To check the event there is no need to login to Tijori.
Let me check and get back on this part.
It happened once again. I went to the Events screen on the Zerodha Kite app and tapped on an event to see details. It immediately showed an authorization popup momentarily and I was dropped into Tijori with my portfolio from Zerodha synced.
Once again, Tijori got my full name, email address and portfolio, without my explicit consent .
This is a HUGE privacy violation! I hope your team takes this seriously and ensures that informed consent is obtained before leaking (thatâs what it is in this case) sensitive information without warning or consent!
1 Like
Tijori is a trusted app, we invested in it and part of our ecosystem. If you donât want to use tijori, revoke option is available, go to profile on web, click on Apps, if not showing then please create a ticket and DM me.
As mentioned before, Tijori does not show in the list of apps on Zerodha web. So thereâs no question of or possibility of revocation by the user. Iâm attaching a screenshot showing the apps list. When I emailed Tijori to delete the auto-created account, there has been no reply.
Itâs not about whether Tijori is the most trustworthy company on the planet. Itâs about Kite mobile app not asking explicitly for consent to share information, sharing the information anyway and not having a way to revoke permissions and getting the data deleted by Tijori.
I donât have the patience to explain this serious issue anymore and donât want to raise a ticket considering the repetition here and the lack of understanding despite multiple descriptions. There doesnât seem to be any evidence in this thread that any further investigation or testing was done on the reported issues.
To anyone else (outside Zerodha or Tijori employees) reading this thread, I can only suggest extreme caution. Do not tap on any event details under the Fundamentals tab for any stock in the Kite mobile app since it authorizes Tijori without any question or permission prompt and shares your full name, email address and portfolio with it. You wonât have a way to delete that account in Tijori or revoke access to Tijori either.
2 Likes
Can you DM me your ID ?
I get the âAuthorizeâ button, when clicking results under events, but it still wonât show me whatâs data is shared before I click. It doesnât say email etc will be shared. Zerodha needs someone who understands and cares about privacy or educate the entire team about privacy. Frankly replies like âTrusted app. We invested in itâ and âAbsolutely safeâ shows they donât even understand the privacy issue or they donât care. Just because you trust it or invested in it doesnât mean we have to trust it as well.