Privacy Policy

Last Updated Date : August 25, 2021

We at Kutumba are completely committed to keeping your data secure, we don’t collect any sensitive financial information, and are transparent about our practices.

Sri Vijayarayaru Software Private Limited operate our web application https://app.kutumba.one/ and our website https://www.kutumba.one/ under brand names Kutumba, Kutumba.one.

Kutumba empowers your family by encouraging you to discover, document, risk-proof, and share your financial life information with your family.

Kutumba is committed to operating its website and web applications with the highest ethical standards and appropriate internal controls. We take your privacy extremely seriously. Your privacy is important to us and maintaining your trust is paramount. This Privacy Policy explains how Kutumba collects, uses & protects your information when you access Kutumba website(s) & web apps (collectively referred to as “Services” or “Application”). We encourage you to read this Privacy Policy. By using Kutumba Services you agree to the terms of the Privacy Policy. If you are not comfortable with any of the terms or policies described in this Privacy Policy, you may choose to discontinue usage of Kutumba Services by deleting the Kutumba account. You can also email us at support@Kutumba.one to update or delete your personal information that Kutumba has collected.

Kutumba does not knowingly collect or solicit personal information from anyone under the age of 18. If you are under 18, please do not attempt to register for the Services or send any personal information about yourself to Kutumba. If Kutumba learns that we have collected personal information from a person under the age of 18, we will delete that information immediately. If you believe that a person under the age of 18 may have provided us with personal information, please contact us at support@Kutumba.one.

What information does Kutumba collect?

We receive and store only that information which you knowingly provide to us or with your explicit consent. You can delete the account by using the web application which deletes all the information stored related to Kutumba members and financial assets added by the customer.You can always delete this information by writing to us at support@Kutumba.one.

Below is the list of information we collect:

Upon creating a New Account : When you create a new account to use the Services, we request for the following information:

  • Mobile number, first name, last name, email
  • Over a survey we might ask for your profession, date of birth, gender and marital status to understand the customer demographic better

Upon Sign-up : When user logs in to Kutumba:

  • Customer will have the option to add the details of their “Kutumba members” (information regarding the family/friends/loved ones with whom the financial life information will be shared).
  • Non-sensitive financial information like bank account number, where the bank account is located and similar details for other financial assets may be collected for recording the details of the financial life information.

We DO NOT ask for any sensitive financial information like CVV, password or other financially sensitive information for any of the financial assets covered as part of Kutumba services.

All the information related to the user’s financial assets added manually by the User:

  • Details regarding the financial assets like bank accounts, insurance, pension schemes etc. are added by the user using the forms in Kutumba web app manually. Not all the fields in the form are mandatory.
  • Details of the family members with whom they want to share the financial life information and the nominee(s) of financial assets which are all added according to the User’s discretion.

Please note that we will never rent or sell your information or data to anyone. We never use or transfer the data collected on our application for serving ads, including retargeting, personalized, or interest-based advertising.

Why does Kutumba ask for this information?

Kutumba is a financial awareness and preparedness tool for you and your family. Currently, we do not support auto discovery of the financial assets for our users and hence all the required information regarding the financial assets and family/friends with whom the financial information is shared is manually added by the user with their consent.

Third Party APIs/Services
To auto-populate the financial information automatically we might use third party applications or services to get your credit score or use the account aggregator, an RBI initiative to discover all the financial information WITH USER CONSENT ONLY.

Cookies & Third Party Analytics Services

We use Local Storage Objects (LSOs) to store content information, preferences and to keep you signed-in. We identify the User’s signed-in state with a token and a userid. The LSO token expires when the User logs out of our website or web application.

We do not collect any information about your online activity when you sign-out and/or leave our services.

We use third party analytic services in order to better understand user engagement with our Services. When a user browses or uses the Services, these third party analytic services may collect the user’s IP address, browser type, and approximate location (based on the IP address). They may also use web logs or web beacons and may set and access cookies on your computer or other device. In order to provide a superior user experience, we provide the third party analytic service providers with User’s demographic information at Kutumba along with User’s movements on Kutumba website and web applications.

 These third party analytics services may deploy cookies on your browser. Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications and services that you do not wish such operators to track certain of your online activities over time and across different websites. Do Not Track signals are set on a browser-by-browser basis, so you must set them on every browser you use if you do not wish to be tracked.

Does Kutumba Share Personal Information?

We neither rent nor sell your personal Information to anyone. However, we may share your Personal Information with third parties as described in this section:

  1. We only transfer the data to others if necessary to provide or improve user-facing features that are prominent in the requesting application’s user interface. We may also transfer data as necessary to comply with applicable law or as part of a merger, acquisition, or sale of assets with notice to users. All other transfers or sales of the user data are prohibited
  2. We don’t use or transfer the data for serving ads, including retargeting, personalized, or interest-based advertising; and
  3. We don’t allow humans to read the data, unless :
    • (a) We first obtain your affirmative agreement for specific purposes;
    • (b) It is necessary for security purposes (such as investigating a bug or abuse);
    • (c) It is necessary to comply with applicable law; or
    • (d) Our use is limited to internal operations and the data (including derivations) have been aggregated and anonymized.

