Skip to Content
Privacy Policy

PRIVACY POLICY

Gigstaan — A Product of Snehmit Business LLP Last Updated: April, 2026

This Privacy Policy describes how Gigstaan collects, uses, shares, and protects your personal data. It applies to all users of the Gigstaan mobile application and website, including service providers and service consumers.

Introduction

Gigstaan (“Platform”) is a hyper-local marketplace operated by Snehmit Business LLP (“Company,” “we,” “us,” or “our”), a registered limited liability partnership in India. The Platform is accessible via our mobile application and website, and serves to connect service providers with service consumers across all categories of services.

We are committed to safeguarding your personal data in compliance with the Digital Personal Data Protection Act, 2023 (“DPDPA”), the Information Technology Act, 2000 (“IT Act”), and all applicable rules and regulations thereunder.

This Privacy Policy explains what personal data we collect, why we collect it, how we use and protect it, and the rights available to you under Indian law. By creating an account, accessing, or using Gigstaan in any manner, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree, please discontinue use of the Platform.

This Policy applies equally to all users of the Platform, including service providers (individuals, freelancers, and organisations) and service consumers.

Definitions

For the purposes of this Privacy Policy:

  • “Data Principal” means you — the individual whose personal data is collected and processed through the Platform, whether you use Gigstaan as a service provider or a service consumer.
  • “Data Fiduciary” means Snehmit Business LLP, which determines the purpose and means of processing your personal data.
  • “Personal Data” means any data about an individual who is identifiable by or in relation to such data, as defined under the DPDPA, 2023.
  • “Sensitive Personal Data” includes financial information (such as bank account details and payment instruments), government-issued identity documents (such as Aadhaar), and biometric data.
  • “Service Provider” means any individual, freelancer, or registered organisation that lists, offers, or delivers services through the Platform.
  • “Service Consumer” means any individual who searches for, books, or avails services through the Platform.
  • “Platform” means the Gigstaan mobile application and website, collectively.
  • “Escrow Service” means the payment protection mechanism offered by Gigstaan, wherein payment from a service consumer is held securely until the service is satisfactorily completed.
  • “Processing” includes the collection, storage, use, sharing, disclosure, erasure, and any other operation performed on personal data.

Data We Collect

We collect personal data through the following means:

Information You Provide Directly

Account Registration Data (All Users)

  • Full name
  • Mobile number (verified via OTP)
  • Email address
  • Google account information (if you choose social login)
  • Profile photograph (optional)

Identity Verification Data (Service Providers)

  • Aadhaar number and associated details, collected solely for identity verification purposes
  • Bank account details (account number, IFSC code, account holder name) required to activate the Escrow Service and receive payouts
  • For organisations: Business registration documents, GST number, authorised signatory details, and any other documents required for business verification

Service Listing Data (Service Providers)

  • Service descriptions, categories, and subcategories
  • Pricing and availability
  • Service area or coverage radius
  • Portfolio images, certifications, and work samples

Booking & Transaction Data (Service Consumers)

  • Service requests and booking details
  • Delivery or service address
  • Preferred date and time
  • Payment method selected

Communications

  • Messages exchanged between service providers and consumers through the Platform’s in-app chat
  • Customer support queries, complaints, and feedback
  • Ratings and reviews submitted on the Platform

Information Collected Automatically

Device & Technical Data

  • Device type, model, and manufacturer
  • Operating system and version
  • Browser type and version
  • Unique device identifiers (e.g., device ID, advertising ID)
  • IP address and mobile network information

Location Data

  • With your explicit consent, we may collect precise or approximate geolocation data to enable hyper-local service matching
  • You may grant or revoke location access at any time through your device settings; however, disabling location may limit certain Platform features such as nearby service discovery

Usage Data

  • Pages and screens visited
  • Features used and actions taken
  • Search queries and service categories browsed
  • Booking history and transaction records
  • Session duration, frequency of use, and interaction patterns

Cookies & Similar Technologies

  • We use cookies, pixel tags, and similar tracking technologies on our website to recognise your browser, remember preferences, and understand how you interact with the Platform. You may manage cookie preferences through your browser settings.

Information from Third Parties

  • Payment Gateway Providers: Transaction status, settlement confirmations, and payment failure details from our payment processing partners (e.g., Razorpay, Cashfree, or similar).
  • Google (Social Login): If you sign in via Google, we receive your name, email address, and profile picture as authorised by you during the login process.
  • Verification Partners: Identity and business verification results from authorised third-party agencies engaged for Aadhaar-based or business verification.

Data We Do NOT Collect

  • We do not store full credit or debit card numbers on our servers. All card payment processing is handled by PCI-DSS compliant payment gateway partners.
  • We do not collect biometric data (fingerprint, facial recognition) directly through the Platform.
  • We do not knowingly collect data from users under the age of 18.

