In-app Privacy Policy.

This Privacy Policy ("Policy") explains how Lyfebynary 0103 LLP ("The Way Home", "we", "us", "our") collects, uses, shares, stores, and protects personal data when you use our websites and mobile applications under the brand The Way Home (collectively, the "Platform").

We are committed to protecting your privacy and processing your personal data in accordance with the Digital Personal Data Protection Act, 2023 ("DPDP Act") and applicable Indian laws.

By using the Platform, you acknowledge that you have read and understood this Policy.

For the purposes of the DPDP Act:

This Policy applies to:

• Personal data collected in digital form, or
• Personal data collected in non-digital form and later digitised,

through:

• Websites: www.thewayhome.app, www.thewayhome.app, www.thewayhome.app
• Mobile applications: The Way Home (Android and iOS)

This Policy does not apply to:

• Anonymised or aggregated data that cannot reasonably identify you
• Non-personal data

"Personal Data" means any data about an individual who is identifiable by or in relation to such data.

"Data Principal" means the individual to whom the personal data relates.

"Processing" means any operation performed on personal data, including collection, storage, use, sharing, or deletion.

We collect personal data only where necessary for providing our services.

5.1 Information You Provide Directly

This includes:

Profile and account details

• Name, photograph, gender, date of birth, nationality
• Email address, phone number, address
• Similar details of family members added by you

Household and service information

• Names and salaries of domestic staff
• Household assets (vehicles, appliances, etc.)

Financial and transactional data

• Bills, receipts, spending records
• Bank, card, investment, retirement and tax documents

Uploaded documents

• Identity documents (Aadhaar, PAN, passport, driving licence, voter ID, ration card)
• Property, insurance, medical, career, income-tax and investment documents

Communications

• Messages with customer support
• Feedback, surveys, complaints
• Information shared during legal or regulatory interactions

Providing this data is voluntary, but some services may not function without it.

5.2 Information Generated Through Your Use of the Platform

We collect data relating to your usage, including:

• Clicks, searches, views, and actions
• Features used and content created (to-do lists, calendars, uploads)
• Time, frequency, and duration of use
• Mentions by other users (where applicable)

5.3 Device and Technical Information

This may include:

• Device identifiers (IMEI, IP address, UUID)
• Operating system, browser, network information
• Location data (where permitted)
• App foreground/background activity
• Error logs, performance data
• Metadata associated with uploaded content

5.4 Information from Third Parties

We may receive personal data from:

• Authentication providers (e.g., [Google / Meta] login)
• Payment service providers
• Analytics and infrastructure partners
• Public databases or lawful sources

Such data is processed only where legally permitted.

We process personal data only for the following purposes:

6.1 Providing Our Services

• Creating and managing your account
• Enabling household management features
• Facilitating transactions and bill payments
• Connecting you with partner services (with consent)

6.2 Improving and Securing the Platform

• Feature development and testing
• Analytics and usage insights
• Security monitoring and fraud prevention
• Internal research and system improvements

6.3 Communication

• Service updates and notifications
• Customer support and grievance handling
• Feedback and surveys
• Transaction confirmations and OTPs

6.4 Legal and Regulatory Compliance

• Compliance with laws and court orders
• Audits, investigations, and regulatory requests
• Enforcement of legal rights

6.5 Other Purposes

• Any other purpose for which you provide specific consent

We process personal data:

• Primarily based on your consent, obtained through clear affirmative actions within the Platform, or
• Without consent, where permitted under the DPDP Act, such as for legal compliance or contractual necessity

You may withdraw your consent at any time as described below.

You may withdraw your consent by:

• Accessing Privacy Settings within the The Way Home app, or
• Writing to us at info@thewayhome.app

Upon withdrawal, we will stop processing the relevant personal data unless retention is required by law.

We do not sell your personal data.

We may share personal data with:

9.1 Group Entities

For internal operations and service delivery, on a need-to-know basis.

9.2 Service Providers and Partners

Including:

• Cloud hosting providers
• Payment processors
• Analytics and security vendors
• Customer support and infrastructure providers

All such entities are contractually required to protect your data.

9.3 Legal and Emergency Situations

Where required by law, court order, or to respond to medical emergencies threatening life or health.

9.4 Public Disclosure by You

Where you voluntarily make information public through the Platform.

We use cookies, SDKs, and similar technologies to:

• Enable core functionality
• Remember preferences
• Analyse usage and improve services

Third-party analytics and advertising cookies may be used, subject to your choices.

Entities using cookies: [■ REQUIRED INPUT – list entities and purposes]

You may manage cookies through browser or device settings.

We retain personal data only as long as necessary for the purposes stated above.

Indicative retention periods:

• Account data: until account deletion + [■ REQUIRED INPUT]
• Financial records: [■ REQUIRED INPUT – statutory period]
• Support communications: [■ REQUIRED INPUT]
• Security logs: [■ REQUIRED INPUT]

Where deletion is requested, data may be retained if required for legal or safety reasons.

We implement reasonable technical and organisational safeguards to protect personal data, including:

• Encryption
• Access controls
• Monitoring and incident response procedures

In the event of a personal data breach, we will:

• Notify the Data Protection Board of India, where required
• Inform affected Data Principals, as applicable

• The Platform is intended for individuals 18 years and above
• Personal data of children is processed only with verifiable parental or guardian consent
• We do not engage in targeted advertising or profiling of children

You may:

• Request access to a summary of your personal data
• Request correction or updating of inaccurate data
• Request erasure of personal data
• Withdraw consent
• Nominate another person to exercise your rights in case of death or incapacity

Requests can be made through [■ REQUIRED INPUT – rights request mechanism].

If you are not satisfied with our response, you may have the right to escalate the matter to the Data Protection Board of India in accordance with applicable law.

Your personal data may be processed or stored outside India, subject to applicable law and safeguards.

Primary hosting regions: [■ REQUIRED INPUT]

We may update this Policy from time to time. Material changes will be communicated through the Platform. Continued use of the Platform constitutes acceptance of the updated Policy.