Privacy Policy

Last Updated: 01/0/2026

1. INTRODUCTION

Welcome to Kaslane ("we," "our," "us," or the "Company"). Kaslane Tech & Entertainment Pvt. Ltd. is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website, mobile application, and use our services (collectively, the "Platform").

This Privacy Policy is published in compliance with:

The Digital Personal Data Protection Act, 2023 (DPDP Act), India
The Information Technology Act, 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
The Consumer Protection Act, 2019, India
Reserve Bank of India (RBI) Guidelines on Payment Aggregators and Payment Gateways
Payment Card Industry Data Security Standard (PCI-DSS)
General Data Protection Regulation (GDPR), European Union (where applicable)
California Consumer Privacy Act (CCPA), USA (where applicable)
Children's Online Privacy Protection Act (COPPA), USA (where applicable)

By accessing or using our Platform, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with this Privacy Policy, please do not access or use our Platform.

2. COMPANY INFORMATION

Company Name: Kaslane Tech & Entertainment Pvt. Ltd.

Registered Address:
OFF NO-412, JOP Plaza P-2,
Sector-18, Noida,
201301, Uttar Pradesh, India

Contact Email: connect@kaslane.com

Grievance Officer:
Name: Sachin Ruhela
Email: connect@kaslane.com
Address: OFF NO-412, JOP Plaza P-2, Sector-18, Noida, 201301, UP, India

3. DEFINITIONS

For the purposes of this Privacy Policy:

"Data Principal" means the individual to whom the personal data relates.
"Data Fiduciary" means Kaslane Tech & Entertainment Pvt. Ltd., which determines the purpose and means of processing personal data.
"Personal Data" means any data about an individual who is identifiable by or in relation to such data.
"Sensitive Personal Data" includes passwords, financial information (bank account, credit/debit card details), health data, biometric data, sexual orientation, and any other data as specified under applicable law.
"Processing" means any operation performed on personal data, including collection, storage, use, disclosure, and erasure.
"Platform" refers to the Kaslane website, mobile application, and all related services.
"Creator" means any content creator, influencer, artist, or public figure registered on the Platform.
"User" or "Subscriber" means any individual who accesses or uses the Platform to engage with Creators.
"Third Party" means any entity other than the Data Principal and Data Fiduciary.

4. INFORMATION WE COLLECT

4.1 Information You Provide Directly

CategoryData Collected Account Registration Full name, email address, phone number, username, password, date of birth, profile picture, gender
Identity Verification (KYC)Government-issued ID (Aadhaar, PAN, Passport, Driving License), photographs, address proof
Payment InformationBank account details, UPI ID, credit/debit card details (processed securely via Razorpay), billing address, transaction history
Creator InformationSocial media handles, follower count, content categories, bio, portfolio links, bank details for payouts
Communication DataMessages, chat logs, call recordings (with consent), emails, support tickets, feedback
Content DataPhotos, videos, audio files, text posts, comments uploaded on the Platform
Experience BookingsMeetup preferences, travel details, location preferences, special requests

4.2 Information Collected Automatically

CategoryData CollectedDevice InformationDevice type, operating system, unique device identifiers (IMEI, MAC address), browser type and version, screen resolution
Usage DataPages visited, features used, time spent on Platform, click patterns, search queries, interaction with content and Creators
Location DataIP address, GPS location (with consent), city, state, country, timezone
Log DataAccess times, error logs, referring URLs, pages viewed, links clicked
Cookies and Tracking TechnologiesSession cookies, persistent cookies, pixels, web beacons, local storage (detailed in Section 12)

4.3 Information from Third Parties

SourceData ReceivedSocial Media PlatformsProfile information, follower data, engagement metrics (when you link accounts)
Payment Processors (Razorpay)Transaction status, payment confirmation, refund status
Identity Verification PartnersKYC verification status, document authenticity
Analytics ProvidersAggregated usage statistics, demographic insights
Marketing PartnersCampaign performance, referral source

5. PURPOSE OF DATA COLLECTION

We collect and process your personal data for the following purposes:

5.1 Service Delivery

To create and manage your account
To facilitate connections between Creators and Users
To enable subscription services, paid messaging, video calls, meetups, and travel experiences
To process payments, payouts, refunds, and manage financial transactions
To provide customer support and respond to inquiries
To send service-related notifications and updates

5.2 Platform Improvement

To analyze usage patterns and improve Platform functionality
To develop new features and services
To conduct research and analytics
To personalize user experience and content recommendations

5.3 Safety and Security

To verify user identity and prevent fraud
To detect, prevent, and address technical issues
To enforce our Terms & Conditions and Community Guidelines
To protect the rights, property, and safety of our users and the public
To comply with legal obligations and respond to lawful requests

5.4 Marketing and Communication

To send promotional materials (with your consent)
To inform you about new features, updates, and offers
To conduct surveys and collect feedback
To provide targeted advertising (with your consent)

5.5 Legal Compliance

To comply with applicable laws, regulations, and legal processes
To respond to requests from government authorities
To fulfill tax and financial reporting obligations
To maintain records as required by law

6. LEGAL BASIS FOR PROCESSING (DPDP ACT & GDPR COMPLIANCE)

We process your personal data based on the following legal grounds:

Legal BasisDescriptionConsentWhere you have given explicit consent for processing your personal data for specific purposes. You may withdraw consent at any time.
Contract PerformanceWhere processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
Legal ObligationWhere processing is necessary for compliance with a legal obligation to which we are subject.
Legitimate InterestsWhere processing is necessary for our legitimate interests or those of a third party, provided your rights do not override those interests.
Vital InterestsWhere processing is necessary to protect your vital interests or those of another person.
Public InterestWhere processing is necessary for the performance of a task carried out in the public interest.

7. DATA SHARING AND DISCLOSURE

We may share your personal data with the following categories of recipients:

7.1 Service Providers

Provider TypePurposeData SharedPayment Processors (Razorpay)Process payments, refunds, payoutsTransaction details, bank information
Cloud Service Providers (AWS, Google Cloud)Data storage and hostingAll Platform data (encrypted)
Communication ServicesSMS, email, push notificationsContact details, message content
Analytics ProvidersUsage analysis, performance monitoringAnonymized usage data
Identity Verification ServicesKYC verificationID documents, photographs
Customer Support ToolsSupport ticket managementCommunication data, account details

7.2 Creators and Users

Creators receive limited subscriber information necessary for service delivery
Users receive Creator profile information as displayed on the Platform
Chat messages and call logs are accessible to both parties involved

7.3 Legal and Regulatory Authorities

We may disclose personal data to:

Law enforcement agencies pursuant to valid legal requests
Government authorities as required by applicable law
Courts, tribunals, and regulatory bodies
Tax authorities for compliance purposes

7.4 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your personal data may be transferred to the acquiring entity, subject to the same privacy protections.

7.5 With Your Consent

We may share your data with third parties when you have explicitly consented to such sharing.

8. DATA RETENTION

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

Data CategoryRetention PeriodAccount InformationDuration of account + 5 years after deletion (for legal compliance)
Transaction Records10 years (as per Indian tax and financial regulations)
KYC Documents10 years after account closure (RBI requirements)
Communication Data (Chats, Calls)3 years from creation or as required by law
Usage Logs2 years
Marketing PreferencesUntil consent is withdrawn
Support Tickets5 years after resolution
Cookies and Analytics DataAs specified in Cookie Policy (typically 1-2 years)

After the retention period, data will be securely deleted or anonymized in accordance with our data disposal procedures.

9. DATA SECURITY

We implement robust technical and organizational measures to protect your personal data:

9.1 Technical Safeguards

MeasureDescriptionEncryptionAll data encrypted in transit (TLS 1.3) and at rest (AES-256)
Secure Payment ProcessingPCI-DSS compliant payment gateway (Razorpay); we do not store card details
Access ControlsRole-based access control (RBAC), multi-factor authentication (MFA) for internal systems
Firewalls and Intrusion DetectionEnterprise-grade firewalls, IDS/IPS systems, DDoS protection
Regular Security AuditsPeriodic vulnerability assessments and penetration testing
Data BackupRegular encrypted backups with secure off-site storage
Secure DevelopmentSecure coding practices, code reviews, security testing

9.2 Organizational Safeguards

MeasureDescriptionEmployee TrainingRegular data protection and security awareness training
Confidentiality AgreementsAll employees and contractors bound by confidentiality obligations
Access LimitationData access limited to personnel who require it for job functions
Incident Response PlanDocumented procedures for data breach detection, containment, and notification
Vendor AssessmentDue diligence and security assessments for third-party service providers

9.3 RBI Compliance

In compliance with Reserve Bank of India guidelines:

All payment data is stored on servers located in India
Card-on-file tokenization as per RBI directives
Transaction data purged as per RBI timelines
Regular compliance audits and reporting

10. DATA LOCALIZATION (RBI COMPLIANCE)

In accordance with RBI's data localization requirements:

All payment system data, including full end-to-end transaction details, is stored exclusively on servers located in India
Data processed abroad for international transactions is deleted from foreign systems and stored only in India within 24 hours
Backup data and archives related to payment transactions are also stored within India

11. YOUR RIGHTS

Under the DPDP Act, 2023, GDPR (for EU residents), and CCPA (for California residents), you have the following rights:

11.1 Rights Under DPDP Act, 2023 (India)

RightDescriptionRight to AccessYou have the right to obtain confirmation and access to your personal data being processed.
Right to CorrectionYou have the right to correct inaccurate or incomplete personal data.
Right to ErasureYou have the right to request erasure of your personal data, subject to legal retention requirements.
Right to Grievance RedressalYou have the right to register complaints with our Grievance Officer and escalate to the Data Protection Board of India.
Right to NominateYou have the right to nominate an individual to exercise your rights in case of death or incapacity.

11.2 Additional Rights Under GDPR (EU Residents)

RightDescriptionRight to RestrictionYou have the right to restrict processing of your personal data.
Right to Data PortabilityYou have the right to receive your personal data in a structured, machine-readable format.
Right to ObjectYou have the right to object to processing based on legitimate interests or for direct marketing.
Right Against Automated Decision-MakingYou have the right not to be subject to decisions based solely on automated processing, including profiling.
Right to Withdraw ConsentYou have the right to withdraw consent at any time without affecting the lawfulness of prior processing.
Right to Lodge ComplaintYou have the right to lodge a complaint with a supervisory authority in your jurisdiction.

11.3 Additional Rights Under CCPA (California Residents)

RightDescriptionRight to KnowYou have the right to know what personal information is collected, used, shared, or sold.
Right to DeleteYou have the right to request deletion of your personal information.
Right to Opt-OutYou have the right to opt-out of the sale of your personal information.
Right to Non-DiscriminationYou have the right not to be discriminated against for exercising your CCPA rights.

11.4 How to Exercise Your Rights

To exercise any of your rights, please contact us at:

Email: connect@kaslane.com

Mail:
Grievance Officer
Kaslane Tech & Entertainment Pvt. Ltd.
OFF NO-412, JOP Plaza P-2,
Sector-18, Noida, 201301, UP, India

We will respond to your request within 30 days. We may request verification of your identity before processing your request.

12. COOKIES AND TRACKING TECHNOLOGIES

12.1 Types of Cookies We Use

Cookie TypePurposeDurationEssential CookiesRequired for Platform functionality, authentication, securitySession / Persistent
Performance CookiesAnalyze usage patterns, improve performanceUp to 2 years
Functional CookiesRemember preferences, settings, languageUp to 1 year
Analytics CookiesTrack user behavior, measure engagementUp to 2 years
Advertising CookiesDeliver targeted advertisements, measure campaign effectivenessUp to 1 year

12.2 Third-Party Cookies

We may use cookies from third-party services including:

Google Analytics (usage analytics)
Facebook Pixel (advertising)
Razorpay (payment processing)
Hotjar (user experience analysis)

12.3 Managing Cookies

You can manage cookie preferences through:

Browser Settings: Most browsers allow you to refuse or delete cookies
Cookie Consent Banner: Use our cookie consent tool on the Platform
Opt-Out Links: Use third-party opt-out mechanisms (e.g., Google Ads Settings, Facebook Ad Preferences)

Note: Disabling certain cookies may affect Platform functionality.

13. CHILDREN'S PRIVACY

13.1 Age Restrictions

Our Platform is not intended for individuals under the age of 18 years.

13.2 COPPA Compliance (USA)

We do not knowingly collect personal information from children under 13 years of age. If we become aware that we have inadvertently collected personal data from a child under 13, we will take immediate steps to delete such information from our records.

13.3 DPDP Act Compliance (India)

In accordance with the Digital Personal Data Protection Act, 2023:

We do not process personal data of children (under 18 years) without verifiable consent from a parent or lawful guardian
We do not undertake tracking, behavioral monitoring, or targeted advertising directed at children
We do not process personal data that is likely to cause harm to a child

13.4 Parental Rights

Parents or legal guardians may:

Request access to their child's personal data
Request correction or deletion of their child's personal data
Withdraw consent for processing their child's personal data

To exercise these rights, please contact us at connect@kaslane.com with proof of parental/guardian relationship.

14. INTERNATIONAL DATA TRANSFERS

14.1 Data Transfer Mechanisms

If your personal data is transferred outside India or your country of residence, we ensure appropriate safeguards are in place:

MechanismDescriptionStandard Contractual Clauses (SCCs)EU-approved contractual terms ensuring adequate data protection
Adequacy DecisionsTransfers to countries recognized as providing adequate protection
Binding Corporate RulesInternal rules governing intra-group international transfers
ConsentYour explicit consent for specific international transfers
Contractual NecessityTransfers necessary for the performance of a contract with you

14.2 GDPR Compliance

For transfers of personal data from the European Economic Area (EEA), United Kingdom, or Switzerland:

We rely on Standard Contractual Clauses approved by the European Commission
We conduct Transfer Impact Assessments where required
We implement supplementary measures to ensure data protection

14.3 Data Localization (India)

In compliance with Indian regulations:

Payment data is stored exclusively in India as per RBI guidelines
A copy of all personal data of Indian users is maintained on servers in India
Cross-border transfers are conducted in compliance with DPDP Act provisions

15. THIRD-PARTY LINKS AND SERVICES

15.1 External Links

Our Platform may contain links to third-party websites, applications, or services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

15.2 Social Media Integration

When you connect your social media accounts (Instagram, YouTube, Twitter/X, Facebook, etc.) to our Platform:

We receive profile information and engagement metrics as authorized by you
Your interactions on social media are governed by the respective platform's privacy policy
You can disconnect social media accounts at any time through your account settings

15.3 Payment Gateway (Razorpay)

Payment transactions are processed through Razorpay Payment Solutions Pvt. Ltd. When you make a payment:

Your payment information is transmitted directly to Razorpay via encrypted channels
Razorpay's privacy policy governs the processing of your payment data
We receive only transaction confirmation, amount, and status—not your full card details
Razorpay is PCI-DSS compliant and regulated by RBI

For Razorpay's privacy practices, visit: https://razorpay.com/privacy/

16. AUTOMATED DECISION-MAKING AND PROFILING

16.1 Use of Automated Processing

We may use automated decision-making and profiling for:

PurposeDescriptionFraud DetectionAutomated systems to identify suspicious transactions and activities
Content ModerationAI-assisted detection of prohibited content
PersonalizationAlgorithmic recommendations for Creators and content
Risk AssessmentAutomated KYC verification and risk scoring

16.2 Your Rights

You have the right to:

Request human intervention in automated decisions
Express your point of view and contest decisions
Obtain an explanation of automated decisions that significantly affect you

To exercise these rights, contact us at connect@kaslane.com.

17. DATA BREACH NOTIFICATION

17.1 Breach Detection and Response

We maintain comprehensive incident response procedures to detect, investigate, and respond to personal data breaches.

17.2 Notification to Authorities

In the event of a personal data breach:

JurisdictionNotification TimelineAuthorityIndia (DPDP Act)As soon as possible, within 72 hoursData Protection Board of India
EU (GDPR)Within 72 hours of becoming awareRelevant Supervisory Authority
Other JurisdictionsAs per applicable local lawsRelevant data protection authority

17.3 Notification to Data Principals

If a breach is likely to result in high risk to your rights and freedoms, we will notify you without undue delay, providing:

Nature of the breach
Categories and approximate number of individuals affected
Likely consequences of the breach
Measures taken or proposed to address the breach
Contact details for further information

18. GRIEVANCE REDRESSAL

18.1 Grievance Officer

In accordance with the Information Technology Act, 2000, DPDP Act, 2023, and Consumer Protection Act, 2019, we have appointed a Grievance Officer:

Name: [Insert Grievance Officer Name]

Designation: Grievance Officer

Email: connect@kaslane.com

Address:
OFF NO-412, JOP Plaza P-2,
Sector-18, Noida, 201301,
Uttar Pradesh, India

Working Hours: Monday to Friday, 10:00 AM to 6:00 PM IST (excluding public holidays)

18.2 Grievance Resolution Process

StepActionTimelineStep 1Submit grievance via email or letter with details-
Step 2Acknowledgment of receiptWithin 24 hours
Step 3Investigation and reviewWithin 15 days
Step 4Resolution and responseWithin 30 days of receipt
Step 5Escalation (if unsatisfied)Data Protection Board of India / Consumer Forum

18.3 Escalation

If you are not satisfied with our resolution, you may escalate your grievance to:

Data Protection Board of India
[Contact details to be updated upon establishment]

Consumer Disputes Redressal Forum
Appropriate District/State/National Consumer Commission

Cyber Crime Cell
For data theft or cyber fraud: https://cybercrime.gov.in

19. COMPLIANCE WITH SPECIFIC REGULATIONS

19.1 Reserve Bank of India (RBI) Guidelines

We comply with the following RBI regulations:

RegulationCompliance MeasurePayment Aggregator GuidelinesRegistered/authorized payment aggregator (Razorpay)
Data LocalizationAll payment data stored in India
Card-on-File TokenizationNo storage of actual card details; tokenization implemented
KYC RequirementsCustomer verification as per RBI norms
Merchant OnboardingDue diligence for Creator payouts
Transaction LimitsAdherence to prescribed transaction limits
Reporting RequirementsSuspicious transaction reporting as mandated

19.2 Information Technology Act, 2000

We comply with:

Section 43A: Reasonable security practices for sensitive personal data
Section 72A: Prohibition on disclosure of information in breach of lawful contract
IT Rules, 2011: Collection, disclosure, and transfer of sensitive personal data

19.3 Consumer Protection Act, 2019

We adhere to:

Fair trade practices
Protection against unfair contracts
Consumer rights to information and redressal
E-commerce Rules, 2020

19.4 Prevention of Money Laundering Act (PMLA)

KYC verification for Creators receiving payouts
Suspicious activity monitoring and reporting
Record-keeping as per PMLA requirements

19.5 Goods and Services Tax (GST) Compliance

Proper invoicing with GST as applicable
Maintenance of transaction records for GST compliance
TCS collection and remittance as per e-commerce provisions

20. CALIFORNIA PRIVACY RIGHTS (CCPA/CPRA)

20.1 Applicability

This section applies to California residents and supplements the information in this Privacy Policy.

20.2 Categories of Personal Information Collected

In the preceding 12 months, we have collected the following categories of personal information:

CategoryExamplesCollectedIdentifiersName, email, phone number, IP addressYes
Customer RecordsAccount information, payment detailsYes
Protected ClassificationsAge, genderYes
Commercial InformationTransaction history, subscription detailsYes
Internet ActivityBrowsing history, search queries, interactionsYes
Geolocation DataPhysical locationYes
Audio/Visual DataProfile pictures, videos, call recordingsYes
Professional InformationCreator occupation, social media followingYes
InferencesPreferences, characteristics, behavior predictionsYes
Sensitive Personal InformationGovernment ID, financial accountsYes

20.3 Sale and Sharing of Personal Information

We do not "sell" personal information as defined by the CCPA. We may "share" personal information for cross-context behavioral advertising with your consent.

20.4 Retention

We retain personal information as described in Section 8 of this Privacy Policy.

