Privacy Policy – KATAHO

Effective Date: 17-Jan-2026

Privacy Policy Sections

Introduction

At Addressgraph Nepal Pvt Ltd (“Kataho”, “we”, “us”, or “our”), located at Neel Saraswati Marg -699, Lazimpat, Kathmandu, Nepal (Kataho Address Code: 09 Laksha Niwas 0222, 09 लक्ष्मा निवास 0222), we prioritize your privacy. This Privacy Policy explains how we collect, use, store, share, and protect your personal data when you use the Kataho Digital Address System, including our mobile application (“App”), website (kataho.app), and related services (collectively, “Services”). Our Services enable you to create a digital address, generate home number plates, verify identity with banks, and share limited data in emergencies, all with your control.

We are committed to transparency and compliance with data protection laws, including Nepal’s Individual Privacy Act 2018, the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), Brazil’s General Data Protection Law (LGPD), Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), and others. This policy applies to all users of our Services (“you”).

Privacy Illustration
Our Promise
  • We collect only essential data: Phone Number and Email ID for account creation, plus optional Location Data with your consent.
  • We never track your live location or access it without permission.
  • KID and Kataho Codes are anonymized, ensuring no personal data is embedded.
  • Data sharing (e.g., with banks or in emergencies) happens only with your explicit consent.
  • We do not sell your data or use it for marketing.
  • You have full control through rights like access, correction, and deletion.
Questions or concerns? Contact us at privacy@kataho.app or +977-9851076298.
1 1. Information We Collect

We collect limited and relevant personal data strictly necessary to deliver our services efficiently and securely. The categories of data we collect include:

a. Location Data

We collect precise location data to generate and manage a home number plate linked to your address. This enables accurate digital addressing and location-based services within the App.

b. Personal Information

To create and manage user accounts, we collect:

  • Full name
  • Phone number
  • Email address

This information is required for account authentication, communication, service notifications, and support.

c. Device Information (Including Device ID)

We collect Device ID and related device identifiers solely for:

  • Sending app-related notifications
  • Ensuring secure session management
  • Preventing misuse and fraud
  • Improving app performance and reliability

Device identifiers are not used for advertising purposes.

Below, we detail what we collect, why, and how it’s used, along with our legal basis for processing.

A. Account Creation and Verification
Data Collected Purpose Contract Consent
Phone Number and Email ID, verified to confirm your identity.
  • To set up and manage your Kataho account.
  • To authenticate you during login.
  • To generate digital addresses and home number plates.
  • To send notifications, updates, or support responses.
 Necessary to deliver Services (Nepal Privacy Act S. 13, GDPR Art. 6(1)(b)). Where you explicitly provide this data (Nepal Privacy Act S. 14, GDPR Art. 6(1)(a)).
B. Optional Location Data
Data Collected Purpose Consent

Location Data: Precise location (e.g., address, coordinates) you manually provide.

