Legal

Security at Murm

Murmit Technologies India Private Limited
Effective Date: [Date]

Our Mission

Murm’s security mission is to protect every piece of data you entrust to us — your identity, your emotional context, your real-time location, and your payment information — with the same rigour we apply to every aspect of platform safety.

You meet real people through Murm, often within minutes. That trust begins with the security of your data, and we take that responsibility seriously.

How We Protect Your Data

Identity Verification Security

Partner KYC data — including Aadhaar details and biometric face-match verification — is processed through authorised encrypted channels and stored with strict access controls.

Only Murm’s Trust and Safety team members with verified operational need can access KYC data.

Data Encryption

All data transmitted between your device and Murm’s servers is encrypted using industry-standard TLS encryption.

Sensitive data stored at rest — including identity documents and payment-related information — is protected using AES-256 encryption or equivalent standards.

Access Controls

Murm operates on a least-privilege access model. Only team members who require access to specific data categories receive it.

  • Strict internal access permissions
  • Access logging and review
  • Mandatory multi-factor authentication

Real-Time Location Data

Location data is collected only when the session map is open or when a session is confirmed. It is used to show nearby Partners and power the Share Meeting Spot safety feature.

Location data is retained only as required for safety logging and fraud prevention and is never used for advertising purposes.

Payment Security

All payments are processed through PCI-DSS compliant payment gateway partners.

Murm does not store full card numbers, CVV codes, or banking credentials on its servers.

Application Security

Murm performs regular security reviews across the application infrastructure and development lifecycle.

  • Security checks during development
  • Penetration testing by independent security experts
  • Security design review before new feature releases

Incident Response

If a security incident affecting your data occurs, Murm will notify affected users within the timeframes required under applicable Indian law and take immediate steps to contain and resolve the incident.

What You Can Do to Stay Secure

  • Use a strong and unique password for your Murm account
  • Never share your OTP with anyone
  • Log out of Murm on shared devices
  • Keep your app updated to the latest version
  • Report suspicious behaviour or fake support requests to support@justmurm.com immediately

Reporting a Security Vulnerability

If you discover a potential security vulnerability in the Murm app or website, please report it responsibly.

Email: support@justmurm.com
Subject: Security Vulnerability Report

Please include a clear description of the vulnerability and steps required to reproduce the issue.

We request that vulnerabilities not be publicly disclosed until Murm has had an opportunity to review and respond.

Compliance

Murm processes personal data in accordance with applicable Indian law, including:

  • Information Technology Act, 2000
  • IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
  • Digital Personal Data Protection Act, 2023
  • Companies Act, 2013

Contact for Security Matters

Email: support@justmurm.com

Murmit Technologies India Private Limited
Innov8 Mantri Commercio, Tower A, Floor 5
Bellandur, Bangalore – 560103
Karnataka, India