Privacy Policy

1. Introduction

Glowbook India Pvt Ltd ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and website (collectively, the "Service").

Please read this Privacy Policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access the Service.

2. Information We Collect

2.1 Personal Information

We collect personal information that you voluntarily provide to us through various interactions with our Service. This includes but is not limited to:

2.1.1 Account Registration Information

• Full name (first name, last name, middle name if provided)
• Email address (primary and secondary if provided)
• Phone number (mobile and landline if provided)
• Date of birth (for age verification and personalized services)
• Gender (for service recommendations and personalization)
• Profile photograph (optional, for account verification)
• Password and security questions (encrypted and stored securely)
• Preferred language and communication preferences

2.1.2 Service Booking Information

• Service preferences and history
• Booking details (date, time, duration, location)
• Service provider preferences and ratings
• Special requirements or medical conditions (if disclosed)
• Allergy information (for beauty treatments)
• Preferred communication methods
• Emergency contact information

2.1.3 Payment and Financial Information

• Payment method details (card type, last 4 digits, expiry date)
• Billing address and postal code
• Transaction history and receipts
• Refund and cancellation history
• Loyalty points and rewards balance
• Promotional code usage
• Gift card information and balances

2.1.4 Location and Address Information

• Current location (GPS coordinates, with consent)
• Home address (for home service bookings)
• Work address (for office service bookings)
• Preferred service locations
• Travel history for service locations
• Location-based service recommendations

2.1.5 Communication and Interaction Data

• Messages sent to service providers
• Customer support communications
• Feedback and review submissions
• Survey responses and feedback forms
• Social media interactions (if connected)
• Email communication preferences
• SMS and push notification preferences

2.1.6 Content and Media

• Profile photographs and avatars
• Before and after service photos (if shared)
• Review photographs and videos
• Social media content (if connected)
• User-generated content and posts
• Voice messages and audio recordings (if used)

2.2 Automatically Collected Information

We automatically collect certain information when you access and use our Service through various technologies and methods:

2.2.1 Device and Technical Information

• Device type (smartphone, tablet, computer)
• Device model and manufacturer
• Operating system and version
• Browser type and version
• Screen resolution and display settings
• Unique device identifiers (UDID, IMEI, MAC address)
• Mobile carrier and network information
• App version and installation details
• Device storage and memory information
• Battery level and charging status

2.2.2 Usage and Behavioral Data

• Pages visited and time spent on each page
• Features used and frequency of use
• Search queries and filters applied
• Click patterns and navigation paths
• Session duration and frequency
• App launch and close times
• Feature interaction patterns
• Error logs and crash reports
• Performance metrics and loading times
• User journey and conversion funnels

2.2.3 Network and Connection Information

• IP address (both IPv4 and IPv6)
• Internet service provider (ISP)
• Network type (WiFi, cellular, ethernet)
• Connection speed and quality
• Proxy server information
• VPN usage (if detected)
• Geographic location (derived from IP)
• Time zone and regional settings

2.2.4 Log and Analytics Data

• Server access logs and timestamps
• Error logs and debugging information
• Performance monitoring data
• Security event logs
• API usage statistics
• Database query logs (anonymized)
• Third-party service integration logs
• Backup and recovery logs

2.3 Information from Third Parties

We may receive information about you from third-party sources, including:

• Social Media Platforms: Profile information, friends lists, and preferences when you connect your social media accounts
• Payment Processors: Transaction confirmations, payment method verification, and fraud prevention data
• Service Providers: Information about services provided, ratings, and feedback from beauty professionals
• Marketing Partners: Demographic information, interests, and behavioral data for targeted advertising
• Data Brokers: Publicly available information, demographic data, and interest categories
• Government Databases: Business registration information for professional verification
• Credit Bureaus: Credit history and financial information (for premium services)
• Public Records: Professional licenses, certifications, and business registrations

2.4 Sensitive Personal Information

In certain circumstances, we may collect sensitive personal information with your explicit consent:

• Health Information: Medical conditions, allergies, and health-related requirements for beauty services
• Biometric Data: Facial recognition data for security purposes (with explicit consent)
• Financial Information: Bank account details, credit scores, and financial history (for premium services)
• Identity Documents: Government-issued ID numbers, passport details (for verification purposes)
• Location Tracking: Precise GPS coordinates and location history (with explicit consent)
• Communication Records: Voice recordings, video calls, and private messages

We handle sensitive personal information with additional security measures and only use it for the specific purposes for which it was collected.

