Privacy Policy

​We believe privacy is more than compliance. It is about building trust so that Clients and Consultants can collaborate with confidence, knowing their information is handled responsibly. Your participation helps us maintain a safe and professional environment for everyone in the Hourly.Design community.
 

1. Definitions and Interpretations

1.1 All capitalised terms used in this Privacy Policy shall, unless specifically defined here, have the same meaning as set out in the Terms and Conditions.

1.2 In addition to those terms, the following words have the meanings set out below:

• “Personal Data” means any information relating to an identified or identifiable natural person, including information provided by you, collected automatically through the Platform, or received from third parties in connection with your use of the Platform.

• “Processing” means any operation or set of operations performed on Personal Data, such as collection, storage, use, disclosure, or deletion.

• “Cookies” means small text files or similar technologies placed on your device to enable Platform functionality, improve performance, or personalise your experience.

• “Data Protection Laws” means the Digital Personal Data Protection Act, 2023 (India) and, where applicable, any other data protection laws that apply to your use of the Platform.
   

1.3 References to “Sections” are to sections of this Privacy Policy, and references to “Platform Policies” are to the Terms and Conditions, this Privacy Policy, and the Refund & Cancellation Policy, collectively forming a single binding agreement between you and Hourly.Design.
 

2. Information We Collect

2.1 When you use the Platform, we collect and process certain categories of information about you. This includes information that you provide directly to us, information that is collected automatically, and information received from third parties. We do not collect more than is necessary for the purposes described in this Policy.
 

2.2 When you register an account or create a profile, you provide us with details such as your name, email address, phone number, password, and, in the case of Consultants, qualifications, experience, hourly rates, and profile information. When you make a booking or payment, we collect information about the appointment, billing details, payment method, and transaction history processed through Escrow and integrated payment gateways. We also collect information that you share in communications, such as project briefs, messages, reviews, and feedback. These communications may take place on the Platform itself or through linked channels, including WhatsApp and other third-party integrations.
 

2.3 When you interact with the Platform, certain information is collected automatically. This includes usage data such as your IP address, device details, operating system, browser type, pages visited, time spent on the Platform, and other activity logs. We also use cookies and similar technologies to support the functionality of the Platform, analyse usage, and personalise your experience. Further details are set out in Section 8 of this Policy.
 

2.4 In some cases, we receive information about you from third-party services that are integrated with the Platform. This may include booking tools, payment processors, or other linked pages that are necessary to complete a transaction or deliver a service. We may also obtain information from service providers or authorities to verify identity, qualifications, or compliance where required by law or for the integrity of the Platform.
 

3. How We Use Your Information

3.1 We process your information only for lawful purposes and in line with this Policy. The purposes include operating the Platform, safeguarding Users, and meeting our legal obligations. By continuing to use the Platform, you acknowledge and consent to these uses.
 

3.2 Your information is necessary to operate the Platform and provide Services. We use it to create and manage your account, connect Clients with Consultants, enable bookings, hold and release funds through Escrow, process payments and refunds, and maintain records of transactions. Without this processing, the Platform cannot function as intended.
 

3.3 We use your information to send confirmations, reminders, and updates about your bookings, payments, and account activity. We may also contact you to respond to queries, provide support, or notify you of changes to the Platform Policies. Communications may take place through the Platform, email, or linked channels such as WhatsApp. You may not opt out of essential service-related communications, as they are necessary for your use of the Platform.
 

3.4 We process information to protect the security of the Platform and its community. This includes verifying identities and qualifications, monitoring for fraud or misuse, and investigating misconduct. Where appropriate, we may use your information to issue warnings, suspend accounts, restrict access to features, or take other measures to protect Clients, Consultants, and Hourly.Design.

3.5 We analyse aggregated and anonymised data to understand how the Platform is used, to fix technical issues, and to improve performance and reliability. We may also use information to test new features, assess demand for Services, and inform business decisions. This helps ensure the Platform remains fair, efficient, and secure for all Users.
 