Notes: We do not track live locations or access them automatically. Location Data requires your explicit permission.
  • To create accurate digital addresses and home number plates.
  • To enable emergency sharing (with consent).
 Collected only with clear agreement, revocable anytime.
C. Bank KYC Verification
Data Collected/Shared Purpose Contract Consent
Boolean Data: KID or Kataho Code and Phone Number (not full personal details).
  • To verify your location matches bank KYC records, enhancing trust.
 Necessary for bank-related Services. Shared only with explicit permission.
D. Emergency Sharing
Data Collected/Shared Purpose Consent
Location Data and Phone Number.
Shared only in emergencies with case-by-case consent.
  • To share with government authorities (e.g., Nepal Police) and up to two designated relatives for safety.
 Requires explicit approval per instance.
E. Doorbell QR Code Scans
Data Displayed Purpose Legitimate Interest
Initial letter of name + asterisks (e.g. “P******”).
No personal data collected/shared during scans.
  • To verify plate validity while protecting identity.
 Ensures security and anonymity.
F. Chat Feature
Data Collected Purpose Contract Consent
Chat Content linked to Phone/Email.
Chats auto-terminate after 2 mins.
  • To provide real-time support or communication.
 Necessary for service delivery. Where you initiate chats.
G. Photo Tagging
Data Collected Purpose Consent
Photo Metadata: Tags you approve.
Requires explicit consent per photo.
  • To enable sharing of tagged photos with chosen recipients.
 Processed only with clear approval.
H. KID and Kataho Codes
Data Collected Purpose Legal Basis
KID/Kataho Codes (algorithmically created).
Anonymized, no personal data.
  • To uniquely identify accounts/addresses without storing personal data.
 Not applicable (no personal data).
I. Technical Data
Data Collected Purpose Legitimate Interest
Device Info, IP Address (logs).
  • Optimize app, security, troubleshooting.
 Provide secure functional service.
J. Map Layers
Data Used Purpose Contract Consent
Coordinates via OpenStreetMap, Galli Maps, Google Maps.
No personal data shared.
  • To show digital address/saved locations.
 Necessary for address generation. Where location data is provided.
Key Notes:
  • We do not engage in live tracking or automatic location access.
  • We avoid marketing, profiling, or automated decision-making.
  • Usage data is analyzed only in anonymized, aggregated form to enhance our Services.
2 2. How We Use Your Information

We process personal data for the following legitimate business purposes:

  • Service Delivery: Generating and managing home number plates and location-based services
  • Account Administration: User authentication, communication, and customer support
  • Notifications: Sending service-related alerts, updates, and security notifications
  • Service Improvement: Enhancing accuracy, reliability, and overall user experience
  • Compliance: Meeting legal and regulatory obligations

All data usage is proportionate, purpose-limited, and aligned with applicable privacy laws.

3 3. How We Share Your Information

KATAHO does not sell or rent personal data to third parties. Personal data may be shared only under the following controlled circumstances:

a. With User Consent

Your data may be shared only after explicit user consent, for example:

  • When a bank or regulated institution requests verification of your data
  • You will be clearly notified which entity is requesting access
  • Data is shared only after you approve the request

Without such consent, no data is shared.

b. Service Providers

We may share limited data with trusted service providers who support app operations (e.g., infrastructure, messaging, customer support). These providers are contractually bound to process data only on our instructions.

c. Legal Obligations

We may disclose data if required by law, regulation, court order, or lawful government request.

Sharing also occurs as follows in our general operations:

With Your Consent
  • Boolean Data with banks for KYC.
  • Location Data with authorities/relatives in emergencies.
  • Tagged photos with recipients.
Service Providers
  • Trusted providers for storage/notifications (e.g., AWS).
  • Providers sign Data Processing Agreements (DPAs).
Map Providers
  • Coordinate data only sent to OpenStreetMap, Galli Maps, Google Maps for display.
Legal Obligations
  • When required by law (e.g., Nepal Privacy Act) or to protect safety.
3 Where We Store and Transfer Your Data

Your data is stored securely on servers (e.g., Nepal or AWS Asia-Pacific). We ensure compliance with:

  • Nepal Privacy Act: Local transfer restrictions.
  • GDPR/LGPD/PIPEDA: International transfer rules and safeguards.

We safeguard your data globally.

4 4. Data Security

We implement appropriate technical and organizational safeguards, including:

  • Encryption
  • Secure servers
  • Access controls
  • Regular system monitoring

While no system can guarantee absolute security, we take reasonable and industry-standard measures to protect personal data. In the event of a data breach, users will be notified in accordance with applicable laws.

  • Encryption: TLS in transit, AES-256 at rest.
  • Access Control: Authorized staff only.
  • Firewalls: Intrusion protection.
  • Chat Termination: Ends after 2 mins.
  • QR Anonymity: Masked names.
  • Audits: Regular security reviews.
5 5. Data Retention

Personal data is retained:

  • For as long as your account remains active, or
  • As required to deliver services, or
  • As mandated by applicable laws

Upon account deletion, personal data is securely deleted unless retention is legally required.

