Privacy Policy Page
PRIVACY POLICY
Company: Hellwet Technologies Private Limited
Product / Platform: fashionkart.ai
Registered Address:
First Floor, B-2/64, Lohia Path, Lucknow, Uttar Pradesh- 226010, Uttar Pradesh – 226011, India
? TABLE OF CONTENTS
Introduction & Scope
Definitions & Interpretation
Applicability & User Acceptance
Legal Framework & Compliance
Categories of Data Collected
Personal Data Collection
Sensitive & Special Personal Data
AI, Face Image & Body Data Processing
Purpose Limitation Principle
Consent Mechanism & Withdrawal
Data Accuracy & User Responsibility
Storage, Retention & Deletion
Data Sharing & Third Parties
Cross-Border Data Processing
Data Security Safeguards
Cookies, Logs & Tracking
Children’s & Minor Data
User Rights under DPDP Act
Data Breach & Incident Response
Law Enforcement & Government Requests
Third-Party Links Disclaimer
Limitation of Liability
Indemnity by User
Policy Updates & Modifications
Grievance Redressal Mechanism
Governing Law & Jurisdiction
? PART 2.1
INTRODUCTION & PURPOSE
This Privacy Policy (“Policy”) explains how Hellwet Technologies Private Limited (“Company”, “We”, “Us”) collects, processes, stores, uses, discloses and protects personal data of users (“User”, “You”) who access or use fashionkart.ai.
The Company operates an AI-enabled, multivendor fashion marketplace which includes:
Account creation
Online shopping
AI Virtual Trial Room
Image-based personalization
This Policy is intended to ensure:
Transparency
Lawful processing
User control
Data minimization
? PART 2.2
DEFINITIONS & INTERPRETATION
For the purpose of this Policy:
“Personal Data”
Means any data about an individual who is identifiable by or in relation to such data, as defined under the Digital Personal Data Protection Act, 2023.
“Sensitive / Special Personal Data”
Includes facial images, body images, physical attributes, and any data processed by AI for visualization purposes.
“Processing”
Means any operation performed on data including collection, storage, use, disclosure, deletion, or analysis.
“Consent”
Means free, specific, informed, unconditional and unambiguous indication of User’s agreement to process data.
Interpretation rules shall be consistent with Indian statutory interpretation principles.
? PART 2.3
APPLICABILITY & USER ACCEPTANCE
This Privacy Policy applies to:
Website users
Mobile app users
Registered buyers
AI Virtual Trial users
By accessing or using the Platform, the User:
Confirms having read this Policy
Provides explicit consent
Agrees to data processing as described
If the User does not agree, access must be discontinued immediately.
? PART 2.4
LEGAL FRAMEWORK & COMPLIANCE
This Policy is framed in accordance with:
Information Technology Act, 2000
IT (Reasonable Security Practices) Rules, 2011
Digital Personal Data Protection Act, 2023
Applicable RBI, CERT-In and Government advisories
The Company acts as a Data Fiduciary under Indian law.
? PART 2.5
CATEGORIES OF DATA COLLECTED
The Company may collect the following categories of data:
A. Identity Data
Name
Mobile number
Email address
B. Account Data
Login credentials (encrypted)
User preferences
C. Transaction Data
Orders
Refunds
Payment status (no card/UPI storage)
D. Technical Data
IP address
Device type
Browser/app version
Log files
? PART 2.6
PERSONAL DATA COLLECTION
Personal data is collected:
Directly from Users during registration
Automatically through platform usage
Voluntarily through profile updates
The Company does not collect data beyond what is necessary for platform functionality.
