Privacy Policy

Privacy Policy – InboxKart
InboxKart
Effective Date: June 13, 2026

At InboxKart, we take your privacy seriously. This policy explains how we collect, use, share, and protect your personal data when you use our platform and services.

1. How We Collect Personal Data

The personal data we collect depends on how you interact with InboxKart. We collect information through the following means:

When You Register or Use Our Services

When you create an account or use InboxKart’s platform, we collect information you provide directly — such as your name, email address, billing details, and preferences — as well as data generated by your use of the platform (such as campaign activity, subscriber data, and account settings).

When You Contact Us

If you email us, use our support chat, or fill out a contact form, we may collect the contents of that communication along with your contact details and any attachments you share.

When You Use Our Website

We automatically collect certain technical data when you visit inboxkart.in, including your IP address, browser type, pages visited, time spent, and referring URL. This may be collected via cookies and similar technologies (see Section 7).

From Third-Party Integrations

If you connect third-party tools or platforms (such as CRMs, e-commerce stores, or analytics services) to your InboxKart account, we may receive data from those integrations as permitted by those platforms’ terms.

From Payment Processors

When you subscribe to a paid plan, our payment processor may share confirmation of a successful transaction with us. We do not store full card numbers; only the last four digits and billing details are retained for record-keeping.

2. What Personal Data We Process

We collect and process the following categories of personal data:

Category Examples
Account Information Name, email address, password (hashed), account type, linked integrations
Billing & Payment Data Last 4 digits of card, billing address, transaction history, subscription plan
Contact & Business Data Company name, job title, phone number, communication preferences
Usage & Technical Data IP address, browser, device type, pages visited, session duration, feature usage logs
Communications Support messages, feedback forms, survey responses
Customer Content Email lists, subscriber data, campaign content, automation flows you create
Important: Customer Content (i.e., data you upload about your own subscribers or contacts) is processed strictly on your behalf. You remain the data controller for your subscriber data. We do not access, use, or sell this data for our own commercial purposes.

We ask that you do not upload or provide us with sensitive personal data such as government identification numbers, financial account credentials, health information, or data relating to racial or ethnic origin, political opinions, or religious beliefs.

3. How We Use Personal Data

We use the personal data we collect for the following purposes:

  • To provide and operate the Service: Creating and managing your account, processing payments, delivering platform features, and responding to support requests.
  • To communicate with you: Sending transactional emails (account alerts, billing receipts, security notices), product updates, and service announcements. Where required by law, we obtain your consent before sending marketing communications.
  • To improve our platform: Analysing aggregated usage data and platform interactions to identify bugs, improve features, and develop new capabilities.
  • For security and fraud prevention: Monitoring for suspicious activity, protecting against unauthorised access, and enforcing our Terms of Service.
  • To comply with legal obligations: Meeting applicable tax, accounting, audit, and regulatory requirements, and responding to lawful government requests.
  • To fulfil contractual obligations: Administering agreements with customers, vendors, and partners.

We do not use your data or your subscribers’ data to train AI or machine learning models, or for advertising purposes beyond the scope described in this policy.

4. How We Share Personal Data

We do not sell your personal data. We share data only as described below:

  • Service Providers: We engage trusted third-party vendors to help us deliver the Service — including hosting providers, payment processors, customer support tools, and analytics platforms. These parties may only process your data as instructed by us and are contractually bound to protect it.
  • Integrations You Authorise: When you connect a third-party integration to your InboxKart account, data relevant to that integration may be shared with the third party in accordance with your configuration and their terms.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your personal data may be transferred as part of that transaction. We will notify you via email or a prominent notice on our website prior to any such transfer.
  • Legal Compliance: We may disclose personal data to law enforcement or government authorities where required by applicable law, court order, or to protect the rights, property, or safety of InboxKart, our users, or others.
  • Professional Advisors: We may share data with lawyers, auditors, and insurers as necessary in the course of receiving professional services.
  • With Your Consent: We may share data in other ways if you give us explicit consent to do so.

5. Your Data Protection Rights

Depending on your location and applicable law, you may have the following rights regarding your personal data:

Right to Access

Request a copy of the personal data we hold about you.

Right to Correction

Ask us to update or correct inaccurate or incomplete data.

Right to Deletion

Request deletion of your personal data, subject to legal retention obligations.

