Privacy Policy

1. Overview

This Privacy Policy (“Policy”) describes how Forth Umpire (“Forth Umpire”, “we”, “us”, “our”) collects, uses, shares, retains, and protects your personal data when you access or use forthumpire.com and related products, features, and services (collectively, the “Service”).

This Policy is published in compliance with the Digital Personal Data Protection Act, 2023 (“DPDPA”), the Information Technology Act, 2000 and the rules made thereunder, and other applicable Indian laws.

By accessing or using the Service, you confirm that you have read and understood this Policy.

2. Who We Are

For the purpose of the DPDPA, Forth Umpire is the Data Fiduciary in respect of personal data processed through the Service.

Forth Umpire
Address: 12, Hariom Sollitaire, Manipur, Ahmedabad — 380058, Gujarat, India
Email: info@forthumpire.com

3. Data We Collect

We collect only the personal data we need to operate and improve the Service.

(a) Information you provide

• Account: name, email address, mobile number, and password (stored only as a one-way hash).
• Profile: optional profile details you choose to add.
• Match content: team names, player names, scores, ball-by-ball data, comments, and similar match-related entries.
• Communications: messages, queries, or feedback you send to us by email or other support channels.

(b) Information collected automatically

• Technical data: IP address, device type, operating system, browser type and version, language preferences.
• Usage data: pages visited, features used, dates and times of access, referring page.
• Cookies and similar technologies — see our Cookie Policy.

(c) Information from third parties

• Analytics providers (such as Google Analytics), in aggregated and pseudonymised form, subject to your consent.
• Authentication providers — only where you choose to sign in via a third-party service (if and when offered).

We do not knowingly collect sensitive personal data such as financial account credentials, payment card details, health, biometric, or genetic data through the Service.

4. How We Use Your Data

We use your personal data to:

• create and operate your account and authenticate you;
• provide, maintain, personalise, and improve the Service;
• save, display, and share match data and scorecards in the ways you have chosen;
• send transactional communications (account verification, password reset, important Service notices);
• where you have consented, send promotional or informational communications;
• detect, prevent, and address fraud, abuse, security incidents, and violations of our Terms;
• comply with legal obligations and respond to lawful requests by authorities;
• carry out analytics to understand and improve how the Service is used.

5. Lawful Bases for Processing

We process personal data on one or more of the following grounds permitted under the DPDPA:

• your free, specific, informed, unconditional, and unambiguous consent for the specified purpose;
• performance of our contract with you, namely the Terms & Conditions;
• certain legitimate uses recognised by the DPDPA, including responding to medical emergencies, providing services or benefits to which you are entitled, and meeting legal obligations;
• compliance with judgments, decrees, or orders of any court or authority.

You may withdraw consent at any time. Withdrawal does not affect the lawfulness of processing carried out before withdrawal, and may limit your ability to use parts of the Service.

6. Sharing & Disclosure

We do not sell your personal data. We share personal data only as set out below.

(a) Service providers (Data Processors)

We engage trusted third-party service providers to perform functions on our behalf, including:

• hosting and infrastructure providers;
• email-delivery providers (for transactional emails);
• analytics providers (such as Google Analytics);
• consent-management providers (such as CookieYes).

These processors are bound by contract to use your data only for the purposes for which we engaged them and to apply appropriate security measures.

(b) Other Users

Where you have chosen to share match data, scorecards, or display URLs, the relevant information becomes accessible to those Users or visitors with the corresponding link.

(c) Authorities and legal requests

We may disclose personal data to authorities, courts, or regulators where required by law, court order, or to protect our rights, safety, or property, or that of others.

(d) Business transfers

In the event of a merger, acquisition, financing, restructuring, or sale of assets, your personal data may be transferred to the acquirer or successor, subject to confidentiality protections and continued application of this Policy or an equivalent policy.

7. Cookies

We use cookies and similar technologies as described in our Cookie Policy. You can manage your preferences via the consent banner shown on first visit and revisit your choices at any time.