? PART 2.7
SENSITIVE & SPECIAL PERSONAL DATA
Sensitive data includes:
Facial images / selfies
Body images
Height, weight, measurements
Such data is:
Collected only with explicit consent
Used strictly for AI visualization
Not used for biometric identification
? PART 2.8
AI, FACE IMAGE & BODY DATA PROCESSING
8.1 Nature of Processing
Images uploaded are:
Algorithmically analyzed
Temporarily transformed
Used for simulated previews
8.2 No Biometric Identification
The Company expressly declares:
No facial recognition
No identity verification
No surveillance
8.3 AI Output Disclaimer
AI outputs are:
Illustrative
Non-binding
Not real-world guarantees
? PART 2.9
PURPOSE LIMITATION & LAWFUL USE OF DATA
9.1 Purpose Limitation Principle
The Company strictly adheres to the purpose limitation principle, meaning all personal data collected shall be:
Processed only for specified, explicit and lawful purposes
Not further processed in a manner incompatible with such purposes
Limited to what is necessary for platform functionality
9.2 Permitted Purposes of Processing
Personal and sensitive data may be processed for:
a) User account creation and authentication
b) Order placement, fulfilment and customer support
c) AI Virtual Trial Room visualization
d) Personalization of product recommendations
e) Fraud detection and prevention
f) Legal, regulatory and audit compliance
Data shall never be processed for undisclosed or unlawful purposes.
9.3 Prohibited Use of Data
The Company expressly confirms that User data shall not be used for:
Facial recognition or biometric identification
Surveillance or profiling
Sale to advertisers or data brokers
Political or behavioral manipulation
? PART 2.10
CONSENT MECHANISM, RECORD & WITHDRAWAL
10.1 Explicit & Informed Consent
Consent is obtained through:
Mandatory checkbox at signup
Separate AI Virtual Trial consent pop-up
Image upload confirmation
Such consent is:
Free
Specific
Informed
Unambiguous
10.2 Consent for Sensitive Personal Data
For sensitive data (face images, body data):
Separate affirmative action is required
Consent is logged and auditable
Consent is revocable at any time
10.3 Withdrawal of Consent
Users may withdraw consent by:
Deleting uploaded images
Disabling AI features
Requesting account deletion
Withdrawal may impact platform functionality.
Certain data may be retained if required by law.
? PART 2.11
DATA ACCURACY & USER RESPONSIBILITY
11.1 Accuracy Obligation
Users are responsible for ensuring that:
Uploaded data is accurate
Images belong to them or are legally authorized
Measurements are correctly entered
11.2 Consequences of Inaccurate Data
The Company shall not be liable for:
Incorrect AI outputs
Poor personalization results
Dissatisfaction due to inaccurate inputs
? PART 2.12
STORAGE, RETENTION & DELETION
12.1 Data Storage
User data is stored on:
Secure cloud infrastructure
Access-controlled environments
Encrypted storage systems
12.2 Retention Periods
Indicative retention timelines:
Account data: While account remains active
AI images: Temporary or session-based
Transaction data: As per statutory requirements
Logs & audit trails: As mandated by law
12.3 Deletion & Anonymization
Upon:
Account deletion
Consent withdrawal
Inactivity
Data may be:
Deleted
Anonymized
Archived as legally required
? PART 2.13
DATA SHARING & THIRD-PARTY DISCLOSURE
13.1 Authorized Data Sharing
Data may be shared only with:
Payment gateways
Logistics partners
Cloud & AI infrastructure providers
Customer support vendors
All third parties are bound by confidentiality & data protection agreements.
13.2 No Sale of Data
The Company does not:
Sell personal data
Rent personal data
Trade face or body images
13.3 Seller Access Restriction
Sellers:
Do NOT get access to user selfies
Do NOT receive body images
Only see order-necessary information
? PART 2.14
CROSS-BORDER DATA PROCESSING
Certain processing activities may involve servers located outside India.
In such cases:
Adequate safeguards are ensured
Processing is compliant with Indian law
Data protection obligations remain binding
? PART 2.15
DATA SECURITY PRACTICES & SAFEGUARDS
15.1 Security Measures Implemented
The Company implements:
SSL/TLS encryption
Secure authentication mechanisms
Role-based access control
Periodic security audits
15.2 No Absolute Security Disclaimer
While reasonable security practices are followed:
No system is 100% secure
Internet transmission risks exist
Users acknowledge and accept such inherent risks.