3.6 With your consent, we may use certain information, such as your name, profile image, professional title, reviews, testimonials, or feedback, to promote the Platform and highlight User experiences. This may include displaying your profile on the Platform, showcasing reviews on our website, featuring stories on social media, or including testimonials in newsletters and marketing campaigns. Such use will always be limited to promoting the Platform and will never involve selling your information to third parties.

3.7 You may withdraw your consent at any time by contacting us, but withdrawal will not affect the validity of any promotional use that has already occurred prior to your request. We may also use aggregated, anonymised data for promotional purposes, such as publishing general statistics about the number of Consultations completed, success rates, or average ratings, without identifying you personally.

We may process, retain, and disclose your information where required to comply with applicable laws, regulations, and legal processes. This includes obligations under the Digital Personal Data Protection Act, 2023, as well as consumer protection, taxation, and audit requirements. For example, we may be required to maintain transaction records for a specified period for tax filings, or to disclose account information in response to a lawful request by a regulatory authority or court order. We may also process information to enforce our rights under the Platform Policies, such as investigating fraud, resolving disputes between Users, collecting unpaid fees, or defending ourselves against legal claims. In situations where disclosure is necessary to protect our rights, property, or the safety of Users or the public, we may share information with law enforcement agencies, regulators, auditors, or professional advisors. Any such disclosure will be limited to what is reasonably necessary to achieve the intended legal or compliance purpose.
 

4. Legal Basis for Processing

4.1 We process your personal data only where permitted by law and in line with the purposes described in this Policy. The primary legal bases for our processing are consent, contractual necessity, compliance with law, and our legitimate interests in operating and improving the Platform. Depending on the circumstances, one or more of these bases may apply to the same activity.
 

4.2 Certain types of processing rely on your explicit consent. Examples include creating an account, completing your consultant profile, or allowing us to use your reviews and feedback for marketing purposes. Consent must be freely given, specific, and informed. You may withdraw consent at any time by contacting us, but this will not affect the validity of any processing carried out before your withdrawal. If you withdraw consent, some features or Services, such as maintaining a public profile or participating in promotional campaigns, may no longer be available to you.
 

4.3 Some processing is required for us to perform our obligations under the Platform Policies. For example, we must collect and process booking and payment details to enable Consultations, manage Escrow, issue invoices, or process refunds. Without this processing, we cannot provide the Services you request, and your ability to participate in a Service Engagement may be limited. By entering into a Service Engagement through the Platform, you acknowledge that such processing is essential and forms part of the contractual framework.
 

4.4 We may process and disclose information where required to meet legal and regulatory obligations. This includes obligations under the Digital Personal Data Protection Act, 2023, and other applicable data protection, consumer protection, or financial regulations. We may, for instance, retain records of payments for tax or audit purposes, respond to lawful requests from courts or government authorities, or disclose information where required for public safety. Such processing may take place even without your consent where the law requires it.
 

4.5 In certain cases, we rely on our legitimate interests to process information in ways that are necessary for the operation of the Platform and do not override your fundamental rights. Examples include monitoring for fraud and abuse, ensuring network security, improving Platform functionality, or conducting aggregated analytics on how the Platform is used. Where we rely on this basis, we apply safeguards such as data minimisation, restricted access, and anonymisation to protect your privacy. If you believe our reliance on legitimate interests affects your rights unfairly, you have the right to object, and we will review your request in line with applicable law.
 

5. Sharing of Information

5.1 We may share your personal data only where it is necessary for the operation of the Platform, where it is required by law, or where you have given consent. We do not sell your information to third parties, and we take reasonable steps to ensure that any sharing is limited, secure, and proportionate to the purpose.
 

5.2 Certain information must be shared between Clients and Consultants to enable a Service Engagement. For example, a Client’s name, project brief, and contact details may be shared with a Consultant to prepare for a Consultation, and a Consultant’s profile, rates, portfolio, or reviews will be visible to Clients to help them make informed choices. Such sharing is intrinsic to how the Platform works and is necessary for you to participate meaningfully as a User.
 

