Privacy Policy

Switch Locally Private Limited (“Switch”, “we”, “us”) operates the Switch marketplace mobile and web applications (the “Platform”). Our registered office is at [Replace with full registered address, including PIN code]. For privacy or data-related queries, contact our Grievance Officer at grievance@switchlocally.com.

This policy applies to anyone who creates an account on Switch as a Worker, Employer, or Captain (field operations), and to anyone who visits our public web surfaces. By using the Platform you agree to the practices described here. If you do not agree, please do not use the Platform.

3.1 Information you provide

• Account details — full name, mobile number, role, language preference.
• Profile photo — captured selfie or uploaded image.
• Aadhaar card — front and back image, plus the 12-digit Aadhaar number. Collected only after explicit consent (see §6).
• For Employers — business name, owner name, GSTIN, registered address, company logo.
• For Captains — territory, contacts list (with permission) used for referrals.
• Payment instruments — UPI ID for worker payouts. Card and UPI instruments for Employer payments are handled by our PCI-DSS compliant partner Razorpay; we never see or store card numbers.
• Communications — messages or feedback you send through the app.

3.2 Information we collect automatically

• Live location (latitude/longitude) — refreshed every 2 minutes while the app is open. Used to match you with nearby jobs, show your live position to ops and employers when a shift is active, and verify on-site arrival via geofence.
• Device identifiers — push-notification token, app version, OS, model.
• Usage events — login times, jobs viewed, swipes, payments, errors.
• IP address and approximate region — for security, fraud prevention, and rate limiting.

3.3 Information from third parties

• Firebase Authentication — when you log in via OTP, Firebase verifies your phone number and returns a token to us.
• Razorpay — confirms payment success, failure, and refund status for shift bookings via signed webhooks.

• To match Workers with relevant Shifts based on skills, city, distance, rating, and availability.
• To allow Employers to verify Workers and pay them safely.
• To compute and pay out Worker earnings and Captain commissions.
• To send service-critical notifications (job offers, OTPs, payment confirmations).
• To prevent abuse, fraud, no-shows, duplicate accounts, and unsafe behaviour.
• To comply with applicable Indian law (KYC, taxation, lawful requests from authorities).
• With your separate consent, to send marketing or referral-program communications.

We process personal data on the following lawful grounds:

• Consent — you tick consent checkboxes at registration and before Aadhaar upload.
• Performance of contract — to deliver the matchmaking, payment, and payout services you have signed up for.
• Legal obligation — to comply with KYC, tax, and law-enforcement requirements.
• Legitimate use — fraud prevention and platform safety, balanced against your rights.

Aadhaar numbers and card images are sensitive personal data under the Aadhaar Act 2016 and the DPDP Act 2023. Our handling:

• We collect Aadhaar only after explicit consent recorded at registration time. The consent record (text version, timestamp, IP) is stored alongside your profile.
• The 12-digit Aadhaar number is encrypted at rest using AES-256-GCM. The decryption key is held in a separate secret store, accessible only to backend services.
• Only the last four digits are stored in plaintext for masked display (XXXX XXXX 1234).
• Aadhaar images live in a private object-storage bucket. Reads are gated behind short-lived (60-second) signed URLs and every Ops or Admin access is recorded in an immutable audit log including timestamp, accessor identity, IP, and reason.
• You may revoke Aadhaar consent at any time; we will mask the number, delete the images within 30 days, and lose your eligibility for KYC-required shifts until you re-consent.

• Active accounts — for as long as the account exists.
• Booking, payment, and rating records — for 8 years from creation, to satisfy GST and Income Tax record-keeping rules.
• Push tokens, session data — until you log out or the device unregisters.
• Aadhaar images — until consent is withdrawn or the account is deleted, whichever is sooner; then permanently deleted within 30 days.
• Audit logs (including Aadhaar access logs) — retained for 5 years for compliance.

We share data only with:

• Other Platform users, only as necessary for the marketplace to function — Workers see Employer name and address of a shift they have applied to; Employers see name, photo, and ratings of Workers who have applied; Ops staff see both for safety and dispute resolution.
• Service providers bound by data-protection agreements: Razorpay (payments), Firebase (authentication, push notifications), Supabase (hosting and object storage), an SMS provider for OTP delivery, and an optional product analytics provider.
• Authorities when required by lawful order, subpoena, or to protect life or safety.
• Acquirers in the event of a merger, acquisition, or asset sale, with equivalent privacy protections.

We do not sell personal data to anyone.

• HTTPS everywhere; HSTS enforced on the production domain.
• Passwords hashed with bcrypt (cost 12). JWT sessions versioned and revocable on logout-all.
• Rate limiting on OTP, login, and payment-verification endpoints.
• Sensitive PII (Aadhaar number) encrypted at rest with AES-256-GCM.
• Private storage bucket with signed-URL-only access for KYC images, plus an immutable access audit log.
• Periodic dependency audits and migrations under version control.

No system is perfectly secure. If you discover a vulnerability, please contact security@switchlocally.com.

• Access the personal data we hold about you.
• Correction of inaccurate data via the Profile screen, or by emailing the Grievance Officer.
• Withdrawal of consent (Aadhaar storage, marketing).
• Deletion of your account and associated personal data — see “Delete my account” in the Profile menu, or email grievance@switchlocally.com. We respond within 30 days.
• Nomination — you may nominate a person to act on your behalf in case of incapacity.
• Grievance redressal — see §13.

The Platform is not intended for individuals under 18 years of age. If we learn we have inadvertently collected data from a minor, we delete it immediately.

Our primary data centres are in Asia-Pacific. Some third-party processors may store data in jurisdictions notified as permitted under the DPDP Act. We rely on standard contractual safeguards approved under Indian law for any cross-border transfer.

As required by the DPDP Act 2023 and the Information Technology Rules 2011:

• Grievance Officer: [Replace with Grievance Officer name]
• Email: grievance@switchlocally.com
• Address: [Replace with full registered address, including PIN code]

We acknowledge grievances within 24 hours and resolve within 30 days.

We update this policy as the Platform evolves. Material changes will be notified in-app and by SMS or email at least 7 days before they take effect. Continued use after the effective date constitutes acceptance.