Zaadha Jobs (“we”, “our”, or “us”) is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, process, store, and safeguard your personal data when you access or use the Zaadha Jobs mobile application and website (collectively, the “Platform”).
This Privacy Policy is legally binding and drafted in strict compliance with:
The Digital Personal Data Protection (DPDP) Act, 2023
The Information Technology Act, 2000 and rules made thereunder
CERT-In Cyber Security Directions (2022)
Google Play Developer Content Policies
We process personal data only for lawful, specific, and explicit purposes, based on user consent or where processing is permitted or required by applicable law.
By using the Platform, you consent to the collection and processing of your personal data strictly in accordance with this Privacy Policy.
1. DATA WE COLLECT
We collect personal data strictly on a need-to-know and purpose-limited basis to provide employment matching, communication, security, and compliance services.
A. Personal Data (Voluntarily Provided)
Identity Data: Full name, email address, and profile picture (collected via Google Sign-In).
Verification Data: Phone number (optional; may be requested only when an employer explicitly requires direct contact for job verification).
Employment Data: Job postings (title, wage, description), saved jobs history, and application or interaction status.
Providing a phone number is not mandatory for using the core features of the Platform.
B. Location Data (Processed via Mapbox)
Employers: We collect precise location (GPS) to tag the exact job or worksite location. This is essential to display jobs accurately to nearby job seekers.
Job Seekers: We collect approximate (coarse) location or allow manual location selection to display relevant jobs within a user-selected radius.
You may deny GPS permissions and continue using the Platform through manual location search powered by Mapbox Geocoding.
C. Technical & Security Logs (Automated Collection)
To comply with CERT-In Cyber Security Directions (2022), we automatically collect:
Network Data: IP address and timestamps of login, job posting, editing, and account deletion.
Device Data: Device manufacturer, model, operating system version, and Firebase Installation ID.
Purpose Limitation: This data is collected solely for security monitoring, fraud prevention, incident investigation, and law enforcement assistance in case of cybercrime. This data is not used for behavioral profiling, advertising, or analytics.
D. Audio Data (Transient Processing)
Permission: RECORD_AUDIO is requested only when you initiate a voice call.
Processing: Audio is transmitted in real time via VideoSDK.live.
Storage: We do not record or store voice conversations on our servers.
2. PURPOSE OF PROCESSING
We act as a Data Fiduciary under the DPDP Act, 2023. Personal data is processed only for the following purposes:
Service Delivery: Authentication, job discovery based on location (via Typesense), and VoIP communication.
Safety & Platform Integrity: Automated systems (e.g., JobValidator) detect and block scams (e.g., “registration fee”, “security deposit”), abusive content, or discriminatory job postings.
Legal Obligations: Retention of access logs for 180 days as mandated by the Government of India (CERT-In).
User Communications: Sending essential service notifications, job alerts, and call notifications via Firebase Cloud Messaging.
Monetization: Displaying advertisements via Google AdMob using the Advertising ID.
Users may control or opt out of personalized advertising through their Google Account Ad Settings.
3. DATA SHARING & DISCLOSURE
We do not sell personal data. We share data only with trusted Data Processors, who act solely on our instructions and are contractually obligated to implement appropriate technical and organizational security measures.
Legal Disclosure: We may disclose personal data (including archived IP logs) to Indian government or law enforcement agencies when required by a lawful order under the Information Technology Act, 2000 or Section 91 of the CrPC, or to prevent fraud, financial loss, or physical harm.
4. DATA RETENTION & DELETION
A. Active Accounts
Personal data is retained while your account remains active to provide services.
B. Account Deletion (Right to Erasure)
You may delete your account at any time via Settings → Delete Account.
Immediate Deletion: Your profile, authentication credentials, and active job posts are permanently deleted from live systems.
Compliance Archive (180-Day Rule): As required by CERT-In Directions (2022), essential records (email, phone, IP logs) are moved to a secure, encrypted archive (deleted_users_archive) for 180 days, after which they are automatically purged.
Permanent Legal Defense Record (Consent Artifacts): Notwithstanding the above, an immutable record of your acceptance of these Terms (strictly limited to: User ID, Timestamp, IP Address, Device Info, and Consent Version) is retained indefinitely. This is processed solely for the purpose of establishing proof of consent in potential legal proceedings, as permitted under the exemptions of the DPDP Act, 2023.
5. YOUR RIGHTS (DPDP ACT, 2023)
As a Data Principal, you have the right to:
Access a summary of your personal data
Correct inaccurate or outdated data
Delete your account (Right to Erasure)
Raise grievances with the Grievance Officer
Nominate an individual to exercise your rights in case of death or incapacity
6. CHILDREN’S PRIVACY
The Platform is strictly intended for users 18 years and above. We do not knowingly collect personal data from minors. Any account identified as belonging to a minor will be terminated immediately.
7. SECURITY MEASURES
We implement industry-standard security safeguards:
Encryption: Data encrypted at rest and in transit (TLS/HTTPS).
Access Control: Enforced through Firestore Security Rules.
Infrastructure Isolation: Oracle Cloud infrastructure runs within a restricted Virtual Private Cloud (VPC).
Archived Data Protection: Access limited to authorized personnel only.
8. GRIEVANCE REDRESSAL (INDIA)
In accordance with the Information Technology Act, 2000 and DPDP Act, 2023:
We acknowledge grievances within 24 hours and resolve them within 15 days.
9. POLICY UPDATES
We may update this Privacy Policy to reflect changes in law, technology, or business practices. The “Last Updated” date will indicate the most recent revision. Continued use of the Platform signifies acceptance of the updated policy.