Privacy & Data Protection

Last Updated: 16 May 2026  |  Effective Date: 16 May 2026  |  Version: 1.0  |  Jurisdiction: India (DPDPA 2023)

S1 Introduction & Identity of the Data Controller

This Privacy Policy ("Policy") is published by Twins Consultancy ("Company," "we," "us," or "our"), a licensed insurance consultancy operating under IRDAI guidelines, headquartered at Karur, Tamil Nadu, India. We operate the website www.twinsure.com ("Platform").

This Policy governs the collection, processing, storage, and transfer of personal data provided by users ("you," "your") in connection with our insurance consultancy and related financial services. By accessing or using our Platform, you acknowledge that you have read, understood, and agree to be bound by this Policy.

S2 Scope of This Policy

This Policy applies to:

• Visitors who browse the Platform without registering;
• Prospective customers who submit enquiry or contact forms;
• Users who interact with our Smart Recommendation Engine;
• Individuals who request callback slots or agent assistance;
• Any person whose personal data is processed in connection with our services.

S3 Information We Collect

3.1 Information You Provide Directly

3.2 Information Collected Automatically

When you visit our Platform, we may automatically collect:

• IP address and approximate geographic location;
• Browser type, version, and operating system;
• Pages visited, time spent, referral URLs;
• Device identifiers (where permitted by law).

S4 Legal Basis for Processing

Under the Digital Personal Data Protection Act, 2023 (DPDPA) and applicable Indian law, we process your data on the following lawful bases:

• Consent: Where you have expressly agreed (e.g., submitting the recommendation engine or contact form);
• Contractual Necessity: To provide the insurance consultancy services you request;
• Legitimate Interest: To improve our Platform, detect fraud, and protect security;
• Legal Obligation: Where required by IRDAI regulations, tax law, or court orders.

S5 How We Use Your Information

• To respond to enquiries and contact form submissions;
• To process and personalise insurance recommendations;
• To schedule and conduct agent callback appointments;
• To send policy-related correspondence and renewal reminders (with consent);
• To comply with IRDAI regulatory reporting requirements;
• To improve Platform functionality and user experience;
• To detect, prevent, and investigate fraud or security incidents;
• To maintain internal records and administrative functions.

S6 Data Sharing & Disclosure

We do not sell, rent, or trade your personal data. We may share data strictly as follows:

• Insurance Partners: Licenced insurers (LIC, HDFC Life, Star Health, etc.) for policy underwriting, with your explicit consent;
• Technology Providers: Cloud hosting and database services bound by confidentiality obligations;
• Regulatory Bodies: IRDAI, Income Tax Department, or other authorities as legally required;
• Professional Advisors: Lawyers or auditors under strict professional privilege;
• Business Transfers: In the event of a merger or acquisition, subject to equivalent privacy protections.

S7 Data Retention

S8 Your Rights Under DPDPA 2023

As a Data Principal under the Digital Personal Data Protection Act, 2023, you have the right to:

• Access: Request a copy of the personal data we hold about you;
• Correction: Request correction of inaccurate or incomplete data;
• Erasure: Request deletion of your data, subject to legal obligations;
• Withdraw Consent: Withdraw consent at any time without affecting prior processing;
• Grievance Redressal: Lodge a complaint with us or the Data Protection Board of India;
• Nominate: Nominate another individual to exercise rights on your behalf in case of death or incapacity.

To exercise any right, contact our Grievance Officer at privacy@twinsure.com or write to us at our registered office. We will respond within 30 days as required by law.

S9 Data Security

We implement industry-standard technical and organisational measures to protect your data, including:

• Encrypted data storage (AES-256) and transmission (TLS 1.3);
• Role-based access controls restricting data access to authorised personnel only;
• Regular security audits and penetration testing;
• Incident response procedures with mandatory breach notification.

While we take every reasonable precaution, no internet transmission is 100% secure. You transmit data at your own risk.

S10 Cookies & Tracking

We use only essential session cookies required for Platform functionality. We do not use advertising, tracking, or third-party analytics cookies without your consent. You may disable cookies in your browser settings, though this may impair certain features.

S11 Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal data from minors. If you believe we have inadvertently collected data from a minor, please contact us immediately for deletion.

S12 Cross-Border Data Transfers

Your data is primarily stored and processed in India. Any cross-border transfer will be conducted only to countries providing equivalent data protection standards, and subject to appropriate contractual safeguards.

S13 Changes to This Policy

We may update this Policy from time to time. Material changes will be notified via email (if provided) or a prominent notice on the Platform. Continued use after such notice constitutes acceptance.

S14 Contact & Grievance Officer

For privacy-related queries, concerns, or to exercise your rights:

• Grievance Officer: [Name to be designated]
• Email: privacy@twinsure.com
• Address: Twins Consultancy, Karur, Tamil Nadu — 639 001
• Response Time: Within 30 days of receipt