Iqwat Foundation
Radio ShardaOff-air

90.4 FM · Booziv Ti Khosh Rooziv

Tap icon to listen

§ Iqwat App · Privacy

Iqwat App — Privacy Policy

Effective: 30 July 2021 · Last updated: 14 May 2026

This Privacy Policy governs the Iqwat mobile application (the “App”), published by Iqwat Foundation (“Iqwat,” “we,” “our,” “us”) and available on the Apple App Store and Google Play Store. The App is a community-only platform for verified members of the global Kashmiri Pandit community. By downloading, registering, or using the App, you agree to this Privacy Policy. If you do not agree, please uninstall and discontinue using the App.

The short version: we collect what is necessary to create and operate your community profile, verify your identity (KYC), and send transactional SMS messages such as one-time passwords (OTPs). We do not sell your data, do not send promotional SMS without separate explicit consent, and you can opt out of SMS by replying STOP at any time. Privacy queries: contactus@iqwat.com.

Contents

  1. 1. Scope
  2. 2. Information we collect
  3. 3. How we collect it
  4. 4. How we use your data
  5. 5. SMS communications and OTP verification
  6. 6. KYC and identity verification
  7. 7. Who we share data with
  8. 8. Data security
  9. 9. Data retention
  10. 10. Third-party links
  11. 11. Children
  12. 12. Your rights
  13. 13. International users and data transfers
  14. 14. Changes to this policy
  15. 15. Contact and grievance officer

1. Scope

This policy applies to the Iqwat mobile App only. The Iqwat Foundation website at iqwat.com is governed by a separate website Privacy Policy. Both policies are published by the same Foundation; their scope is separate because the data we collect and how we process it differs between the website (general information + donations) and the App (community profile, identity verification, in-app interactions).

2. Information we collect

2.1 Information you provide directly

  • Full name
  • Email address
  • Mobile phone number with country code
  • Password (stored hashed, never in plaintext)
  • Residence location (city / country)
  • Roots in Kashmir (your or your family's village / mohalla — optional)
  • Profile photo (optional)
  • KYC documents you choose to submit for identity verification
  • Content you create within the App (profile entries, directory information, matrimonial details if applicable, messages)

2.2 Information collected automatically

  • Device type, operating system version, App version
  • IP address
  • Usage data (which screens you visit, features you use)
  • Access times and time spent in the App
  • App performance and crash data

2.3 What we never see or store

We do not collect payment card details (donations are processed separately on iqwat.com via Razorpay). We do not access your contacts, photo library, microphone, or other device features without an explicit permission prompt asking you to grant access for a specific feature.

3. How we collect it

  • Directly from you, when you register, complete your profile, or use App features
  • Automatically, through your interactions with the App (analytics events, error reports)
  • From third-party identity-verification partners during the KYC process, with your consent

4. How we use your data

  • To create and manage your community account
  • To verify that you are a Kashmiri Pandit (community-eligibility verification)
  • To verify your phone number and authenticate you securely via OTP
  • To enable in-app features — community directory, matrimony, professional networking, mentorship
  • To provide customer support
  • To detect and prevent fraud, abuse, and misuse
  • To send transactional SMS messages such as OTPs and account notifications (see Section 5)
  • To personalise your in-app experience
  • To improve the App through aggregated usage analysis
  • To comply with legal and regulatory obligations

5. SMS communications and OTP verification

This section is published in compliance with US carrier requirements (A2P 10DLC) and Indian TRAI regulations. It explains exactly how SMS messages are sent through the Iqwat App, what they contain, and how to stop receiving them.

5.1 Opt-in flow

During account registration on the Iqwat App, you are asked to:

  1. Provide your mobile phone number with country code.
  2. Check a consent checkbox labelled “I agree to receive SMS messages from Iqwat for OTP verification and account-related notifications. Message and data rates may apply.”

The checkbox is not pre-selected. You must actively tick it before the Register button enables. Without ticking the checkbox, you cannot complete registration and therefore will not receive any SMS messages from Iqwat.

If you re-install the App or change your phone number inside the App, you will be prompted to opt in again with the same checkbox.

5.2 Types of SMS messages we send

  • OTP for registration — a one-time password to verify your phone number when you sign up.
  • OTP for login — when you log in from a new device.
  • OTP for sensitive changes — when you change your phone number, password, or email.
  • Account notifications — security alerts (e.g. login from a new device), KYC status updates, and account-related service notices.

We do not send promotional or marketing SMS messages based on this consent. If we ever want to send promotional SMS in the future, we will request separate, specific opt-in for that purpose.

5.3 Message frequency

Message frequency varies with your activity. A typical user receives 1–3 OTP messages per month plus occasional service notifications. Heavy users (e.g. those updating profiles or completing KYC) may receive more in a given week. Standard message and data rates from your mobile carrier may apply.

5.4 Opting out

You can opt out of receiving non-essential SMS at any time by replying STOP to any message you receive from us. Reply HELP to receive assistance. For questions, email contactus@iqwat.com.

One important caveat: OTP verification is the security backbone of the App. If you opt out of all SMS, you will be unable to verify your phone number, log in from new devices, or change sensitive account details. You can still use the App on your already-logged-in device. To re-enable OTPs, re-opt-in via the App settings.

5.5 SMS provider

SMS messages are dispatched through our messaging partner, Twilio Inc. (in the US and certain international jurisdictions) and an Indian DLT-registered SMS gateway for India. Both partners process only the minimum information necessary to deliver the message (your number, the OTP or notification body) and do not retain content beyond standard carrier delivery logs.

6. KYC and identity verification

The Iqwat App is exclusively for verified members of the Kashmiri Pandit community. Identity verification (KYC) helps us maintain community trust and prevent impersonation.

At your option during onboarding, or when accessing certain community-sensitive features (e.g. matrimony, business directory), we may request:

  • A government-issued photo ID (e.g. Aadhaar with masked number, PAN, Passport, Driving License)
  • A selfie or short video for liveness verification
  • Confirmation of your Kashmiri Pandit roots (family details, mohalla, village)

KYC processing is carried out by a partner identity-verification provider with your explicit consent before submission. Your KYC documents are encrypted in transit and at rest, and are accessible only to authorised Iqwat operations staff for the purpose of verification. We do not share KYC documents with any party other than the verification provider performing the check.

You may decline to complete KYC; you will still have access to most App features but community-sensitive features may remain locked.

7. Who we share data with

We share your personal data only with the third-party processors required to operate the App. None of them are permitted to use your data for their own marketing.

  • Twilio Inc. and our Indian DLT SMS gateway — to deliver OTPs and notifications.
  • Our KYC partner — to verify your identity and Kashmiri Pandit roots, with your explicit consent.
  • Cloud-hosting providers — to store App data securely. Currently hosted on Amazon Web Services (Mumbai region, ap-south-1).
  • Push-notification providers (Apple Push Notification Service for iOS, Firebase Cloud Messaging for Android) — to deliver in-App notifications.
  • Crash-reporting / analytics tooling — to identify and fix App bugs. Where used, this data is anonymised or pseudonymised.
  • Law enforcement and regulators — only when required by valid legal process. We will push back on overbroad requests where lawful.

We do not sell, rent, or trade your personal information.

8. Data security

We use industry-standard technical and organisational measures to protect your data, including TLS encryption in transit, encrypted storage at rest, password hashing (bcrypt/argon2), least-privilege access controls for staff, multi-factor authentication on admin accounts, and routine security reviews. No system is 100% secure; you are responsible for maintaining the confidentiality of your password and revoking access on devices you no longer use.

9. Data retention

  • Active accounts — your profile data is retained for as long as your account is active.
  • Account deletion — when you request deletion, we erase your profile and personal data within 30 days, except where retention is required by law (e.g. KYC records may be retained for the period mandated by the Prevention of Money-Laundering Act and applicable banking-KYC rules — typically 8 years).
  • Server logs and crash reports — purged within 30 days.
  • SMS delivery logs — retained by our SMS partners under their standard policies (usually 30–90 days).

The App may contain links to external websites (e.g. partner organisations, news articles, donation page on iqwat.com). We are not responsible for the privacy practices of those third parties. Please review their privacy policies independently.

11. Children

The Iqwat App is intended for users 18 years and older. Users aged 13–17 may use the App only with verifiable parental or guardian consent and supervision. We do not knowingly collect personal data from children under 13. If you believe a child under 13 has registered, please email contactus@iqwat.com and we will delete the account.

12. Your rights

You have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate or outdated information
  • Request deletion of your account and data (subject to legal retention obligations)
  • Withdraw consent for future processing
  • Object to or restrict certain processing activities
  • Receive your data in a portable format
  • Nominate another person to exercise these rights in your incapacity or death
  • Lodge a complaint with the Data Protection Board of India (under DPDPA, 2023)

To exercise any of these rights, write to contactus@iqwat.com from your registered email address. We will respond within 30 days.

13. International users and data transfers

The Iqwat App is primarily designed for the global Kashmiri Pandit community and is available worldwide. If you use the App from outside India, your data may be transferred to, stored, and processed in India where our servers are located. By using the App, you consent to this transfer.

For US users specifically — we comply with applicable US carrier requirements for SMS delivery (A2P 10DLC), and we do not knowingly collect data from users in jurisdictions where our processing would violate local data-protection law.

14. Changes to this policy

We may update this policy from time to time to reflect changes in the App, our practices, or applicable law. The “Last updated” date at the top of this page will reflect the most recent version. Material changes will be notified inside the App and by email before they take effect. Continued use of the App after the effective date of a change indicates acceptance of the updated policy.

15. Contact and grievance officer

For any privacy-related question, concern, or complaint:

  • App support and privacy: contactus@iqwat.com
  • Designated Grievance Officer: Aditya Kalla, Chief Convener, Iqwat Foundation
  • Email: privacy@iqwat.com
  • Postal: Enkay Tower, First Floor, Plot No. B & B1, Vanijya Nikunj, Udyog Vihar Phase V, Gurugram, Haryana 122016, India

We aim to acknowledge all grievances within 48 hours and resolve them within 30 days.

See also: Iqwat App — Terms of Use, Iqwat website Privacy Policy.

§ Related policies

§ Have a question?

Iqwat Foundation · Registered under Section 8 of the Companies Act, 2013 · CIN U85300HR2020NPL091713 · Registered office: Enkay Tower, First Floor, Plot No. B & B1, Vanijya Nikunj, Udyog Vihar Phase V, Gurugram, Haryana 122016, India