How We Use Your Data

We process your personal data only for lawful purposes that are necessary to operate the Platform and deliver our services.

Service Delivery & Matching

  • To match service consumers with relevant, nearby service providers based on location, service category, availability, and ratings
  • To facilitate bookings, confirmations, rescheduling, and cancellations
  • To enable in-app communication between service providers and consumers

Account Management & Verification

  • To create and maintain your user account
  • To authenticate logins via OTP, email, or Google sign-in
  • To verify the identity of service providers through Aadhaar verification
  • To verify the legitimacy of organisations through business verification processes
  • To validate bank account details for Escrow Service activation

Payments, Escrow, Invoicing & Settlements

  • To process payments from service consumers via UPI, credit/debit cards, or other supported methods
  • To hold payments securely under the Escrow Service until service completion
  • To release payouts to service providers upon successful completion of a gig
  • To automatically generate invoices upon bid acceptance for one-time gigs
  • To enable service providers (“Gigsters”) to generate and send invoices to service consumers upon completion of milestones for milestone-based gigs
  • To maintain invoice records including service descriptions, amounts, milestone breakdowns, applicable taxes, and payment status for both parties
  • To process refunds and cancellations in accordance with our Refund & Cancellation Policy

Note: Transactions or communications taken off the Platform are not covered by Gigstaan’s Escrow Service, invoicing features, refund policy, or cancellation protections.

Location-Based Features

  • To use your location (when consented) to display nearby service providers and optimise hyper-local search results
  • To estimate distances and service availability in your area

Safety, Trust & Fraud Prevention

  • To detect, investigate, and prevent fraudulent activity, spam, abuse, or security threats
  • To enforce our Terms of Service and community guidelines
  • To maintain the integrity of reviews, ratings, and user-generated content
  • To resolve disputes between service providers and consumers

Platform Improvement & Analytics

  • To analyse usage patterns and trends in order to improve Platform features and user experience
  • To conduct internal research and development
  • To perform aggregated, anonymised analysis for business intelligence (this data cannot identify you personally)

Communication with You

  • To send transactional notifications (booking confirmations, payment receipts, payout alerts, OTPs)
  • To send service-related updates such as status changes, reminders, and review prompts
  • To send promotional communications about new features, offers, or services — only with your consent, and you may opt out at any time

Legal & Regulatory Compliance

  • To comply with applicable laws, regulations, legal processes, or enforceable government requests
  • To respond to lawful requests from law enforcement or regulatory authorities
  • To establish, exercise, or defend legal claims

Important: We do not sell your personal data to any third party, nor do we use your data for automated decision-making or profiling that produces legal effects concerning you, without your explicit consent.

Data Sharing & Third Parties

We do not sell, rent, or trade your personal data. We share your data only in the following limited circumstances and only to the extent necessary:

Between Users of the Platform

  • When a booking is made, relevant information is shared between the service provider and consumer to facilitate the gig. This may include name, profile photo, contact details, service address, booking details, and invoice information.
  • Ratings, reviews, and public profile details are visible to other users of the Platform.

Payment Gateway Providers

  • We share transaction-related data with our payment processing partners (such as Razorpay, Cashfree, or similar PCI-DSS compliant providers) to process payments, manage the Escrow Service, and settle payouts. These providers operate under their own privacy policies and stringent security standards.

Cloud Infrastructure & Hosting

  • Your data is stored on secure cloud servers provided by third-party infrastructure services (such as AWS, GCP, or similar). These providers act as data processors under contractual obligations to protect your data and process it solely on our instructions.

Analytics Providers

  • We share anonymised and aggregated usage data with analytics services (such as Google Analytics, Mixpanel, or similar) to understand Platform performance and user behaviour. This data cannot be used to personally identify you.

Identity & Business Verification Partners

  • For service provider onboarding, we share Aadhaar details with authorised verification agencies solely for identity verification purposes.
  • For organisations, we share business registration details with verification partners to validate legitimacy.
  • Bank account details are shared with our banking/payment partners strictly for the purpose of Escrow Service activation and payout processing.

Legal & Regulatory Disclosures

  • We may disclose your personal data if required to do so by law, regulation, legal process, or enforceable government request.
  • We may share data when we believe in good faith that disclosure is necessary to protect the rights, safety, or property of Gigstaan, our users, or the public.
  • This includes cooperation with law enforcement agencies, courts, or regulatory bodies in India.

Business Transfers

  • In the event of a merger, acquisition, reorganisation, or sale of all or a portion of Snehmit Business LLP’s assets, your personal data may be transferred to the successor entity. You will be notified of any such transfer and any changes to this Privacy Policy.

