Skip to content
Usman Khan.

Privacy Policy

Last updated: 10 May 2026

This Privacy Policy describes how Usman Khan (Sole proprietor, trading as iamuk.in) collects, uses, discloses, and safeguards information when you visit https://www.iamuk.in, sign up for our services, or otherwise interact with us. This policy is published in compliance with India's Digital Personal Data Protection Act, 2023 (DPDPA) and the Information Technology Act, 2000 (and rules thereunder).

1. Data we collect

We collect only what we need to deliver our services:

  • Account data: name, email address, and any optional profile fields you provide when signing in via magic link.
  • Payment data: we do not store full card or UPI details. Payments are processed by Razorpay; we receive only payment IDs, amounts, currency, status, and method type.
  • Service delivery data: if you submit an onboarding brief (company, AWS access plan, contact info, scope), we store this to perform the engagement you've hired us for.
  • Technical data: IP address, user agent, and basic request logs for security and abuse prevention.
  • Analytics data: aggregated, cookie-less analytics via Plausible (no personal identifiers).

2. How we use your data

  • To provide the services you purchased.
  • To send transactional emails (sign-in links, payment receipts, dunning notices, kickoff confirmations).
  • To send you the newsletter, only if you have explicitly subscribed. You can unsubscribe at any time.
  • To detect and prevent fraud, abuse, and security incidents.
  • To comply with legal obligations (e.g. tax records, anti-money-laundering checks via Razorpay).

3. Lawful basis for processing

We process your data on the basis of (a) the contract you enter into when you purchase a service, (b) your explicit consent (e.g. newsletter signup), and (c) legitimate interest in operating and securing the platform.

4. Sharing with third parties

We share data only with the service providers needed to operate https://www.iamuk.in:

  • Razorpay Software Pvt. Ltd. for payment processing.
  • Amazon Web Services, Inc. for hosting, database, and transactional email (Amazon SES).
  • Cloudflare Inc. for DNS, WAF, and DDoS mitigation.
  • Plausible Insights OÜ for cookie-less analytics.

Each processor handles your data only to perform services for us under standard contractual terms. We do not sell your personal data.

5. International transfers

Some processors operate servers outside India. Where personal data is transferred internationally, we rely on the recipient's standard contractual safeguards and the exemptions provided under the DPDPA.

6. Data retention

We retain account, billing, and engagement records for as long as required for the contractual relationship and for tax and statutory compliance (typically eight years for invoicing records under Indian law). Newsletter subscriber data is retained until you unsubscribe.

7. Your rights

Under the DPDPA you have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate or incomplete data.
  • Erase your data, subject to legal retention requirements.
  • Withdraw consent for any consent-based processing.
  • Nominate another individual to exercise rights on your behalf in case of incapacity.
  • Lodge a complaint with the Data Protection Board of India.

To exercise any of these rights, write to [email protected].

8. Cookies

We use only the essential cookies required for sign-in sessions. We do not use advertising or tracking cookies. The Plausible analytics we use is cookie-less.

9. Security

We use TLS for all data in transit, encrypt secrets at rest, restrict admin access via least-privilege IAM, and put session tokens behind short expiries. Despite reasonable precautions, no system is perfectly secure; if you believe your account has been compromised, contact us immediately.

10. Children

Our services are not directed at individuals under 18. We do not knowingly collect personal data from minors.

11. Changes to this policy

We may update this policy from time to time. The "last updated" date at the top reflects the most recent change. Material changes will be communicated via email to active customers.

12. Grievance Officer / Data Protection Contact

Usman Khan
Email: [email protected]
Address: [Your Registered Address, City, State, PIN]