Privacy Policy for Insurance Advisory Website — Your Data, Our Responsibility
Effective Date: March 2026 · Governed under DPDP Act 2023 & IRDAI Cybersecurity Guidelines 2023 · Last Reviewed: March 2026 Privacy Policy for Insurance Advisory Website | India
This privacy policy for insurance advisory website outlines in clear terms how we collect, use, store, and protect your personal information when you visit our platform, request a policy quote, or consult our advisors. We believe your data belongs to you — and we treat it that way. As an insurance advisory platform serving users across India, we are fully committed to data protection insurance advisory standards prescribed by Indian law.
1. Who We Are and Why This Privacy Policy Matters
We are a licensed insurance advisory platform registered in India, facilitating comparisons and consultations across life, health, motor, and general insurance products. Given the sensitivity of health records, financial data, and personal identifiers shared on our platform, maintaining user data privacy insurance platform integrity is not optional — it is a legal and ethical mandate.
Building on this commitment, India’s Digital Personal Data Protection Act, 2023 (DPDP Act) and the IRDAI Cybersecurity Guidelines, 2023 form the backbone of our compliance framework. In particular, the IRDAI guidelines require all insurance intermediaries — including web aggregators and advisory platforms — to adopt a Board-approved cybersecurity policy and conduct independent security audits annually.
2.How We Use Your Data for privacy policy
Your data is used strictly for the purposes declared at the time of collection. As required by the principle of data minimisation under the DPDP Act 2025 update, we collect only what is necessary for policy issuance, advisory, and claims-related activities. Your data is never sold to third parties or used for unsolicited advertising.
3. Compliance Framework Comparison For Privacy Policy
Here is how our privacy policy for insurance advisory website aligns with applicable Indian regulations:
| Requirement | DPDP Act 2023 | IRDAI CS Guidelines 2023 | Our Platform |
|---|---|---|---|
| Explicit user consent before data collection | Mandatory | Mandatory | ✔ Implemented |
| Annual independent security audit | Recommended | Mandatory | ✔ Conducted |
| Breach reporting to CERT-In within 6 hours | Required | Required | ✔ SOP Active |
| Data localisation (storage within India) | Required | Required | ✔ India Servers |
| Right to erasure / correction | Granted | Recommended | ✔ Portal Available |
| Board-approved cybersecurity policy | Implied | Mandatory | ✔ Board-Approved |
| Automated decision-making disclosure | Required | Not specified | ✔ Disclosed |
4. Your Rights Under Indian Data Law for privacy policy
As a user of this user data privacy insurance platform, you enjoy the following rights guaranteed by the DPDP Act 2023:
5. Data Security Measures for privacy policy
To protect your information at every step, we actively enforce end-to-end encryption, role-based access controls, secure cloud storage on India-domiciled servers, and automated breach detection systems — all in line with our data protection insurance advisory obligations under IRDAI guidelines and the DPDP Act. Furthermore, as India’s information security spending is set to rise 16.4% to $3.3 billion in 2025, we continuously align our internal investments with this growing sector-wide standard.
Non-compliance Notice: The Data Protection Board of India (DPB) enforces monetary penalties of up to ₹250 crore per violation under the DPDP Act 2023. Accordingly, we treat compliance not as a checkbox exercise, but as a continuous, board-level priority that our leadership team actively monitors and upholds.
6. Cookies and Third-Party Services
Beyond data collection, our insurance website privacy in India commitments extend equally to how we manage cookies and third-party analytics. Specifically, we deploy only necessary and performance cookies, and we ask for your separate consent before activating any optional analytics cookies. In addition, we never deploy third-party advertising cookies on our platform. Moreover, every third-party service provider that accesses your data must contractually uphold the same data protection standards we follow — no exceptions.
7. Retention and Deletion Policy
We retain your personal data only for as long as the service requires or the law mandates. For instance, IRDAI directs insurers and intermediaries to retain policyholder records for a minimum of 10 years. Once that retention period ends, we securely delete or anonymise your data without delay. Additionally, you can submit a deletion request at any time through your account portal — though legal retention obligations may apply in certain cases.
8. Updates to This Policy
As India’s regulatory landscape continues to evolve — most notably with MeitY releasing the Draft DPDP Rules 2025 in January 2025 — we update this privacy policy for insurance advisory website page to reflect every significant change. Consequently, whenever we make major revisions, we notify all registered users via email with at least 30 days’ advance notice, so you always stay informed and in control.
