Dare to LawDare to Law

Privacy Policy

Dare to Law Technologies (the "Company") operates the daretolaw.com platform as an intermediary under Section 2(1)(w) of the Information Technology Act, 2000. This policy explains what personal data we collect, why, how it is stored, and your rights under the Digital Personal Data Protection Act, 2023 ("DPDP Act") and the IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.

1. Data we collect

  • At registration (mandatory): full legal name, mobile number (OTP verified), email, residential address, city, state, PIN code, preferred language.
  • Before any paid service (mandatory KYC): Aadhaar card (front & back, with your consent under the Aadhaar Act, 2016), PAN card, a recent photograph, and address proof where requested. For entities: CIN/LLPIN, GSTIN, incorporation certificate, board authorisation and authorised-signatory KYC.
  • Matter data: the facts, documents, screenshots, recordings and instructions you submit for a notice, consultation or filing.
  • Technical data: device identifier, IP address, browser, OS, log data, usage events, anti-abuse signals (to enforce free-tier limits and prevent account multiplication).
  • Payment data: handled by PCI-DSS compliant payment gateways. We do not store your full card or UPI credentials.

2. Why we collect it

  • To provide the service you have requested and to dispatch a valid legal document.
  • To comply with the IT Act, 2000, the Prevention of Money Laundering Rules, the Consumer Protection (E-Commerce) Rules, 2020, the DPDP Act, 2023, and any other applicable law.
  • To produce records, on a lawful request, before a court, tribunal, police, regulator or Bar Council.
  • To prevent fraud, account multiplication and abuse of the free tier.

3. How we store and protect it

Personal data and KYC documents are encrypted in transit (TLS) and at rest, stored in a private cloud (Indian region preferred), with row-level access controls. KYC files are stored in a private bucket accessible only to the user and to authorised compliance personnel. Access is logged. We retain KYC and matter records for the period required by law (typically five years from account termination, or longer if litigation, regulatory or tax investigation is pending).

4. Sharing

We do not sell your data to advertisers, marketers or law firms. We share matter information with the empanelled advocate assigned to your matter (subject to advocate confidentiality) and with payment, e-sign, e-stamping, KYC verification and dispatch partners strictly to provide the service. We disclose data when compelled by a lawful request from a court, tribunal, police, regulator or Bar Council.

5. Your rights

Under the DPDP Act, 2023 you may request access, correction, completion, erasure or withdrawal of consent to processing of your personal data, subject to legal retention requirements. Write to privacy@daretolaw.com. For grievances, contact the Grievance Officer at grievance@daretolaw.com — complaints are acknowledged within 24 hours and disposed of within 15 days as required by the IT Rules, 2021.

6. Cookies and analytics

We use strictly-necessary cookies for sign-in, a device-fingerprint cookie for anti-abuse, and minimal analytics to improve the product. We do not run third-party advertising trackers.

7. Changes

Material changes will be notified in-app and by email. See also our Terms and Disclaimer.