faff.

Privacy Policy

Version 01 · Effective 26 June 2026 · Last updated 26 June 2026

This Privacy Policy explains how Faff Technologies Private Limited (“Faff”, “we”, “us”) collects, uses, shares, processes, retains and protects your Personal Data (defined below). It is published on usefaff.com (“Website”) and is also incorporated by reference into our Terms of Use. This Privacy Policy and Terms of Use are to be read together.

The capitalised terms not defined in this Privacy Policy will have the meaning ascribed to them in the Terms of Use.

Who This Applies To & Who We Are

This Privacy Policy applies to all individuals (“you”, “user”) who access our Website, complete the onboarding form, or use our Services via WhatsApp.

We collect, use, share, retain (collectively “Process”) your Personal Data in compliance with Applicable Laws.

For the purposes of this Privacy Policy “Personal Data” means any data about an individual who is identifiable by or in relation to such data, and includes Sensitive Personal Data or Information (“SPDI”), being health information, financial information, official identifiers, biometric data, passwords, and any other data so classified under Applicable Laws. Personal Data does not include data that has been rendered anonymous in an irreversible manner such that the individual cannot be identified.

The Personal Data We Collect & Why

We collect only the data that we need to perform tasks per your explicit instructions and offer our Services. We have set out various categories of data collected by us, and the reasons for collecting them, in the following table:

CategoryExamplesWhy we collect it
Identity & contact Name, age band, WhatsApp number, alternate phone number, email, your spouse/partner’s contact details. To create and run your account, communicate with you on WhatsApp/SMS/call/email, send task updates and receipts.
Onboarding & lifestyle Referrer, household size, working hours, food and lifestyle preferences, regular vendors (chemists, salons, etc.), how you manage recurring activities. To personalise your experience and reduce the need to repeat yourself.
Addresses & locations Home, office and delivery addresses (with landmarks and pin code), pickup and drop-off locations. To execute location-specific tasks (home services, couriers, deliveries). Shared with the relevant Third-Party Provider only as needed.
Task instructions Every message you send us on WhatsApp instructing a task — text, images, audio, screenshots, attachments. To understand, plan and execute your tasks; to keep a record of your instructions for accountability and audit purposes.
Wallet & payment data Top-up records, transaction history, payment confirmations, Faff disbursement records and corresponding Wallet recovery records, last four digits of card (where applicable). We do not store your full card number, CVV, UPI PIN, ATM PIN or net-banking password. To maintain your Faff Wallet, record and account for disbursements made by Faff on your behalf and the corresponding recovery of those amounts from your Wallet balance, reconcile accounts, process refunds, and provide payment records.
Health data Prescription images, medicine names, dosages, doctor names, appointment details, diagnostic requirements. Only to execute medicine delivery, doctor / clinic / diagnostic appointment bookings or other health-related tasks per your request. Shared only with the relevant pharmacy, clinic, lab or doctor as needed.
Travel & identity documents Passport copy, visa, traveller name, age, gender and identity-document number where required by the relevant airline, hotel or visa authority. To assist with travel, hotel, visa coordination and check-in. Shared only with the relevant Third-Party Provider.
Supporting identity proofs ID and address proofs, consumer numbers, bank-account references for specific tasks (e.g., gas connection). Only where the specific task or Third-Party Provider requires them for verification.
Third-party account credentials (when you share them) Frequent-flyer logins, e-commerce or rewards-app credentials shared for a specific task. Used to perform the specific task you have asked us to do.
Service OTPs Service-start and service-completion OTPs sent by Third-Party Providers (for example, a home-service technician’s job-start OTP). Used only for the specific task. Not used to access any of your accounts. We will never ask for OTPs tied to your bank, card, UPI or other financial / government accounts.
WhatsApp metadata & website data Fact and timing of messages, message delivery/read status, your phone number; device, browser, IP, pages visited, time spent (via Google Tag Manager / Google Analytics on the Website). To run the WhatsApp service responsibly, to understand site usage, to detect fraud and abuse. We do not run targeting or advertising cookies.
Operational logs Timestamps, internal task IDs, payment references, audit trails. To run, audit, debug and improve the Services.

