Privacy Policy
HAFFY PROPERTIES PRIVATE LIMITED (“Owne”, “we”, “our”, or “us”) respects your privacy and is committed to protecting your Personal Data. This Privacy Policy describes the types of information we collect, how we use, disclose, transfer, store and otherwise process such information, the legal bases for processing where applicable, the choices available to data subjects, and the measures we take to safeguard Personal Data. This Policy applies to Personal Data collected through our website located at https://www.owne.in/, our mobile applications, APIs, and any other online or offline services that link to this Policy (collectively, the “Services”).
Last Updated: [20-Oct-2025]
Registered Entity: HAFFY PROPERTIES PRIVATE LIMITED, Bengaluru, Karnataka
1. Definitions
For the purposes of this Policy, the following terms shall have the meanings ascribed to them below:
“Personal Data” means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly.
“Sensitive Personal Data / Information” includes data relating to financial information (bank account details, payment card information), identity documents (PAN, Aadhaar, passport), income and employment details, and any other categories of data which may be treated as sensitive under applicable laws.
“Processing” means any operation or set of operations performed upon Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, erasure or destruction.
“Data Subject” or “you” means an individual who is the subject of Personal Data processed by Owne.
2. Scope and Applicability
This Policy governs our Processing of Personal Data collected from users of the Services including, without limitation, prospective and registered buyers, sellers, investors, agents, vendors, visitors to our websites, and any other individuals who interact with Owne (“Users”). By accessing or using the Services, you acknowledge that you have read and understood this Policy, and consent to the Processing of your Personal Data as described herein, subject to applicable law.
3. Categories of Personal Data We Collect
We collect the following categories of Personal Data, as necessary for the purposes set out in Section 4:
A. Identity & Profile Information
Full name, user name, date of birth, photographs, gender, and other profile information.
B. Contact Information
Email address, postal address, telephone number (mobile/landline), and emergency contact details.
C. Account & Authentication Data
Username, password (hashed), authentication tokens, security questions and answers, multi-factor authentication data.
D. Identification & Verification Data (Sensitive)
Government issued identity numbers and documents (Aadhaar, PAN, passport, driver’s license), proof of address, income proofs, bank statements, cancelled cheque, photographs of identity documents, and other KYC/verification data.
E. Financial & Payment Data (Sensitive)
Payment card details (only as stored/processed by our payment service providers), bank account details, transaction history, refunds, payment confirmations, escrow instructions, tax information, invoices.
F. Property & Transaction Data
Property address, ownership documents, title details, sale/lease agreements, escrow and legal documentation, rental/payment terms, valuations, inspection reports.
G. Usage, Technical & Log Data
IP address, device identifiers, browser and operating system details, clickstream data, pages visited, referral/exit pages, timestamps, geolocation (approximate via IP or precise if enabled), cookies and similar tracking technologies.
H. Communications & Support Data
Correspondence between you and Owne, call recordings (if consented or notified), chat transcripts, support tickets, feedback, dispute information.
I. Marketing & Preference Data
Communication preferences, newsletter preferences, marketing consents, demographic and preference data.
J. Third-Party Data
Data obtained from third parties (employment verification services, credit bureaus, property registries, publicly available sources, partners), including credit scores and verification reports.
4. Purposes of Processing & Legal Basis
We Process Personal Data for the following purposes. Where applicable, we identify the likely legal basis for Processing (consent, contract performance, legitimate interests, compliance with legal obligations, or other lawful bases under applicable law).
Provision of Services and Contract Performance. To register your account, manage profiles, administer listings, facilitate rent-to-own transactions, escrow management, tenant placement, facilitate payments and refunds, and otherwise perform obligations under the agreements between you and Owne. (Legal basis: performance of contract / pre-contractual measures).
Identity Verification and KYC. To verify identity, perform background, employment and income verifications, conduct AML/KYC checks, and prevent fraud. (Legal basis: compliance with legal obligations and legitimate interest in preventing fraud).
Payment Processing & Financial Management. To process payments, refunds, escrow disbursements and tax reporting; to share necessary payment information with payment processors and banks. (Legal basis: performance of contract and legal obligations).
Customer Service & Communication. To respond to inquiries, provide support, send transactional communications (transaction confirmations, notices, changes to services), and to communicate about your account. (Legal basis: performance of contract / legitimate interest / consent for marketing).
Platform Safety & Fraud Prevention. To monitor, detect and prevent unauthorized access, malicious activity, fraud, or abuse of the Services. (Legal basis: legitimate interests).
Analytics & Product Improvement. To analyze usage, improve user experience, develop new features, aggregate and anonymize data for insights. (Legal basis: legitimate interests).
Marketing & Promotional Activities. To send marketing communications (with your consent where required). You may opt out of marketing communications at any time. (Legal basis: consent or legitimate interest where permitted).
Legal Compliance & Exercising Legal Rights. To comply with applicable laws, regulatory requests, court orders, tax authorities, and to establish or defend legal claims. (Legal basis: compliance with legal obligations).
Business Operations & Transactions. In connection with mergers, acquisitions, asset sales, or corporate reorganizations. Data transferred to successor entities subject to confidentiality and legal protections. (Legal basis: legitimate interest and contractual necessity).
Enforcement of Terms. To investigate and enforce our Terms of Service and other agreements. (Legal basis: legitimate interest)
5. Sources of Personal Data
We collect Personal Data directly from you (when you register, submit documents, or otherwise interact with the Services), automatically from your device and our servers, and from third parties, including but not limited to:
Payment service providers and banks;
Government and public registries;
Credit bureaus and background verification agencies;
Service providers engaged to provide identity verification and KYC;
Analytics providers and advertising networks;
Business partners, real estate agents, listing platforms;
Social networks where you sign in or permit access.
6. Disclosure and Sharing of Personal Data
We may disclose Personal Data to the following categories of recipients, limited to what is necessary for the purpose(s) of processing:
Service Providers & Subprocessors. Companies that provide hosting, payment processing, identity verification, KYC/AML services, customer support, email/SMS delivery, analytics, data storage and backup. We will require such providers to implement appropriate technical and organizational measures and process data only on our instructions.
Business Partners. Real estate developers, property owners, brokers, escrow agents, legal counsel, and other counterparties necessary to effect transactions or provide services.
Financial Institutions & Payment Gateways. Banks, payment processors, escrow agents for the purpose of executing payments and refunds.
Third-Party Advertisers. Where permitted by you and subject to your consent, advertising networks for remarketing and analytics.
Regulators and Law Enforcement. To comply with legal obligations, respond to lawful requests by public authorities, or as necessary to protect the rights, property, safety of Owne, its users or the public.
Corporate Transactions. In the event of a merger, acquisition, restructuring, insolvency, or sale of assets, we may transfer Personal Data to the acquiring entity subject to contractual protections.
Others with Your Consent. Where you authorize sharing data with a third party (e.g., mortgage brokers, agents), we will share as instructed by you.
We will not sell or rent Personal Data to third parties for their independent marketing purposes without your affirmative consent.
7. International Transfers
Personal Data may be transferred to, stored in, and processed in countries outside India where we or our service providers operate. Such transfers will be subject to appropriate safeguards (contractual clauses, data processing agreements, encryption, or other lawful transfer mechanisms) to ensure an adequate level of protection in accordance with applicable law.
8. Data Retention
We retain Personal Data for as long as necessary to fulfill the purposes set out in this Policy, to comply with legal, regulatory, tax, accounting or reporting obligations, and to resolve disputes. Specific retention periods vary by category of data and purpose; examples include:
Account data: retained for the duration of the account plus a reasonable period thereafter (usually up to 7 years) for recordkeeping and legal compliance.
Transaction and payment records: retained for statutory tax and financial reporting periods (typically 7 years, unless otherwise required).
KYC and verification documents: retained for the retention period required by law and our internal retention policy (commonly 7 years).
Log and analytics data: retained in aggregated or anonymized form where feasible; raw logs retained for a shorter period (e.g., 30–90 days) unless required for investigations.
Refer to our Retention Schedule (Annex A) for more detail. If no specific legal retention period applies, we will retain Personal Data no longer than reasonably required to provide the Services.
9. Security Measures
We implement reasonable technical, administrative and organizational measures designed to protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access. Such measures include encryption in transit and at rest where appropriate, access controls, secure development practices, regular security assessments, employee training, and contractual safeguards with subprocessors.
Notwithstanding our measures, no method of transmission or storage is completely secure. In the event of a data breach that is likely to result in a high risk to the rights and freedoms of natural persons, we will notify the affected individuals and relevant authorities in accordance with applicable law.
10. Cookies and Similar Technologies
We and our service providers use cookies, web beacons and similar technologies to collect information about usage of the Services, to enable functionality, and to provide analytics and advertising. You may manage cookie preferences via your browser settings or via any cookie consent interface provided on the website. Disabling certain cookies may limit the functionality of the Services.