Advertising & Promotional Partners

  • Gigstaan may, now or in the future, display advertisements on the Platform. These may include promoted service listings, third-party display ads, or other promotional content.
  • To deliver relevant advertisements, we may share anonymised or pseudonymised usage data, interest categories, location data, and interaction patterns with advertising partners (such as Google Ads, Meta Ads, or similar networks).
  • We will never share your name, phone number, email address, Aadhaar details, or bank account information with advertisers.
  • You may opt out of promotional emails at any time by using the unsubscribe link provided in each email.
  • We may share your data with third parties not described above only after obtaining your explicit consent.

We do NOT share data with:

  • Data brokers or any entity for the purpose of selling your personal data
  • Advertisers will never receive your directly identifiable personal information (name, phone, email, Aadhaar, or financial details)

Data Retention

We retain your personal data only for as long as it is necessary to fulfil the purposes described in this Privacy Policy, or as required by applicable law.

Active Accounts

  • Your personal data is retained for the entire duration your account remains active on the Platform.
  • Service listing data, transaction history, invoices, ratings, and reviews are maintained as part of your active account records.

After Account Deletion

Upon account deletion, we retain your personal data for a period of 3 (three) years from the date of deletion. This retention period is necessary to:

  • Comply with legal and regulatory obligations under Indian law
  • Resolve any pending or potential disputes, claims, or chargebacks
  • Maintain financial and tax records as required under the Income Tax Act, 1961 and GST laws
  • Support fraud prevention and safety investigations

After the 3-year retention period, your data will be permanently and irreversibly deleted or anonymised such that it can no longer identify you.

Specific Retention Periods

Data TypeRetention Period
Account & profile dataDuration of active account + 3 years after deletion
Aadhaar & identity verification recordsDuration of active account + 3 years after deletion
Bank account & payout recordsAs required under applicable tax and financial laws (minimum 8 years under IT Act, 1961)
Transaction & invoice records8 years from the date of the transaction, in compliance with tax and accounting regulations
In-app chat messagesDuration of active account + 1 year after deletion
Usage & analytics dataAnonymised upon account deletion; anonymised data may be retained indefinitely
Cookies & device dataMaximum 13 months from collection, or until you clear browser data
  1. Exceptions
    • We may retain data beyond the periods stated above if required by a court order, regulatory directive, or ongoing legal proceeding.
    • Anonymised and aggregated data that cannot identify any individual may be retained indefinitely for research and analytical purposes.

Your Rights as a Data Principal

Under the Digital Personal Data Protection Act, 2023, you have the following rights with respect to your personal data:

Right to Access

  • You have the right to obtain a summary of your personal data that is being processed by us, along with information about how it is being used.
  • You can access most of your data directly through your account dashboard on the Platform.

Right to Correction

  • You have the right to request the correction of any inaccurate or misleading personal data, and the completion of any incomplete data.
  • Profile details such as name, email, phone number, and address can be updated directly in your account settings. For changes to verified information (Aadhaar, bank account, business documents), you may need to undergo re-verification.

Right to Erasure

  • You have the right to request the deletion of your personal data by deleting your account.
  • Upon receiving a valid erasure request, we will delete your data subject to the retention periods outlined in Section 6, and except where retention is required by law.
  • Please note that certain data (such as financial records and invoices) must be retained for the legally mandated period even after erasure is requested.
  • Where we process your data based on your consent (such as location access or promotional communications), you may withdraw that consent at any time.
  • Withdrawal of consent will not affect the lawfulness of processing carried out prior to such withdrawal. You may withdraw consent by:
  • Disabling location permissions in your device settings
  • Unsubscribing from promotional emails via the link provided in each email
  • Contacting us at the details provided in Section 13

Right to Grievance Redressal

  • You have the right to register a complaint if you are dissatisfied with how we process your personal data.
  • Gigstaan has appointed a Grievance Officer (details in Section 13) who will acknowledge your complaint within 24 hours and resolve it within 15 days from the date of receipt.
  • If you are not satisfied with our resolution, you have the right to file a complaint with the Data Protection Board of India as established under the DPDPA, 2023.

Right to Nominate

  • Under the DPDPA, you have the right to nominate another individual who may exercise your data rights on your behalf in the event of your death or incapacity.

Data Security

We take the security of your personal data seriously and implement reasonable technical and organisational measures to protect it against unauthorised access, alteration, disclosure, or destruction.

Technical Safeguards

  • Encryption in Transit: All data transmitted between your device and our servers is encrypted using TLS (Transport Layer Security) protocols.
  • Encryption at Rest: Sensitive personal data, including Aadhaar details, bank account information, and payment records, is encrypted at rest on our servers.
  • Access Controls: Access to personal data is restricted to authorised personnel on a need-to-know basis, with role-based access controls and multi-factor authentication enforced internally.
  • Secure Infrastructure: The Platform is hosted on industry-standard cloud infrastructure (such as AWS or GCP) that maintains internationally recognised security certifications.

