Privacy Policy
Last updated: 2026-07-03
1. Introduction
The BharatGen HITL Platform (“BharatGen”, “the Platform”, “we”, “us” or “our”) is a human-in-the-loop system for linguistic data sourcing, annotation, and model evaluation across 22 Indian languages. We work with project managers, reviewers, freelance annotators, and members of the public who contribute voice recordings and other language data. This Privacy Policy explains what personal data we collect, why we collect it, how we use and protect it, and the rights available to you. It is intended to align with the Digital Personal Data Protection Act, 2023 (“DPDP Act”) and applicable rules in India.
2. Data We Collect
We collect only the data needed to operate the Platform and deliver the services requested by our clients:
- Account and profile data (PII): name, email address, phone number, role, and preferred languages for annotators, reviewers, and administrative users.
- Freelancer payment details: for freelancers and contributors who receive payment, we collect banking and payout information (such as bank account or UPI details and tax identifiers) needed to disburse earnings.
- Audio recordings and annotations: voice recordings submitted by public contributors (including via OTP or anonymous flows), transcriptions, labels, ratings, and other annotation output produced on the Platform.
- Usage and technical data: log data, device and browser information, IP address, timestamps, and actions taken on the Platform, used for security, auditing, and reliability.
- Cookies and local storage: we store authentication tokens (JWTs) in your browser’s localStorage to keep you signed in. We use strictly necessary cookies and similar technologies for session management; we do not use them for third-party advertising.
3. How We Use Data
- To create and manage accounts and authenticate users.
- To assign, perform, review, and quality-check annotation and evaluation tasks.
- To collect and process audio and language data for model training and evaluation on behalf of our clients.
- To calculate and disburse freelancer earnings and maintain required financial records.
- To secure the Platform, prevent fraud and abuse, maintain audit trails, and comply with legal obligations.
- To communicate with you about your account, tasks, payments, and service updates.
4. Legal Basis & Consent (DPDP Act, 2023)
We process personal data on the basis of your consent and, where applicable, for legitimate uses permitted under the DPDP Act, such as performing a contract with you or complying with law. Where we rely on consent — for example, when a public contributor submits a voice recording — we ask for clear, informed, and specific consent before collection, and you may withdraw that consent at any time. Withdrawing consent does not affect processing carried out before the withdrawal.
5. Data Sharing
We do not sell your personal data. We share data only as needed to operate the Platform:
- Clients: annotation output and evaluation results are delivered to the client who commissioned the work, under contractual confidentiality terms.
- Processors / infrastructure providers: we use trusted service providers to host and run the Platform, including Cloudflare (application hosting, edge, and content delivery) and Neon (managed PostgreSQL database). These providers process data on our instructions under data-processing agreements.
- Legal and safety: we may disclose data where required by law, regulation, or valid legal process, or to protect the rights and safety of users and the public.
6. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes described in this policy, to satisfy our contractual commitments to clients, and to meet legal, tax, and accounting requirements. When data is no longer required, we delete or anonymise it. Annotation and audio data are retained per the relevant project agreement and are removed or returned on completion or termination of that project.
7. Security
- Encryption in transit: traffic to and from the Platform is protected with TLS/HTTPS.
- Access controls: role-based access limits data to those who need it, and authentication is enforced across the application and API.
- Audit logging: sensitive actions are recorded in audit trails to support accountability and investigation.
- Restricted identity reveal: the ability to reveal a contributor’s identity behind anonymised or pseudonymous data is restricted to authorised roles and is itself logged.
No system can guarantee absolute security, but we take reasonable technical and organisational measures to protect your data and will notify affected persons and the Data Protection Board as required in the event of a reportable breach.
8. Your Rights
Subject to applicable law, you have the right to:
- Access a summary of the personal data we hold about you and how it is processed.
- Correction and updating of inaccurate or incomplete data.
- Erasure of your personal data where it is no longer required and there is no legal ground to retain it.
- Grievance redressal — you may raise a concern with our Grievance Officer (see Contact below), and nominate another person to exercise your rights in the event of death or incapacity.
9. Children’s Data
The Platform is not directed at children. We do not knowingly collect personal data from children (as defined under the DPDP Act) without verifiable parental or guardian consent. If you believe a child’s data has been provided to us, please contact us and we will take appropriate steps to delete it.
10. International Transfers
Our infrastructure providers may process or store data on servers located outside India. Where personal data is transferred across borders, we do so in accordance with the DPDP Act and applicable government restrictions, and we require our processors to maintain appropriate safeguards.
11. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date above and, where appropriate, notify you through the Platform. Continued use of the Platform after changes take effect constitutes acceptance of the updated policy.
12. Contact & Grievance Officer
For questions about this policy, to exercise your rights, or to raise a grievance, please contact our Grievance Officer at [email protected]. We will acknowledge and respond to requests within the timelines required by applicable law.