5.3 We rely on third-party providers to deliver parts of the Platform, such as payment processors, booking tools, hosting providers, and communication channels (including WhatsApp integrations). These providers may receive limited information about you to the extent required for them to perform their services. For example, payment providers require your billing details to process transactions, and hosting providers store your account data securely on our behalf. Each of these providers operates under its own terms and privacy policy, and we encourage you to review those policies carefully. While we select providers that are generally recognised as reputable, we are not responsible for the data collection or processing practices of such third parties beyond what is required for the operation of the Platform.
 

5.4 We may disclose your information where required by applicable law, regulation, or legal process, or in response to a lawful request by a court or government authority. This may include sharing records for tax or audit purposes, disclosing identity details in the event of fraud or criminal investigation, or complying with public safety obligations. We may also use or disclose information to enforce our rights under the Platform Policies, such as investigating misuse, resolving disputes, or defending ourselves against legal claims.
 

5.5 If we are involved in a merger, acquisition, restructuring, or sale of assets, your information may be transferred as part of that transaction. In such cases, we will take steps to ensure that your information remains subject to protections consistent with this Policy and that you are notified, where feasible, before your information becomes subject to a different privacy framework.
 

5.6 Wherever information is shared, we limit it to what is reasonably necessary, and we expect all recipients to protect it appropriately. Where information is transferred to third parties, we apply contractual and organisational measures to maintain confidentiality, integrity, and security.
 

6. Data Retention and Deletion

6.1 We retain your personal data only for as long as it is reasonably necessary to fulfil the purposes described in this Policy, to provide the Services you request, and to comply with our legal, regulatory, or contractual obligations. The length of time for which we keep information depends on the type of data, the nature of our relationship with you, and the purposes for which the data was collected.
 

6.2 Information connected to an active account, such as your profile details, booking history, Escrow transactions, and communications, is retained for the duration of your use of the Platform. This ensures that you have access to your records, and that we can administer the Services effectively. For Consultants, certain profile information (such as qualifications, hourly rates, and reviews) will remain visible to Clients while the account is active. For Clients, booking and payment records may remain accessible to the Consultants with whom they have engaged, so that both sides have an accurate history of their Service Engagements.
 

6.3 Accounts that remain unused for an extended period may be treated as inactive. We reserve the right to deactivate or delete inactive accounts after 18 months of non-use. Before taking such action, we will provide notice to the registered email address or other contact details on record, giving you the option to log in and keep your account active. If no response is received, your data may be deleted or anonymised, although certain records may still be retained where necessary for compliance purposes.
 

6.4 Even after an account is closed or you request deletion, we may retain certain information where we are legally required to do so, or where it remains reasonably necessary for legitimate business purposes. For example, transaction records may be preserved for seven (7) years or more in line with applicable tax, audit, or accounting requirements. Communications or dispute-related information may also be retained if relevant to ongoing or potential legal claims. We may keep records needed to demonstrate compliance with the Digital Personal Data Protection Act, 2023, consumer protection laws, or contractual obligations under the Platform Policies.
 

6.5 When the retention period expires, or when you make a valid deletion request, we will securely delete or anonymise your personal data so that it can no longer be associated with you. Deletion may involve erasing the data from our active systems, applying pseudonymisation techniques, or converting the information into an aggregated form that cannot identify you. While we take reasonable technical and organisational measures to achieve secure deletion, you acknowledge that residual data may persist in secure backups or archives for a limited period until they are overwritten in the ordinary course of business.
 

6.6 Where your personal data has been shared with third-party providers (such as payment processors, cloud hosting services, or communication platforms), deletion of that data will be subject to the policies and technical limitations of those providers. While we endeavour to work with providers who apply reasonable standards of data protection, we are not responsible for their independent retention or deletion practices. Users are encouraged to review the privacy policies of such providers to understand how their information is stored, retained, or deleted outside our direct control.
 

7. Your Rights

7.1 As a User, you are entitled to certain rights in relation to your personal data. These rights arise under the Digital Personal Data Protection Act, 2023 (“DPDP Act”) and, where applicable, other international data protection frameworks such as the GDPR. They are intended to ensure transparency, fairness, and accountability in how your information is handled. While we are committed to respecting and facilitating these rights, you acknowledge that the exercise of certain rights may affect your ability to use parts of the Platform, as some processing is essential to the provision of Services.
 

