Privacy Policy

Folafy ("we", "us", or "our") is committed to protecting the privacy and personal information of all individuals who use the Folafy Platform. This Privacy Policy describes how Folafy collects, uses, stores, shares, and protects personal data in connection with the operation of the Platform.

This Privacy Policy applies to all registered Creators, Buyers, visitors, and any other individuals who interact with the Folafy Platform, website, or associated services. This Policy is incorporated by reference into Folafy's Terms of Service.

2.1 From Creators (Account Holders)

When you register as a Creator and use the Platform, Folafy may collect:

• Identity & Contact Information: Full name, email address, username, and profile information.

• Login Credentials: Encrypted account passwords and authentication tokens.

• Billing Information: Subscription payment method details (processed securely by third-party payment gateways; Folafy does not store raw card numbers).

• Payout Details: Bank account information, payment wallet details, and tax identification numbers (PAN, GSTIN).

• Uploaded Content: Images, videos, PDFs, design files, digital products, portfolio materials, and any other media uploaded to the Platform.

• Usage Analytics: Behavioral data on Platform interaction including templates used, features accessed, and login frequency.

• Device & Technical Data: IP addresses, browser type, operating system, device identifiers, and session data.

• Transaction Data: Records of sales, subscription payments, payouts, and financial activity on the Platform.

2.2 From Buyers & Visitors

When visitors interact with Creator storefronts or contact forms, Folafy may process:

• Contact Form Data: Name, email address, and message content submitted via Creator contact forms.

• Purchase Data: Email address, billing information, and product delivery details collected during checkout.

• Analytics Data: Page view data, session duration, referral sources, and interaction behavior on Creator pages.

Folafy uses collected personal data for the following purposes:

• To create, maintain, and secure Creator accounts and provide access to Platform features.

• To process subscription payments, Creator sales transactions, and payout disbursements.

• To deliver purchased digital products to Buyers on behalf of Creators.

• To facilitate communication between Creators and Buyers via messaging and contact systems.

• To send transactional emails including billing confirmations, password resets, and security alerts.

• To monitor Platform usage and improve features, performance, and user experience.

• To detect, prevent, and investigate fraud, abuse, and security threats.

• To comply with applicable legal obligations including tax, financial reporting, and regulatory compliance.

Folafy does not sell, rent, or trade personal data to third-party data brokers or advertisers. Folafy shares personal data only with trusted third-party service providers necessary for Platform operation, under appropriate data processing agreements, including:

• Payment Processors (Stripe, Razorpay): For subscription billing and Creator payout disbursement.

• Cloud Storage Providers (Cloudflare R2, Google Cloud): For secure storage of uploaded Creator content.

• CDN Providers: For optimized delivery of Creator portfolio pages and digital content.

• Email Service Providers: For delivery of transactional and platform notification emails.

• Authentication Providers (Firebase): For secure user login and session management.

• Analytics Providers: For aggregated Platform usage analytics.

Folafy may disclose personal data to legal authorities where required by applicable law, court order, or regulatory directive.

Folafy implements industry-standard technical and organizational security measures to protect personal data from unauthorized access, disclosure, alteration, or destruction. These measures include:

• Encryption of data in transit using TLS/HTTPS protocols.

• Secure storage of passwords using industry-standard hashing algorithms.

• Access controls limiting internal access to personal data on a need-to-know basis.

• Regular security assessments and vulnerability monitoring.

No data transmission or storage system is completely secure. Folafy cannot guarantee absolute security against all potential threats.

Folafy retains personal data for as long as necessary to:

• Provide Platform services to active account holders.

• Comply with legal, financial, and regulatory obligations (transaction records retained for a minimum of 7 years under applicable Indian law).

• Resolve disputes and enforce agreements.

Upon account deletion, personal content is scheduled for removal within applicable timeframes, excluding data required for legal compliance and fraud prevention.

Subject to applicable data protection laws, users may have the following rights regarding their personal data:

• Right of Access: Request a copy of personal data held by Folafy.

• Right of Rectification: Request correction of inaccurate or incomplete personal data.

• Right of Deletion: Request deletion of personal data, subject to legal retention obligations.

• Right of Portability: Request transfer of your data in a structured, machine-readable format.

• Right to Object: Object to processing of your data for certain purposes.

To exercise these rights, contact Folafy at privacy@folafy.com. Folafy will respond to valid requests within 30 days.

For users in the European Union or European Economic Area, Folafy processes personal data as a data controller under GDPR. Legal bases for processing include:

• Contractual necessity (account management, billing, service delivery).

• Legal obligation (tax compliance, fraud prevention).

• Legitimate interests (Platform security, fraud detection, service improvement).

• Consent (marketing communications, non-essential cookies).

EU users may lodge complaints with their local Data Protection Authority where applicable.

Folafy may update this Privacy Policy from time to time. Material changes will be communicated via email notification or in-platform notice. Continued use of the Platform after the effective date of an updated Privacy Policy constitutes acceptance of the changes.

Privacy Officer

Contact Email: privacy@folafy.com

Response Time: Within 30 days of receipt