We collect this data either directly from you (during onboarding via WhatsApp or through an online form) or from third parties, our payment service providers (to confirm transaction status), and the Third-Party Providers themselves (to confirm bookings, delivery and refund status).

Sensitive Personal Data

We collect SPDI only when you voluntarily share it for a specific task and only with your knowledge. By sharing SPDI with us for a task, you consent to Faff using and sharing that data to the extent necessary to complete that task. You may withdraw consent at any time, though this may prevent us from completing the relevant task.

Consent & Lawful Basis for Processing

We process your Personal Data on the following lawful bases:

Withdrawing Consent

You may withdraw your consent at any time by messaging us on WhatsApp or emailing the Grievance Officer (defined below). Once you withdraw, we will, within a reasonable time, stop the processing that was based on that consent (and ask our Data Processors to do the same), unless we are required by law to retain or continue processing your data. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal, and it may affect our ability to continue providing the Services to you.

Why We Process Your Data?

We Process your Personal Data for the following purposes:

Who We Share Your Data With

We share only what is necessary, only with parties who need it, and only for the purposes in the Why We Process Your Data section.

We do not sell or rent your Personal Data. We do not use your Personal Data to train AI models. We do not build advertising profiles or share your data with third-party advertising networks.

Transfers Outside India

Some of our cloud, AI and analytics service providers may store or process your data outside India (currently including US-based data centres). Where that happens, we transfer your data only to countries that are not restricted by the Central Government, and only where the receiving party is bound by confidentiality and security commitments at least as protective as those described in this Policy. By using Faff, you acknowledge and consent to this transfer to the extent necessary for service delivery.

How Long We Keep Your Data

We retain your Personal Data only for as long as it is needed to fulfil the purpose for which it was collected, or as required by applicable law.

Information collected through our WhatsApp channel is also subject to WhatsApp/Meta’s own data retention and infrastructure policies.

How We Keep Your Data Safe

We take reasonable security safeguards aligned with industry standards and with the requirements under Applicable Laws:

If a personal-data breach affects you, we will inform you and the concerned authority in the manner and within the timelines required under the Applicable Laws; including a description of the breach, its likely consequences for you, the steps we have taken or are taking to mitigate, the safety measures you can take to protect yourself, and a person at Faff you can contact.

Your Rights Under Indian Law

You have the following rights related to your Personal Data:

To exercise any of these rights, write to us at grievance@faffit.com with enough detail (such as your registered WhatsApp number and a description of your request) so we can verify your identity.

Children’s Data

Our Platform is not intended for use by individuals under the age of 18. We do not knowingly collect Personal Data of children. Where a user (acting as parent or lawful guardian) shares a child’s Personal Data with us for a household task, we process that data only on the basis of the user’s verifiable consent and only to the extent necessary to complete the specific task. If you believe a child has provided us with Personal Data, please contact us immediately and we will delete the data.

Cookies & Website Analytics

Almost all of our service delivery happens on WhatsApp. The Website itself collects only basic analytics through Google Tag Manager and Google Analytics — pages visited, browser type, referring URL and similar information. We do not run targeting or advertising cookies, and we do not share Website analytics data with third-party advertisers.

Use of AI Tools

As stated in the Terms of Use, our assistants use AI tools provided by OpenAI and Anthropic (Claude) to draft replies, summarise instructions, suggest options and route tasks. Under OpenAI’s and Anthropic’s standard API terms, your inputs and outputs are not used to train their models. We do not separately use your Personal Data to train any AI model. We use AI only as an internal tool to help our team serve you better. Accountability for all decisions made, messages sent and orders placed remains with Faff and our human assistants, regardless of any AI tool used in the process.

Changes to This Policy

We may update this Policy from time to time. We will post the updated version on the Website, update the “Last updated” date, and for material changes tell you on WhatsApp or by email. Your continued use of the Services after the effective date means you accept the updated Policy.

How to Contact Us

If you have any question about this Policy or about how we handle your Personal Data, please reach out to our Grievance Officer / Data-Protection Contact:

Name: Anirudh Mittal
Designation: Grievance Officer / Data-Protection Contact
Email: anirudh@usefaff.com
Phone / WhatsApp: +91 93520 32003
Address: MM Manor House, 5-E, 14th C Cross Rd, Sector 6, HSR Layout, Bengaluru, Karnataka 560102