New report by NetBramha, powered by Poocho: How Indians decide whom to trust with their money →
Your savvy research assistant is here. Check out Poocho Studio.
Last updated on 12 June, 2026
This Studio Customer Privacy Policy explains how Poocho Research Technologies Private Limited ("Poocho", "we", "us", "our") collects, uses, and handles personal data relating to Customers — the Users who access or use Studio, our AI-powered research analysis product.
This policy covers two things: the personal data Poocho collects about you in your capacity as a Customer, and how we handle the Customer Data you bring to Studio for analysis. It does not cover personal data relating to Participants or Researchers — those are governed by the Participant Privacy Policy and the Recruit Researcher Privacy Policy respectively.
Where this policy uses terms defined in the Platform Terms, the Studio Product Terms, or the AI Features Addendum, they have the same meaning.
Poocho Research Technologies Private Limited operates the Platform. For the personal data described in section 2 of this policy, Poocho is the data fiduciary — we decide why and how we collect and use that data, and we are responsible for complying with the Digital Personal Data Protection Act, 2023 ("DPDPA") in connection with it.
Our registered office is at E5/10 Salunke Vihar, Kondhwa, Pune 411022, India. Our grievance officer is identified in section 13.
We collect the following categories of personal data from Customers:
Account data. When you register on the Platform, we collect the information you provide: your name, email address, phone number, job title, and organisation name.
Billing data. When you purchase a Studio subscription or make a payment, we collect the billing information associated with your account. Credit card and payment details are processed and stored by our payment processor (Razorpay). We do not store raw card data ourselves.\
Usage and analytics data. We automatically collect data about how you use Studio — including the features you access, AI Features you run, session frequency and duration, browser type and version, device type, IP address, and referring URLs. We do not currently use third-party analytics tools on Studio. Usage and performance data is collected via our internal infrastructure.
Service Telemetry. When you use the AI Features in Studio, we and our AI sub-processors collect operational metadata about how those Features perform — for example, request volumes, error rates, latency, and feature engagement. Service Telemetry is operational metadata only. It does not include the content of your Customer Data, transcripts, documents, or queries, and it does not include personal data of identified or identifiable individuals. The distinction between Service Telemetry and Customer Data is set out in the AI Features Addendum.
Communications. If you contact us — for support, account queries, or grievances — we keep a record of that correspondence.
Studio does not currently integrate with third-party identity or single sign-on providers.
We use your personal data to:
We do not use your personal data or Customer Data to train artificial intelligence or machine learning models. We do not sell your personal data. The full statement of our no-training commitment, and its limited exceptions for Service Telemetry, is in the AI Features Addendum.
We do not share your personal data with third parties except in the following circumstances:
Sub-processors. We use third-party service providers to help us operate Studio. We describe these in section 6 and list them on our Sub-processor List.
Legal obligations. Where we are required to disclose your data under applicable law, court order, or regulatory requirement.
Business transfers. In connection with a merger, acquisition, or sale of all or a material part of our business, your data may transfer to the successor entity, subject to the protections in this policy.
With your consent. For any other purpose you have specifically authorised.
Customer Data is the content you upload to Studio for analysis — recordings, transcripts, documents, and any outputs generated from them, including AI Output. The full definition is in the Studio Product Terms.
You are the data fiduciary for Customer Data. You decide what you upload to Studio, what AI Features you run over it, and what you do with the outputs. Poocho processes Customer Data on your behalf as a data processor, solely to provide Studio to you and on your instructions.
Your responsibilities as data fiduciary for Customer Data — including ensuring you have a lawful basis to upload and process personal data appearing in your Customer Data, and complying with the DPDPA — are set out in the Studio Product Terms and the AI Features Addendum.
AI Output generated by Studio from your Customer Data is your Customer Data. As between you and Poocho, you own it. The full position on AI Output — including what it is, what it is not, and your responsibility for how you use it — is in the AI Features Addendum and clause 3.1 of the Studio Product Terms.
We do not use Customer Data to train, fine-tune, or otherwise improve our AI models or those of our AI sub-processors. The AI Features Addendum is the authoritative home for this commitment. This policy does not repeat it, but the commitment applies in full.
You may upload to Studio only Customer Data that you have the right to upload and process for your purposes. The rules on what you may and may not upload — including special category and sensitive data — are in clause 3.4 and 3.5 of the Studio Product Terms and the Fair Use and Acceptable Use Policy.
We use third-party service providers ("sub-processors") to help us operate Studio — including cloud hosting, transcription and translation services, and providers of artificial intelligence and machine learning capabilities. When you use the AI Features, Customer Data is transmitted to the relevant AI sub-processors as needed for those Features to run. The specific sub-processors, the categories of Customer Data sent to each, and the purpose of each transmission are set out on the Sub-processor List.
Every sub-processor that processes Customer Data or personal data relating to Customers is bound by a written contract with Poocho requiring confidentiality, appropriate security, purpose limitation, and compliance with our no-training commitment. We remain responsible to you for the acts and omissions of our sub-processors, subject to the limitations in the Platform Terms and any applicable Data Processing Addendum.
Some of our sub-processors process data outside India — in particular, AI sub-processors in the AI Features pipeline process data via infrastructure in the United States. The location of processing for each sub-processor is set out on the Sub-processor List. We take steps to ensure that cross-border transfers of personal data are made only in compliance with applicable requirements under the DPDPA as notified from time to time.
Your account data is retained for as long as your account is active. If you request deletion of your account:
Customer Data is retained on the Platform for the duration of your active Studio subscription. When your Studio subscription ends — by termination, non-renewal, or otherwise — we retain Customer Data on the Platform for 30 days after the subscription end date, so you have time to export anything you need. After that period, Customer Data is deleted from the Platform.
You can delete Customer Data at any time during your subscription using the tools available in Studio, or by writing to us at the contact in section 14. Once Customer Data is deleted from the Platform, Poocho no longer holds it. Your obligations in respect of Customer Data you have exported from Studio are set out in clause 6.5 of the Studio Product Terms.
We may retain certain system and financial records only as necessary to maintain referential integrity, comply with legal obligations, or for other legitimate business purposes.
We implement technical, organisational, and physical security measures to protect Customer Data and your personal data from unauthorised access, disclosure, alteration, and loss. Our current security measures are described in the Annex to the Customer Data Processing Addendum, available on request.
No security measure is absolute. In the event of a personal data breach affecting Customer Data or your personal data, we will notify you without undue delay in line with our obligations under the DPDPA and any applicable agreement.
Studio is intended for use by organisations and individual professionals. We do not knowingly collect personal data from individuals under 18 years of age through the Customer registration flow. If you need to process personal data relating to children as part of your Customer Data, you must comply with clause 3.5 of the Studio Product Terms and the Fair Use and Acceptable Use Policy, and obtain Poocho's prior written approval before uploading.
Under the DPDPA, you have the following rights as a data principal in relation to the personal data Poocho holds about you as a Customer:
Right to access. You may ask us to confirm what personal data we hold about you and obtain a summary of it.
Right to correction. You may ask us to correct personal data that is inaccurate or incomplete.
Right to erasure. You may ask us to erase your personal data where we no longer have a lawful basis to retain it, subject to our legitimate business purposes and legal obligations described in section 8.
Right to nominate. You may nominate another person to exercise your DPDPA rights on your behalf in the event of your death or incapacity.
To exercise any of these rights, contact our grievance officer as set out in section 13. We will acknowledge your request within 7 business days of receipt. We will process and respond to your request within 30 days, and in any case within 90 days as required under the DPDP Rules 2025.
These rights apply to personal data Poocho holds about you as a Customer — your account data, billing data, usage data, and communications. They do not extend to Customer Data (for which you are the data fiduciary), or to personal data of third parties appearing in Customer Data that Poocho holds as your processor.
We may update this policy from time to time as Studio evolves and our data practices change. We will give you reasonable notice of any material change in line with the change-of-terms process in the Platform Terms. If you continue to use the Platform after a material change takes effect, you are taken to have accepted the updated policy.
For any questions, concerns, or complaints about how Poocho handles your personal data — including to exercise your rights under section 11 — please contact our grievance officer:
Name: Taapsi Ramchandani Email: grievance@poocho.co
We will acknowledge your communication within 7 business days of receipt. We will process and respond within 30 days, and in any case within 90 days as required under the DPDP Rules 2025.
If you are not satisfied with our response, you may approach the Data Protection Board of India in line with the DPDPA.
For general questions about your Studio account or this policy, write to studiodesk@poocho.co.
For DPDPA grievances and data principal rights requests, use the grievance officer contact in section 13.
