Blog Contact us
Blog Contact us

Privacy Policy

Introduction

KeyValue Software Systems Private Limited ("KeyValue", "we", "us", or "our") is committed to protecting the privacy and personal data of users who interact with the CoFee application ("CoFee"). This Privacy Policy explains how we collect, use, share, and protect your personal information when you use the CoFee mobile application, website, or related services.
By using CoFee, you agree to the terms outlined in this Privacy Policy. If you do not agree with these terms, we kindly recommend refraining from using our services.

Applicability

This Privacy Policy applies to personal data processed through the CoFee platform, including its mobile and web interfaces. CoFee is a platform designed to streamline financial onboarding, information sharing, and digital record maintenance.

Depending on the service model, we may collect personal data:
  1. Directly from users (e.g., self-onboarding)
  2. As part of services provided to institutions or businesses using CoFee for onboarding
We implement appropriate organizational and technical measures to protect all collected data.

Information We Collect

The personal information we collect depends on your interaction with CoFee.

Mandatory Data

  1. Full Name
  2. Contact Number (mobile)
  3. Bank Account Number & IFSC
  4. PAN (Permanent Account Number)
  5. GSTIN (if applicable)
  6. KYC Documents (Aadhaar, PAN, etc.)

Optional Data

  1. Date of Birth (DOB)
  2. Residential Address

How We Use Personal Information

We use personal data only for legitimate business purposes, including:

  1. Verifying identity and compliance (e.g., KYC, PAN validation)
  2. Setting up payment configuration
  3. Responding to support requests and service inquiries
  4. Delivering personalized experiences and communications
  5. Complying with financial and legal regulations
  6. Improving platform security and performance
We do not use your data for advertising purposes.

Information Sharing

We do not sell your personal information. We may share it only in the following situations:

  1. Service Providers
    Third-party vendors that support our operations (e.g., hosting providers, payment gateways, etc) may access data under strict confidentiality agreements.
  2. Client Organizations
    If your use of CoFee is managed by an institution, your data may be visible to them based on the agreed usage (e.g., student onboarding by a university).
  3. Legal Compliance
    We may disclose information if required to comply with applicable laws, regulations, court orders, or government requests.

Data Security

We implement industry-standard technical and organizational measures to safeguard personal data, including:

  1. Encryption of data in transit (TLS) and at rest (AES)
  2. Role-based access controls (RBAC) and secure login mechanisms
  3. Multi-factor authentication for privileged users
  4. Application-layer firewalls and DDoS protection
  5. Periodic vulnerability scans and patch management
  6. Secure software development lifecycle (SSDLC) practices
  7. Data masking and tokenization for sensitive fields
  8. Regular security training for employees
  9. Incident response and escalation procedures
  10. Separation of production, development, and test environments
  11. Audit logging and security monitoring

Data Retention

We retain personal information only as long as necessary:

  1. For the purposes for which it was collected
  2. To comply with legal, regulatory, or contractual obligations
Personal data is securely deleted or anonymized when retention is no longer required.

Your Rights

Depending on applicable laws, you may have the following rights:

  1. Right to Access: Obtain confirmation and a copy of your personal data
  2. Right to Rectification: Correct inaccurate or incomplete data
  3. Right to Erasure: Request deletion when data is necessary
  4. Right to Restrict Processing: Limit how your data is used
  5. Right to Object: Object to data use based on legitimate interest
To exercise these rights, please fill out and submit the Data Subject Access Request (DSAR) form available on our website. If you have further queries or require assistance, you can contact us at: privacy@keyvalue.systems.
If your data was submitted to CoFee by an organization, please reach out to that entity directly.

Cookies and Tracking Technologies

The CoFee website and app may use cookies or similar tools to:

  1. Recognize returning users
  2. Track usage trends for optimization
We do not use cookies for advertising purposes. You can control cookie preferences through your browser or device settings.

Changes to This Privacy Policy

We may update this policy periodically. Updates will be posted on this page with a revised "Last Updated" date.

International Data Transfers

We may transfer personal data across borders, including to countries where data protection laws may differ from those in your jurisdiction. To ensure an adequate level of protection, we implement appropriate safeguards such as:

  1. Standard Contractual Clauses (SCCs) or similar legal mechanisms.
  2. Vendor contracts and periodic assessments to validate compliance with privacy standards.
We rely on the appropriate legal basis to support such transfers and take reasonable steps to ensure continued protection of your data.

Children’s Privacy

CoFee is not intended for users under the age of 16. We do not knowingly collect data from children. If we learn that a child has submitted personal information, we will take steps to delete it.

Contact Us

For questions, concerns, or privacy-related requests:

KeyValue Software Systems Pvt. Ltd.
C113, 1st Floor, Building SCK-01, SmartCity Rd, Kochi,
Kerala, India - 682042
Email: privacy@keyvalue.systems

If you wish to report a data breach or exercise your data protection rights, please contact our Data Protection Officer (DPO) using the same email address.