11. Your Rights and Choices
Subject to applicable law, you may have the following rights in relation to your Personal Data:
Access: Request access to your Personal Data that we Process.
Rectification: Request correction of inaccurate or incomplete Personal Data.
Erasure: Request deletion of Personal Data where permitted by law (right to be forgotten).
Portability: Request a copy of your Personal Data in a commonly used, machine-readable format.
Restriction: Request restriction of processing in certain circumstances.
Objection: Object to processing based on legitimate interests or direct marketing.
Withdraw Consent: Where Processing is based on consent, withdraw consent at any time (without affecting the lawfulness of processing prior to withdrawal).
To exercise these rights, please contact our Grievance Officer at [grievance-email@owne.in] or use the Data Subject Request form at: [link]. We will respond to verifiable requests in accordance with applicable law. We may ask you to verify your identity before fulfilling a request and may refuse requests that are manifestly unfounded, excessive or where otherwise permitted by law.
12. Third-Party Services and Links
The Services may contain links to third-party websites, services, or tools that are not owned or controlled by Owne. This Policy does not apply to third-party sites. We recommend that you review the privacy policies of any third parties you visit.
13. Children
The Services are not intended for use by persons under the age of 18. We do not knowingly collect Personal Data from children under 18. If we learn that Personal Data of a child under 18 has been collected, we will take steps to delete it promptly.
14. Complaints and Grievance Redressal
If you have a complaint regarding our handling of your Personal Data, please email to home@owne.in.
We will acknowledge your complaint within [7] days and endeavour to resolve it within [30] days. You may also lodge a complaint with the applicable data protection authority as permitted by law.
15. Changes to this Policy
We may update this Policy from time to time. We will post the updated Policy with a revised “Last Updated” date. Where required by law or for material changes, we will provide prominent notice or obtain your consent.
16. Governing Law and Jurisdiction
This Policy and any dispute arising out of or in connection with this Policy shall be governed by and construed in accordance with the laws of India. The courts of [City, State — e.g., Bengaluru, Karnataka] shall have exclusive jurisdiction to resolve any disputes arising from or in connection with this Policy, subject to mandatory legal provisions.
17. Contact Information
If you have questions about this Privacy Policy or our data practices, please contact:
Haffy Properties Private Limited
[Registered Address]
Email: [support@owne.in]
Privacy Policy
HAFFY PROPERTIES PRIVATE LIMITED (“Owne”, “we”, “our”, or “us”) respects your privacy and is committed to protecting your Personal Data. This Privacy Policy describes the types of information we collect, how we use, disclose, transfer, store and otherwise process such information, the legal bases for processing where applicable, the choices available to data subjects, and the measures we take to safeguard Personal Data. This Policy applies to Personal Data collected through our website located at https://www.owne.in/, our mobile applications, APIs, and any other online or offline services that link to this Policy (collectively, the “Services”).
Last Updated: [02-Oct-2025]
Registered Entity: HAFFY PROPERTIES PRIVATE LIMITED, Bengaluru, Karnataka
1. Definitions
For the purposes of this Policy, the following terms shall have the meanings ascribed to them below:
“Personal Data” means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly.
“Sensitive Personal Data / Information” includes data relating to financial information (bank account details, payment card information), identity documents (PAN, Aadhaar, passport), income and employment details, and any other categories of data which may be treated as sensitive under applicable laws.
“Processing” means any operation or set of operations performed upon Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, erasure or destruction.
“Data Subject” or “you” means an individual who is the subject of Personal Data processed by Owne.
2. Scope and Applicability
This Policy governs our Processing of Personal Data collected from users of the Services including, without limitation, prospective and registered buyers, sellers, investors, agents, vendors, visitors to our websites, and any other individuals who interact with Owne (“Users”). By accessing or using the Services, you acknowledge that you have read and understood this Policy, and consent to the Processing of your Personal Data as described herein, subject to applicable law.
3. Categories of Personal Data We Collect
We collect the following categories of Personal Data, as necessary for the purposes set out in Section 4:
A. Identity & Profile Information
Full name, user name, date of birth, photographs, gender, and other profile information.
B. Contact Information
Email address, postal address, telephone number (mobile/landline), and emergency contact details.
C. Account & Authentication Data
Username, password (hashed), authentication tokens, security questions and answers, multi-factor authentication data.
D. Identification & Verification Data (Sensitive)
Government issued identity numbers and documents (Aadhaar, PAN, passport, driver’s license), proof of address, income proofs, bank statements, cancelled cheque, photographs of identity documents, and other KYC/verification data.