In our general operations, we follow these retention guidelines:

  • Active Accounts: Retained until deletion.
  • Deletion Requests: Erased within 30 days.
  • Inactive: Deleted after 2 years.
  • Chats: Deleted within 30 days.
  • Emergency/Photos: Not stored post-sharing/revocation.
6 6. Your Privacy Rights

Depending on your jurisdiction, you may have the following rights:

  • Right to Access: Know what personal data we hold about you
  • Right to Correction: Request correction of inaccurate data
  • Right to Deletion: Request deletion of your personal data
  • Right to Withdraw Consent: Revoke consent for data processing
  • Right to Know About Data Sharing: Confirm whether your data is shared and with whom
  • Right to Opt-Out: Opt-out of any future data sharing where consent applies
Virginia Residents (VCDPA)

For users located in Virginia, USA, KATAHO complies with the Virginia Consumer Data Protection Act (VCDPA). Virginia residents have the right to:

  • Access, correct, or delete personal data
  • Obtain a copy of their personal data
  • Opt-out of targeted advertising or data sharing (where applicable)

Requests can be made using the contact details below.

In addition to the above, you have full control over your data as follows:

  • Access & Rectification: View and correct data.
  • Erasure: Request deletion.
  • Restriction & Portability: Limit use or export data.
  • Objection: Challenge processing.
  • Withdraw Consent: Stop permissions anytime.
  • Non-Discrimination: No penalties.
How to Exercise:
  • Email: privacy@kataho.app
  • App: "Manage My Data" settings
  • Phone: +977-9851076298
7 Data Breach Notification

If a breach risks your rights or safety, we will notify regulators within 72 hours and inform you promptly to mitigate issues.

8 8. Map Services

The App uses OpenStreetMap, Galli Maps, and Google Maps for location display. While these services render map data, KATAHO does not share personal user data with map providers beyond what is technically required to display maps.

9 9. Data Controller & Officers
Data Controller / Data Handling Officer

Mr. Anil Tharu

Email: php1@ramlaxmangroup.com

Data Protection Officer (DPO)

Mr. Baikuntha Rimal

Email: baikuntha@ramlaxmangroup.com

Phone / WhatsApp: +977-9851076298

Users may contact the above officers for any data protection, privacy, or rights-related inquiries.

7 7. Children's Privacy

KATAHO does not knowingly collect personal data from children under the age of 13. If such data is identified, it will be deleted promptly. Parents or guardians may contact us to request removal.

Kataho is not intended for users under 13. If discovered, it is deleted immediately.

10 10. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect legal, regulatory, or operational changes. Updates will be posted within the App and the Effective Date will be revised accordingly. Continued use of the App constitutes acceptance of the updated policy.

Significant changes will be communicated via email, App notice, or website.

11 11. Contact Us

For any questions, concerns, or privacy requests, please contact:

  • Address: Neel Saraswati Marg -699, Lazimpat, Kathmandu, Nepal

We aim to respond within 3 working days.

12 Jurisdiction-Specific Information
  • Nepal (Individual Privacy Act 2018): Rights overseen by Office of Prime Minister.
  • California (CCPA): No data sales.
  • EU (GDPR) / Brazil (LGPD) / Canada (PIPEDA): Compliant processing and rights.
13 Prominent Disclosure for Location Permissions

Kataho (कताहो) collects location info for digital addressing and navigation.

Background Location Access

We access background location (only if permitted) to:

  • Enable continuous address detection.
  • Help retrieve/share precise location.

We Do NOT: Use background location for ads, sell it, or track for unrelated analytics.

14 Photo & Video Access

Kataho uses the Android System Photo Picker. We access only specific files you select, one-time, with no broad storage access.

Policy Highlights
Company-Specific
  • Addressgraph Nepal Pvt Ltd.
  • Kataho Address Code: 09 Laksha Niwas 0222.
Unique Elements
  • Focus on Digital Address System.
  • Anonymized KID Codes.
  • Nepal-Specific Compliance.

Ready to get started

Addressing the House Own-self

Questions? Call at +977-1-4516900

Find your Location's Kataho Code
kataho footer images design