Back to Home

Privacy Policy

Last Updated: February 21, 2026

Truwisdom Labs Private Limited (“Lemma”, “we”, “us”, or “our”) is committed to protecting your privacy and handling your data transparently and responsibly. This Privacy Policy explains how we collect, use, process, and safeguard personal information.

1. Information We Collect

A. From Clients (Platform Users)

When you register or use Lemma, we may collect:

  • Name
  • Business email address
  • Company name
  • Billing address
  • Tax identification details (e.g., GSTIN)
  • Payment-related metadata
  • Account activity data

We do not store credit card details on our servers.

B. From Respondents

When conducting research studies, we may collect:

  • Demographic data
  • Survey responses
  • Device or session metadata
  • Non-sensitive behavioral inputs relevant to research studies

Respondent data is anonymized before being shared with clients.

2. Legal Basis for Processing (DPDP Act, 2023)

We process personal data under the lawful bases provided by India’s Digital Personal Data Protection (DPDP) Act, 2023, primarily:

  • Consent: Free, specific, informed, and unambiguous consent provided by you. You may withdraw your consent at any time using the account dashboard or by contacting our Grievance Officer. Withdrawing consent is as easy as providing it and will not affect the lawfulness of processing prior to withdrawal. We utilize a technical Consent Management Mechanism that defaults all non-essential tracking to 'Denied'. You can manage, review, or withdraw your cookie consent at any time via the persistent Privacy Banner on our platform.
  • Certain Legitimate Uses: As defined under the Act, such as processing necessary for compliance with judgments, legal obligations, or responding to medical emergencies.

3. How We Use Data

We use collected data to:

  • Provide and operate the Lemma platform
  • Process payments
  • Deliver research studies and reports
  • Improve AI models and platform performance
  • Maintain security and prevent fraud
  • Comply with legal obligations

We do not sell personal data.

4. Payment Processing

All payments are processed through certified, PCI-DSS compliant third-party payment gateways. Lemma does not store or process raw credit card information.

5. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy. Specific retention periods for account data, research materials, and respondent information are detailed in our Terms of Service (Section 7). Generally, account-related data is permanently deleted 60 days after account termination, unless required for legal compliance.

Respondent-level identifiable data is retained only as long as required for research integrity and fraud detection and is not shared with clients.

6. Data Sharing

We do not share personally identifiable information (PII) of respondents with clients, in strict compliance with the Digital Personal Data Protection (DPDP) Act, 2023, and other applicable global privacy frameworks. Clients receive only aggregated and anonymized insights. We may share data with:

  • Cloud infrastructure providers
  • Payment processors
  • Analytics and fraud prevention services

Such vendors are bound by contractual confidentiality and data protection obligations.

7. Cross-Border Data Transfers

Your data may be processed and stored outside India due to the location of our servers and service providers. Such transfers are subject to appropriate safeguards and contractual protections.

8. Data Security

We implement commercially reasonable administrative, technical, and organizational measures to protect data from unauthorized access, alteration, disclosure, or destruction. However, no system is completely secure.

9. Your Rights

Under the DPDP Act, 2023, you have the right to:

  • Access a summary of your personal data being processed.
  • Request correction, completion, or updating of your data.
  • Request erasure of your data when it is no longer needed for its original purpose or if you withdraw consent.
  • Nominate another individual to exercise your rights in the event of your death or incapacity.
  • Access a grievance redressal mechanism.

10. Personal Data Breach Notification

Lemma maintains reasonable security safeguards to protect your personal data. In the event of a personal data breach, we will notify the Data Protection Board of India (DPBI) and all affected Data Principals in the manner and within the timeframe prescribed by the DPDP Act, 2023 and its associated rules.

11. Grievance Redressal

In accordance with the DPDP Act, 2023, we have appointed a Grievance Officer to address any concerns regarding your personal data.

Grievance Officer: Manik Sharma

Email: manik@letslemma.com

Registered Address: Cabin No. 2, First Floor, SCO No. 216, Sector 37C, Chandigarh

We will acknowledge and resolve any data-related grievances within the timeframe stipulated by applicable Indian law.

12. Updates to This Policy

We may update this Privacy Policy periodically. Updates will be posted with a revised “Last Updated” date.

Truwisdom Labs Private Limited • Cabin No. 2, First Floor, SCO No. 216, Sector 37C, Chandigarh

We respect your privacy

We use cookies to analyze site traffic and improve your research experience on Lemma. By clicking Accept All, you consent to the use of tracking technologies to make your Lemma Research experience better.

Read our Privacy Policy

You can withdraw your consent at any time.