Zelth
๐Ÿ‡ฎ๐Ÿ‡ณ India ยท February 2025
Privacy & Data Protection

Privacy Policy

Last Updated: February 2025  ยท  Applicable: India

Applicable in India
Governed by DPDPA 2023
We do not sell personal data
Summary

Zelth collects your phone number, basic profile details, fitness activity links (Strava), and payment information to operate fitness challenges. We do not sell your personal data. You can request deletion of your account and data at any time by contacting our Grievance Officer.

1

Introduction & Platform Owner

This document is an electronic record in terms of the Information Technology Act, 2000 and rules thereunder, and is published in accordance with Rule 3(1) of the Information Technology (Intermediaries Guidelines) Rules, 2011. This electronic record is generated by a computer system and does not require any physical or digital signatures.

The Zelth mobile application ("App" or "Platform") is owned and operated by:

MYTECHNOLOGIES BRAND SOLUTIONS PRIVATE LIMITED

A company incorporated under the Companies Act, 1956

Registered Office: Innov8 Mantri Commercio, Tower A, 5th Floor, Bellandur, Bangalore โ€“ 560103

(hereinafter referred to as "Platform Owner", "we", "us", "our")

This Privacy Policy explains how we collect, use, store, and share your data when you use the Zelth Platform and related services. By registering on or using the Platform, you agree to the practices described in this Policy, which is also governed by the Digital Personal Data Protection Act, 2023 (DPDPA) to the extent applicable.

2

Information We Collect

2.1 Information You Provide
  • Phone Number: Used for account creation and OTP-based login. India (+91) prefix is hardcoded at registration.
  • Profile Details: Name, age, gender, and city โ€” collected during onboarding.
  • UPI ID: Collected during the withdrawal process for disbursing winnings. Pre-filled for convenience; you may update it at any time.
2.2 Fitness Activity Data
  • Strava Activity Links: When you participate in a running challenge, you submit a Strava activity link to verify completion. We process the activity data (distance, time, date) contained in that link solely for challenge eligibility validation.
  • We do not access your full Strava account or any data beyond what is contained in the specific link you submit.
2.3 Payment & Wallet Data
  • Transaction records including entry fees paid, wallet balance, pending and completed withdrawals, and winnings or cashback credited to your wallet.
  • Payment processing is handled by third-party gateways. We do not store card or full banking details.
2.4 Automatically Collected Data
  • Device type, operating system, app version, and IP address โ€” for fraud prevention and debugging.
  • App usage logs: screens visited, challenges viewed, and in-app actions โ€” for personalisation and improvement.
3

How We Use Your Information

  • To verify your identity via OTP and maintain your account.
  • To display personalised challenge recommendations.
  • To verify run submissions against challenge rules using Strava activity links.
  • To process challenge entry fees and disburse winnings/cashback to your Zelth Wallet.
  • To process UPI withdrawals when you request a payout.
  • To maintain your challenge history, rank, and leaderboard position.
  • To detect and prevent fraudulent or manipulated activity submissions.
  • To improve app performance, fix bugs, and develop new features.
  • To comply with applicable laws, regulations, or court orders.
4

Sharing of Information

We do not sell, rent, or trade your personal information. We may share data in the following limited circumstances:

  • Payment Gateway Partners: To process entry fee payments and wallet withdrawals, bound by their own privacy policies and applicable regulations.
  • Strava: Activity verification involves you submitting a Strava link. Strava's own Privacy Policy governs their handling of your data.
  • Legal & Regulatory Authorities: Where required by Indian law, court order, or government authority.
  • Fraud Prevention: With service providers assisting us in detecting manipulation of challenge entries.

All third-party service providers are contractually obligated to protect your data and use it only for the purposes we specify.

5

Data Retention

  • Account data (name, phone number, profile): Retained for the lifetime of your account plus 1 year after deletion, for dispute resolution.
  • Transaction and wallet data: Retained for 7 years as required under Indian financial regulations.
  • Activity submission data (Strava links and verification results): Retained for 90 days after challenge completion.
  • App usage logs: Retained for 30 days in raw form; aggregated analytics may be retained longer in anonymised form.
6

Your Rights

Under applicable Indian law and the DPDPA 2023, you have the right to:

๐Ÿ“„

Access

Request a copy of the personal data we hold about you.

โœ๏ธ

Correction

Request correction of inaccurate or incomplete information.

๐Ÿ—‘๏ธ

Deletion

Request deletion of your account and personal data, subject to retention requirements under law.

โ†ฉ๏ธ

Withdrawal of Consent

Withdraw consent for data processing at any time. This may affect your ability to use the Platform.

โš–๏ธ

Grievance Redressal

Lodge a complaint with our Grievance Officer if you believe your data rights have been violated.

To exercise any of these rights, contact us using the details in Section 11. We will respond within 30 days.

7

Security

  • OTP-based authentication โ€” no passwords stored.
  • Encrypted data transmission (HTTPS/TLS).
  • Access controls limiting employee access to personal data.
  • Regular security reviews of our infrastructure.

No method of internet transmission is 100% secure. In the event of a data breach affecting your rights, we will notify you as required by applicable law.

8

Children's Privacy

The Platform is not intended for users under 18 years of age. We do not knowingly collect personal data from minors. If you believe a minor has registered, please contact us immediately and we will delete the account.

9

Third-Party Links

The Platform may contain links to third-party websites, including Strava. We are not responsible for the privacy practices of such third parties. We encourage you to review their privacy policies before submitting any personal data on their platforms.

10

Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. Material changes will be communicated via the App or through a notice on the Platform. The updated Policy will reflect a revised "Last Updated" date. Continued use of the Platform after such changes constitutes acceptance of the revised Policy.

11

Grievance Officer & Contact

In accordance with the Information Technology Act, 2000 and rules made thereunder, the name and contact details of the Grievance Officer are provided below:

CompanyMYTECHNOLOGIES BRAND SOLUTIONS PRIVATE LIMITED
AddressInnov8 Mantri Commercio, Tower A, 5th Floor, Bellandur, Bangalore โ€“ 560103
Response TimeWithin 30 days of receipt of complaint