Right to Portability

Receive your data in a structured, machine-readable format where technically feasible.

Right to Object

Object to processing based on legitimate interests or for direct marketing.

Right to Restrict

Request that we limit how we process your data in certain circumstances.

Withdraw Consent

Where processing is based on consent, withdraw it at any time without affecting prior lawful processing.

Lodge a Complaint

File a complaint with your local data protection authority if you believe your rights have been violated.

To exercise any of these rights, please contact us at privacy@inboxkart.in. We will respond within 30 days of receiving your verified request. We may ask you to confirm your identity before processing the request.

Account Deletion: To delete your InboxKart account and associated data, log into your account, navigate to Settings → Account → Delete Account, or email privacy@inboxkart.in with the subject line “Account Deletion Request”. We will process the request within 14 business days. Certain data may be retained for legal or contractual obligations as described in Section 6.

6. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, to provide our Services, or to comply with applicable legal, tax, and accounting obligations.

Specifically:

  • Active account data is retained for the duration of your account with InboxKart.
  • Account data after deletion is securely deleted or anonymised within 30 days of account closure, except where a longer period is required by law.
  • Billing records may be retained for up to 7 years for financial compliance and audit purposes.
  • Support communications are retained for up to 3 years for quality assurance and dispute resolution.
  • Legal hold data may be retained for longer if required by a court order or ongoing legal proceedings.

Customer Content (your subscriber data) is deleted promptly upon account closure and is not retained beyond the termination of your agreement with us.

7. Cookies & Tracking Technologies

InboxKart uses cookies and similar tracking technologies on our website to improve your experience, analyse usage, and support our operations.

Cookie Type Purpose Can You Opt Out?
Essential Required for login sessions, security, and basic site functionality No (required)
Analytics Help us understand how visitors interact with our site (e.g., page views, session duration) Yes
Preference Remember your settings and personalisation choices Yes
Marketing Track ad campaign effectiveness and enable retargeting (only with consent) Yes

You can manage cookie preferences through your browser settings or via the cookie consent banner displayed on your first visit to our website. Disabling non-essential cookies will not affect your ability to use the InboxKart platform.

8. Children’s Privacy

InboxKart’s Services are intended for individuals aged 18 and above. We do not knowingly collect personal data from anyone under the age of 18. If you believe we have inadvertently collected data from a minor, please contact us immediately at privacy@inboxkart.in and we will promptly delete such data.

If you are a parent or guardian and become aware that your child has provided personal data to us without your consent, please reach out and we will take immediate corrective action.

9. Data Security

We implement industry-standard technical and organisational measures to protect your personal data from unauthorised access, disclosure, alteration, and destruction. These measures include:

  • Encryption of data in transit (TLS/HTTPS) and at rest
  • Access controls and role-based permissions for our staff
  • Regular security assessments and vulnerability testing
  • Secure, access-controlled infrastructure hosted with reputable providers

While we take every reasonable precaution, no data transmission over the internet or system can be guaranteed to be 100% secure. We cannot warrant absolute security, and you use the Service at your own risk.

Security Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and relevant regulatory authorities without undue delay, and in accordance with applicable data protection law. Our notification will include the nature of the breach, data affected, and the steps we are taking to address it.

10. International Data Transfers

InboxKart is based in India and primarily processes data within India. Where we or our service providers process personal data outside your country of residence, we take appropriate steps to ensure an adequate level of protection is maintained — consistent with applicable data protection laws including India’s Digital Personal Data Protection Act, 2023 (DPDPA).

For users in the European Economic Area (EEA), United Kingdom, or other jurisdictions with data transfer restrictions, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by relevant regulatory authorities.

You may request information about the transfer mechanisms we use by contacting us at privacy@inboxkart.in.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or applicable laws. When we make material changes, we will:

  • Update the “Effective Date” at the top of this page
  • Notify registered users via email or an in-app notification
  • Where required by law, obtain fresh consent before implementing changes

We encourage you to review this policy periodically. Your continued use of the Service after any update constitutes your acceptance of the revised terms.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please reach out to us:

We aim to acknowledge all privacy-related enquiries within 5 business days and resolve them within 30 days of receipt.

Questions about your data?

Our team is here to help you understand and exercise your privacy rights.

Contact Privacy Team

© 2026 InboxKart — inboxkart.in — This policy was last updated on June 13, 2026.