Privacy Policy
Last updated: 31 May 2026
ServiceHub ("we", "us") operates the ServiceHub platform (the "Service"). This Privacy Policy explains what personal data we collect, how we use it, and the rights you have over it. We follow the Digital Personal Data Protection Act, 2023 (DPDP) and the Information Technology Rules, 2021.
1. What we collect
- Account data: name, mobile number, role (customer / provider), authentication state.
- Provider data (optional): bio, profile photo, portfolio media, service areas, languages, social links, KYC documents (if you submit them for verification).
- Listing data: service titles, descriptions, pricing, images, demo videos.
- Inquiry data: requirements you send to providers, event details, budgets, the messages exchanged.
- Payment data: handled by Razorpay; we store only the transaction reference, amount, and status. We do not store card or UPI credentials.
- Usage data: page views, listing impressions, IP address, user-agent — used to keep the service safe and to improve it.
2. Why we use it
- To create and operate your account, authenticate via OTP, and keep you logged in.
- To match customers with providers and exchange contact details once an inquiry is accepted.
- To process subscription payments and prevent fraud.
- To send transactional notifications (inquiry received, accepted, subscription renewal).
- To enforce our Terms (e.g. moderation of listings, banning abusive accounts).
- To meet our legal obligations (tax, lawful requests by authorities).
3. Who we share with
- Other users: when you accept an inquiry, the contact details of both parties are revealed to each other only.
- Service providers: Razorpay (payments), Cloudinary (image hosting), Fast2SMS or MSG91 (OTP delivery), our hosting provider, our error-tracking provider.
- Authorities: when required by law, court order, or to prevent harm.
We do not sell personal data to third parties for marketing.
4. How long we keep it
We retain account data while your account is active. When you delete your account (see /account), we anonymize PII within 30 days but may retain anonymized records of inquiries, reviews and transactions where the other party has a legitimate interest in seeing them, or where law requires it (typically up to 7 years for tax records).
5. Your rights under DPDP
- Access: request a copy of the data we hold about you.
- Correction: update inaccurate data via your dashboard, or by contacting the Grievance Officer.
- Erasure: delete your account from the /account page.
- Withdrawal of consent: stop providing personal data to us at any time (some features will become unavailable).
- Grievance redressal: raise a complaint via the Grievance Officer.
6. Security
We protect your data with TLS in transit, encrypted storage at rest, hashed passwords (bcrypt), rate-limited authentication endpoints, signed payment webhooks, and an audit log of sensitive actions. No system is perfectly secure; please use a unique password and don't share OTPs.
7. Children
The Service is not intended for users under 18. We do not knowingly collect data from minors.
8. Changes
We will update this policy when we change material practices. The "Last updated" date above reflects the latest revision.
9. Contact
Questions: privacy@servicehub.in
Grievance Officer: see /grievance.