These prohibitions of user data apply to all the information/data obtained from you with your explicit consent. Our employees, agents, contractors, and successors comply with this Policy.

Changes to Privacy Policy

Kutumba reserves the right to change this policy from time to time. Any changes shall be effective immediately upon the posting of the revised Privacy Policy. While we will make reasonable efforts to keep you posted on any updates to this privacy policy, to make sure that you are aware of any changes, we recommend that you review this policy periodically. If you are not comfortable with any of the changes to Privacy Policy you may choose to discontinue the usage of Kutumba website or web applications. You can also email us at  support@Kutumba.one to update or delete your personal information that Kutumba has collected or alternatively delete your account using the Kutumba web application.

Privacy Questions and Access

If you have questions, concerns, or suggestions regarding our Privacy Policy, please contact us immediately at support@Kutumba.one 

In certain cases, you may have the ability to view or edit your personal information online. In the event that your information is not accessible online and you wish to change or delete your personal information or any other information that you may have provided, please contact us immediately at support@Kutumba.one

Security and Responsible Disclosure

We at Kutumba are committed to protecting our client’s data and privacy. We blend security at multiple steps within our products with state-of-the-art technology to ensure our systems maintain strong security measures. The overall data and privacy security design allows us defend our systems ranging from low hanging issues up to sophisticated attacks.

If you are a security enthusiast or a researcher and you have found a possible security vulnerability on Kutumba, we encourage you to report the issue to us responsibly.

You could submit a bug report to us at   support@Kutumba.one with detailed steps required to reproduce the vulnerability.

We shall put forth the best of our efforts to investigate and fix legitimate issues in a reasonable time frame. Meanwhile, we request you not to publicly disclose it. Additionally, if you have suggestions on how we could improve our security systems to make it more robust and safe for all users, you can share those with us at  support@Kutumba.one

Privacy Practices

  • We will never rent or sell your information or data to anyone. We never use or transfer your data for serving ads, including retargeting, personalized, or interest-based advertising;
  • We will never provide any part of your information to anyone unless explicitly agreed by you.
  • Please refer to our Privacy Policy for more information

Cloud Infrastructure

  • Kutumba is hosted on a Virtual Private Cloud on Amazon Web Services which provides a secure and scalable technology platform to ensure that we can provide you services securely and reliably. Our infrastructure is launched in compliance with the AWS Well Architected Framework and from the security perspective incorporating practices from the AWS Cloud Adoption Framework. It is within Indian boundary and hosted in Mumbai.
  • We use HTTPS protocol for our website and mobile applications (hereinafter referred to as “Platform”). All communication between the Platform and our servers are protected via 256 bit encrypted HTTPS protocol. This prevents MITM (Man in the Middle) attacks on our platform and the connection between us and our user is fully secure. We have strict network segmentation and isolation of environments and services in place.

Host Security

We use industry leading solutions around anti-virus, anti-malware, intrusion prevention systems, intrusion detection systems, file integrity monitoring, application control, application and audit log aggregation, and automated patching.

Data Security

  • The user log-in is based on One-Time Password (OTP) authentication on Kutumba web application.
  • All user data and internal stored data is protected by encryption at rest and sensitive data by application level encryption.
  • We employ separation of environments and segregation of duties and have strict role-based access control on a documented, authorized & need-to-use basis.
  • We use key management services to limit access to data except from the data team.
  • Stored data is protected by encryption at rest and sensitive data by application level encryption.
  • We use data replication for data resiliency & disaster recovery, snapshotting for data durability and backup/restore testing for data reliability.
  • We only use anonymized and aggregated data for internal analytics and business intelligence purposes.

Incident and Change Management

  • We have deployed mature processes around Change Management which enables us to release thoroughly tested features for you both reliably and securely enabling you to enjoy the Kutumba experience with maximum assurance and security.
  • We have a very aggressive stance on Incident Management on both Systems downtime and Security and Network Operations Center and an Information Security Management System in place which quickly reacts to, remediates or escalates any Incidents arising out of planned or unplanned changes.

Vulnerability Assessment and Penetration Testing

  • We have an in-house network security team which uses industry leading products to conduct manual and automated VA/PT activities
  • We employ both static application security testing and dynamic application security testing which is incorporated into our continuous integration/continuous deployment pipeline.
  • We will leverage CERT-IN certified auditors to do periodic external testing and audits.

Responsible Disclosure

  • We at Kutumba (Sri Vijayadasaru Software Private Limited) are committed to our user’s data and privacy.
  • We blend security at multiple steps within our products with state-of-the-art technology to ensure our systems maintain strong security measures.
  • The overall data and privacy security design allow us to defend our systems from various attacks.
  • If you are a security enthusiast or a researcher and have found a possible security vulnerability on Kutumba, we encourage you to report the issue to us responsibly.
  • You could submit a bug report to us at support@kutumba.one with detailed steps required to reproduce the vulnerability.
  • We shall put forth the best of our efforts to investigate and fix legitimate issues in a reasonable time frame. Meanwhile, we request you to not disclose it publicly.




What’s on your mind?