automatically

  • Device & log data: IP address, browser/device type, operating system, language, timestamps
  • Usage & performance data: screens viewed, interactions, feature usage, crash logs
  • PWA storage: offline cache and local storage for reliability and performance
  • Cookies / local storage:
  • Essential (always enabled): authentication, security, feature control, first-visit flag (e.g., membrain_seen_v1)
  • Optional (consent-based): analytics and measurement identifiers (only if enabled)

C. Information from Partners (Where Applicable)

  • Payment providers: transaction status and reference IDs (we do not store full card details)
  • Messaging services: push notification tokens (if enabled)

4. Why We Process Personal Data (Purposes)

  • Operate the Platform: account creation, assessments, recommendations, execution coordination, digital records, warranties
  • Execution governance: technician assignment, site documentation, quality checks, and audit trails
  • Communication: notifications, reminders, invoices, updates, and support
  • Payments: processing, reconciliation, and refunds (if applicable)
  • Platform improvement: analytics, diagnostics, research using aggregated or de-identified data
  • Security & compliance: fraud prevention, abuse detection, enforcement of Terms
  • Legal obligations: taxation, GST records, regulatory compliance
  • Legal basis (India): Your consent (for optional processing such as analytics) and legitimate use as permitted under applicable law for platform operation, security, and compliance

5. Cookies, Local Storage & Consent

  • Essential cookies/local storage are required for Platform functionality and cannot be disabled
  • Optional analytics cookies/SDKs are enabled only with your consent and can be withdrawn at any time via in-app settings or by contacting support
  • PWA cache can be cleared using your browser’s site settings

6. Sharing & Disclosure of Data

  • We do not sell personal data.
  • We may share limited data with:
  • Service providers (data processors): cloud hosting (e.g., Firebase), authentication, storage, messaging, analytics (if enabled), monitoring, support tools
  • Payment partners: for transaction processing
  • Execution partners/technicians: only data necessary to carry out approved work
  • Legal authorities: where required by law or to protect rights and safety
  • Business transfers: in case of merger, acquisition, or restructuring (with notice where required)
  • All partners are contractually bound to process data only on our instructions and to maintain appropriate security safeguards.

7. Data Retention

  • We retain personal data only as long as necessary:
  • Account data: while your account is active; deleted on request (subject to legal holds)
  • Project & media data: typically until warranty expiry + 12 months
  • Invoices & GST records: up to 8 years or as required by law
  • Support records: approximately 24 months
  • Retention periods may vary where legally required.

8. Security Measures

  • We implement reasonable technical and organizational safeguards, including:
  • Encryption in transit (TLS)
  • Secure cloud infrastructure
  • Role-based access controls
  • Database and storage access rules
  • No system is completely secure; we continuously improve our security posture.

9. Your Rights (India – DPDP Act)

  • Subject to applicable law, you have the right to:
  • Access your personal data
  • Correct inaccurate or incomplete data
  • Request deletion/erasure (subject to legal obligations)
  • Withdraw consent for optional processing
  • File a grievance with our Grievance Officer
  • Nominate another individual to exercise your rights in case of death or incapacity
  • How to exercise rights:
  • Email support@membrainapp.in (privacy & grievances) or help@membrainapp.in (general support).
  • We aim to respond within 30 days, subject to verification.

10. Children’s Data

  • The Platform is not intended for individuals under 18 years of age. We do not knowingly process children’s data without verifiable parental or guardian consent.

11. International Data Transfers

  • Your data may be processed in India or other countries where our vendors operate. Appropriate safeguards are applied based on jurisdiction and risk.

12. Third-Party Links

  • The Platform may contain links to third-party services. Their privacy practices are governed by their own policies, which we encourage you to review.

13. Changes to This Policy

  • We may update this Privacy Policy periodically. Updated versions will be published on the Platform with a revised “Last updated” date, and we will notify users where required.

14. Contact & Grievance Redressal (India)

  • Privacy & Grievance Contact: support@membrainapp.in
  • General Helpdesk: help@membrainapp.in
  • Grievance Officer: support@membrainapp.in
  • Postal Address: Vadodara, Gujarat, India
  • If you are not satisfied with our response, you may escalate the matter as permitted under applicable Indian law.