Privacy Policy

Effective Date: December 04, 2025

SectorQube Technolabs Private Limited (doing business as IKIN Global) (“SectorQube”, “IKIN Global”, “we”, “us”, or “our”) is committed to protecting the privacy of individuals who use our mobile applications (“Apps”).

This Privacy Policy explains how we collect, use, store, share and protect your digital personal data when you use our Apps, and how we comply with the Digital Personal Data Protection Act, 2023 and the rules framed thereunder (“DPDP Act”) to the extent applicable.

For the purposes of the DPDP Act, SectorQube is the Data Fiduciary and you are the Data Principal.

By using IKIN Mobile Apps, you acknowledge that you have read and understood this Privacy Policy.

1. Scope and Applicability

This Privacy Policy applies to personal data that:

  • is collected through our mobile applications published under the IKIN / IKIN Global brand; and
  • relates to individuals located in India whose personal data is processed in connection with the offering of our products or services.

This Policy does not apply to information processed by third-party apps, websites, or services that are not controlled by us.

2. Categories of Personal Data We Collect

Depending on how you use our Apps and the services you access, we may collect and process the following categories of personal data:

Basic identification and contact data

  • Name
  • Phone number
  • Email address
  • Company name (where applicable)

Account and usage data

  • Username, profile information
  • App usage logs, in-app actions (e.g., lock/unlock requests, alert acknowledgements)
  • Device identifiers (such as mobile device ID, operating system, app version)

Location data

  • Approximate or precise location (for example, when required to show nearby IKIN devices, logs, or alerts, or to verify activity)

Technical data

  • IP address
  • Device type and model
  • Network information and diagnostics related to app performance and security

Support and communication data

  • Information you provide when you contact us (support tickets, emails, call logs where applicable)

We generally do not collect sensitive personal data (such as financial account details, health data, biometric identifiers) through the Apps, unless specifically required for a particular service and clearly informed to you at that time.

Where we collect any additional categories of data, we will inform you in a clear and concise notice at or before the time of collection, as required by the DPDP Act.

3. Purposes and Legal Basis for Processing Your Personal Data

We process your personal data only for specific, clear, and lawful purposes and only to the extent that is necessary and proportionate to those purposes, in line with the DPDP Act.

3.1 Primary purposes

We use your personal data to:

Provide and operate our services

  • Create and manage user accounts
  • Authenticate you on login
  • Facilitate lock/unlock operations and related IoT functions
  • Show you lock status, alerts, and activity logs as enabled for your account

Maintain and improve our Apps and services

  • Monitor app performance and reliability
  • Fix bugs and improve features
  • Develop new functionalities based on aggregated and anonymised usage insights

Security and fraud prevention

  • Detect and prevent misuse or unauthorised access
  • Investigate security incidents and technical issues
  • Maintain audit logs where required by our contracts or legal obligations

Communication

  • Send you important service notifications (for example, critical alerts, changes affecting app availability or security)
  • Respond to your queries and support requests

Legal and regulatory compliance

  • Comply with applicable laws, law-enforcement requests, court orders, and contractual obligations
  • Maintain records required under applicable law

3.2 Legal basis under the DPDP Act

Under the DPDP Act, we process your personal data on the following legal bases:

  • Your consent – For example, enabling location-based features, certain types of notifications, or optional analytics.
  • “Legitimate uses” permitted under law – For instance, where you voluntarily provide personal data to use the Apps, or where processing is necessary to perform a contract with you, comply with legal obligations, or respond to medical or safety emergencies relating to you or others.

Where consent is the basis, we seek free, specific, informed, unconditional and unambiguous consent through a clear affirmative action, and we limit processing to the purposes described in the consent notice.

4. Consent Management and Withdrawal

You may provide or manage your consent within the App settings, or by contacting us using the details provided in the “Contact and Grievance Redressal” section below.

You may withdraw your consent at any time. After withdrawal, we will stop processing your personal data for those purposes that relied on consent, within a reasonable time, while continuing any processing that is necessary for:

  • completing ongoing transactions; or
  • compliance with applicable law or contractual obligations.

The ease of withdrawing consent will be comparable to the ease with which consent was given, as required by the DPDP Act.

Please note that if you withdraw consent for essential purposes (for example, basic account information or necessary permissions), some or all features of the App may no longer be available to you.

5. Children’s Data

Our Apps are generally intended for use by adults in a professional or organisational context. Where an App may be used by individuals under 18 years of age:

  • We will not knowingly process personal data of children without valid, verifiable parental or guardian consent, as required under the DPDP Act.
  • We do not use children’s personal data for behavioural monitoring or targeted advertising.

