Privacy Policy
Effective date: 16 March 2026
Last updated: 30 March 2026
1. Introduction
Echsee Technologies Pvt Ltd ("we", "us", or "Echsee"), operating the Niriksa platform at niriksa.com, is committed to protecting your privacy. This Privacy Policy explains what personal information we collect, how we use it, and the choices you have.
By accessing or using Niriksa you agree to the practices described in this policy. If you do not agree, please do not use the service.
2. Information We Collect
2.1 Account Information
When you sign in with Google OAuth we receive your name, email address, profile picture, and Google account identifier. We do not receive or store your Google password.
2.2 Session Data
During a recording session Niriksa may capture screenshots, screen recordings, audio recordings, timestamps, and issue metadata that you create. This content is processed locally in your browser and, when you choose to save, uploaded to your personal Google Drive account.
2.3 Payment Information
Payments are processed by Razorpay (for Indian customers) or Dodo Payments (for international customers). We store your payment provider's customer ID, subscription ID, and billing history (plan, amount, date). We never receive or store your credit/debit card numbers, UPI IDs, or bank account details — your payment provider handles those directly.
2.4 Usage Analytics
With your consent, we use Hotjar to collect anonymised usage data such as page views, clicks, scroll depth, and session replays, and Google Analytics (GA4) for aggregated traffic and product usage events. Neither tool is loaded until you accept analytics cookies via our banner. You can withdraw consent at any time by clearing your browser cookies and revisiting the site.
2.5 Technical Data
Our servers automatically log standard technical information such as your browser type, operating system, device type, and IP address. This data is used solely for security, debugging, and service reliability.
3. How We Use Your Information
- Service delivery: Record screens, process AI analysis (transcription and issue generation), and export structured reports.
- AI processing: Audio recordings and screenshot thumbnails are sent to OpenAI (Whisper for transcription, GPT for issue generation). OpenAI processes this data under their API data usage policy and does not use API inputs for model training.
- Payments: Process subscriptions and add-on purchases through Razorpay (India) or Dodo Payments (international).
- Analytics (with consent): Understand how the product is used to improve features and performance via Hotjar and Google Analytics (GA4).
- Communication: Respond to support requests and send essential service notices (e.g. plan changes).
4. Where Your Data Is Stored
| Location | What is stored |
|---|---|
| Supabase (hosted on AWS) | User profiles, session metadata, billing history |
| Your Google Drive | Screenshots, video & audio recordings, markdown exports |
| Browser IndexedDB (local) | Temporary cache of session data & media; auto-trimmed to the 10 most recent sessions |
| OpenAI | Audio and screenshot data sent for processing; not retained by OpenAI per their API data usage policy |
5. Third-Party Services
We share data with the following third parties only as needed to operate the service:
- Google — Authentication (OAuth) and file storage (Google Drive,
drive.filescope only). - OpenAI — Audio transcription (Whisper) and issue generation (GPT).
- Razorpay — Payment processing for subscriptions and add-on credits (Indian customers).
- Dodo Payments — Payment processing for subscriptions and add-on credits (international customers).
- Hotjar — Anonymised usage analytics (loaded only with your cookie consent).
- Google Analytics (Google LLC) — Web and product analytics (GA4; loaded only with your cookie consent).
- Supabase — Cloud database for user and session metadata.
We do not sell, rent, or trade your personal information to any third party.
6. Data Retention
- Session metadata: Retained until you delete the session from your dashboard.
- Google Drive files: Stored in your own Drive account — you have full control to delete them at any time.
- Local browser data: Automatically trimmed to the 10 most recent cloud-saved sessions.
- Account data: Retained until you request account deletion by contacting us.
- Billing records: Retained as required by applicable Indian tax and accounting regulations.
7. Your Rights
7.1 General Rights
You may request to:
- Access the personal data we hold about you.
- Correct inaccurate data.
- Delete your account and associated data.
- Export your data in a portable format.
To exercise any of these rights, email us at niriksasupport@gmail.com.
7.2 Rights for Users in the European Economic Area (GDPR)
If you are located in the EEA, the legal bases for processing your data are:
- Contract: Processing necessary to provide the Niriksa service you signed up for.
- Consent: Analytics cookies and scripts (Hotjar, Google Analytics) are loaded only with your affirmative consent, which you may withdraw at any time.
- Legitimate interest: Service security, fraud prevention, and product improvement.
You also have the right to lodge a complaint with your local data protection supervisory authority.
7.3 Rights for Users in California (CCPA)
If you are a California resident, you have the right to know what personal information we collect, request its deletion, and opt out of the "sale" of personal information. We do not sell your personal information.
8. Cookies
| Category | Purpose | Consent required |
|---|---|---|
| Strictly necessary | NextAuth session cookies for authentication | No |
| Strictly necessary | Billing region cookie (niriksa-billing-country) — stores your detected country code to default the correct currency and payment provider. Duration: 7 days. | No |
| Analytics | Hotjar — session replays, heatmaps, usage analytics | Yes |
| Analytics | Google Analytics (GA4) — aggregated traffic and event measurement (identifiers/cookies used for analytics) | Yes |
You can manage your cookie preferences through the consent banner shown on your first visit. To reset your choice, clear your browser cookies for niriksa.com and reload the page.
9. Children's Privacy
Niriksa is not directed at children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top. We encourage you to review this page periodically. Your continued use of Niriksa after changes are posted constitutes acceptance of the updated policy.
11. Contact Us
If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us:
- Email: niriksasupport@gmail.com
- Entity: Echsee Technologies Pvt Ltd