Your privacy,
our commitment.

This Privacy Policy applies to the FlairNow mobile application (available on iOS and Android) and the associated website at flairnow.io (collectively, the "Service"), operated by FlairNow Technologies Pvt. Ltd. ("we", "us", or "our"). By downloading, installing, or using FlairNow, you agree to the collection and use of information as described in this Policy. If you disagree with any part of this Policy, please discontinue use of the Service. This policy complies with the Apple App Store Review Guidelines, Google Play Developer Policy, General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and India's Digital Personal Data Protection Act (DPDP), 2023.

We collect the minimum information necessary to provide our services. A. Information You Provide Directly - Account Information: Full name, email address (used for OTP-based login — no passwords stored). - Profile Data: Professional title, company name, and profile photo (optional, you control this). - Pre-Registration Data: Name, email, company, and designation submitted when registering for an exhibition event. - Support Communications: Messages, attachments, or feedback you send to our support team. B. Information Collected Automatically - Usage Data: Features and screens you interact with, session start/end times, tap events, and in-app navigation flows. - Device Information: Device model, operating system version (iOS/Android), app version, language, and timezone. - Device Identifiers: On iOS, the Identifier for Vendor (IDFV) — this is never shared with advertisers. On Android, the Android ID (resettable by the user). - Location Data (Optional): Approximate city/country via IP address (always collected). Precise GPS location is collected only if you grant explicit permission, and is used solely for in-venue navigation. You can revoke this any time in your device Settings. - Log & Diagnostics Data: App crash reports, error logs, timestamps, and IP addresses. - Push Notification Token: A device token used to deliver notifications you have opted into. C. Information from Third Parties If an exhibition organiser pre-loads your registration data (e.g. from a trade show registration platform), we may receive your name and email from them. We will notify you via email within the app on your first login.

We use your information only for the following purposes: - Service Delivery: To create and manage your account, authenticate you via OTP, and deliver core app functionality. - Exhibition Features: To show you relevant exhibitions, exhibitor directories, floor maps, and event schedules. - Notifications: To send you pre-registration confirmations, event reminders, and important service-related messages. Marketing notifications are opt-in only. - Personalisation: To remember your saved exhibitors, visited halls, and preferences across sessions. - App Improvement: To analyse anonymised usage patterns, fix bugs, and improve features. - Security & Fraud Prevention: To detect abuse, protect accounts, and ensure platform integrity. - Legal Compliance: To meet our obligations under applicable laws. We do NOT: - Sell your personal data to any third party. - Use your data for targeted advertising. - Share data with third-party AI systems without your explicit consent. - Build advertising profiles based on your usage.

Important – 2025 Requirement (Apple & Google) FlairNow may use AI-powered features (such as smart exhibitor search or personalised recommendations). We want to be fully transparent: - On-Device AI: Where possible, AI processing happens on your device and no data leaves the device for this purpose. - Cloud-Based AI: If a feature sends data to a cloud-based AI model (e.g., to generate recommendations), we will: - Clearly notify you before enabling such features. - Request your explicit consent before any data is transmitted. - Never share identifiable data with AI services without your prior permission. We will update this section whenever new AI features are introduced, before they are released to users.

We may share your information only in the following limited, controlled circumstances: - Exhibition Organisers: When you pre-register for an event, the organiser receives only the data you explicitly submitted for that event (name, email, company). They are bound by their own privacy policies. - Service Providers (Processors): Trusted vendors who process data on our behalf under strict Data Processing Agreements (DPAs): - Cloud hosting and database services (Supabase / AWS) - Analytics and crash reporting (Firebase) - Push notification delivery (Firebase Cloud Messaging) - Legal Requirements: We may disclose data if compelled by a valid court order, subpoena, or applicable law. We will notify you when legally permitted to do so. - Business Transfers: In the event of a merger, acquisition, or asset sale, user data may be transferred. We will provide 30 days' notice via email and in-app notification before any such transfer. - With Your Consent: For any other sharing not described here, we will ask for your explicit, informed consent first. We never sell your personal data. We never share data with advertising networks.

The FlairNow app integrates the following third-party SDKs. Each collects data as described below, and you can review their individual privacy policies: Apple Privacy Manifest: Our iOS app includes a PrivacyInfo.xcprivacy file declaring all required-reason APIs and data uses, as required by Apple since May 2024. Google Play Data Safety: Our data collection practices as disclosed in this policy are reflected in our Google Play Data Safety section, including encryption and data deletion disclosures. We audit all third-party SDKs with each major app update to ensure continued compliance with Apple and Google policies.

We retain your personal data for as long as your account is active or as required to provide you with the Service. If you request account deletion, we will permanently delete your personal data within 30 calendar days, except for data we are legally required to retain (e.g., financial records for tax/regulatory compliance). We will clearly communicate any such exceptions at the time of your request.

Google Play Requirement: We provide multiple ways to delete your account and data: Option 1 – In-App: Go to Profile → Settings → Delete Account. This initiates permanent deletion of your account and all associated personal data. Option 2 – Web Form: Submit a deletion request at: flairnow.io/delete-account (functional without needing the app installed). Option 3 – Email: Send a request to privacy@flairnow.io with the subject line "Account Deletion Request" along with the email address associated with your account. What happens after deletion: - Your account and personal data will be permanently deleted within 30 calendar days. - You will receive an email confirmation once deletion is complete. - Anonymised, aggregated analytics data (not linked to you) may be retained indefinitely for product improvement. - Data required for legal, security, or fraud prevention reasons may be retained for up to 7 years as required by applicable law, and this will be disclosed to you.

Depending on your location, you have the following rights regarding your personal data: All Users - Access: Request a copy of the personal data we hold about you. - Correction: Request correction of inaccurate or incomplete data. - Deletion: Request permanent deletion of your account and data (see Section 8). - Withdraw Consent: Where processing is consent-based, withdraw it at any time (this won't affect legality of processing before withdrawal). EU / EEA / UK Users (GDPR & UK GDPR) - Data Portability: Receive your data in a structured, machine-readable format (JSON/CSV). - Restriction: Request we restrict processing of your data in certain circumstances. - Objection: Object to processing based on legitimate interests. - Supervisory Authority: Lodge a complaint with your local Data Protection Authority (e.g., ICO in the UK, CNIL in France). California Residents (CCPA / CPRA) - Know What Is Collected: Right to know categories and specific pieces of data collected. - Opt-Out of Sale: We do not sell personal information. This right is not applicable. - Non-Discrimination: You will not be denied services for exercising your privacy rights. - Sensitive Personal Information: We do not collect sensitive personal information as defined by CPRA. Indian Users (DPDP Act 2023) - You have the right to access, correct, and erase your personal data. - You have the right to nominate another person to exercise these rights on your behalf in the event of incapacity. To exercise any right, contact us at privacy@flairnow.io. We will respond within 30 days (GDPR requirement).

FlairNow is not directed to children under the age of 13 (or 16 in the EU/EEA). We do not knowingly collect personal information from children. If a parent or guardian believes their child has provided us with personal data without consent, please contact us immediately at privacy@flairnow.io. We will delete such data promptly upon verification. If we become aware that we have inadvertently collected personal data from a child below the applicable age threshold, we will take immediate steps to delete that information.

We implement comprehensive security measures to protect your personal data: Google Play Data Safety Declaration: We affirm that user data is encrypted in transit and at rest. We provide a data deletion mechanism as required. No method of electronic transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. If a breach occurs that affects your data, we will notify you promptly as required by law.

Mobile App: The FlairNow mobile app does not use browser cookies. We use the Firebase SDK for anonymised analytics, which uses device identifiers (IDFV on iOS, Android ID on Android) — not advertising identifiers. This Website (flairnow.io): - Essential Cookies: Required for basic website functionality. Cannot be disabled. - Analytics Cookies: Anonymised usage data to understand how visitors use our site. You can opt out via our cookie banner or browser settings. - No Advertising Cookies: We do not use cookies for advertising or tracking across other websites. You can manage cookie preferences via your browser settings at any time.

FlairNow is operated from India. Your data may be processed in countries outside your residence, including the United States (Firebase/Google, Supabase). For transfers from the EU/EEA, we rely on: - Standard Contractual Clauses (SCCs): Approved by the European Commission, incorporated into our Data Processing Agreements with third-party processors. For transfers from the UK, we use the UK Addendum to SCCs as approved by the UK ICO. You can request a copy of the relevant transfer safeguards by contacting us at privacy@flairnow.io.

We may update this Privacy Policy periodically to reflect changes in our practices, technologies, legal requirements, or app features. How we notify you: - Material changes: In-app notification + email to registered users, at least 14 days before the change takes effect. - Minor changes (e.g., clarifications): Updating the "Last Updated" date at the top of this page. Your continued use of FlairNow after the effective date of a revised policy constitutes your acceptance of the updated terms. If you disagree with material changes, you should stop using the Service and request account deletion.

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please reach out: Email: privacy@flairnow.io Subject line for data requests: "Privacy Request – [Your Request Type]" Response Time: We aim to respond to all privacy-related enquiries within 5 business days and fulfil verified requests within 30 days. Mailing Address: FlairNow Technologies Pvt. Ltd. [Company Address] India For EU/EEA users: If you are not satisfied with our response, you have the right to lodge a complaint with your local Data Protection Authority.