Pallette Arts Private Limited ("Company", "We", "Wintrov") provides a B2B SaaS ecosystem consisting of the Wintrov Admin, Manager, and Stylist Apps.
1. Nature of Services and Legal Roles
Wintrov provides a B2B SaaS ecosystem comprising the Wintrov Admin, Manager, and Stylist Apps.
2. Types of Information Collected
We collect and process the following categories of information:
- Subscriber Profile Information: Name, business name, GST details, professional email, and contact information of Salon Owners and Managers.
- Personnel Data: Profiles for Stylists, including names, designations, and professional performance metrics tracked within the app ecosystem.
- Processed End-Customer Data: Information regarding the Salon's clients (e.g., Name, Phone, Service History) processed via the platform. The Salon warrants that it has obtained valid consent for such collection.
- Log and Technical Data: IP addresses, device identifiers, and browser types collected automatically to ensure platform stability.
3. How Data is Used
We use the collected information for the following professional purposes:
- Provision of Services: Facilitating appointment scheduling, digital billing, and inventory management across all app tiers.
- Business Intelligence: Generating performance reports and analytics for Salon Owners regarding staff productivity and revenue.
- Operational Maintenance: Debugging, technical support, and improving the App Ecosystem's user interface.
- Legal Compliance: Satisfying statutory requirements under Indian law, including tax and regulatory filings.
4. Data Sharing and Disclosure
Wintrov does not sell personal data. Disclosure is limited to:
- Sub-processors: Cloud hosting providers (e.g., AWS), SMS gateways, and payment processors necessary for platform functionality.
- Internal Access: Data is accessible to authorized employees of Pallette Arts on a "need-to-know" basis for support.
- Legal Mandates: Disclosure to law enforcement or government authorities when required by a valid court order or under the DPDPA.
5. Data Security (TOMs)
We implement industry-standard safeguards to protect data integrity:
- Data Encryption: Data is encrypted at rest (AES-256).
- Vulnerability Assessments: Periodic security audits are conducted to prevent unauthorized access or data breaches.
6. Data Retention and Deletion
- Retention Period: We retain Subscriber and Personnel data for the duration of the active subscription.
- Deletion Protocol: Upon termination of the service agreement and request to delete, data is deleted or anonymized within 90 days, except where retention is mandated by Indian law for tax or audit purposes.
7. Data Principal Rights
Under the DPDPA, individuals have specific rights regarding their personal data:
- End-Customer Requests: All requests for Correction, Completion, or Erasure of end-customer data must be directed to the Salon.
- Wintrov Support: Wintrov shall provide the necessary technical tools to the Salon to facilitate the exercise of these rights by their customers.
8. Policy Updates
We may update this Privacy Policy to reflect changes in our App Ecosystem or evolving Indian law (such as new DPDPA Rules). We will notify the Admin (Salon Owner) of material changes via email or an in-app notification. Continued use of the platform following an update constitutes acceptance of the revised terms.
9. Grievance Redressal