E. Financial & Payment Data (Sensitive)
Payment card details (only as stored/processed by our payment service providers), bank account details, transaction history, refunds, payment confirmations, escrow instructions, tax information, invoices.
F. Property & Transaction Data
Property address, ownership documents, title details, sale/lease agreements, escrow and legal documentation, rental/payment terms, valuations, inspection reports.
G. Usage, Technical & Log Data
IP address, device identifiers, browser and operating system details, clickstream data, pages visited, referral/exit pages, timestamps, geolocation (approximate via IP or precise if enabled), cookies and similar tracking technologies.
H. Communications & Support Data
Correspondence between you and Owne, call recordings (if consented or notified), chat transcripts, support tickets, feedback, dispute information.
I. Marketing & Preference Data
Communication preferences, newsletter preferences, marketing consents, demographic and preference data.
J. Third-Party Data
Data obtained from third parties (employment verification services, credit bureaus, property registries, publicly available sources, partners), including credit scores and verification reports.
4. Purposes of Processing & Legal Basis
We Process Personal Data for the following purposes. Where applicable, we identify the likely legal basis for Processing (consent, contract performance, legitimate interests, compliance with legal obligations, or other lawful bases under applicable law).
Provision of Services and Contract Performance. To register your account, manage profiles, administer listings, facilitate rent-to-own transactions, escrow management, tenant placement, facilitate payments and refunds, and otherwise perform obligations under the agreements between you and Owne. (Legal basis: performance of contract / pre-contractual measures).
Identity Verification and KYC. To verify identity, perform background, employment and income verifications, conduct AML/KYC checks, and prevent fraud. (Legal basis: compliance with legal obligations and legitimate interest in preventing fraud).
Payment Processing & Financial Management. To process payments, refunds, escrow disbursements and tax reporting; to share necessary payment information with payment processors and banks. (Legal basis: performance of contract and legal obligations).
Customer Service & Communication. To respond to inquiries, provide support, send transactional communications (transaction confirmations, notices, changes to services), and to communicate about your account. (Legal basis: performance of contract / legitimate interest / consent for marketing).
Platform Safety & Fraud Prevention. To monitor, detect and prevent unauthorized access, malicious activity, fraud, or abuse of the Services. (Legal basis: legitimate interests).
Analytics & Product Improvement. To analyze usage, improve user experience, develop new features, aggregate and anonymize data for insights. (Legal basis: legitimate interests).
Marketing & Promotional Activities. To send marketing communications (with your consent where required). You may opt out of marketing communications at any time. (Legal basis: consent or legitimate interest where permitted).
Legal Compliance & Exercising Legal Rights. To comply with applicable laws, regulatory requests, court orders, tax authorities, and to establish or defend legal claims. (Legal basis: compliance with legal obligations).
Business Operations & Transactions. In connection with mergers, acquisitions, asset sales, or corporate reorganizations. Data transferred to successor entities subject to confidentiality and legal protections. (Legal basis: legitimate interest and contractual necessity).
Enforcement of Terms. To investigate and enforce our Terms of Service and other agreements. (Legal basis: legitimate interest)
5. Sources of Personal Data
We collect Personal Data directly from you (when you register, submit documents, or otherwise interact with the Services), automatically from your device and our servers, and from third parties, including but not limited to:
Payment service providers and banks;
Government and public registries;
Credit bureaus and background verification agencies;
Service providers engaged to provide identity verification and KYC;
Analytics providers and advertising networks;
Business partners, real estate agents, listing platforms;
Social networks where you sign in or permit access.
6. Disclosure and Sharing of Personal Data
We may disclose Personal Data to the following categories of recipients, limited to what is necessary for the purpose(s) of processing:
Service Providers & Subprocessors. Companies that provide hosting, payment processing, identity verification, KYC/AML services, customer support, email/SMS delivery, analytics, data storage and backup. We will require such providers to implement appropriate technical and organizational measures and process data only on our instructions.
Business Partners. Real estate developers, property owners, brokers, escrow agents, legal counsel, and other counterparties necessary to effect transactions or provide services.
Financial Institutions & Payment Gateways. Banks, payment processors, escrow agents for the purpose of executing payments and refunds.
Third-Party Advertisers. Where permitted by you and subject to your consent, advertising networks for remarketing and analytics.
Regulators and Law Enforcement. To comply with legal obligations, respond to lawful requests by public authorities, or as necessary to protect the rights, property, safety of Owne, its users or the public.
