Privacy Policy

Effective Date: June 25, 2025

This Privacy Policy outlines how Aikubus (referred to as “we”, “us”, or “our”), primarily operating as a blog for content marketing and affiliate marketing, facilitates access to app development services by referring visitors to independent third-party platforms like Fiverr.com. We collect, process, store, and protect your digital personal data gathered directly by us, and we are dedicated to upholding your privacy rights and processing your personal data strictly in compliance with the Digital Personal Data Protection Act, 2023 (DPDP Act).

By interacting with our website and services, you acknowledge and agree to the data practices described in this Privacy Policy.

1. Who We Are (Data Fiduciary)

Aikubus, owned and operated by Subarnamoy Bose, acts as the Data Fiduciary for the personal data that we directly collect. This means we are responsible for determining the purpose and means of processing this specific data. Aikubus is registered under the Micro, Small & Medium Enterprises (MSME) category in India.

  • General Inquiries: You can find more information about Aikubus on https://aikubus.com/about/ and contact us for general inquiries through our website’s contact page: https://aikubus.com/contact/, or by emailing us at connectwithus@aikubus.com.
  • For Grievances and Rights Exercise:
    • Contact Person for Grievances: Subarnamoy Bose
    • Email for Grievances & Rights Exercise: subarnamoybose@aikubus.com

2. Definitions as per The Digital Personal Data Protection Act, 2023

For clarity and compliance, the following terms used in this Privacy Policy bear the same meaning as defined in Section 2 of the Digital Personal Data Protection Act, 2023:

  • Data Fiduciary: Any person who alone or in conjunction with other persons determines the purpose and means of processing of personal data.
  • Data Principal: The individual to whom the personal data relates.
  • Personal Data: Any data about an individual who is identifiable by or in relation to such data.
  • Processing: In relation to personal data, means a wholly or partly automated operation or set of operations performed on digital personal data, and includes operations such as collection, recording, organisation, structuring, storage, adaptation, retrieval, use, alignment or combination, indexing, sharing, disclosure by transmission, dissemination or otherwise making available, restriction, erasure or destruction.
  • Personal Data Breach: Any unauthorised processing of personal data or accidental disclosure, acquisition, sharing, use, alteration, destruction or loss of access to personal data, that compromises the confidentiality, integrity or availability of personal data.
  • Lawful Purpose: Any purpose which is not expressly forbidden by law (Section 4(2) of DPDP Act).
  • Specified Purpose: The purpose mentioned in the notice given by the Data Fiduciary to the Data Principal in accordance with the provisions of this Act and the rules made thereunder (Section 2(za) of DPDP Act).

3. Personal Data We Collect

Based on your current operations, we collect the following categories of personal data directly from you exclusively via our contact form:

  • Contact Information:
    • Name (Required)
    • Email Address (Required)

Note: We do not collect phone numbers, specific project details, or other sensitive information directly through our website forms, as all app development services are facilitated through third-party platforms. If you choose to include additional information within the free-text message field of the contact form, this information will be processed solely for the purpose of understanding and responding to your inquiry, and, if applicable, for guiding you to relevant third-party service platforms. Any personal data you provide directly on a third-party service platform (e.g., Fiverr.com) will be subject to their privacy policy, not ours.

4. How We Collect Your Personal Data

We collect your personal data directly from you when you voluntarily submit information through the following means on our website:

  • Contact Form: When you submit a general inquiry or feedback via our blog’s contact form (e.g., on https://aikubus.com/contact/), we collect your Name and Email address. This data is collected solely for the purpose of responding to your specific inquiry or feedback, which may include providing information about our blog content, affiliate products, or guiding you towards third-party service providers for app development needs.

Notice at Collection (Section 5(1) of DPDP Act): Prior to obtaining your consent, a clear and prominent notice, which is this Privacy Policy, is provided to you via a prominent link directly adjacent to or accessible from our contact form. This notice details the categories of personal data collected, the specific purposes for which it will be processed, and clearly informs you about your rights as a Data Principal under Sections 6(4) and 13 of the DPDP Act, as well as the procedure for lodging a complaint with the Data Protection Board of India. By proceeding with form submission after reviewing this policy, you signify your agreement to these terms. We ensure that this Privacy Policy is easily accessible before you provide any personal data.

