Privacy Policy

Last updated: February 9, 2026

1. Introduction

LiveStayy Technologies Private Limited ("LiveStayy", "we", "our", "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our mobile application and website (the "Platform").

This policy is compliant with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023 (DPDPA).

2. Information We Collect

2.1 Information You Provide

  • Account Information: Full name, email address, phone number, date of birth, gender, and profile photograph.
  • Identity Documents: Aadhaar card (front and back), PAN card, and other government-issued identification for KYC verification.
  • Property Information (Owners): Property address, room configurations, amenities, rent amounts, and building photographs.
  • Rental Information (Tenants): Emergency contact details, move-in/move-out dates, rental agreements, and preferences.
  • Financial Information: UPI IDs, bank account details (for payment processing), transaction history, and payment receipts.
  • Communication Data: Complaints, announcements, feedback, and messages exchanged through the Platform.
  • Biometric Data: Face photographs for identity verification and digital signatures.

2.2 Information Collected Automatically

  • Device Information: Device type, operating system, unique device identifiers, and mobile network information.
  • Usage Data: Features accessed, time spent on the Platform, interactions, and navigation patterns.
  • Log Data: IP addresses, browser type, pages visited, crash reports, and system activity.
  • Location Data: Approximate location based on IP address (we do not collect precise GPS location without explicit consent).

2.3 Information from Third Parties

  • Authentication Providers: Google Sign-In profile data (name, email, profile picture).
  • Payment Processors: Transaction status and confirmation from UPI payment providers.
  • Firebase Services: Analytics, crash reports, and push notification delivery data.

3. How We Use Your Information

We use the collected information for the following purposes:

a.

Service Delivery

To create and manage accounts, facilitate property management, process rent payments, and enable communication between users.

b.

Identity Verification

To verify user identities using KYC documents and biometric data for security and compliance purposes.

c.

Payment Processing

To process, track, and reconcile rent payments and generate digital receipts.

d.

Communication

To send rent reminders, maintenance updates, announcements, and platform notifications.

e.

Analytics and Improvement

To analyze usage patterns, debug issues, and improve Platform features and user experience.

f.

Legal Compliance

To comply with applicable laws, regulations, legal processes, or enforceable governmental requests.

4. Legal Basis for Processing (Under DPDPA 2023)

We process your personal data based on the following legal grounds:

  • Consent: Where you have provided explicit consent for data processing (e.g., during registration and KYC verification).
  • Contractual Necessity: Where processing is necessary to perform our agreement with you (e.g., service delivery).
  • Legitimate Interest: Where processing is necessary for our legitimate business interests (e.g., fraud prevention, platform security).
  • Legal Obligation: Where processing is required to comply with applicable laws.

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your data with:

5.1 Within the Platform

  • Owners can access tenant profiles, payment history, and complaint records for their properties.
  • Caretakers can access limited tenant information necessary for property management.
  • Tenants can view property and Owner information relevant to their rental.

5.2 Third-Party Service Providers

  • Google Firebase: For authentication, database storage, cloud storage, analytics, and push notifications.
  • Payment Gateways: For processing UPI and digital payments.
  • Cloud Storage: For secure document and image storage.
  • Communication Services: For sending SMS and push notifications.

All third-party providers are bound by data processing agreements and are required to maintain the confidentiality of your information.

5.3 Legal Requirements

We may disclose information if required by law, court order, or government request, or if we believe disclosure is necessary to protect our rights, safety, or the rights and safety of others.

6. Data Storage and Security

6.1 Storage

Your data is stored on Google Firebase/Cloud servers. While servers may be located outside India, we ensure adequate data protection measures are in place as required by Indian law.

6.2 Security Measures

We implement industry-standard security measures including:

  • End-to-end encryption for sensitive data transmission (TLS/SSL).
  • Firebase Security Rules for database access control.
  • Secure authentication using Firebase Auth with phone OTP and Google Sign-In.
  • Regular security assessments and vulnerability testing.
  • Role-based access controls within the Platform.
  • Encrypted storage for sensitive documents (KYC, agreements).

6.3 Data Breach

In the event of a data breach that may affect your personal information, we will notify you and the relevant authorities within 72 hours as required by applicable law.

7. Data Retention

We retain your personal information for as long as necessary to:

  • Provide our Services to you.
  • Comply with legal obligations (tax records, rental agreements, etc.).
  • Resolve disputes and enforce agreements.

Specific retention periods:

  • Active account data: Retained while your account is active.
  • Transaction records: Retained for 7 years for tax and legal compliance.
  • KYC documents: Retained for 5 years after account closure.
  • Usage logs: Retained for 12 months.

After the retention period, data is securely deleted or anonymized.

8. Your Rights (Under DPDPA 2023)

As a Data Principal, you have the following rights:

Right to Access

Request a summary of the personal data we process and how it is being used.

Right to Correction

Request correction or completion of inaccurate or incomplete personal data.

Right to Erasure

Request deletion of your personal data, subject to legal retention requirements.

Right to Withdraw Consent

Withdraw consent for data processing at any time (may limit access to certain features).

Right to Grievance Redressal

Lodge complaints with our Grievance Officer or the Data Protection Board of India.

Right to Nominate

Nominate another person to exercise your data rights in case of death or incapacity.

To exercise any of these rights, please contact our Grievance Officer at the details provided in Section 13.

9. Children's Privacy

The Platform is not intended for individuals under 18 years of age. We do not knowingly collect personal information from minors. If we become aware that a minor has provided us with personal information, we will take steps to delete such information promptly.

10. Cookies and Tracking Technologies

Our website may use cookies and similar tracking technologies to enhance your experience. These include:

  • Essential Cookies: Required for basic Platform functionality.
  • Analytics Cookies: Used to understand how users interact with the Platform (via Firebase Analytics).
  • Preference Cookies: Used to remember your settings and preferences.

You can control cookie preferences through your browser settings. Disabling certain cookies may affect Platform functionality.

11. Third-Party Links

The Platform may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read the privacy policies of any third-party services you access through our Platform.

12. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of significant changes through:

  • In-app notifications.
  • Email notifications to your registered email.
  • A prominent notice on the Platform.

Continued use of the Platform after changes constitutes acceptance of the updated Privacy Policy.

13. Contact Information & Grievance Officer

For questions, concerns, or to exercise your data rights, please contact:

Data Protection / Grievance Officer

LiveStayy Technologies Private Limited

General Support

support@livestayy.com

Address

Bangalore, Karnataka, India

Response Time

Within 30 days of receipt

If you are not satisfied with our response, you have the right to lodge a complaint with the Data Protection Board of India as established under the Digital Personal Data Protection Act, 2023.