7.2 You have the right to request details of the personal data we hold about you and to understand how that data is used. This may include a copy of your registration details, booking history, payment records, or communications exchanged through the Platform or its linked channels (such as WhatsApp). Where technically feasible, we will provide this information in a commonly used electronic format, unless you request otherwise. Access may be restricted where disclosure would adversely affect the rights of another User, reveal proprietary business information, or conflict with legal obligations.
 

7.3 If any information we hold is inaccurate or incomplete, you may request that it be corrected or updated. For example, you may update your contact number, email, or professional qualifications in your Consultant profile, or correct errors in your Client information. In some cases, particularly where legal identity details are involved (such as government-issued IDs or tax details), we may ask you to provide supporting documents before making the change. Until corrections are verified and updated, certain Services may be temporarily restricted.
 

7.4 You may request deletion of your personal data where it is no longer necessary for the purposes for which it was collected, where you have withdrawn consent, or where you believe the processing is unlawful. We will assess such requests in accordance with our legal obligations. Certain categories of information cannot be deleted immediately, for example, Escrow transaction records that must be retained for tax or audit purposes, or dispute-related information that may be required to enforce the Platform Policies. In such cases, the information will be retained only for as long as required and will then be securely deleted or anonymised.
 

7.5 Where processing is based on consent, such as the use of your profile or reviews for promotional purposes, you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing already carried out but may limit your ability to access certain features. For instance, if you withdraw consent for profile visibility, Clients may no longer be able to view your services as a Consultant.
 

7.6 You have the right to raise concerns or complaints about how your information is being handled. We maintain a grievance redressal mechanism through which you can escalate issues. Complaints may relate to delays in fulfilling requests, concerns about misuse of data, or questions regarding compliance with the DPDP Act. We will acknowledge your complaint and provide a substantive response within thirty (30) days, although complex issues may require longer. If you are unsatisfied with our response, you may have the right to escalate to the Data Protection Board of India or another competent authority.
 

7.7 The DPDP Act also gives you the right to nominate another individual to exercise your rights in the event of your incapacity or death. This ensures continuity and protection of your data even where you are unable to act personally. If you wish to appoint a nominee, you must provide us with sufficient details in writing so that we may verify and register the nomination.
 

7.8 To exercise any of the above rights, you may contact us at team@hourly.design. For your protection, we may require you to verify your identity before acting on your request. In some cases, we may be unable to comply with a request if it conflicts with our legal obligations, infringes the rights of another User, or prevents us from fulfilling a contractual commitment. In such cases, we will provide you with a clear explanation of the reasons.
 

8. Cookies and Tracking Technologies

8.1 The Platform uses cookies and similar technologies to support functionality, improve performance, and personalise your experience. Cookies are small text files placed on your device when you access or use the Platform, and they help us remember your preferences, analyse how the Platform is used, and deliver a smoother experience. By continuing to use the Platform, you consent to our use of cookies in accordance with this Policy, subject to your ability to control them through your browser or device settings.
 

8.2 We use several categories of cookies. Essential cookies are required for the basic operation of the Platform, such as enabling you to log into your account, secure your session, and process payments through Escrow. Without these, the Platform may not function correctly. Analytics cookies allow us to understand how Users navigate the Platform, which pages are most frequently accessed, or where errors occur, enabling us to improve functionality and fix issues. Preference cookies help store your settings, such as language choice, time zone, or display options, so that you do not have to re-enter them each time you visit. In addition, certain third-party services integrated with the Platform, such as payment gateways or video call providers, may place their own cookies to enable their features.
 

8.3 Most web browsers and devices allow you to manage or disable cookies. You can delete existing cookies, block new ones, or configure your browser to alert you before cookies are placed. However, if you choose to disable or block essential cookies, some functions of the Platform may become unavailable, for example, you may not be able to log in, complete a booking, or use Escrow securely. Preference and analytics cookies can usually be disabled without preventing core functionality, though doing so may reduce performance or limit personalised features.
 