5. Purposes of Processing Your Personal Data (Specified Purposes)

We process the personal data collected directly by us for the following specified purposes, as explicitly communicated to you at the time of collection (Section 5(1)(i) of DPDP Act):

  • Query Resolution: To understand and respond to your questions, feedback, or general inquiries submitted through our contact form.
  • Communication: To engage in necessary communication with you related to your interaction with our blog or your inquiries.
  • Content Marketing Engagement: To understand general user interest in our blog content and improve our offerings.
  • Affiliate Marketing: To operate our affiliate marketing initiatives by embedding links to server hosting and essential tools on our blog. While we present these recommendations, we do not track individual clicks on affiliate links or gather personal data from your interactions with them. Any data processing related to affiliate clicks occurs on the platforms of the affiliate network (Impact.com) and the respective merchants, who act as independent Data Fiduciaries for such processing.
  • Service Referral & Guidance: To understand your expressed needs for app development services and to guide you by providing information or directly referring and redirecting you to independent service providers and teams available on third-party platforms like Fiverr.com where such services can be accessed. Our role is solely to facilitate your access to these external platforms; we do not process your personal data for direct service fulfillment.

We ensure that the collection of personal data is limited to such personal data as is necessary for these specified purposes (Section 6(1) of DPDP Act).

6. Lawful Basis for Processing Your Personal Data

We process your personal data primarily based on your consent, which is obtained through a clear affirmative action (Section 4(1)(a) and Section 6(1) of DPDP Act).

7. Your Consent (Free, Specific, Informed, Unconditional, Unambiguous)

Your consent for the collection, storage, and processing of your personal data by Aikubus is obtained explicitly through a required checkbox on our contact form. You must actively tick this checkbox for the form to be submitted, demonstrating a clear affirmative action.

The consent statement presented to you is: “I consent to this website collecting, storing, and processing the personal information I have provided for the purpose of contacting me regarding blog content updates, relevant product offers (including those from affiliate partners), and inquiries related to app development services (which will involve redirection to third-party platforms), as detailed in the Privacy Policy.”

This consent is free, specific, informed, unconditional, and unambiguous, as required by Section 6(1) of the DPDP Act.

Your Right to Withdraw Consent (Section 6(4) of DPDP Act): You, as the Data Principal, have the right to withdraw your consent at any time. The ease of withdrawing consent is comparable to the ease with which it was given (Section 6(4) of DPDP Act). Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal (Section 6(5) of DPDP Act).

Consequences of Withdrawal (Section 6(5) of DPDP Act): Please be aware that withdrawing your consent may impact our ability to respond to your inquiries or engage in further communication with you, as our processing of your personal data is primarily based on your consent. For example, if you withdraw consent, we may be unable to respond to a query you submitted via the contact form. Similarly, if you withdraw consent for marketing communications, you may no longer receive updates on blog content or relevant offers.

How to Withdraw Consent: To withdraw your consent, please contact us at connectwith@aikubus.com or visit contact page on (https://aikubus.com/contact/). Upon receiving your withdrawal request, we will, within a reasonable time, cease and cause any Data Processors on our behalf to cease processing the personal data of such Data Principal, unless such processing without your consent is required or authorised under the provisions of this Act or any other applicable law in India (Section 6(6) of DPDP Act).

8. Data Retention (Purpose Limitation and Storage Limitation)

We retain your personal data only for as long as necessary to fulfil the specified purposes for which it was collected, or as required by law (Section 8(7) of DPDP Act).

  • Inquiry Data: Personal data collected via contact forms (Name, Email) will be retained for 12 months from the date of your last interaction with us or from the resolution of your inquiry, whichever is later. This period allows us to adequately address your needs and refer you to appropriate third-party services. If no further engagement occurs within this period, your personal data will be erased, unless otherwise required by law (Section 8(7) of DPDP Act).

Once the specified purpose for which the data was collected is no longer served, and there is no legal obligation requiring its retention, your personal data will be erased. We do not retain personal data indefinitely.

9. Data Security Measures (Reasonable Security Safeguards)

We implement appropriate technical and organisational measures to ensure effective observance of the provisions of the DPDP Act and the rules made thereunder (Section 8(4) of DPDP Act). We are committed to protecting personal data in our possession or under our control by taking reasonable security safeguards to prevent personal data breach (Section 8(5) of DPDP Act).

