Last updated: 21 June 2025 ยท Your privacy matters to us.
Setwala is a digital marketplace platform that enables creators to sell event industry digital assets to buyers worldwide. For data protection purposes, Setwala acts as the Data Controller for personal data you provide to us, and as a Data Processor for data processed on behalf of Creators in respect of their customers.
If you have any questions, concerns, or complaints about this Privacy Policy or our data practices, please contact our Grievance Officer as described in Section 14.
| Category | Examples | Who Provides It |
|---|---|---|
| Account & Identity Data | Full name, email address, password (hashed), profile photo, username | All Users |
| Contact Data | Email address, phone number (if provided) | All Users |
| KYC & Financial Data | PAN card number, bank account number, IFSC code, bank name, account holder name, UPI ID, GST number | Creators only |
| Payment Data | Transaction IDs, payment method type, billing details processed by payment gateway | Buyers |
| Creator Content Data | Uploaded Digital Assets, product descriptions, tags, pricing, preview images | Creators only |
| Communication Data | Support tickets, messages, feedback, dispute communications | All Users |
| Profile Data | Creator bio, portfolio links, social media handles, creator profile description | Creators |
| Category | Examples |
|---|---|
| Usage & Activity Data | Pages visited, search queries, products viewed, downloads, purchase history, wishlist items, session duration |
| Device & Technical Data | IP address, browser type and version, operating system, device identifiers, screen resolution, time zone |
| Log Data | Access logs, error logs, API request logs (retained for security and debugging) |
| Cookie & Tracking Data | Session cookies, preference cookies, analytics identifiers (see Section 5) |
| Transaction Data | Order history, payout history, subscription history, UTR numbers |
Under the SPDI Rules 2011, financial information such as bank account numbers, PAN numbers, and UPI IDs collected from Creators constitutes Sensitive Personal Data. We collect this data solely for the purpose of processing payouts and fulfilling tax compliance obligations. We implement heightened security measures for SPDI as described in Section 10.
We do not collect passwords in plain text. We do not collect biometric data, health information, sexual orientation, religious beliefs, or other SPDI categories not listed above.
We may receive limited information about you from third-party service providers such as payment gateways (Razorpay), analytics providers (Google Analytics), and fraud detection services. We use this information only for the purposes described in Section 3.
We use the information we collect for the following purposes:
We do not sell your personal data to third parties for their independent marketing purposes.
Our legal basis for processing your personal information includes:
Setwala uses cookies and similar tracking technologies for the following purposes:
| Cookie Type | Purpose | Examples |
|---|---|---|
| Essential | Required for the Platform to function. Cannot be disabled. | Session authentication, CSRF protection tokens, shopping cart, login state |
| Functional | Remember your preferences to enhance experience. | Language preference, display settings |
| Analytics | Understand how Users interact with the Platform to improve it. | Google Analytics (anonymised) |
| Marketing | Track campaign effectiveness and display relevant content. Requires consent. | Google Tag Manager parameters |
| Third-Party Chat | Enable live chat support functionality. | Tawk.to session cookies |
You can control or delete cookies through your browser settings. Disabling essential cookies will impair the Platform's functionality. For analytics and marketing cookies, you may opt out at any time. Opting out of Google Analytics is available at tools.google.com/dlpage/gaoptout.
Some browsers transmit a "Do Not Track" signal. Setwala does not currently respond differently to Do Not Track signals. We are committed to implementing recognised privacy standards as they mature.
We do not sell your personal data. We share it only in the following circumstances:
Creator profile information (name, profile photo, bio, portfolio) is publicly visible on the Platform. Financial data (bank account, PAN, UPI) is never displayed publicly and is accessible only to authorised Setwala personnel with a legitimate need.
Creators receive anonymised order information. Buyers' full names and email addresses are not shared with Creators except where required for customer support, dispute resolution, or as required by law.
We recognise that Creators entrust us with sensitive business and financial information. We take the following additional steps to protect Creator data:
Setwala is not directed at children under the age of 18 years. We do not knowingly collect personal information from anyone under 18. If we become aware that we have inadvertently collected information from a person under 18, we will promptly delete such information and terminate the account. If you believe a child has registered on our Platform, please contact us at privacy@setwala.com.
We retain your personal data for as long as necessary to fulfil the purposes described in this Policy, or as required by law. Our general retention periods are:
| Data Type | Retention Period | Reason |
|---|---|---|
| Account & Profile Data | Duration of account + 2 years after deletion | Dispute resolution, legal claims |
| Transaction & Financial Records | 7 years from transaction date | Tax law compliance (Income Tax Act, GST law) |
| KYC Documents | 5 years after account closure or last transaction | AML/regulatory requirements |
| Usage & Log Data | 12 months | Security monitoring, debugging |
| Communication & Support Records | 3 years | Legal disputes, quality assurance |
| Marketing Consent Records | Until consent withdrawn + 2 years | Proof of consent |
| Cookies (session) | Session duration | Authentication |
| Cookies (analytics) | Up to 2 years | Analytics |
When your data is no longer required, we securely delete or anonymise it in accordance with our data retention and disposal procedures.
Setwala implements industry-standard and legally required technical and organisational security measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction, including:
Subject to applicable law, you have the following rights regarding your personal data:
To exercise any of the above rights, please contact us at privacy@setwala.com. We will respond within 30 days of receiving your request. We may need to verify your identity before fulfilling your request.
You can unsubscribe from marketing emails by clicking the "Unsubscribe" link in any marketing email. Note that even if you opt out of marketing communications, we will still send you essential transactional notifications (order confirmations, payout alerts, security notices).
Your personal data may be processed and stored on servers located within India or in other countries where our third-party service providers operate (including servers operated by cloud infrastructure providers). Where data is transferred outside India, we take reasonable steps to ensure it is protected to a standard equivalent to Indian data protection requirements. By using the Platform, you consent to such transfers.
Our key third-party processors and their data locations include:
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or Platform features. We will notify you of material changes by: (a) posting the updated policy on this page with a new "Last Updated" date; and (b) sending an email notification to your registered email address. Your continued use of the Platform after the updated policy becomes effective constitutes your acceptance of the changes. We encourage you to review this Policy periodically.
In accordance with the Information Technology Act 2000 and the SPDI Rules 2011, we have appointed a Grievance Officer to address your privacy-related concerns:
All privacy complaints will be acknowledged within 3 business days and resolved within 30 days of receipt, as required by applicable law. If you are not satisfied with our response, you may escalate your complaint to the relevant regulatory authority.
This Privacy Policy is effective as of 21 June 2025 and governs all personal data processed by Setwala. We are committed to protecting your privacy and processing your data lawfully, fairly, and transparently.