Corporate Transactions. In the event of a merger, acquisition, restructuring, insolvency, or sale of assets, we may transfer Personal Data to the acquiring entity subject to contractual protections.
Others with Your Consent. Where you authorize sharing data with a third party (e.g., mortgage brokers, agents), we will share as instructed by you.
We will not sell or rent Personal Data to third parties for their independent marketing purposes without your affirmative consent.
7. International Transfers
Personal Data may be transferred to, stored in, and processed in countries outside India where we or our service providers operate. Such transfers will be subject to appropriate safeguards (contractual clauses, data processing agreements, encryption, or other lawful transfer mechanisms) to ensure an adequate level of protection in accordance with applicable law.
8. Data Retention
We retain Personal Data for as long as necessary to fulfill the purposes set out in this Policy, to comply with legal, regulatory, tax, accounting or reporting obligations, and to resolve disputes. Specific retention periods vary by category of data and purpose; examples include:
Account data: retained for the duration of the account plus a reasonable period thereafter (usually up to 7 years) for recordkeeping and legal compliance.
Transaction and payment records: retained for statutory tax and financial reporting periods (typically 7 years, unless otherwise required).
KYC and verification documents: retained for the retention period required by law and our internal retention policy (commonly 7 years).
Log and analytics data: retained in aggregated or anonymized form where feasible; raw logs retained for a shorter period (e.g., 30–90 days) unless required for investigations.
Refer to our Retention Schedule (Annex A) for more detail. If no specific legal retention period applies, we will retain Personal Data no longer than reasonably required to provide the Services.
9. Security Measures
We implement reasonable technical, administrative and organizational measures designed to protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access. Such measures include encryption in transit and at rest where appropriate, access controls, secure development practices, regular security assessments, employee training, and contractual safeguards with subprocessors.
Notwithstanding our measures, no method of transmission or storage is completely secure. In the event of a data breach that is likely to result in a high risk to the rights and freedoms of natural persons, we will notify the affected individuals and relevant authorities in accordance with applicable law.
10. Cookies and Similar Technologies
We and our service providers use cookies, web beacons and similar technologies to collect information about usage of the Services, to enable functionality, and to provide analytics and advertising. You may manage cookie preferences via your browser settings or via any cookie consent interface provided on the website. Disabling certain cookies may limit the functionality of the Services.
11. Your Rights and Choices
Subject to applicable law, you may have the following rights in relation to your Personal Data:
Access: Request access to your Personal Data that we Process.
Rectification: Request correction of inaccurate or incomplete Personal Data.
Erasure: Request deletion of Personal Data where permitted by law (right to be forgotten).
Portability: Request a copy of your Personal Data in a commonly used, machine-readable format.
Restriction: Request restriction of processing in certain circumstances.
Objection: Object to processing based on legitimate interests or direct marketing.
Withdraw Consent: Where Processing is based on consent, withdraw consent at any time (without affecting the lawfulness of processing prior to withdrawal).
To exercise these rights, please contact our Grievance Officer at [grievance@owne.in]. We will respond to verifiable requests in accordance with applicable law. We may ask you to verify your identity before fulfilling a request and may refuse requests that are manifestly unfounded, excessive or where otherwise permitted by law.
12. Third-Party Services and Links
The Services may contain links to third-party websites, services, or tools that are not owned or controlled by Owne. This Policy does not apply to third-party sites. We recommend that you review the privacy policies of any third parties you visit.
13. Children
The Services are not intended for use by persons under the age of 18. We do not knowingly collect Personal Data from children under 18. If we learn that Personal Data of a child under 18 has been collected, we will take steps to delete it promptly.
14. Complaints and Grievance Redressal
If you have a complaint regarding our handling of your Personal Data, please email to home@owne.in.
We will acknowledge your complaint within [7] days and endeavour to resolve it within [30] days. You may also lodge a complaint with the applicable data protection authority as permitted by law.
15. Changes to this Policy
We may update this Policy from time to time. We will post the updated Policy with a revised “Last Updated” date. Where required by law or for material changes, we will provide prominent notice or obtain your consent.
16. Governing Law and Jurisdiction
This Policy and any dispute arising out of or in connection with this Policy shall be governed by and construed in accordance with the laws of India. The courts of [City, State — e.g., Bengaluru, Karnataka] shall have exclusive jurisdiction to resolve any disputes arising from or in connection with this Policy, subject to mandatory legal provisions.
17. Contact Information
If you have questions about this Privacy Policy or our data practices, please contact:
Haffy Properties Private Limited
[Registered Address]
Email: [support@owne.in]