Privacy Policy
How Ashayam Group collects, uses, and protects information when you use ASMI.AI.
1. Who we are
This privacy policy applies to ASMI.AI (the “Service”), a political intelligence platform operated by Ashayam Group (“Ashayam”, “we”, “our”, “us”), with its registered office at 12-13-336/1, Lane No. 6, Street No. 2, Tarnaka, Hyderabad – 500017, Telangana, India. Ashayam Group is the data fiduciary for the personal data we process under India’s Digital Personal Data Protection Act, 2023 (“DPDP Act”) and the Information Technology Act, 2000 read with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (“IT Rules”).
Contact: ashish@asmi.live · amuktha@asmi.live
2. What data we collect
2.1 When you visit asmi.live (this marketing site): your IP address, browser user-agent, referring URL, pages visited, and approximate location (country / region) inferred from IP. This data is collected automatically by Cloudflare, our hosting provider, for security and analytics. We do not set first-party tracking cookies on the marketing site.
2.2 When you use ASMI.AI on WhatsApp: your WhatsApp phone number, display name, the ward you are associated with (if any), the messages you send and receive through the bot, the timestamp and intent classification of those messages, and any profile data you voluntarily provide via the profile questionnaire (preferred title, political role, language, social-platform preferences, alert preferences). Inbound messages are delivered to us through Meta’s WhatsApp Cloud API.
2.3 When you use the dashboard at app.asmi.live: your account username, hashed password, session cookies, and a record of the wards, queries, and reports you accessed.
2.4 What we do not collect: we do not collect government identifiers (Aadhaar, PAN, voter ID), biometric data, financial account numbers, or location data more precise than the ward you select.
3. How we use your data
- Deliver the Service — generate ward briefings, smart alerts, conversational replies, and posters tailored to your role and ward
- Operate the WhatsApp bot — verify your whitelist status, respond to commands, send scheduled briefings (if you opt in)
- Improve the Service — analyse aggregate usage to find issues and improve briefings and alerts
- Communicate with you — service updates, security notices, and (with your consent) product updates
- Comply with law — respond to lawful government or court orders, prevent fraud and abuse
4. Lawful basis
We process your data on the following lawful bases under the DPDP Act:
- Consent for marketing and optional features (e.g., daily briefings, smart alerts)
- Specified legitimate use for delivering the Service you request
- Legal obligation for record-keeping and lawful disclosures
5. Who we share data with
We share data only with the following categories of recipients, and only to the minimum extent needed:
| Recipient | Purpose | Country |
|---|---|---|
| Meta Platforms Ireland Ltd. (WhatsApp Business) | Message delivery, webhook routing | EU / global Meta cloud |
| Google Cloud Platform | Application hosting, database, AI inference (Gemini) | India / US (depending on service) |
| Anthropic PBC | AI inference (Claude) | USA |
| OpenAI Inc. | AI inference (GPT models) | USA |
| Perplexity AI Inc. | News retrieval (Sonar) | USA |
| Cloudflare Inc. | DNS, edge SSL, marketing-site hosting (Cloudflare Pages) | USA / global edge |
We do not sell your personal data. We do not share data with advertisers, data brokers, or political parties (other than the user’s own authorised team via the Service itself).
6. International transfers
Some of our processors are located outside India. Data is transferred under appropriate safeguards including standard contractual clauses with the relevant providers. Where the DPDP Act’s “notified country” list applies, we follow the latest government notification.
7. Data retention
- WhatsApp message logs: retained for up to 90 days for audit and conversation context, then deleted
- Dashboard session logs: retained for 30 days
- Account profile data: retained while your account is active and for up to 180 days after deactivation
- Aggregated and anonymised analytics: retained indefinitely
8. Your rights
Under the DPDP Act and IT Rules you have the following rights, exercisable by writing to our Grievance Officer (see Section 11):
- Right to access a summary of personal data we hold about you
- Right to correction or completion of your data
- Right to erasure (subject to legal-retention exceptions)
- Right to grievance redressal
- Right to nominate another individual to exercise these rights on your behalf in case of incapacity or death
- Right to withdraw consent (note: withdrawal does not affect prior lawful processing)
9. Cookies
This marketing site does not set first-party tracking cookies. Cloudflare may set a security cookie (__cf_bm) used for bot mitigation. The dashboard at app.asmi.live uses a session cookie (asmi_session) that is essential for keeping you logged in; this cookie is HTTP-only and SameSite=Lax.
10. Children
The Service is intended for use by adults aged 18 and above (in line with DPDP’s definition of child). We do not knowingly collect personal data from individuals under 18. If you believe we have inadvertently collected such data, please contact our Grievance Officer and we will delete it promptly.
11. Grievance Officer
Per Rule 5(9) of the IT Rules, 2011, our designated Grievance Officer can be reached as follows:
- Name:
- Email: grievance@asmi.live
- Postal: Ashayam Group, 12-13-336/1, Lane No. 6, Street No. 2, Tarnaka, Hyderabad – 500017, Telangana, India
We acknowledge complaints within 24 hours and resolve within 15 days, in line with statutory timelines.
12. Security
We implement reasonable security practices including encryption in transit (TLS 1.2+), HMAC-signature verification on all WhatsApp webhooks, hashed and salted password storage, role-based access control on production data, and audit logging. Despite these measures, no system is 100% secure. We notify affected users of security incidents in line with DPDP Act timelines.
13. Changes to this policy
We may revise this policy from time to time. Material changes will be communicated via the Service (in-WhatsApp notice, dashboard banner, or email to registered users). The “Last updated” date at the top reflects the most recent revision.
14. Contact
General questions: ashish@asmi.live · amuktha@asmi.live
Grievance Officer: grievance@asmi.live
Postal: Ashayam Group, 12-13-336/1, Lane No. 6, Street No. 2, Tarnaka, Hyderabad – 500017, Telangana, India