1. Indian Law Compliance
IT Act, 2000
DPDPA, 2023
Consumer Protection Act, 2019
GST Act
RBI — Payments
- IT Act, 2000: Maintaining reasonable security for user data, not engaging in unauthorized interception or data tampering, cooperating with lawful Indian court orders.
- DPDPA, 2023: Collecting data only for lawful purposes, enabling user rights (access, correction, deletion), implementing appropriate security measures.
- Consumer Protection Act, 2019: Honest pricing, fair refund policies, grievance redressal mechanisms, prohibition on unfair trade practices.
- GST: Applicable GST is included in subscription pricing. Tax invoices issued through Razorpay.
- RBI — Payments: Processing via Razorpay complies with the Payment and Settlement Systems Act, 2007, and all RBI payment regulations.
2. International Law Compliance
| Regulation | Region | Our Commitment |
|---|---|---|
| GDPR | EU / UK / EEA | Lawful bases for processing, data subject rights, Standard Contractual Clauses for international transfers |
| COPPA | USA | Service not directed to children under 13. We do not knowingly collect data from children. |
| CCPA | California, USA | Right to know, delete, opt-out, and non-discrimination. We do not sell data. |
3. Third-Party Service Compliance
| Provider | Key Compliance Certifications |
|---|---|
| Google (Gemini, Firebase) | ISO 27001, SOC 2 Type II, GDPR, CCPA |
| Razorpay | PCI DSS Level 1, RBI regulated, ISO 27001 |
| Render.com | SOC 2 Type II, GDPR |
4. AI Regulatory Compliance
EU AI Act (Effective 2025):
- Powered by Google Gemini — model-level compliance at the foundational model layer
- Transparency: Users are clearly informed they are interacting with AI
- Human oversight: AI output is not used for automated high-stakes decisions without human review
- We do not use the Service for prohibited AI applications (biometric surveillance, social scoring, etc.)
All AI-generated responses are produced by Google Gemini large language models. ViViDly is
fully transparent about its AI nature and limitations.
5. Content Compliance
We prohibit and actively prevent:
- Child sexual abuse material (CSAM) — immediately reported to NCMEC (US) and CyberCrime.gov.in (India)
- Instructions for WMDs, chemical or biological weapons
- Content facilitating terrorism or organized crime
- Deepfakes created without consent
Content moderation is performed at two layers: Google Gemini's built-in safety filters (model-level) and our Terms of Service enforcement (account suspension for violations).
6. Chrome Web Store Compliance
Our Chrome Extension complies with all Chrome Web Store Developer Program Policies:
✅ Manifest V3 (MV3)
✅ Single-purpose extension
✅ Minimal permissions
✅ No remote code execution
✅ Transparent privacy practices
7. Grievance Officer (IT Rules 2021)
As required under India's IT (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021:
| Detail | Value |
|---|---|
| Grievance Officer | ViViD App Studio Management |
| legal@vividappstudio.com | |
| Acknowledgment SLA | Within 48 hours |
| Resolution SLA | Within 15 days |
🏛️ Legal & Compliance Contact
Email: legal@vividappstudio.com
For law enforcement requests, regulatory inquiries, and legal notices