Privacy Policy

Last updated: April 13, 2026

1. Who We Are

Anymo ("we", "us", "our") is a mobile-first rental management platform that helps rental businesses manage inventory, process orders, and connect with customers. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use the Anymo mobile application and website (collectively, the "Service").

If you have questions about this policy, you can reach us at admin@anymo.app.

2. Information We Collect

2.1 Information You Provide

When you create an account and use Anymo, we collect the following:

  • Account information — username, email address, mobile phone number (used for OTP-based authentication via SMS), and your country (automatically detected from your phone number during registration).
  • Profile details — profile photo and brand logo (optional), which are uploaded and stored on our cloud servers.
  • Address and location — street address, city, state, pincode, and GPS coordinates (latitude/longitude) when you grant location permission. Location is collected on-demand (not continuously in the background) and is used to show nearby rental products to customers and to set your business address.
  • Product listings — product names, descriptions, photos, pricing, and availability information you add to your inventory.
  • Messages — conversations between rental owners and customers within the app.
  • Ratings and reviews — ratings and review text that users submit about rental owners.

2.2 Information Collected Automatically

When you use the Service, we automatically collect:

  • Device tokens — Firebase Cloud Messaging (FCM) tokens for delivering push notifications about orders, payments, and messages.
  • Crash and error data — technical error reports via Sentry and Firebase Crashlytics to help us identify and fix bugs. We have disabled the collection of personally identifiable information (PII) in these services.
  • Order and transaction records — order details, rental dates, amounts, and status changes, including audit logs of modifications.

2.3 Information We Do Not Collect

We do not use any consumer analytics or advertising SDKs. We do not track your browsing activity, build advertising profiles, or sell your data to third parties. Payments are currently disabled in the MVP version of the app; when enabled, all payment processing will be handled by Cashfree, a third-party payment gateway, and we will not store your credit card, debit card, or bank account details on our servers.

3. How We Use Your Information

We use the information we collect to:

  • Create and manage your account, and authenticate you via OTP.
  • Display nearby rental products to customers based on location.
  • Facilitate messaging between rental owners and customers.
  • Send push notifications about order updates, payment reminders, and new messages.
  • Process and track rental orders, returns, and related transactions.
  • Monitor and improve the stability of the app through crash and error reporting.
  • Enforce our Terms of Service and protect against misuse.

4. How We Share Your Information

We do not sell your personal data. We share information only in these limited circumstances:

  • With other users — your username, profile photo, brand logo, general location, product listings, and ratings are visible to other users of the platform as part of the rental marketplace.
  • Service providers — we use the following third-party services to operate Anymo:
    • Amazon Web Services (AWS S3) — cloud storage for product images, profile photos, and brand logos.
    • Twilio — SMS delivery for OTP authentication.
    • Firebase (Google) — push notifications (FCM) and crash reporting (Crashlytics).
    • Sentry — error tracking and application monitoring (PII collection disabled).
    • OpenStreetMap / Nominatim — reverse geocoding to convert GPS coordinates into readable addresses.
  • Legal requirements — we may disclose information if required by law, regulation, legal process, or governmental request.

5. Data Storage and Security

Your data is stored in a PostgreSQL database and AWS S3 cloud storage. Authentication tokens are stored securely on your device using encrypted storage. We use JWT-based authentication, rate limiting on sensitive endpoints, and log sanitization to protect your information.

While we take reasonable measures to protect your data, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we soft-delete your profile (marking it as deleted and disabling push notifications). Order and transaction records may be retained for legal and accounting purposes even after account deletion.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data in your profile (you can do this directly in the app).
  • Delete your account (available in the app under account settings).
  • Withdraw consent for location access or push notifications through your device settings.

To exercise any of these rights, contact us at admin@anymo.app.

8. Permissions We Request

The Anymo mobile app requests the following device permissions:

  • Location (GPS) — to show nearby rental products and set your business address. You can deny or revoke this at any time in your device settings.
  • Camera — to capture product photos for your inventory listings.
  • Photo library — to upload existing images as product photos, profile pictures, or brand logos.
  • Notifications — to receive alerts about orders, payments, and messages.

All permissions are optional. Core functionality may be limited if certain permissions are denied.

9. Consent

By creating an account on Anymo, you explicitly consent to the collection and processing of your personal data as described in this policy. You must accept our terms during registration to use the Service. You may withdraw consent at any time by deleting your account or adjusting individual permissions (such as location and notifications) through your device settings.

10. Compliance with India's Digital Personal Data Protection Act (DPDP Act, 2023)

Anymo processes personal data of individuals in India and is committed to complying with the Digital Personal Data Protection Act, 2023 ("DPDP Act"). The following outlines how we meet our obligations under this law:

10.1 Lawful Purpose and Consent

We collect and process your personal data only for the lawful purposes described in this policy. We obtain your explicit consent at the time of account registration before collecting any personal data. You may withdraw your consent at any time by deleting your account through the app or by contacting us — upon withdrawal, we will cease processing your data except where retention is required by law.

10.2 Data Principal Rights

Under the DPDP Act, you (as a "Data Principal") have the right to:

  • Obtain a summary of your personal data and the processing activities carried out on it.
  • Request correction and completion of inaccurate or incomplete personal data.
  • Request erasure of your personal data (subject to legal retention requirements).
  • Nominate another individual to exercise your rights in the event of your death or incapacity.

You can exercise most of these rights directly within the app. For requests that cannot be handled in-app, contact our Grievance Officer (details below).

10.3 Data Retention and Erasure

We retain your personal data only as long as it is needed for the purposes described in this policy. When you delete your account, we soft-delete your profile and cease all active processing. Order and transaction records may be retained for up to 3 years to meet accounting and legal obligations, after which they will be permanently erased.

10.4 Data Security and Breach Notification

We implement reasonable security safeguards including encrypted token storage, JWT-based authentication, rate limiting, and PII scrubbing in logs and error reporting. In the event of a personal data breach, we will notify the Data Protection Board of India and affected users as required under the DPDP Act.

10.5 Grievance Officer

In accordance with the DPDP Act, you may direct any questions, complaints, or requests regarding your personal data to our Grievance Officer:

Grievance Officer — Anymo
Name: Sandeep Jayakumar
Email: admin@anymo.app
Address: Kochi, Kerala, India
Acknowledgement: Within 24 hours of receiving your complaint
Resolution: Within 15 days, in line with the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 and the Digital Personal Data Protection Act, 2023

11. Children's Privacy

Anymo is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of the Service after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:

Anymo
Email: admin@anymo.app