20.5 Your California Rights

You have the right to:

Know what personal information we collect, use, disclose, and sell
Delete your personal information, subject to exceptions
Correct inaccurate personal information
Opt-Out of the sale or sharing of personal information
Limit Use of sensitive personal information
Non-Discrimination for exercising your rights

20.6 How to Exercise Your Rights

Submit a request by:

Email: connect@kaslane.com
Subject Line: "California Privacy Rights Request"

We will verify your identity before processing your request.

20.7 Authorized Agents

You may designate an authorized agent to make requests on your behalf. We may require proof of authorization and identity verification.

20.8 Financial Incentives

We may offer financial incentives (e.g., discounts, rewards) for the collection of personal information. Participation is voluntary, and you may opt-out at any time.

21. EUROPEAN ECONOMIC AREA (EEA), UK, AND SWITZERLAND RESIDENTS

21.1 Data Controller

For EEA, UK, and Swiss residents, the data controller is:

Kaslane Tech & Entertainment Pvt. Ltd.
OFF NO-412, JOP Plaza P-2,
Sector-18, Noida, 201301, UP, India
Email: connect@kaslane.com

21.2 EU Representative

[To be appointed if required by GDPR Article 27]

Name: [Insert EU Representative Name]
Address: [Insert EU Address]
Email: [Insert EU Representative Email]

21.3 Legal Basis for Processing

We process your personal data based on:

Consent (Article 6(1)(a) GDPR)
Contract Performance (Article 6(1)(b) GDPR)
Legal Obligation (Article 6(1)(c) GDPR)
Legitimate Interests (Article 6(1)(f) GDPR)

21.4 Your GDPR Rights

As detailed in Section 11.2, you have the right to access, rectification, erasure, restriction, data portability, objection, and rights related to automated decision-making.

21.5 Supervisory Authority

You have the right to lodge a complaint with a supervisory authority in your country of residence, place of work, or where the alleged infringement occurred.

22. CHANGES TO THIS PRIVACY POLICY

22.1 Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors.

22.2 Notification of Changes

Type of ChangeNotification MethodMaterial ChangesEmail notification, prominent notice on Platform, and updated "Last Updated" date
Minor ChangesUpdated "Last Updated" date on Privacy Policy page

22.3 Continued Use

Your continued use of the Platform after the effective date of any changes constitutes your acceptance of the revised Privacy Policy. If you do not agree with the updated terms, please discontinue use of the Platform and contact us for account deletion.

22.4 Review Recommendations

We encourage you to periodically review this Privacy Policy to stay informed about how we collect, use, and protect your information.

23. CONTACT US

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Kaslane Tech & Entertainment Pvt. Ltd.

Registered Address:
OFF NO-412, JOP Plaza P-2,
Sector-18, Noida, 201301,
Uttar Pradesh, India

Email: connect@kaslane.com

Grievance Officer Email: connect@kaslane.com

Response Time: We aim to respond to all inquiries within 48 hours during business days.

24. ACKNOWLEDGMENT

By using the Kaslane Platform, you acknowledge that:

You have read and understood this Privacy Policy
You consent to the collection, use, and processing of your personal data as described herein
You understand your rights and how to exercise them
You agree to the terms set forth in this Privacy Policy

25. LANGUAGE

This Privacy Policy is drafted in English. In case of any discrepancy between the English version and any translated version, the English version shall prevail.

26. SEVERABILITY

If any provision of this Privacy Policy is found to be invalid, illegal, or unenforceable by a court of competent jurisdiction, such invalidity shall not affect the validity of the remaining provisions, which shall continue in full force and effect.

27. GOVERNING LAW AND JURISDICTION

This Privacy Policy shall be governed by and construed in accordance with the laws of India. Any disputes arising out of or in connection with this Privacy Policy shall be subject to the exclusive jurisdiction of the courts in Noida, Uttar Pradesh, India.

28. ENTIRE AGREEMENT

This Privacy Policy, together with our Terms & Conditions, Cookie Policy, and other referenced policies, constitutes the entire agreement between you and Kaslane regarding the collection and processing of your personal data.

END OF PRIVACY POLICY