Privacy Policy

Last Updated: January 2026

At SEMPL, your privacy and data security are our top priorities. This Privacy Policy explains how we collect, use, protect, and handle your personal information and documents.

1. Information We Collect

1.1 Personal Information

When you create a SEMPL account, we collect:

• Name and email address
• Phone number (for account verification)
• Payment information (processed securely by third-party payment providers)
• Device information and NFC product serial numbers

1.2 Document Data

You upload documents to SEMPL for storage and management. We store these documents securely but do not access, read, or analyze their contents except when required for technical support with your explicit permission.

1.3 Usage Information

We automatically collect information about how you use SEMPL, including:

• App usage patterns and feature interactions
• Device type, operating system, and app version
• IP address and general location data
• NFC tap events and access logs

2. How We Use Your Information

We use collected information to:

• Provide and maintain SEMPL services
• Process your transactions and manage subscriptions
• Link NFC devices to your account
• Send service updates and security notifications
• Improve our products and develop new features
• Provide customer support
• Comply with legal obligations

3. Data Security & Encryption

3.1 Encryption in Transit

All data transmission between your device and SEMPL servers uses TLS/SSL encryption (256-bit), ensuring your documents are protected during upload and access.

3.2 Encryption at Rest

Your documents are encrypted using AES-256 encryption before storage on our cloud servers. Encryption keys are managed using industry-standard key management practices.

3.3 Access Controls

Strict access controls ensure only authorized personnel can access infrastructure. No SEMPL employee can view your document contents without explicit permission for technical support purposes.

3.4 Security Measures

We implement multiple security layers including:

• Regular security audits and vulnerability assessments
• Firewall protection and intrusion detection
• Multi-factor authentication options
• Automated backup systems with disaster recovery

4. Data Sharing & Third Parties

4.1 We Do NOT Sell Your Data

SEMPL never sells, rents, or trades your personal information or documents to third parties for marketing purposes.

4.2 Service Providers

We work with trusted third-party service providers for:

• Cloud infrastructure hosting (AWS/Google Cloud)
• Payment processing (Razorpay/Stripe)
• Email communications
• Analytics (anonymized data only)

These providers are contractually obligated to protect your data and use it only for providing services to SEMPL.

4.3 Legal Requirements

We may disclose information if required by law, court order, or government regulation, or if necessary to protect our rights, user safety, or prevent fraud.

5. Your Privacy Rights

You have the right to:

• Access: Request a copy of all personal data we hold about you
• Correction: Update or correct your personal information
• Deletion: Request deletion of your account and all associated data
• Portability: Download your documents in standard formats
• Withdraw Consent: Opt-out of marketing communications

To exercise these rights, contact us at privacy@sempl.shop

6. Data Retention & Deletion

6.1 Active Accounts

We retain your data for as long as your account is active and your subscription is valid.

6.2 Account Deletion

When you delete your account:

• You have 30 days to download your documents
• After 30 days, all documents are permanently deleted
• Some transaction records may be retained for legal/accounting purposes
• Deletion is irreversible

6.3 Inactive Accounts

Accounts inactive for 2 years may be scheduled for deletion with 90 days' advance notice.

7. Cookies & Tracking

SEMPL uses essential cookies for authentication and service functionality. We use analytics cookies (with anonymized data) to improve user experience. You can control cookie preferences in your browser settings.

8. Children's Privacy

SEMPL is not intended for users under 18 years of age. We do not knowingly collect data from children. If we discover such data has been collected, we will delete it immediately.

9. International Data Transfers

Your data is primarily stored on servers located in India. If data is transferred internationally, we ensure adequate safeguards are in place per applicable data protection laws.

10. Compliance with Indian Laws

SEMPL complies with the Information Technology Act, 2000, and applicable Indian data protection regulations. We follow reasonable security practices as mandated by law.

11. Changes to Privacy Policy

We may update this Privacy Policy periodically. Significant changes will be notified via email or in-app notification. Continued use after changes constitutes acceptance.

12. Contact Us

For privacy-related questions or concerns:

Email: support@sempl.shop