We adhere to the principles of ‘data protection by design’ and ‘data protection by default’ by integrating privacy considerations into our data processing activities from their inception and ensuring that, by default, we only collect and process personal data necessary for each specific purpose.

Our security measures include:

  • Hosting Security: Our website is hosted on Cloud Hosting, which provides foundational infrastructure security, including physical and network security measures.
  • Website Security Plugins: We utilize “Wordfence Security” and “WP Armour – Honeypot Anti Spam” plugins on our WordPress website. These plugins help to protect against common web vulnerabilities, brute-force attacks, malware, and spam submissions.
  • Content Delivery Network (CDN) Security: We use Quic.cloud CDN, which includes security features such as DDoS protection and web application firewall capabilities, further safeguarding our website.
  • Access Control: Access to our website’s backend, hosting accounts, and security platform dashboards where personal data may be processed or stored is strictly restricted to Subarnamoy Bose, the sole operator of Aikubus.
  • Data Minimisation: We collect only the personal data that is necessary for the specified purposes, thereby minimizing the potential impact of any breach.

While we strive to use commercially acceptable means to protect your Personal Data, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security. In the event of a personal data breach, we will give intimation to the Data Protection Board of India and each affected Data Principal in the form and manner as may be prescribed (Section 8(6) of DPDP Act).

10. Sharing and Disclosure of Personal Data

We do not personally share your collected personal data (Name, Email) with any third parties for their independent use or marketing purposes, except as described below.

In the course of operating our website and facilitating services, certain third-party service providers may process data on our behalf, acting as Data Processors (Section 8(1) and 8(2) of DPDP Act), or you may be redirected to independent Data Fiduciaries:

  • Hosting Provider: Processes technical data necessary for website operation and hosting.
  • Website Security & Performance Providers (Wordfence, WP Armour, Quic.cloud CDN): These services process data related to website traffic, security logs, spam prevention, and content delivery optimization. This may include IP addresses and browsing behaviour for security analysis.
  • Google Search Console: Provides us with analytical data about our website’s performance in Google Search. This tool does not involve sharing your personal data collected via our forms. Google processes data about how users interact with its search engine.
  • Affiliate Network (Impact.com): Our blog includes affiliate links managed through Impact.com. When you click on an affiliate link, you are redirected to Impact.com and subsequently to the merchant’s website. Please note that we do not track individual clicks on affiliate links or gather personal data from your interactions with them. Impact.com and the respective merchants are independent Data Fiduciaries for any data they collect during this redirection and subsequent transactions. We strongly advise you to review their respective privacy policies to understand their data processing practices.
  • Third-Party Service Platforms (e.g., Fiverr.com): We may guide and redirect you to platforms like Fiverr.com for app development services where you can directly engage with us or our team. Please be aware that when you click on a link to Fiverr.com (or similar platforms) from our website, you are leaving Aikubus’s domain, and any personal data you then provide or activities you undertake on that platform are subject to their own privacy policy and terms of service. Fiverr.com and the service providers on their platform act as independent Data Fiduciaries for the processing of your personal data on their site. We do not receive any personal data you provide directly to Fiverr.com once you leave our site. We strongly recommend you review their privacy policies carefully before providing any personal data or engaging their services.
  • Advertising Platforms (Google Ads, Social Media Ads): We may use advertising platforms (e.g., Google Ads, Facebook Ads) to promote our blog content or to direct users to the app development services offered on third-party platforms like Fiverr.com. These platforms process data according to their own privacy policies for advertising delivery, performance measurement, and user targeting. We do not share personal data collected via our contact form directly with these advertising platforms for their independent advertising purposes. Your interactions with ads are governed by the privacy policies of the respective advertising platforms.

We ensure that any third-party service providers acting as Data Processors on our behalf are bound by contractual obligations to protect your personal data and process it only according to our instructions and in compliance with the DPDP Act. Where personal data is processed by a Data Fiduciary and disclosed to another Data Fiduciary, we ensure its completeness, accuracy, and consistency where applicable (Section 8(3) of DPDP Act).

