Back to Corra Club

Corra Club – Privacy Policy

Last Updated: 13 Mar 2026

Version: 1.1

This Privacy Policy explains how Corra Club (“Corra Club”, “we”, “our”, “us”) collects, processes, stores, uses, and shares your personal data in accordance with the Digital Personal Data Protection Act, 2023 (India) (“DPDP Act”).

By using Corra Club, you consent to the practices described in this Policy.

1. Data Fiduciary Details

Legal Entity Name: Corra Technologies Private Limited

Registered Address: D 406, Sispal Vihar, Sohna Road, Sector 49, 122018

Email (Grievance Officer): rohit.singh@clubcorra.com

Phone: +91 8768995553

Corra Club acts as a Data Fiduciary under the DPDP Act.

2. Categories of Personal Data We Collect

Identity & Contact Information

  • Mobile number
  • Full name
  • Email (optional)
  • City, DOB, Gender (optional)

Account & Transaction Data

  • Corra Coin balance
  • Earn/redeem transaction history
  • Uploaded receipts
  • Brand selections
  • Badge unlock status

Payment Information

  • UPI ID (for cashback payments)

Technical Data

  • IP address
  • Device/browser information
  • Authentication cookies and tokens
  • Platform analytics

Receipt Verification Data

  • Uploaded receipt images
  • OCR extracted information (brand name, amount, date)
  • Duplicate detection results

3. Gmail Integration & Google API Data Access

Corra Club may allow users to connect their Gmail account to automatically detect purchase receipts from partner brands.

If a user chooses to connect Gmail:

  • The platform reads only emails necessary to identify purchase receipts relevant to Corra Club reward submissions.
  • The platform does not read unrelated personal emails.
  • Only receipt-related metadata such as brand name, bill amount, and purchase date may be extracted.
  • Email content is processed only for the purpose of identifying eligible receipts.

Corra Club does NOT:

  • Sell Gmail user data
  • Use Gmail data for advertising
  • Use Gmail data to train AI models
  • Transfer Gmail data to third parties except for providing core platform functionality

Users may disconnect Gmail access at any time through their Google Account settings.

Corra Club’s use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

4. Purpose of Processing

Personal data is processed for:

  • Account creation and authentication
  • Reward calculation and transaction management
  • Cashback payments via UPI
  • Fraud detection and receipt verification
  • Analytics and product improvement
  • Compliance with legal obligations

5. Data Sharing

We may share data with:

Service Providers

  • Cloud infrastructure providers (AWS)
  • Authentication and OTP providers
  • Analytics providers
  • OCR processing services

Payment Infrastructure

  • UPI and banking networks for cashback payments

Legal Authorities

Where required under applicable law.

We do not sell personal data.

6. Data Retention

Personal data is retained only as long as necessary to:

  • Maintain user accounts
  • Process transactions
  • Prevent fraud
  • Comply with legal requirements

Receipt images and transaction records may be retained for audit and fraud-prevention purposes.

7. Data Security

We implement reasonable safeguards including:

  • Secure cloud infrastructure
  • Encrypted database storage (where applicable)
  • Role-based admin access
  • Access logging
  • Secure authentication systems

8. User Rights

Under the DPDP Act, users may:

  • Request access to their personal data
  • Request correction or deletion
  • Withdraw consent
  • Submit grievance requests

Requests may be sent to: rohit.singh@clubcorra.com

9. Revoking Gmail Access

Users who have connected Gmail may revoke access at any time via:

Google Account → Security → Third-party apps with account access

Revoking Gmail access will stop future email scanning.

10. Children’s Data

Corra Club is not intended for users under 18 years of age.

11. Updates to Policy

This policy may be updated periodically. Continued use of the platform constitutes acceptance of revised terms.

12. Grievance Officer

Name: Rohit Kumar Singh

Email: rohit.singh@clubcorra.com