VastraHQ is operated by its founders, based in New Delhi, India. This Privacy Policy explains what personal data we collect, how we use it, and how you can contact us.
Contact / grievance email: thevastrahq@gmail.com
1. Data We Collect
We may collect:
- Account data: name, email address, sign-in details, and business profile information.
- Waitlist / enquiry data: if you sign up through our early-access or waitlist form, the details you provide — such as your name, business or label name, WhatsApp number, Instagram handle, and what you sell. This form is operated through a third-party form provider, which stores the submissions on our behalf.
- Uploaded content: the garment photos you upload.
- Generated content: AI-generated images, catalogues, videos, captions, and other outputs created through VastraHQ.
- Usage data: projects created, generations requested, credit usage, feature usage, and app activity.
- Technical data: device information, browser information, IP address, logs, cookies, and session data.
- Billing data: if payments are enabled later, payment status, invoices, credit purchases, and related transaction records. Card or payment instrument details are handled by the payment processor and are not stored by VastraHQ.
2. How We Use Data
We use data to:
- provide and operate VastraHQ;
- generate images, catalogues, videos, and other outputs;
- manage accounts, projects, credits, and support;
- maintain and improve the reliability, quality, safety, and operation of the service (this does not include training AI models on your uploaded content — see Section 3);
- detect abuse, security issues, or policy violations;
- comply with legal obligations.
3. AI Processing
To generate outputs, uploaded images and related inputs are processed by reputable third-party cloud AI-infrastructure providers acting on our behalf.
We do not sell your uploaded images.
We do not use your uploaded garment images to train our own AI models unless we ask for and receive separate permission.
4. Service Providers
We may share data with service providers that help run VastraHQ, including cloud hosting and storage, cloud AI processing, authentication, the waitlist/enquiry form provider, email/support, and (once payments launch) payment providers. These providers act on our behalf and are permitted to use your data only to provide their service to us.
Some providers — including our AI-processing and waitlist-form providers — may process or store data outside India, subject to applicable law and provider safeguards.
5. Sharing
We do not sell your personal data.
We may disclose data only:
- to operate the service through our providers;
- if required by law, legal process, or government request;
- to protect the rights, safety, or security of VastraHQ, users, or others;
- in connection with a business transfer, merger, acquisition, or restructuring.
6. Retention
We keep account data, uploaded content, generated content, logs, and usage records while your account is active or as needed to provide the service, resolve disputes, prevent abuse, and meet legal obligations.
When you request deletion of your account or data, we delete your uploaded content and generated outputs within a reasonable time and as required by applicable law, except where we must retain certain records by law or to resolve a dispute. Some information may persist in routine backups for a limited period before being overwritten.
You may request deletion of your account or data by contacting us at thevastrahq@gmail.com.
7. Your Rights
Depending on applicable law, including India's Digital Personal Data Protection framework, you may request access, correction, deletion, withdrawal of consent, grievance redressal, or other available privacy rights by emailing thevastrahq@gmail.com.
You may also nominate another individual to exercise your rights in the event of your death or incapacity, and you may withdraw consent at any time (withdrawing consent may limit our ability to provide the service).
We may need to verify your identity before processing a request.
8. Security
We use reasonable technical and organizational safeguards to protect data. However, no online service is completely secure, especially during beta.
9. Children
VastraHQ is not intended for users under 18. We do not knowingly collect data from children.
10. Cookies
We use only cookies and similar technologies that are strictly necessary for sign-in, sessions, security, and service operation. If we introduce non-essential or analytics cookies in future, we will update this policy and, where required, request your consent before setting them.
11. Data Breach
If a personal-data breach occurs that is likely to affect you, we will notify the affected users and the Data Protection Board of India as required by applicable law.
12. Grievance Officer
Grievance Officer, VastraHQ — thevastrahq@gmail.com. We aim to acknowledge and resolve requests and complaints within the timelines required by India's DPDP framework. We will publish the named officer once a legal entity is registered.
13. Changes
We may update this Privacy Policy from time to time. The latest version will show the updated date.
14. Contact / Grievance
For privacy questions, deletion requests, or complaints, contact:
VastraHQ is operated from New Delhi, India. A registered office address will be added once the company is incorporated.