Privacy Policy

Your privacy matters. This policy explains how OneHM Technologies Pvt Ltd collects, uses, stores, and protects your personal data when you use EventIQ.

Effective Date: February 25, 2026 Last Updated: February 25, 2026 Version: 1.0

1. Introduction

OneHM Technologies Pvt Ltd ("OneHM," "we," "us," or "our"), a company incorporated under the laws of India with CIN U72900TG2020PTC139221 and registered at 2-2-1144/14A/1, Near Post Office, New Nallakunta, Hyderabad — 500044, Telangana, India, operates the EventIQ platform ("Service").

This Privacy Policy describes how we collect, use, disclose, and safeguard your personal data when you use our website (eventiq.onehmt.com), mobile applications, WhatsApp-based services, and related services. This policy applies to all users including event organizers, guests, and visitors.

By using EventIQ, you consent to the data practices described in this policy. If you do not agree with this policy, please do not use our Service.

2. Definitions

  • Data Principal: The individual to whom personal data relates (you, the user).
  • Data Fiduciary: OneHM Technologies Pvt Ltd, which determines the purpose and means of processing personal data.
  • Personal Data: Any data about an individual who is identifiable by or in relation to such data, as defined under the DPDP Act, 2023.
  • Processing: Any operation performed on personal data including collection, storage, use, sharing, and deletion.
  • Organizer: A user who creates and manages events on EventIQ.
  • Guest: An individual invited to an event by an Organizer through EventIQ.

3. Data We Collect

3.1 Information You Provide

Data CategoryExamplesPurpose
Account InformationName, email, phone number, passwordAccount creation and authentication
Event DetailsEvent name, dates, venues, sub-events, dress codesEvent creation and management
Guest InformationName, phone, email, family group, bride/groom side, VIP flagsGuest management and communication
RSVP DataAttendance status, family members, dietary preferencesRSVP collection and event planning
Transport DataPickup type, location, arrival date/time, flight/train numbersTransport coordination
Accommodation DataCheck-in/out dates, room type, special requestsRoom allocation and management
Hamper & Gift DataHamper assignment, return gift distribution statusGift logistics and tracking
Payment InformationBilling name, GST number (processed by payment gateway)Subscription and payment processing
Communication DataMessages, support tickets, feedbackCustomer support and service improvement

3.2 Information Collected Automatically

  • Device Information: Device type, operating system, browser type, screen resolution.
  • Usage Data: Pages visited, features used, time spent, click patterns.
  • Log Data: IP address, access times, referring URLs, error logs.
  • Cookies & Similar Technologies: Session cookies, analytics cookies, and preference cookies for improving your experience.

3.3 Information from Third Parties

  • WhatsApp Business API: Message delivery status, read receipts, and phone numbers when guests interact with our WhatsApp bot.
  • Excel/CSV Uploads: Guest data uploaded by Organizers through bulk import.
  • Payment Gateways: Transaction status and payment confirmations from Razorpay/Stripe.

4. How We Use Your Data

We process your personal data for the following specific purposes:

  • Service Delivery: To create events, manage guests, process RSVPs, coordinate transport, track accommodation, manage hampers, and track return gifts.
  • Communication: To send event invitations, RSVP reminders, transport confirmations, and accommodation details via push notifications, SMS, email, or WhatsApp.
  • Dashboard & Analytics: To provide real-time event dashboards, reports, and export capabilities to Organizers.
  • Account Management: To create, maintain, and secure your account.
  • Payment Processing: To process subscription payments and generate invoices.
  • Service Improvement: To analyze usage patterns, fix bugs, and improve features.
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes.
  • Security: To detect, prevent, and address fraud, abuse, and security issues.

5. WhatsApp Business API — Data Practices

Important: WhatsApp Edition Disclosure

EventIQ's WhatsApp Edition uses the WhatsApp Business API (via authorized Business Solution Providers) to deliver invitations, collect RSVPs, send reminders, and provide guest status updates. Here's how your data is handled:

  • Phone Numbers: Guest phone numbers provided by Organizers are used to send WhatsApp messages. These numbers are shared with our BSP (Gupshup/Wati) and WhatsApp (Meta) for message delivery.
  • Message Content: All WhatsApp messages use Meta-approved templates. Message content includes event details, RSVP prompts, transport/accommodation information, and confirmations.
  • Opt-In: Organizers are responsible for ensuring they have appropriate consent from guests before sending WhatsApp messages. Guests can opt out by replying "STOP" at any time.
  • Data Usage: We do not sell or share WhatsApp-derived data for advertising or marketing purposes unrelated to the event.
  • Meta's Policy: WhatsApp messages are subject to WhatsApp's Privacy Policy and WhatsApp Business Policy.

6. Data Sharing & Disclosure

We do not sell your personal data. We may share data with:

RecipientPurposeData Shared
WhatsApp BSP (Gupshup / Wati)Message delivery for WA EditionPhone numbers, message content
SMS Provider (MSG91)SMS deliveryPhone numbers, message content
Email Provider (Amazon SES)Email deliveryEmail addresses, message content
Push Notification (Firebase/APNs)Push notifications for App EditionDevice tokens, notification content
Payment Gateway (Razorpay/Stripe)Payment processingBilling name, amount, transaction details
Cloud Hosting (AWS Mumbai)Data storage and processingAll service data (encrypted)
Analytics ToolsService improvementAnonymized usage data

We may also disclose data when required by law, court order, or government authority, or to protect our rights, property, or safety.

7. Data Storage & Security

  • Hosting: All data is hosted on AWS Mumbai (ap-south-1) for low latency and data residency compliance within India.
  • Encryption at Rest: AES-256 encryption for all stored personal data.
  • Encryption in Transit: TLS 1.3 for all data transmitted between your device and our servers.
  • Access Controls: Role-based access controls, multi-factor authentication for admin accounts, and principle of least privilege.
  • Security Audits: Regular vulnerability assessments and penetration testing. Targeting SOC2 Type II compliance.
  • Breach Response: In the event of a data breach, we will notify affected users and the Data Protection Board of India within 72 hours as required under the DPDP Act.

8. Data Retention

  • Active Events: Data is retained for the duration of the event plus 90 days for post-event reporting.
  • Completed Events: Event data is retained for 12 months after event completion, after which it is anonymized or deleted.
  • Account Data: Retained as long as the account is active. Upon account deletion, personal data is erased within 30 days.
  • Legal Obligations: Certain data may be retained longer if required by applicable tax, accounting, or other legal obligations.
  • Backup Data: Encrypted backups are purged within 90 days of primary data deletion.

9. Your Rights (Under DPDP Act, 2023)

As a Data Principal under India's Digital Personal Data Protection Act, 2023, you have the following rights:

  • Right to Access: Request a summary of your personal data being processed and the processing activities.
  • Right to Correction: Request correction of inaccurate or incomplete personal data.
  • Right to Erasure: Request deletion of your personal data when it is no longer necessary for the purpose it was collected.
  • Right to Withdraw Consent: Withdraw previously given consent at any time. Withdrawal does not affect the lawfulness of processing done prior to withdrawal.
  • Right to Grievance Redressal: File a complaint with our Grievance Officer or escalate to the Data Protection Board of India.
  • Right to Nominate: Nominate another individual to exercise your rights in case of your death or incapacity.

To exercise any of these rights, contact our Grievance Officer at onehmtechnologies@gmail.com. We will respond within 30 days.

10. Organizer Responsibilities

If you are an Organizer using EventIQ, you acknowledge and agree that:

  • You are responsible for obtaining appropriate consent from guests before uploading their personal data to EventIQ.
  • You will not upload sensitive personal data (financial data, health records, biometric data) unless specifically required for event management.
  • You are responsible for the accuracy of guest data you provide.
  • You will comply with all applicable privacy laws when using guest data obtained through EventIQ.
  • You will inform guests that their data is being processed through EventIQ and direct them to this Privacy Policy.

11. Cookies & Tracking Technologies

We use the following types of cookies:

  • Essential Cookies: Required for the Service to function (authentication, security). Cannot be disabled.
  • Analytics Cookies: Help us understand how users interact with EventIQ to improve the service. Can be disabled.
  • Preference Cookies: Remember your settings and preferences (language, theme). Can be disabled.

We do not use advertising or third-party tracking cookies. You can manage cookie preferences through your browser settings.

12. Children's Privacy

EventIQ is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from children. Guest data about minors (e.g., family members listed in RSVPs) is collected by the Organizer under parental/guardian consent. If you believe we have inadvertently collected data from a minor, please contact us immediately.

13. International Data Transfers

Your data is primarily stored and processed within India (AWS Mumbai region). In limited cases, data may be transferred to servers outside India for service delivery (e.g., email delivery through Amazon SES). Any such transfers comply with the cross-border data transfer provisions of the DPDP Act, 2023, and data is protected by appropriate safeguards including encryption and contractual obligations.

14. Grievance Officer

Data Protection / Grievance Officer

OneHM Technologies Pvt Ltd
2-2-1144/14A/1, Near Post Office, New Nallakunta,
Hyderabad — 500044, Telangana, India

Email: onehmtechnologies@gmail.com
Phone: +91 89784 69444

Response Time: Within 30 days of receiving a complaint.
If unsatisfied with our response, you may file a complaint with the Data Protection Board of India.

15. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this page.
  • Notify registered users via email or in-app notification at least 15 days before changes take effect.
  • Post the updated policy on our website.

Continued use of EventIQ after changes take effect constitutes acceptance of the updated policy.

16. Governing Law

This Privacy Policy is governed by the laws of India, including the Digital Personal Data Protection Act, 2023, the Information Technology Act, 2000, and applicable rules. Any disputes shall be subject to the exclusive jurisdiction of the courts in Hyderabad, Telangana, India.

17. Contact Us

If you have any questions about this Privacy Policy, please contact us: