Legal

Privacy Policy

Effective date: 15 June 2026 · Version 1.0 · Last updated: 28 June 2026

This Privacy Policy is issued by VariableWork Consulting Private Limited ("the Company", "we", "us"), CIN U78300UP2026PTC243050, registered at 1503, Tower SG-8, Saya Gold Avenue, Block-A, Shipra Sun City, Indirapuram, Ghaziabad – 201014, Uttar Pradesh. We own and operate JeevikaSetu, a voice-first marketplace connecting India's informal workers ("Setu Partners") with household, RWA and SME employers ("Setu Clients"). In respect of personal data we process, the Company acts as a Data Fiduciary under the Digital Personal Data Protection Act, 2023 and the DPDP Rules, 2025 ("DPDP").

The Platform connects Setu Partners (independent service providers — home services, domestic help, beauty and wellness, skilled trades) with Setu Clients (households and businesses that hire them). By using the Platform, you acknowledge that you have read this Policy.

1. The Data We Collect

We practise data minimisation — at the lead stage we collect only a mobile number and first name. Further data is collected only as a verification step progresses, and only with your consent.

Identity & Verification Data

  • Name, photograph, date of birth, gender.
  • Government ID details for KYC, retrieved through DigiLocker (Meri Pehchaan) and/or our verification partner (e.g. Aadhaar e-KYC, PAN, driving licence, education certificates). We retrieve only the verification result and minimum fields required; we do not ask you to send ID images over chat.
  • PAN and GSTIN of businesses and RWAs (Setu Clients), via API Setu / EntityLocker.

Contact & Location Data

  • Mobile number, email, address.
  • Device location / GPS, used for hyper-local job matching and safety features such as live tracking during an active job.

Voice Data (JeevikaSetu is voice-first)

  • Voice recordings you provide to create your profile, post or accept jobs, and navigate the app, and the text transcripts generated from them. Because voice recordings may involve characteristics capable of identifying an individual, we treat them as a sensitive category and process them only for profile creation and quality assurance.

Work & Transaction Data

  • For Setu Partners: skills, availability, ratings, job history, and bank/UPI details used solely to pay you out.
  • For Setu Clients: jobs posted, bookings, ratings, and payment records.
  • Payment data is processed by our payment partner (Razorpay); we do not store full card or bank credentials.

Usage & Device Data

  • App/usage logs, device identifiers, and similar technical data used for security, fraud prevention, and service reliability.

2. Why We Use Your Data

  • Create and manage your account, profile, and portable Career Passport.
  • Verify identity and assign Trust Tiers (Tier G – vouched, Tier V – verified, Tier B – background-verified).
  • Match Setu Clients and Setu Partners and enable bookings, including Tatkal.
  • Process payments to us and payouts to Setu Partners.
  • Operate safety features: masked calling, SOS, live tracking, women-only job preferences.
  • Maintain trust and safety on the platform, including enforcement of the Code of Conduct.
  • Provide support and resolve disputes.
  • Detect, prevent and investigate fraud and misuse.
  • Send service communications (OTP, booking, on-the-way, completion, dispute/safety alerts).
  • Comply with law and respond to lawful requests.
  • Improve the Platform.

5. How DigiLocker & API Setu Data Exchange Works

Data exchange through API Setu is direct, decentralised and consent-driven. No third-party intermediary or message broker holds your data in transit. We never receive or store your DigiLocker or Aadhaar password; access is granted through secure, time-limited tokens. Aadhaar-related data is processed in offline e-KYC form and held in a protected Aadhaar Data Vault. We do not store your full Aadhaar number in our application records; where a reference is retained, it is in masked form only.

6. Who We Share Data With

We share personal data only as needed, with:

  • Verification partners — DigiLocker (Meri Pehchaan) and our KYC/BGV provider, for identity checks. We share your verification status and trust badges with Setu Clients — not raw Aadhaar numbers or full e-KYC documents.
  • Payment partner — Razorpay, to collect payments and disburse payouts.
  • Communication partner — our DLT-registered SMS/voice provider, to send service messages.
  • Cloud hosting and infrastructure providers that run the Platform on our behalf.
  • Authorities, where required by law or to protect rights and safety.

These partners act as our Data Processors under contracts requiring appropriate security safeguards. We do not sell your personal data.

7. Cross-Border Transfers

We primarily process and store data in India. Any cross-border transfer will be carried out only as permitted under the DPDP Act. As of the date above, the Government has not notified any restricted country; we monitor this and will comply with any such restriction.

8. How We Protect Your Data

We apply reasonable security safeguards, including encryption of data in transit and at rest, an Aadhaar Data Vault, masking of phone numbers (parties never see each other's real number), role-based access controls, access logging, monitoring, and backups. In the event of a personal data breach, we will notify the Data Protection Board of India and affected Data Principals as required; our internal target is notification within 72 hours of becoming aware of a reportable breach.

9. How Long We Keep Your Data

We retain personal data only for as long as needed for the purposes above, or as required by law, after which we delete or anonymise it. Records subject to intermediary obligations under the IT (Intermediary Guidelines) Rules, 2021 are kept for a minimum of 180 days. On account closure, withdrawal of consent, or a valid erasure request, we delete or de-identify your data accordingly.

10. Your Rights as a Data Principal

Subject to the DPDP Act, you have the right to:

  • Access a summary of the personal data we process about you and how.
  • Correct, complete, update or erase your personal data.
  • Withdraw consent — as easily as you gave it.
  • Grievance redressal — have your complaint addressed by us (see Section 12).
  • Nominate another individual to exercise your rights in case of death or incapacity.

To exercise any right, contact us at grievance@jeevikasetu.com. We may need to verify your identity before acting.

11. Children

The Platform is intended for users aged 18 and above. We do not knowingly process the personal data of children without verifiable parental consent. We do not undertake behavioural monitoring of, or targeted advertising directed at, children. If we learn that we have collected a child's data without verifiable consent, we will delete it.

12. Significant Data Fiduciary Posture

Given the scale of Aadhaar-linked verification and voice processing we expect to undertake, we anticipate being designated a Significant Data Fiduciary under the DPDP Act. We are accordingly preparing to undertake periodic Data Protection Impact Assessments, appoint an independent data auditor and a Data Protection Officer based in India.

13. Grievances & Contact

For any question or complaint about your personal data, contact our Grievance Officer:

Grievance Officer: Ms. Deep Shikha

Email: grievance@jeevikasetu.com

Address: VariableWork Consulting Pvt. Ltd., 1503, Saya Gold Avenue, Indirapuram, Ghaziabad, Uttar Pradesh 201014, India

We will acknowledge your complaint within 24 hours and endeavour to resolve it within 15 days. If you are not satisfied, you may approach the Data Protection Board of India.

14. Changes

We may update this Policy. Material changes will be notified on the Platform, and where appropriate, by voice notification in Hindi. The "Last updated" date reflects the latest version.