If you believe that a child’s data has been provided to us without appropriate consent, please contact us so that we can take appropriate steps, including deletion where applicable.

6. How We Share Your Personal Data

We do not sell your personal data.

We may share your personal data only in the following circumstances:

Service providers / data processors

With trusted third-party vendors who provide services such as cloud hosting, SMS or email delivery, push notifications, analytics, or customer support. These service providers are bound by contractual obligations to:

  • process data only on our documented instructions; and
  • implement reasonable security safeguards as required under the DPDP Act.

Affiliates and group entities

With our group companies for purposes consistent with this Privacy Policy (for example, unified support, infrastructure management, or reporting), subject to equivalent data protection safeguards.

Business and logistics partners

Where you or your employer uses our solutions as part of a broader logistics / security arrangement, we may share relevant data (e.g., lock activity logs, alerts) with the organisation that has provided you access to the App, in accordance with their instructions and applicable contracts.

Legal, regulatory and enforcement requirements

With government authorities, courts or law-enforcement agencies where required by applicable law, regulation, or a valid legal process.

Business transfers

In connection with any merger, acquisition, restructuring, sale of assets, or financing, where your personal data may be transferred as part of such transaction, subject to continuity of protections consistent with this Privacy Policy.

7. Cross-Border Transfer of Personal Data

Your personal data may be stored and processed on servers located in India or in other countries, as permitted by the DPDP Act and any notifications issued by the Government of India from time to time.

Where we transfer personal data outside India, we will ensure that such transfers are:

  • allowed under applicable law; and
  • subject to appropriate technical and organisational safeguards and contractual protections.

8. Data Security

We implement reasonable security safeguards designed to protect your personal data from unauthorised access, use, alteration, disclosure or destruction, in line with the requirements of the DPDP Act.

These measures include, as appropriate:

  • access controls and role-based permissions
  • network and application-level security
  • encryption in transit and at rest where feasible
  • secure software development and change-management practices
  • logging and monitoring of critical systems
  • internal policies and training for personnel who handle personal data

In the event of a personal data breach, we will take steps to contain and remediate the incident and, where required under law, notify the Data Protection Board of India and affected Data Principals.

9. Data Retention

We retain your personal data only for as long as necessary to:

  • fulfil the purposes described in this Privacy Policy;
  • provide our services and maintain your account;
  • comply with applicable legal, contractual, and regulatory obligations; and
  • resolve disputes and enforce our agreements.

When personal data is no longer required for the above purposes, we will delete or irreversibly anonymise it, subject to any retention obligations under applicable law.

10. Your Rights Under the DPDP Act

Subject to the conditions and limitations under the DPDP Act, you have the following rights as a Data Principal:

Right to access information

You can request information about:

  • what personal data we process about you;
  • the purposes of such processing; and
  • with whom such data has been shared, to the extent required by law.

Right to correction and updating

You can request correction of inaccurate or misleading personal data, completion of incomplete data, and updating of outdated data relating to you.

Right to erasure

You can request erasure of your personal data where:

  • the purpose for which it was collected has been fulfilled; or
  • consent has been withdrawn and there is no other lawful basis for retention; or
  • erasure is otherwise required under law.

We may retain certain data if we are legally required or permitted to do so.

Right to grievance redressal

You have the right to accessible and effective grievance redressal regarding any act or omission by us relating to your personal data or your rights under the DPDP Act.

Right to nominate

You may nominate another individual to exercise your rights under the DPDP Act in the event of your death or incapacity, in the manner prescribed under applicable rules.

How to exercise your rights

You may exercise these rights by:

  • using available options within the App (where provided); or
  • writing to us at support@ikinglobal.com with the subject line “DPDP Data Rights Request”.

We may need to verify your identity before acting on your requests. We will respond to your requests within the timelines prescribed under the DPDP Act and its rules.

11. Contact and Grievance Redressal

For any questions, concerns, or grievances relating to this Privacy Policy or our handling of your personal data, please contact:

Grievance Officer
SectorQube Technolabs Private Limited (IKIN Global)
Email: support@ikinglobal.com

We will acknowledge and address your grievance within the time limits specified under applicable law. If you are not satisfied with our response, you may escalate the matter to the Data Protection Board of India in accordance with the DPDP Act.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect:

  • changes in our Apps, services or data-processing practices; or
  • changes in applicable laws and regulations, including the DPDP Act and its rules.

When we make material changes, we will:

  • update the “Effective Date” at the top of this page; and
  • provide you with an appropriate notice, which may include an in-app notification, email, or prominent notice on our website.

Your continued use of IKIN Mobile Apps after such changes become effective will signify your acceptance of the updated Privacy Policy.

Thank you for trusting IKIN Global with your personal information.