11. Your Rights as a Data Principal (Chapter III of DPDP Act)

Under the Digital Personal Data Protection Act, 2023, you, as a Data Principal, possess significant rights concerning your personal data:

  • Right to Access Information about Personal Data (Section 11 of DPDP Act): You have the right to obtain from us, upon making a request in the prescribed manner, a summary of your personal data being processed, the processing activities undertaken, and the identities of other Data Fiduciaries and Data Processors with whom your data has been shared, along with a description of the data shared.
  • Right to Correction and Erasure of Personal Data (Section 12 of DPDP Act): You have the right to request the correction, completion, or updating of inaccurate or incomplete personal data, and the erasure of your personal data when its retention is no longer necessary for the specified purpose or for compliance with any law. Upon receiving such a request, we will correct inaccurate data, complete incomplete data, update data, and erase data unless retention is necessary for the specified purpose or compliance with law (Section 12(2) and 12(3) of DPDP Act).
  • Right of Grievance Redressal (Section 13 of DPDP Act): You have the right to have readily available means of grievance redressal concerning any act or omission related to your personal data.
  • Right to Nominate (Section 14 of DPDP Act): You have the right to nominate another individual who shall, in the event of your death or incapacity, exercise your rights under the Act on your behalf.

12. Your Duties as a Data Principal (Section 15 of DPDP Act)

The Digital Personal Data Protection Act, 2023, also outlines certain duties for Data Principals. While exercising your rights under this Act, you, as a Data Principal, are obliged to:

  • Comply with the provisions of all applicable laws for the time being in force while exercising rights under the provisions of this Act.
  • Ensure not to impersonate another person while providing your personal data for a specified purpose.
  • Ensure not to suppress any material information while providing your personal data for any document, unique identifier, proof of identity or proof of address issued by the State or any of its instrumentalities.
  • Ensure not to register a false or frivolous grievance or complaint with a Data Fiduciary or the Board.
  • Furnish only such information as is verifiably authentic, while exercising the right to correction or erasure under the provisions of this Act or the rules made thereunder.

Your cooperation in fulfilling these duties helps us ensure a secure and compliant data processing environment for everyone.

13. Exercising Your Rights & Grievance Redressal Mechanism

To exercise any of your rights as a Data Principal or to raise a grievance regarding the processing of your personal data, please contact our designated contact person:

  • Contact Person: Subarnamoy Bose (the sole operator of Aikubus)
  • Email for Grievances & Rights Exercise: subarnamoybose@aikubus.com

When submitting requests for correction, completion, updating, or erasure of your personal data, we request that you provide sufficient information to verify your identity and ensure the authenticity of your request. This may include providing the email address associated with your data, or other details that allow us to securely confirm your identity and the accuracy of the information you provide.

We will respond to your requests and grievances within such period as may be prescribed by the DPDP Act from the date of its receipt (Section 13(2) of DPDP Act). We encourage you to first approach us directly to redress your grievance before escalating to the Data Protection Board of India, as per Section 13(3) of the DPDP Act. Should you be dissatisfied with our grievance redressal process, or for any other matter falling under the jurisdiction of the Data Protection Board of India, you have the right to lodge a complaint with the Board. Information on the exact manner for filing a complaint with the Data Protection Board of India will be made available as per the rules prescribed under the DPDP Act.

14. Processing of Children’s Personal Data (Section 9 of DPDP Act)

We do not intentionally collect or process personal data of individuals who have not completed the age of eighteen years (children). Our services, blog content, and affiliate marketing initiatives are specifically targeted towards working individuals who are above 18 years of age and are capable of making business-related expenditures.

We do not undertake tracking or behavioural monitoring of children or targeted advertising directed at children (Section 9(3) of DPDP Act). If we become aware that personal data of a child has been collected without verifiable parental consent, we will take immediate steps to delete such information promptly (Section 9(1) of DPDP Act).

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our data processing practices, business operations, or legal requirements under the DPDP Act. We will notify you of any material changes by posting the updated policy on our website with a revised effective date. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your personal data.

16. Contact Us

For any general questions, concerns, or requests regarding this Privacy Policy or our data processing practices (excluding grievances or rights exercise), please do not hesitate to contact us at:

For general inqueries:

Email: connectwithus@aikubus.com

Contact Form: https://aikubus.com/contact/