Tee Off India← Back

Legal

Data Protection

Last updated: June 27, 2026

Tee Off India treats your personal data as a trust. This page summarises the technical, organisational and legal safeguards we have in place under the Digital Personal Data Protection Act, 2023, the Information Technology Act, 2000, and the SPDI Rules, 2011.

1. Lawful basis for processing

We process personal data only with your free, specific, informed and unambiguous consent, or where lawful (for example, to comply with a legal obligation). You can withdraw consent at any time from within the app or by writing to our Grievance Officer.

2. Categories of data and purpose

  • Identity & contact data, to operate your account.
  • Player profile (age, body, handicap, injuries, goals), to personalise AI analysis and plans.
  • Swing videos and body images, to generate mechanical analysis and drills.
  • Usage and device data, to secure, debug and improve the Service.

3. Sensitive data and AI safeguards

Body images, injury history and health-related fitness data are treated with elevated care. They are accessible only by you and by authorised staff for support. AI inference is performed via vetted providers under data-processing terms; outputs are clearly labelled as AI-assisted and are not a substitute for medical advice.

4. Security measures

  • TLS encryption in transit, encryption at rest for storage and database.
  • Row-level access controls so users can read and write only their own data.
  • Private storage buckets with signed-URL access for swing videos and body images.
  • Role-based admin access; least-privilege principle for staff and processors.
  • Audit logs for sensitive operations and email delivery.
  • Regular dependency, schema and policy security scans.

5. Data localisation and transfers

We prefer infrastructure that supports India-region storage. Where data is processed outside India by sub-processors (for AI inference, email delivery or analytics), we ensure contractual safeguards consistent with the DPDP Act and any subsequent rules notified by the Government of India.

6. Retention and deletion

Personal data is retained only as long as necessary for the purposes for which it was collected. On account deletion, your profile, swing videos, body images, chats and reports are deleted from active systems and purged from backups within a reasonable period.

7. Breach response

In the event of a personal-data breach likely to result in harm, we will notify the Data Protection Board of India and affected users in accordance with the DPDP Act and any timelines prescribed by rules.

8. Your rights

Access, correction, erasure, consent withdrawal, nomination, and grievance redressal, all as described in our Privacy Policy. Exercise any of these by emailing sumeru@photoindia.com.

9. Grievance Officer

Sumeru Bahuguna · Grievance Officer
Email: sumeru@photoindia.com
Tee Off India · Dehradun, Uttarakhand, India