Search

TryLK-4001
Look Collections
Privacy

Privacy Policy

Last updated: May 2026. Your privacy matters to us. Here's exactly what we collect, how we use it, who we share it with, and how you can control it — in plain language.

Contents

  1. Who We Are
  2. Information We Collect
  3. How We Use Your Information
  4. Sharing of Information
  5. Cookies & Local Storage
  6. Security & Storage Location
  7. Data Retention
  8. Your Rights
  9. Account & Data Deletion
  10. Children's Privacy
  11. Changes to This Policy
  12. Grievance Officer (India DPDP)
  13. Contact Us

1. Who We Are

MEILO is operated by Gita Care Technologies Private Limited, a company incorporated in India (collectively “MEILO”, “we”, “us”). For the purposes of the Digital Personal Data Protection Act, 2023 (India) (“DPDP Act”) and applicable data protection laws, MEILO is the Data Fiduciary responsible for your personal data processed via the Platform.

2. Information We Collect

We collect the following categories of personal data:

  • Mobile number — required to create an account; verified via one-time password through Firebase Authentication.
  • Account information — name, optional email, optional gender, optional date of birth, city.
  • Profile photo — optional, uploaded by you.
  • Look photos — uploaded by artists/studios to showcase their work. Artists confirm at upload that any depicted client has consented.
  • Preferences and activity — style interests, saved artists/studios/looks, search history within the app.
  • Service reports and reviews — submitted by artists about clients and by clients about artists, used to operate the two-way review system.
  • Location — only on the consumer app, only in the foreground, only when you tap “Use Current Location” or grant city-level permission. Approximate coordinates are used to surface nearby artists. We do not track location in the background.
  • Device identifiers — Firebase Cloud Messaging (FCM) token for push notifications; basic device model and OS version for compatibility.
  • Crash and diagnostic data — when an unexpected error occurs, we may collect a crash report (stack trace, app state) to fix bugs. No personal content is included.
  • Usage analytics — pages visited, taps on key actions, time spent. Used in aggregate to improve the Platform.

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and improve the MEILO platform
  • Authenticate you and keep your account secure
  • Personalise your style discovery feed and surface relevant artists, studios, and looks
  • Send service-related notifications (booking confirmations, review requests, style verification prompts) via FCM push, with your consent where required
  • Surface nearby artists and studios based on the location signal you provide
  • Run the two-way review system (consumer ↔ artist) for trust and quality signals
  • Detect and prevent fraud, abuse, spam, and unsafe conduct on the Platform
  • Comply with legal obligations, respond to lawful requests, and enforce our Terms
  • Analyse usage trends in aggregate to improve product quality

We do not sell your personal information to third parties.

4. Sharing of Information

We share personal data only with:

  • Service providers (Data Processors) who operate the Platform on our behalf under contractual data protection obligations:
    • Google LLC / Firebase — phone authentication (OTP), push notifications (FCM), and crash diagnostics.
    • Supabase Inc. — managed PostgreSQL database hosting your profile, saves, reports, and reviews.
    • Google Cloud Platform — application hosting (Cloud Run) and media storage (Google Cloud Storage). Production data is hosted in the asia-south1 (Mumbai) region.
    • Google Maps Platform — reverse geocoding and Places autocomplete when you set or change your city.
  • Artists and studios you choose to connect with — when you initiate a booking via the Platform, the artist/studio sees information necessary to identify and serve you (display name, mobile number where you choose to share it, and the look or report context).
  • Legal and regulatory authorities — when required by law, court order, or to protect the rights, property, or safety of MEILO, our users, or the public.
  • In a business transfer — in connection with a merger, acquisition, financing, or sale of assets, subject to standard confidentiality and continuity of this Policy.

All service providers are bound by data processing agreements and may only use your data to perform services on our behalf. Where processing involves transfer outside India, we rely on the standards permitted under the DPDP Act and equivalent contractual safeguards.

5. Cookies & Local Storage

The MEILO website uses browser localStorage to store your session token, city preference, and display name for a seamless experience across visits. We may use first-party analytics cookies to understand how users interact with the Platform.

