Xcelerate 2026

Xcelerate - 2026 | 38th KSCAA Annual Conference 2026

Xcelerate - 2026 | 38th KSCAA Annual Conference 2026
Register Now

Xcelerate - 2026 | 38th KSCAA Annual Conference 2026

Register Now

Privacy Policy

Last updated: February 8, 2026

This Privacy Policy describes how the Karnataka State Chartered Accountants Association (“KSCAA”, “we”, “us”, or “our”) collects, uses, and protects your personal information when you use the Xcelerate 2026 mobile application (“App”) for the 38th KSCAA Annual Conference.

By using the App, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

1.1 Personal Information (Provided by You)

When your account is created for the conference, the following information may be collected:

  • Identity: Name, salutation (Mr./Ms./Dr./CA etc.)
  • Contact: Email address, phone number
  • Professional: Company/organization, job title/designation
  • Location: City, state, country
  • Profile: Bio/about, profile photo (avatar), LinkedIn URL
  • Conference: Ticket type, registration status, dietary requirements, accessibility needs
1.2 Information Collected Automatically
  • Device Information: Device type, operating system, app version
  • Anonymous Device ID: A randomly generated identifier stored locally on your device (not linked to your identity)
  • Usage Data: App open events, session activity (only if you have opted in to analytics)
  • Push Notification Token: A technical token issued by Apple (APNs) or Google (FCM) to deliver push notifications to your device
1.3 Information Generated Through App Usage
  • Session Bookmarks: Sessions you save to your personal schedule
  • Session Ratings: Ratings and reviews you submit for sessions
  • Quiz Activity: Quiz answers, scores, and completion status
  • Networking: Connection requests you send/receive and their status
  • Interests: Topics and categories you select during onboarding
  • Feedback: Any feedback you submit through the App

2. How We Use Your Information

PurposeData UsedLegal Basis
Authenticate your identity and provide access to the AppPhone number, OTP codeContract performance
Display your profile to other attendees for networkingName, company, job title, avatar, cityLegitimate interest
Share contact details with your approved connectionsEmail, phone, LinkedIn, bio, locationConsent (connection acceptance)
Send conference notifications (schedule changes, reminders, announcements)Push notification token, notification preferencesConsent
Provide quiz functionality and leaderboardsName, quiz scoresContract performance
Improve the App experienceAnonymous usage analytics (app opens, heartbeat)Consent (opt-out available)
Ensure safety and enforce community guidelinesUser reports, block recordsLegitimate interest

3. Data Sharing and Third Parties

We do not sell your personal data to any third party. We share data only in the following limited circumstances:

3.1 Service Providers
  • Firebase Cloud Messaging (Google): We use FCM to deliver push notifications. Your device token is shared with Google solely for notification delivery. See Firebase Privacy Policy.
  • Cloud Hosting (Railway): Our backend is hosted on Railway. Your data is stored on their infrastructure with encryption at rest and in transit.
  • Cloudflare R2: Profile photos are stored on Cloudflare R2 object storage.
3.2 Other Attendees
  • Public Profile: Your name, company, job title, and avatar are visible to other authenticated attendees in the networking section.
  • Connected Users: When you accept a connection request, your email, phone number, LinkedIn URL, bio, and location become visible to that connection.
  • Leaderboard: Your name and quiz score may appear on the public quiz leaderboard.
3.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid legal requests by public authorities.

4. Data Storage and Security

  • Authentication tokens are stored securely using your device’s native secure storage (iOS Keychain / Android Keystore).
  • All data is transmitted over HTTPS (TLS encryption).
  • Passwords are hashed using industry-standard algorithms and never stored in plain text.
  • OTP codes expire after 5 minutes and are cleared after successful verification.
  • Our database is hosted on PostgreSQL with encryption and access controls.

5. Your Rights and Choices

5.1 Analytics Opt-Out

You can disable usage analytics at any time from Settings > Privacy & Legal > Usage Analytics. When disabled, no analytics data (app opens, heartbeats) will be collected.

5.2 Notification Preferences

You can customize which notifications you receive from Settings > Notifications. You can also disable push notifications entirely from your device settings.

5.3 Profile Visibility

Your detailed contact information (email, phone, LinkedIn) is only visible to users you have explicitly connected with. You can remove connections at any time.

5.4 Block Users

You can block any user from the networking section. Blocked users cannot see your profile or send you connection requests.

5.5 Account Deletion

You can request deletion of your account and all associated data by contacting us at support@kscaa.com or through the App at Settings > Account > Request Account Deletion. Upon request, we will permanently delete your personal data within 30 days, unless we are legally required to retain it.

5.6 Data Access and Portability

You have the right to request a copy of your personal data. Contact us at support@kscaa.com to make a request.

6. Data Retention

  • Account Data: Retained for the duration of the conference and up to 12 months after the conference ends, unless you request deletion earlier.
  • Analytics Data: Anonymous usage data is retained for up to 6 months.
  • Push Notification Tokens: Deleted when you log out or uninstall the App.
  • OTP Codes: Automatically deleted after 5 minutes or upon successful verification.

7. Children’s Privacy

The App is designed for professional conference attendees and is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly.

8. International Data Transfers

Your data may be processed and stored on servers located outside India. By using the App, you consent to the transfer of your data to these locations, where data protection laws may differ from those in your jurisdiction. We ensure appropriate safeguards are in place for such transfers.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy within the App or by sending a push notification. You are advised to review this Privacy Policy periodically.

10. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us: