DPDPA.center — Terms of Service

Version: 1.0 | Effective date: 2026-06-12 Provider: CynorSense Solutions Pvt. Ltd., India (“CynorSense”, “we”, “us”) Contact: dpo@cynorsense.com

By installing or using the DPDPA.center application (the “App”), you (“you”, the “Customer” — the owner or authorized administrator of the installing site) agree to these Terms.

1. The Service

DPDPA.center provides compliance tooling for India’s Digital Personal Data Protection Act, 2023 (“DPDP Act”), including:

• a per-purpose consent ledger recording grants and withdrawals with proof;
• cookie and tracker consent capture, with scanning and consent-gating of analytics/advertising trackers;
• two-way withdrawal enforcement into your site’s marketing-consent and email-subscription records;
• a branded My Data page where your visitors verify identity via one-time code and exercise rights: consent management, §11 access/portability report download, correction, grievance, and §12 erasure requests;
• erasure executed as an immediate processing freeze with legal-hold evaluation, an automated retention clock, and final purge with proof;
• an append-only audit log of consent and erasure events.

We may improve or modify features over time, provided the core service is not materially degraded during a paid term.

2. Your responsibilities

• You are the Data Fiduciary for your visitors’ personal data; we process it as your Data Processor under the accompanying Data Processing Addendum (dpa.md).
• You must provide accurate fiduciary details (legal name, DPO email) and keep them current; rights requests and notices are routed using them.
• You are responsible for the lawfulness of your own processing purposes, notices, and policies, and for responding to Data Principals within statutory timelines. The App assists; it does not decide for you.
• You must not use the App to process data you have no lawful basis to process, to circumvent consent, or to probe or access data of persons other than your own site’s Data Principals.

3. Acceptable use

You must not: reverse-engineer, scan, or attempt to breach the App’s infrastructure or tenant isolation; resell access outside your own site; submit unlawful content via grievance/correction forms; or interfere with the service’s operation. We may suspend access for material breach, security risk, or legal requirement, with notice where practicable.

4. Plans and billing

Paid plans are billed exclusively through the app platform’s native billing (Wix Billing) at the prices and tiers shown on the App’s listing. Taxes, renewal, trial, and refund mechanics follow the platform’s billing terms. Downgrading or cancelling takes effect per the platform’s billing cycle rules.

5. Disclaimers — no legal advice, no guaranteed outcomes

The App is a compliance tool, not a law firm. It supports your DPDP Act compliance program but does not constitute legal advice, and using it does not by itself make you compliant with the DPDP Act, GDPR, or any other law, nor guarantee any outcome before the Data Protection Board of India or any regulator or court. You should consult qualified legal counsel for your specific obligations. Except as expressly stated, the App is provided “as is” without warranties of merchantability, fitness for a particular purpose, or non-infringement, to the maximum extent permitted by law.

6. Limitation of liability

To the maximum extent permitted by Indian law: (a) neither party is liable for indirect, incidental, consequential, or punitive damages, or loss of profits or goodwill; (b) CynorSense’s aggregate liability arising out of or relating to the App is limited to the fees you paid for the App in the twelve (12) months preceding the claim. Nothing limits liability for fraud, willful misconduct, or liability that cannot be limited under applicable law.

7. Term, termination, and post-uninstall data handling

These Terms apply from installation until uninstall or termination. Either party may terminate for material breach not cured within 30 days of notice.

On uninstall: your tenant is deactivated and processing for your site stops. Your tenant data (consent ledger, configuration, audit records) is retained for 90 days after uninstall so the service can be reinstated without loss, after which it is deleted — except records under an active statutory legal hold (DPDP Act §8(7), e.g., books/tax retention, approximately 8 years), which remain frozen storage-only until the retention clock expires and are then purged with proof. You may request earlier export of your consent ledger during the 90-day window via dpo@cynorsense.com.

8. General

These Terms are governed by the laws of India; courts at [PLACEHOLDER: city of exclusive jurisdiction, e.g., Hyderabad] have exclusive jurisdiction. If any provision is unenforceable, the remainder stands. We may update these Terms with notice via the App or your DPO email on record; continued use after the effective date constitutes acceptance. These Terms, together with the Privacy Policy and Data Processing Addendum, are the entire agreement between us regarding the App.