3. How We Use Your Information

We use the information we collect for various legitimate business purposes, as detailed below. We process your personal information based on different legal grounds, including consent, contract performance, legitimate interests, and legal compliance.

3.1 Service Provision and Operations

We use your information to provide, operate, and maintain our Service:

• Create and manage your user account and profile
• Process service bookings and reservations
• Facilitate communication between customers and service providers
• Process payments and manage billing
• Provide customer support and technical assistance
• Send service-related notifications and updates
• Maintain service quality and safety standards
• Conduct background checks and verification processes
• Manage disputes and resolution processes
• Maintain service records and transaction history

3.2 Personalization and User Experience

We use your information to personalize and improve your experience:

• Recommend relevant services and providers based on your preferences
• Customize content and features according to your interests
• Provide location-based service recommendations
• Remember your preferences and settings
• Optimize app performance and user interface
• Provide personalized search results and filters
• Create customized marketing communications
• Develop new features based on user behavior patterns
• Improve service matching algorithms
• Provide contextual help and guidance

3.3 Communication and Marketing

We use your information for communication and marketing purposes (with your consent where required):

• Send promotional offers and discounts
• Share new service announcements and features
• Provide newsletters and educational content
• Conduct surveys and market research
• Send birthday and anniversary greetings
• Provide loyalty program updates and rewards
• Share partner promotions and special events
• Send seasonal and holiday-themed content
• Provide referral program information
• Share user-generated content and success stories

3.4 Analytics and Business Intelligence

We use your information for analytics and business intelligence:

• Analyze user behavior and service usage patterns
• Measure service performance and quality metrics
• Conduct market research and trend analysis
• Develop business strategies and growth plans
• Optimize pricing and service offerings
• Identify and address service gaps
• Monitor platform performance and reliability
• Generate business reports and insights
• Conduct A/B testing and experimentation
• Measure marketing campaign effectiveness

3.5 Security and Fraud Prevention

We use your information to maintain security and prevent fraud:

• Verify user identity and prevent unauthorized access
• Detect and prevent fraudulent transactions
• Monitor for suspicious activities and patterns
• Implement security measures and access controls
• Conduct security audits and assessments
• Respond to security incidents and breaches
• Maintain audit trails and compliance records
• Implement fraud detection algorithms
• Conduct risk assessments and evaluations
• Protect against cyber threats and attacks

3.6 Legal and Regulatory Compliance

We use your information to comply with legal and regulatory requirements:

• Comply with applicable laws and regulations
• Respond to legal requests and court orders
• Maintain records for tax and accounting purposes
• Conduct compliance audits and assessments
• Report to regulatory authorities when required
• Maintain professional licensing and certification records
• Comply with consumer protection laws
• Maintain data retention requirements
• Respond to government investigations
• Protect our legal rights and interests

3.7 Research and Development

We use your information for research and development purposes:

• Develop new features and services
• Improve existing functionality and user experience
• Conduct user experience research and testing
• Develop machine learning algorithms and AI systems
• Create predictive models and analytics tools
• Research market trends and consumer preferences
• Develop new business models and partnerships
• Conduct academic research and studies
• Create industry reports and insights
• Develop innovative technology solutions

4. Information Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties except in the following circumstances:

• Service Providers: We may share information with trusted third-party service providers who assist us in operating our Service
• Business Partners: We may share information with beauty professionals and salons to facilitate bookings
• Legal Requirements: We may disclose information when required by law or to protect our rights
• Business Transfers: Information may be transferred in connection with a merger, acquisition, or sale of assets
• Consent: We may share information with your explicit consent

5. Data Security

We implement comprehensive technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. Our security framework is designed to meet industry standards and regulatory requirements.

5.1 Technical Security Measures

• Encryption: All sensitive data is encrypted using AES-256 encryption both in transit and at rest
• Secure Sockets Layer (SSL): All communications are protected using TLS 1.3 encryption
• Database Security: Databases are encrypted and protected with access controls and monitoring
• API Security: All APIs are secured with authentication, rate limiting, and input validation
• Network Security: Firewalls, intrusion detection systems, and network segmentation
• Access Controls: Multi-factor authentication, role-based access, and principle of least privilege
• Secure Development: Secure coding practices, regular security testing, and vulnerability assessments
• Backup Security: Encrypted backups with secure storage and regular testing

