Udyamik
Start free trial

Data Deletion Instructions

Last updated: 24 April 2026

You have the right to request deletion of the personal data that Udyamik holds about you. This page documents exactly how, how long it takes, and what data — if any — we are required to retain by Indian law even after deletion.

This page exists to satisfy Meta Platform Policy §3.c (data-deletion instructions URL for apps using Meta login or the WhatsApp Business Platform) and the DPDP Act, 2023 §13 (right to erasure). It should be read alongside our Privacy Policy (retention windows are documented in §5 of that page).

How to request deletion

There are two paths. Use whichever you prefer.

Path 1 — Email request (available now)

  1. Send an email to privacy@udyamik.com from the address registered against your Udyamik account.
  2. In the body, include the mobile number you use to sign in (so we can match your account) and optionally a short reason.
  3. We will acknowledge within 2 business days, run identity verification (we may OTP your phone/email), and complete deletion within 30 days per DPDP §14(1).
  4. You will receive a confirmation email once deletion is complete, listing what was deleted and what was retained (see §“What is retained” below).

Path 2 — Self-service from the app

Status: coming soon. A “Delete my account” action under Profile → Privacy on app.udyamik.com is on the near-term roadmap. When it ships, this page will be updated with the exact navigation. Until then, please use the email path above — we process those within the same 30-day SLA.

What gets deleted

On completion of your request, the following are deleted or irreversibly anonymised:

  • Your identity record in public.users (name, phone, email, APAAR ID).
  • Your personal document vault (public.user_documents) — object-storage blobs are erased, not just marked deleted.
  • Your trusted-device registrations and PIN hashes (public.trusted_devices, public.user_pins).
  • Your cross-org feed items (public.user_feed_items).
  • Your platform roles, if any (public.user_platform_roles).
  • Raw recipient identifiers in outbound communication logs are already SHA-256-hashed at write time (they are never stored in plaintext), so there is nothing additional to remove there.

What is retained, and why

Indian law requires us to retain some records even after account deletion, in anonymised form where possible:

  • Payment & platform-invoice records — 8 years from the end of the financial year, per the Income Tax Act, 1961 §44AA + §44AB and the Companies Act, 2013 §128. Your name is anonymised (replaced by [deleted user]) but the transaction amount, date and Razorpay reference are retained for audit.
  • Audit-log entries — 24 months (Starter / Pro) or 8 years (Enterprise). Your actor user id is replaced by [deleted user]; the diff of what changed is retained for compliance audit.
  • Aggregated analytics — anonymous, count-only aggregates (e.g. “N fees paid in April 2026”) may persist indefinitely because they contain no personal data.

Academic records inside a tenant (your child's report cards, your own marks if you're a student) are tenant data, not yours to delete unilaterally — they belong to the school under their own retention schedule. Contact your school directly to request removal from tenant-level records; we facilitate this with the tenant on request.

Confirmation email — what to expect

Subject: Your Udyamik data-deletion request is complete

Hi [name],

We have completed the deletion of your personal data as requested on [date]. The following has been deleted:

  • Your identity record and contact details
  • Your personal document vault ([N] documents)
  • Your trusted devices and PIN registrations
  • Your cross-org feed history

The following has been retained in anonymised form, as required by Indian law:

  • Payment records from [date] to [date] (anonymised)
  • Audit-log entries where you were the actor (anonymised)

Thank you for using Udyamik. If you have any questions about this deletion, reply to this email — it reaches our Grievance Officer directly.

Escalation

If your deletion request is not handled to your satisfaction within the 30-day SLA, you may escalate to our Grievance Officer via /legal/grievance (response within 15 working days per DPDP §10). You also have the right to complain to the Data Protection Board of India once that body is operational.

For users who signed in through a Meta service

If you used Meta Login or our Meta-connected WhatsApp number to sign in, the above paths apply unchanged — deletion covers both the Udyamik-side record and disconnection of the Meta-side permission grant. No separate Meta deletion request is necessary on our end.