8. Data Security

We take reasonable security safeguards, as required by the DPDPA and the Information Technology Act, 2000, to protect personal data from accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These include:

• encryption of data in transit using TLS / HTTPS;
• one-way hashing of passwords using industry-standard algorithms;
• access controls, role-based permissions, and authentication for our administrative systems;
• regular review of security practices and patching of known vulnerabilities.

While we apply commercially reasonable measures, no method of transmission over the Internet or method of electronic storage is one hundred percent secure. We cannot, and do not, guarantee absolute security against all risks, including those arising from circumstances beyond our reasonable control such as zero-day vulnerabilities, compromise of upstream third-party services, or the compromise of your own credentials or devices.

You are responsible for keeping your password confidential and for notifying us promptly of any suspected unauthorised access to your account.

9. Data Breach Notification

In the event of a personal data breach affecting your personal data, we will notify the Data Protection Board of India and the affected Data Principals in the form, manner, and within the timelines prescribed by the DPDPA and the rules made thereunder.

10. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes set out in this Policy, or as required by law:

• Account data — while your account is active, and for up to thirty (30) days after closure to allow for recovery and to address any pending claims;
• Match content — while your account is active, unless you delete it earlier;
• Transactional and security logs — typically up to twelve (12) months for security, audit, and fraud-prevention purposes;
• Legal-hold data — for as long as required by applicable law or to defend legal claims.

After the retention period, personal data is deleted or irreversibly anonymised.

11. Your Rights as a Data Principal

Subject to applicable law, you have the following rights in respect of your personal data:

• Right to access a summary of your personal data and the processing activities;
• Right to correction and erasure of personal data that is inaccurate, incomplete, or no longer necessary for the purposes for which it was collected;
• Right of grievance redressal in respect of our handling of your personal data (see Section 14);
• Right to nominate another individual to exercise your rights in the event of your death or incapacity;
• Right to withdraw consent at any time, with effect for future processing;
• Right to be informed of the categories of third parties with whom your personal data is shared.

To exercise any right, contact us at info@forthumpire.com. We will respond within the timelines required by applicable law. We may need to verify your identity before acting on a request.

12. Children’s Data

The Service is not directed at children under the age of eighteen (18). We do not knowingly collect personal data of children without the verifiable consent of a parent or legal guardian, as required by the DPDPA. We do not engage in tracking, behavioural monitoring, or targeted advertising directed at children. If you believe we have inadvertently collected personal data of a child without such consent, please contact us so that we can take appropriate action.

13. International Transfers

Our primary processing takes place in India. Some of our service providers (such as analytics and email-delivery providers) may process data in other jurisdictions. Where personal data is transferred outside India, we apply safeguards consistent with the requirements of applicable Indian law to maintain appropriate protection of your personal data.

14. Grievance Officer

In accordance with the DPDPA and the Information Technology Act, 2000, you may contact our Grievance Officer with any complaints, queries, or requests regarding your personal data:

Grievance Officer: Chintankumar Thummar
Email: info@forthumpire.com
Address: 12, Hariom Sollitaire, Manipur, Ahmedabad — 380058, Gujarat, India

Complaints will be acknowledged within forty-eight (48) hours of receipt and resolved within thirty (30) days, unless a longer period is permitted under applicable law. If you remain unsatisfied, you may approach the Data Protection Board of India in accordance with the DPDPA.

15. Changes to this Policy

We may update this Policy from time to time. Where changes are material, we will notify you by email (where you have provided one) or by posting a prominent notice on the Service. The “Last updated” date at the top of this Policy indicates when it was last revised. Your continued use of the Service after the effective date of any updated Policy constitutes your acceptance of that Policy.

16. Contact

For any privacy-related queries:

Forth Umpire
Email: info@forthumpire.com
Address: 12, Hariom Sollitaire, Manipur, Ahmedabad — 380058, Gujarat, India

↑ Back to top