8.4 Some third-party providers integrated with the Platform may use their own cookies or tracking technologies. For example, payment processors may track transactions for fraud detection, or social media integrations may record interactions with their content. These providers act under their own terms and privacy policies, not under our control. We encourage you to review their policies directly, as we are not responsible for how third parties independently use tracking technologies.
 

8.5 We may update the types of cookies or tracking technologies used on the Platform from time to time as we introduce new features or update integrations. Material changes will be reflected in this Policy, and where required by law, we will notify you or seek your consent before applying new types of cookies.
 

9. Security of Your Information

9.1 We take the security of your personal data seriously and implement reasonable technical, organisational, and administrative safeguards to protect it against unauthorised access, misuse, loss, alteration, or disclosure. These measures are designed to ensure that information collected and processed through the Platform is treated responsibly and securely. However, you acknowledge that no online system can be guaranteed to be completely secure, and information shared through the internet is always subject to certain risks outside our control.
 

9.2 We apply security measures appropriate to the type of information being processed. For example, sensitive data such as payment details are handled through encrypted channels provided by our payment partners, and access to your account information is restricted to authorised personnel on a need-to-know basis. We also use secure servers, firewalls, and authentication procedures to reduce the likelihood of unauthorised access. Internal policies govern how our staff handle data, and we require them to maintain confidentiality and security at all times.
 

9.3 While we maintain robust systems, the security of your account also depends on the actions you take. You are responsible for safeguarding your login credentials and ensuring that your device is free from malware, viruses, or unauthorised access. If you suspect that your account has been compromised, you must notify us immediately so that we can take protective measures. We are not liable for any loss or damage arising from your failure to maintain the confidentiality of your credentials or from unauthorised access caused by your own security lapses.
 

9.4 In the unlikely event of a data breach that compromises your personal data, we will take reasonable steps to investigate, mitigate, and remedy the situation. Where required by law, including under the DPDP Act, 2023, we will notify you and the Data Protection Board of India without undue delay, providing information about the nature of the breach, the categories of data involved, and the steps you may take to protect yourself.
 

9.5 Although we take appropriate steps to secure your data, we cannot guarantee protection against all threats, including sophisticated cyber-attacks, disruptions of telecommunication services, or failures of third-party providers outside our control. By using the Platform, you acknowledge these risks and agree that we are not liable for security incidents that arise from factors beyond our reasonable control.
 

10. International Data Transfers

10.1 As a digital platform, we may process and store your personal data on servers located outside India, or share it with third-party providers based in other jurisdictions. These transfers are necessary for us to provide you with the Services, for example where hosting providers, payment gateways, or communication tools are located overseas. While we endeavour to work with service providers that apply appropriate standards of security and privacy, you acknowledge that your data may be subject to the laws of the country in which it is processed.
 

10.2 Where your data is transferred outside India, we will take reasonable steps to ensure that it continues to receive a level of protection consistent with this Policy. This may include contractual safeguards, such as data processing agreements with third-party providers, technical measures like encryption and access restrictions, or reliance on providers who are subject to recognised international standards of data protection. However, not all countries have data protection laws equivalent to those in India, and we cannot guarantee that your rights will be identical in every jurisdiction.
 

10.3 Under the Digital Personal Data Protection Act, 2023, certain restrictions may apply to the transfer of personal data outside India. We will comply with these restrictions, including any “blacklist” of countries to which transfers are prohibited once notified by the Indian Government. If a transfer cannot lawfully take place, we may not be able to provide certain Services to you, and you will be notified of this impact.
 

10.4 Where international transfers occur through third-party providers, such as global hosting services, cloud storage systems, or integrated tools (e.g., video conferencing or messaging), your information will also be subject to the terms and privacy policies of those providers. We do not control and are not responsible for how such providers handle data outside the scope of our contractual relationship. You are encouraged to review their privacy policies for more details.
 

10.5 By continuing to use the Platform, you consent to your personal data being transferred, processed, and stored outside India, subject to the limitations described in this Policy. You acknowledge that international transfers carry inherent risks, including differences in data protection regimes and access by foreign governments, and you agree that Hourly.Design is not responsible for such risks beyond applying reasonable safeguards.
 

11. Children’s Privacy

11.1 The Platform is intended for use by adults and is not directed at individuals under the age of eighteen (18). By creating an account or using the Platform, you represent and warrant that you are at least eighteen years old and legally capable of entering into binding agreements, in line with the eligibility requirements set out in the Terms and Conditions.
 

11.2 If we become aware that a User is under the age of eighteen and has registered without appropriate consent, we will take steps to restrict or delete the account. Where information has already been collected from such a User, it will be erased from our systems as far as reasonably possible, except where retention is required by law or necessary for compliance. We may also request verification documents to confirm a User’s age where there is reason to doubt eligibility.
 

11.3 If a minor uses the Platform with the verifiable consent of a parent or legal guardian (where permitted under applicable law), the parent or guardian assumes full responsibility for the minor’s use, including monitoring activity and ensuring compliance with the Platform Policies. We may collect limited information necessary for such verification, and this will be processed only for the purpose of confirming consent and protecting the child’s rights.
 

11.4 We do not knowingly collect, store, or use personal data for marketing purposes in relation to minors. The Platform does not profile children, target them with advertising, or allow Consultants to engage in Consultations with underage Clients. Any suspected misuse of the Platform involving minors should be reported immediately to team@hourly.design, and we will investigate and take appropriate action.
 

11.5 While we take reasonable steps to prevent underage use, we cannot guarantee that minors will never attempt to access the Platform or misrepresent their age. By using the Platform, you acknowledge that Hourly.Design is not liable for any use by underage individuals who provide false or misleading information during registration.
 

12. Contact & Grievance Redressal

12.1 We are committed to addressing questions, concerns, or complaints regarding the handling of your personal data. To facilitate this, we provide dedicated contact channels and a grievance redressal mechanism, in compliance with the requirements of the Digital Personal Data Protection Act, 2023.
 

12.2 If you have any queries about this Privacy Policy, requests to exercise your rights, or concerns about how your data is processed, you may contact us at team@hourly.design. You may also reach us by phone at +91 8847055019 during our support hours (10:00 AM – 6:30 PM IST on working days). Written correspondence may also be addressed to our registered office at K-47, Kailash Colony, New Delhi, India, 110048, as specified in the Terms and Conditions.
 

12.3 Any complaint received will be acknowledged promptly and reviewed in good faith. We will investigate the issue, request further details where necessary, and provide a reasoned response within thirty (30) days. In cases where additional time is required due to complexity, we will inform you of the expected timeline.
 

12.4 To assist us in resolving your concern efficiently, you should provide as much detail as possible when raising a query or complaint, including your account information, relevant dates, and any supporting documents. We may require you to verify your identity before responding to ensure that your personal data is not disclosed to unauthorised individuals.
 

13. Updates to this Policy

13.1 We may amend or update this Privacy Policy from time to time to reflect changes in law, regulatory requirements, technology, or the way the Platform operates. Any updates will be designed to ensure that the Policy remains transparent, accurate, and consistent with our practices and obligations.
 

13.2 Updates will be published on the Platform with a revised “effective date.” Where changes are material, such as introducing new categories of data collection or altering how your information is used, we may also notify you by email, in-app message, or another reasonable method. We encourage you to review this Policy periodically to stay informed about how your data is handled.
 

13.3 By continuing to use the Platform after an updated version of this Policy is published, you agree to be bound by the revised terms. If you do not agree to a change, you must stop using the Platform and may request closure of your account.
 

13.4 Updates will not reduce or restrict your rights under applicable law without your consent. In situations where the law requires your explicit consent for a new type of processing, we will seek such consent before proceeding.
 

This Privacy Policy is effective from 1st August 2025 and forms part of the Platform Policies, together with the Terms and 
 

We believe that protecting your privacy is central to maintaining trust on the Platform. By handling your information responsibly, we aim to create a safe, professional, and transparent environment where Clients and Consultants can collaborate with confidence.

 

Last Updated On: 1st September,2025