Startups

LegalPrivacy

Last updated · May 19, 2026

Privacy policy

Contents · 8 sections
  1. 01Who this applies to
  2. 02What we collect
  3. 03How we use it
  4. 04Who we share it with
  5. 05How long we keep it
  6. 06Your rights under the DPDP Act
  7. 07Security and breach notification
  8. 08Contact us

Section 01

Who this applies to

Worth knowing

Founder data is distinct from end-user data, handled separately, on separate systems. This policy covers founders only.

This Privacy Policy applies to founders who apply to list a startup on Originn, and to founders whose startups are live on the Platform. It explains what data we collect about you and your startup, why we collect it, how we use it, who we share it with, and the rights you have under the Digital Personal Data Protection Act, 2023.

If you are a backer, visitor, registered user, or job applicant on the consumer side of Originn, the user-facing Privacy Policy applies to you instead. You will find it at originn.co.in/privacy.

If you do not agree with this Policy, do not submit an application. If you withdraw consent after acceptance, your listing will be removed in line with the Founder Agreement.

Section 02

What we collect

Information you provide at application time

  • Team composition, names, roles, contact details, founder identification
  • Product details, what you are building, current status, traction figures
  • Legal artefacts, incorporation documents, board resolutions, IP filings
  • Verification supporting evidence, demo recordings, customer references, financial summaries

Information you provide while active

  • Profile updates, descriptions, media, public team info
  • Campaign content, pre-order plans, milestones, updates to backers
  • Hiring posts and applicant communications
  • Collaboration proposals you receive and your responses
  • Messages to our support and verification teams

Information collected automatically

  • Login + session activity (when you sign in, from where, on what device)
  • Dashboard usage, which surfaces you visit, which actions you take
  • Device and connection data, browser type, operating system, IP address, approximate location
  • Cookies and similar technologies used to keep you signed in and remember your preferences

Section 03

How we use it

Verification and ongoing checks

We use the information you submit to verify your startup against the criteria published on our Evaluation Criteria page. Originn AI scans submissions for risks and problems before any human review. After your listing is live, we may periodically re-check facts that change over time (team composition, legal standing, campaign progress).

Operating your listing

We use your profile content to surface your startup on the Discover feed, match you with relevant backers and collaborators, and process pre-order campaigns you launch.

Communications

We send you account and verification notifications, milestone reminders for your campaigns, responses to your support queries, and (if you opt in) the weekly founder digest. You can opt out of the digest at any time without affecting your listing.

Compliance and platform integrity

We use your data to respond to lawful requests from government authorities, investigate suspected fraud or misuse, and protect the rights and safety of other founders, backers, and the Platform itself.

Improving the Platform

We analyse aggregated, de-identified usage patterns to improve the founder experience, what surfaces are getting used, where founders drop off, which features need work. Individual founders are not identified in these analyses.

Section 04

Who we share it with

Worth knowing

We don't sell founder data. Every external recipient has a specific operational reason.

Inside Originn

Our verification team, support team, and finance team can access founder data when they need it to do their job. Access is logged and limited to the data each role needs.

Payment and payout partners

When you raise working capital through a pre-order campaign, we share the limited information our payout partners need to disburse funds to you (registered entity name, bank details you provide, transaction amounts). They are bound by their own privacy and security obligations.

Backers who interact with your campaign

Backers see what you publish on your profile and in your campaign updates. They do not see your application data, your verification artefacts, your hiring posts, or your collaboration inbox.

Hiring applicants

Applicants to roles you post see only what you choose to publish in the role description and the public version of your company profile.

Service providers

We use third-party services for hosting, email delivery, error monitoring, and analytics. They process founder data only on our instructions and only to the extent needed to provide their service. Contracts with each prohibit them from using the data for their own purposes.

When required by law

We share data with government authorities, courts, or regulators when we are legally required to do so, or when we believe in good faith that disclosure is necessary to comply with a legal obligation.

Section 05

How long we keep it

We keep founder data for as long as your listing is active. After your listing is removed, retention periods vary by data type:

  • Legal and financial records, seven years (Companies Act + Income Tax Act requirements)
  • Verification artefacts, three years post-removal
  • Application data for rejected applications, one year
  • Campaign records and payout transaction history, seven years
  • Support communications, three years
  • Login and session logs, twelve months

You can request earlier deletion of any data not subject to a legal retention requirement. Where we cannot delete because of a legal hold, we will tell you and we will not use the data for any purpose other than honouring that hold.

Section 06

Your rights under the DPDP Act

Worth knowing

The Digital Personal Data Protection Act, 2023 gives you specific rights over the data we hold about you.

Right to access

You can ask us for a summary of the data we hold about you, why we are processing it, and who we have shared it with.

Right to correction and erasure

You can ask us to correct inaccurate data, complete incomplete data, or delete data that is no longer needed for the purpose it was collected, subject to legal retention requirements (Section 05).

Right to nominate

You can nominate another person to exercise your rights on your behalf in the event of death or incapacity.

Right to grievance redress

If you have a complaint about how we have handled your data, write to contact@originn.co.in. If you are not satisfied with our response, you may escalate to the Data Protection Board of India.

How to exercise these rights

Write to contact@originn.co.in from the email address associated with your founder account. We will respond to access and correction requests within seven business days and to deletion requests within thirty days. We may ask for verification before acting on a request, this protects you against impersonation.

Section 07

Security and breach notification

We protect founder data with industry-standard technical and organisational safeguards: encryption in transit and at rest, access controls with role-based permissions, logged administrative access, and regular security review.

No system is perfectly secure. If we detect a personal data breach that is likely to result in significant harm to founders, we will notify you and the Data Protection Board of India within seventy-two hours, in line with the DPDP Act and its implementing rules.

You can help by using a strong, unique password, enabling two-factor authentication on your founder account, and telling us immediately if you suspect your account has been compromised.

Section 08

Contact us

For any question about this Policy, to exercise your rights, or to raise a concern, write to contact@originn.co.in. We will respond within two business days for routine queries and within seven business days for rights requests.

Originn Tech is pre-incubated at Nirmaan, IIT Madras (Chennai, Tamil Nadu, India). For postal correspondence, please ask by email and we will share the current registered address.

We may update this Policy from time to time. Where an update materially affects your rights or what we do with your data, we will give you thirty days notice before it takes effect.

Privacy questions?

Ask us anything
We answer
privacy first

Originn Tech