? PART 2.16
COOKIES, LOG FILES & TRACKING TECHNOLOGIES
16.1 Cookies Usage
The Platform may use:
Session cookies
Persistent cookies
Functional cookies
for:
Login management
Security
User preferences
Performance optimization
Cookies do not collect sensitive personal data.
16.2 User Control Over Cookies
Users may:
Disable cookies via browser settings
Limit certain functionalities
Disabling cookies may affect platform performance.
16.3 Log Files & Analytics
The Company may collect:
IP address
Device type
Browser information
Access timestamps
Such data is used only for:
Security monitoring
Debugging
Performance analysis
? PART 2.17
CHILDREN & MINOR DATA PROTECTION
17.1 Age Restriction
The Platform is intended for users 18 years and above.
The Company does not knowingly collect personal data from minors without parental consent.
17.2 Accidental Collection
If data of a minor is discovered:
Such data shall be deleted promptly
Account access may be restricted
Parents or guardians may contact the Company for removal.
? PART 2.18
USER RIGHTS UNDER DPDP ACT, 2023
Under the Digital Personal Data Protection Act, 2023, Users have the right to:
18.1 Right to Access
Confirm whether personal data is processed
Obtain summary of such data
18.2 Right to Correction
Correct inaccurate or misleading data
18.3 Right to Erasure
Request deletion, subject to legal obligations
18.4 Right to Withdraw Consent
Withdraw consent at any time
18.5 Right to Grievance Redressal
Raise complaints with the Company
Such rights may be exercised through official support channels.
? PART 2.19
DATA BREACH & INCIDENT RESPONSE
19.1 Breach Detection
The Company maintains procedures to:
Detect unauthorized access
Monitor anomalies
Respond to incidents
19.2 Breach Response
In the event of a data breach:
Containment actions shall be initiated
Impact shall be assessed
Authorities shall be notified where required by law
19.3 User Notification
Users may be notified if a breach poses a significant risk to their rights.
? PART 2.20
LAW ENFORCEMENT & GOVERNMENT REQUESTS
The Company may disclose personal data:
To comply with legal obligations
In response to lawful government requests
For national security or law enforcement purposes
Disclosures shall be limited to what is legally required.
? PART 2.21
THIRD-PARTY LINKS DISCLAIMER
The Platform may contain links to third-party websites.
The Company:
Does not control such websites
Is not responsible for their privacy practices
Users are advised to review third-party policies independently.
? PART 2.22
LIMITATION OF LIABILITY
To the maximum extent permitted by law:
The Company shall not be liable for:
Indirect or consequential damages
Data loss due to external attacks
Unauthorized access beyond reasonable control
Total liability, if any, shall be limited to:
? Platform service fees charged, if applicable.
? PART 2.23
USER INDEMNITY
Users agree to indemnify and hold harmless the Company, its directors, officers and employees against:
Claims arising from false information
Unauthorized image uploads
Violation of applicable laws
Breach of this Privacy Policy
? PART 2.24
POLICY UPDATES & MODIFICATIONS
The Company may update this Privacy Policy periodically.
Updated versions shall be effective upon publication.
Continued use of the Platform constitutes acceptance.
? PART 2.25
GRIEVANCE REDRESSAL MECHANISM
As required under Indian law, the Company appoints a Grievance Officer.
Grievances may be submitted through:
Official support channels
Designated email (to be notified on Platform)
The Company shall address grievances within the statutory timeframe.
? PART 2.26
GOVERNING LAW & JURISDICTION
This Privacy Policy shall be governed by:
Laws of India
Exclusive jurisdiction:
Courts of Lucknow, Uttar Pradesh
Follow Us
Mobile Apps
