Legal

Privacy Policy

Last updated: 2026-05-29

TGSubsBot ("we", "us") operates the TGSubsBotService. This Privacy Policy explains what personal information we collect, why we collect it, and how we protect it. By using the Service, you consent to the practices described here.

1. Information We Collect

1.1 Account information

  • Name, email address, phone number
  • Authentication credentials (hashed password)
  • Telegram bot token and channel/group IDs (provided by you)

1.2 Payment information

Card numbers, UPI IDs, and bank details are collected and processed directly by our payment processors (Razorpay, Cashfree). We store only a transaction reference, the amount, and the status — never the full card or bank number.

1.3 Usage data

  • IP address, browser type, device type
  • Pages visited, actions taken inside the dashboard and mini-app
  • Subscriber and transaction logs you create through the Service

1.4 Cookies

We use first-party cookies for session authentication and analytics. You can disable cookies in your browser settings, but parts of the Service may not work.

2. How We Use Your Information

  • To provide, maintain, and improve the Service.
  • To process payments and issue receipts.
  • To send transactional emails (login alerts, payment receipts, expiry notices).
  • To send service updates and, with your consent, marketing emails.
  • To detect, prevent, and address fraud, abuse, and security incidents.
  • To comply with legal obligations (income tax, GST, KYC, lawful requests).

3. Sharing of Information

We share information only with:

  • Payment processors — Razorpay and Cashfree, for processing transactions.
  • Telegram — message and member data is sent to Telegram's API to deliver the Service.
  • Cloud infrastructure providers — hosting, email, and analytics vendors operating under data-processing agreements.
  • Law-enforcement — when required by a valid legal request under Indian law.

We do not sell your personal information to third parties.

4. Data Retention

We retain account and transaction records for as long as your account is active and for up to 8 years thereafter, to comply with Indian tax law (Section 44AA of the Income Tax Act and GST record-keeping rules).

5. Security

We use HTTPS/TLS for all traffic, password hashing (bcrypt), JWT-based session tokens, and encrypted storage for sensitive credentials. No system is 100% secure; we cannot guarantee absolute security but we follow industry best practice.

6. Your Rights

Under the Digital Personal Data Protection Act, 2023, you have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request erasure of your account and data (subject to legal retention).
  • Withdraw consent to marketing communications.
  • Lodge a complaint with the Data Protection Board of India.

To exercise these rights, email support@tgsubsbot.com.

7. Children

The Service is not intended for users under 18. We do not knowingly collect data from children.

8. International Transfers

Some of our processors operate outside India. Where applicable we ensure equivalent safeguards through data-processing agreements.

9. Changes

We may update this Policy from time to time. Material changes will be notified by email or in-product banner. Continued use after the change constitutes acceptance.

10. Grievance Officer

As required under the IT Rules, 2011 and DPDP Act, 2023, you may contact our Grievance Officer at support@tgsubsbot.com for any complaint or concern. We will respond within 30 days.