Organisational Safeguards

  • All employees, contractors, and third-party processors with access to personal data are bound by confidentiality obligations.
  • We conduct periodic security assessments and vulnerability testing of our systems.
  • We maintain an incident response plan to promptly address any data breach or security incident.

Payment Security

  • All online payment transactions are processed through PCI-DSS compliant payment gateway partners.
  • We do not store full credit or debit card numbers on our servers at any time.
  • Escrow funds are managed through regulated payment infrastructure in compliance with Reserve Bank of India (“RBI”) guidelines.

Your Responsibilities

  • You are responsible for maintaining the confidentiality of your account credentials, including your OTP and login details.
  • You should not share your account access with any third party.
  • If you suspect any unauthorised access to your account, you must notify us immediately at the contact details provided in Section 13.
  • Gigstaan shall not be liable for any loss arising from unauthorised use of your account due to your failure to safeguard your credentials.

Breach Notification

In the event of a personal data breach that is likely to cause harm to you, we will:

  • Notify the Data Protection Board of India as required under the DPDPA, 2023
  • Inform affected users without unreasonable delay through email, in-app notification, or SMS
  • Take immediate steps to contain and remediate the breach

Cookies & Tracking Technologies

What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They help us recognise your browser, remember your preferences, and understand how you interact with the Platform.

Types of Cookies We Use

Cookie TypePurposeDuration
Strictly NecessaryEssential for Platform functionality — login sessions, security, and load balancing. The Platform cannot function properly without these.Session or up to 12 months
Performance & AnalyticsHelp us understand how users interact with the Platform, identify errors, and measure performance. Data is aggregated and anonymised.Up to 13 months
FunctionalRemember your preferences such as language, region, and display settings to provide a personalised experience.Up to 12 months
  1. Managing Cookies
    • You can manage or delete cookies through your browser or device settings at any time.
    • Disabling strictly necessary cookies may impair Platform functionality.
    • For our mobile application, similar tracking technologies (such as device identifiers and SDKs) may be used, which can be managed through your device’s privacy settings.

Do Not Track

  • Some browsers offer a “Do Not Track” signal. At this time, the Platform does not respond to Do Not Track signals, but we respect your cookie and device-level privacy settings.

Children’s Privacy

  • Gigstaan is intended solely for users who are 18 years of age or older.
  • We do not knowingly collect, process, or store personal data from anyone under the age of 18.
  • If we become aware that we have inadvertently collected personal data from a minor, we will take prompt steps to delete such data from our systems.
  • If you are a parent or guardian and believe your child has provided personal data to Gigstaan, please contact us immediately at the details provided in Section 13, and we will take appropriate action.

Third-Party Links & Off-Platform Activity

  • The Platform may contain links to third-party websites, applications, or services that are not operated or controlled by Gigstaan.
  • We are not responsible for the privacy practices, content, or security of any third-party services. We encourage you to review their privacy policies before sharing any personal data.

Off-Platform Transactions & Communications

  • If you choose to take transactions, payments, or communications outside of the Gigstaan Platform, such activity is entirely at your own risk.
  • Gigstaan’s Escrow Service, invoicing features, refund policy, cancellation protections, and dispute resolution mechanisms do not apply to any off-platform activity.
  • We strongly recommend conducting all service-related transactions and communications through the Platform to ensure your protection.

Changes to This Privacy Policy

  • We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or Platform features.

When we make changes:

  • We will update the “Last Updated” date at the top of this Policy.
  • For material changes that significantly affect how your data is processed, we will notify you through in-app notifications, email, or a prominent notice on the Platform at least 15 days before the changes take effect.
  • For minor or clarificatory changes, the updated Policy will be effective upon posting.

Your continued use of the Platform after any changes become effective constitutes your acceptance of the revised Privacy Policy. We encourage you to review this Policy periodically to stay informed about how we protect your data.

Contact Us & Grievance Officer

If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please reach out to us:

Email: support@gigstaan.com

Grievance Officer

As required under the Digital Personal Data Protection Act, 2023 and the Information Technology Act, 2000, we have appointed a Grievance Officer:

Name: Sneha Kanade

Designation: Founder & CEO

Email: support@gigstaan.com

All complaints will be acknowledged within 24 hours and resolved within 15 days from the date of receipt.

If you are not satisfied with our resolution, you may escalate your complaint to the Data Protection Board of India established under the DPDPA, 2023.

© 2026 Snehmit Business LLP. All rights reserved.

PoliciesTerms & Conditions