You can clear stored data at any time via your browser settings. Clearing localStorage will sign you out of MEILO. Our mobile apps (Meilo for consumers and Meilo Pro for artists) store the equivalent session data in encrypted local app storage.

6. Security & Storage Location

We take reasonable technical and organisational measures to protect your data:

  • All network traffic between the apps/website and our servers is encrypted in transit (HTTPS / TLS 1.2+).
  • Authentication tokens are short-lived and bound to the device.
  • Production data is stored in the Google Cloud asia-south1 (Mumbai) region.
  • Access to production systems is restricted to authorised personnel under the principle of least privilege.
  • Media uploads (look photos, profile photos) are stored in Google Cloud Storage with a Content Delivery Network in front for performance. Public look media is intentionally publicly readable so it can appear in browse feeds; admin-only media is served via signed URLs.

No system is perfectly secure. If we become aware of a personal data breach affecting you, we will notify you and the Data Protection Board of India in accordance with our legal obligations.

7. Data Retention

We retain personal data for as long as your account is active or as needed to provide the Platform. After you delete your account (see Section 9), we delete your personal data within 30 days, except:

  • Data we are required to retain for legal, tax, or fraud-prevention reasons
  • Anonymised or aggregated data that no longer identifies you (used for analytics)
  • Backup snapshots, which are purged on our standard rotation (≤ 35 days)

8. Your Rights

Under the DPDP Act and other applicable laws, you have the right to:

  • Access — obtain a summary of the personal data we hold about you
  • Correction — correct or update inaccurate or incomplete data (most fields are editable in-app under Profile)
  • Erasure — request deletion of your account and personal data (see Section 9)
  • Withdraw consent — for any processing based on consent, including location access and marketing communications
  • Nominate — designate another person to exercise your rights in the event of your death or incapacity (DPDP-specific)
  • Grievance redressal — raise a grievance with our Grievance Officer (Section 12), and escalate to the Data Protection Board of India if unresolved

To exercise these rights, contact admin@meilotech.com. We will respond within thirty (30) days.

9. Account & Data Deletion

You can permanently delete your MEILO account in three ways:

  • From within the app — Profile → Settings → Delete Account. Available in both the consumer app (Meilo) and the artist app (Meilo Pro).
  • From the website — see our Account Deletion page for full instructions, or sign in and use the Delete Account option at the bottom of your profile page.
  • By email — send a deletion request from your registered email or mobile number to admin@meilotech.com.

Deletion is permanent and removes your profile, uploads, saves, reports, and reviews from the Platform, subject to the retention exceptions in Section 7.

10. Children's Privacy

MEILO is intended for users aged 18 and above. We do not knowingly collect personal data from children. In line with the DPDP Act, we will not process the personal data of a child or person with a disability for any purpose without verifiable consent of a parent or lawful guardian, and we will not undertake tracking or behavioural monitoring of, or targeted advertising directed at, children. If we become aware that we hold the personal data of a child without such consent, we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the “Last updated” date and, where appropriate, through an in-app notice or email. Continued use of the Platform after changes take effect constitutes acceptance of the updated Policy.

12. Grievance Officer (India DPDP Act 2023)

In accordance with the Digital Personal Data Protection Act, 2023 and the Information Technology Act, 2000 (India), we have appointed a Grievance Officer to address concerns relating to the processing of your personal data on the Platform.

  • Name: Santosh Kumar
  • Designation: Grievance Officer, Gita Care Technologies Private Limited
  • Email: admin@meilotech.com
  • Postal address: Gita Care Technologies Private Limited, Bangalore, Karnataka, India
  • Response time: Within fifteen (15) days of receipt of the grievance

If your grievance is not resolved to your satisfaction, you may escalate it to the Data Protection Board of India in accordance with the DPDP Act.

13. Contact Us

For questions or concerns about this Privacy Policy, contact us at admin@meilotech.com. For data deletion requests, see Section 9. For grievances under the DPDP Act, see Section 12.

Gita Care Technologies Private Limited
Bangalore, Karnataka, India