Privacy Policy

At DroidTester, operated by Zodroid Media, we take your privacy seriously. This Privacy Policy describes how we collect, use, store, and protect your personal information when you use our publisher platform to run beta tests for your Android applications.

1. Information We Collect

We collect the following information when you register as a publisher and use our platform:

• Account Data: Name, email address, phone number, country, company/business name, GST number, and password (stored as a cryptographic hash using Argon2id).
• Campaign Data: Your app title, package name, developer name, app description, icon, testing preferences, target audience, and campaign duration.
• Payment Data: Transaction amounts, payment methods (UPI, Card, Net Banking, Wallet), gateway reference IDs, billing address, and GST details. Full card numbers are processed by our payment gateway (Cashfree) and never stored on our servers.
• KYC Data: For compliance, we may collect and verify your business registration documents, PAN card details, and address proof.
• Usage Data: IP addresses, browser type, session timestamps, dashboard actions, campaign performance metrics, and tester interaction data.

2. How We Use Your Information

We use the information we collect for the following purposes:

• To create and manage your publisher account and dashboard.
• To process payments and issue GST-compliant invoices.
• To match your campaigns with suitable testers on our platform.
• To communicate important service updates, security alerts, campaign status notifications, and transactional emails.
• To detect fraud and prevent abuse of our platform.
• To comply with legal obligations including GST compliance, KYC verification, and financial record-keeping.
• To provide customer support and resolve disputes.

3. Data Sharing

We do not sell your personal information. We share data only with the following parties and only to the extent necessary:

• Testers: When you publish a campaign, tester users see your app title, icon, description, package name, and minimum testing requirements — so they can install and test it properly. Your name, email, phone, company details, and payment information are never shared with testers.
• Payment Gateway: Cashfree Payments and similar gateways process your transactions. They receive your name, email, phone, and transaction amount (but never your password or full card details).
• Legal Authorities: We disclose information if required by court order, subpoena, statutory authority request, or valid legal process under Indian law.
• Service Providers: Third-party services like cloud hosting, analytics, and email delivery — bound by confidentiality agreements.

4. Data Retention

We retain data as follows:

• Account & Transaction Data: Retained for as long as your account is active plus 7 years thereafter, to comply with Indian financial record-keeping laws (GST Act, Income Tax Act).
• Campaign Data: Retained for 2 years after a campaign ends.
• KYC Documents: Retained for 8 years as required by regulatory guidelines.
• Usage Logs: Retained for 1 year for security and fraud prevention.

5. Security

We use industry-standard security measures to protect your data:

• HTTPS/TLS encryption for all data in transit.
• Argon2id password hashing — we never store plain passwords.
• CSRF protection on all forms and API endpoints.
• Rate limiting to prevent brute-force attacks.
• Encrypted database storage with access controls.
• Regular security audits and penetration testing.

Despite these efforts, no system is 100% secure, and we cannot guarantee absolute security. You are responsible for keeping your account credentials secure.

6. Your Rights

You have the right to:

• Access and download a copy of your personal data and campaign reports.
• Correct inaccurate information in your profile or campaign details.
• Request data portability in a machine-readable format.
• Delete your account (contact support@droidtester.com).
• Opt out of marketing communications while receiving essential transactional emails.
• Raise a grievance with our Data Protection Officer if you believe your data is being mishandled.

7. Cookies

We use essential session cookies to keep you logged in and maintain session security. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

8. Children's Privacy

DroidTester is intended for users 18 years and older. We do not knowingly collect information from minors. If we discover that a minor has registered, we will delete their account.

9. GDPR Compliance (For EU Users)

If you are located in the European Union or interact with EU residents:

• You have additional rights under GDPR including the right to be forgotten, data portability, and restriction of processing.
• Data transfers outside the EU are covered by Standard Contractual Clauses (SCCs).
• You may lodge a complaint with your local Data Protection Authority (DPA).
• Our Legal Basis for processing is Contractual Necessity (for services) and Legitimate Interest (for fraud prevention).

10. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last Updated" date at the top reflects the most recent revision. For significant changes, we will notify you via email or platform notification. Continued use of the service after changes constitutes acceptance of the new policy.

11. Contact Us

For any privacy-related questions, concerns, or data subject requests:

• Email: support@droidtester.com
• Response Time: Within 48 hours for privacy-related queries.