5.2 Organizational Security Measures

• Security Policies: Comprehensive security policies and procedures
• Employee Training: Regular security awareness training for all staff
• Background Checks: Thorough background checks for all employees with data access
• Confidentiality Agreements: Strict confidentiality agreements for all personnel
• Incident Response: Detailed incident response procedures and team
• Regular Audits: Internal and external security audits and assessments
• Vendor Management: Security requirements for all third-party vendors
• Data Classification: Data classification and handling procedures

5.3 Physical Security

• Data Centers: Tier III+ data centers with 24/7 security monitoring
• Access Controls: Biometric access controls and security badges
• Surveillance: 24/7 video surveillance and security personnel
• Environmental Controls: Climate control, fire suppression, and power backup
• Equipment Security: Secure disposal of hardware and media

5.4 Security Monitoring and Incident Response

• Continuous Monitoring: 24/7 security monitoring and threat detection
• Log Analysis: Comprehensive logging and analysis of security events
• Threat Intelligence: Integration with threat intelligence feeds
• Incident Response: Rapid response procedures for security incidents
• Forensic Capabilities: Digital forensics and evidence collection
• Notification Procedures: Timely notification of affected users and authorities

Despite our comprehensive security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but continuously work to improve our security posture and respond to emerging threats.

6. Your Rights and Choices

You have the following rights regarding your personal information:

• Access: Request access to your personal information
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your personal information
• Portability: Request a copy of your data in a portable format
• Opt-out: Unsubscribe from marketing communications
• Withdraw Consent: Withdraw consent for data processing where applicable

To exercise these rights, please contact us at privacy@glowbook.in.

7. Account Deletion Policy

You have the right to delete your account and associated personal information at any time. This section explains our account deletion process and what happens to your data when you request account deletion.

7.1 How to Delete Your Account

You can delete your account through the following methods:

• Mobile App: Go to Settings → Account Settings → Delete Account
• Website: Log into your account and visit the Account Settings page
• Email Request: Send a deletion request to privacy@glowbook.in
• Customer Support: Contact our support team through the app or website

7.2 What Happens When You Delete Your Account

When you request account deletion, we will:

• Immediately deactivate your account and prevent further access
• Delete your personal information from our active systems within 30 days
• Remove your profile, photos, and user-generated content
• Cancel any pending bookings and send notifications to service providers
• Process any outstanding refunds according to our refund policy
• Remove you from our marketing communications
• Delete your payment information and transaction history
• Remove your reviews and ratings from public display

7.3 Data That May Be Retained

In certain circumstances, we may retain some information for legal, regulatory, or business purposes:

• Legal Requirements: Information required to comply with applicable laws, regulations, or legal proceedings
• Financial Records: Transaction records required for tax, accounting, or audit purposes (typically 7 years)
• Fraud Prevention: Information necessary to prevent fraud or abuse of our services
• Dispute Resolution: Information related to ongoing disputes or legal claims
• Service Provider Records: Anonymized data that may be required for service provider verification
• Backup Systems: Information in backup systems that will be deleted during regular backup rotation

7.4 Timeline for Account Deletion

• Immediate: Account deactivation and access prevention
• Within 24 hours: Removal from active user databases and marketing lists
• Within 30 days: Deletion of personal information from primary systems
• Within 90 days: Deletion from backup systems and analytics platforms
• Within 1 year: Complete removal of all personal data (except legally required retention)

7.5 Consequences of Account Deletion

Please be aware that account deletion is permanent and irreversible:

• You will lose access to all your account data and service history
• Any pending bookings will be cancelled and you may be subject to cancellation fees
• You will lose any loyalty points, rewards, or promotional benefits
• Your reviews and ratings will be removed from the platform
• You will need to create a new account if you wish to use our services again
• Any saved payment methods will be permanently deleted

7.6 Data Portability Before Deletion

Before deleting your account, you may request a copy of your data:

• Complete profile information and account settings
• Booking history and service records
• Payment and transaction history
• Reviews and ratings you have submitted
• Communication history with service providers
• Photos and content you have uploaded

Data export requests are typically processed within 7-14 business days and provided in a machine-readable format (JSON or CSV).

7.7 Contact for Account Deletion

For questions about account deletion or to request assistance with the deletion process:

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our Service. You can control cookie settings through your browser preferences.

For more detailed information about our use of cookies, please see our Cookie Policy.

9. Data Retention

We retain your personal information for as long as necessary to provide our Service and fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

When you delete your account, we will delete or anonymize your personal information, except where we are required to retain it for legal or regulatory purposes.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure that such transfers comply with applicable data protection laws and implement appropriate safeguards.

11. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

We encourage you to review this Privacy Policy periodically for any changes.

13. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us: