Img
Home >> Privacy Policy
Privacy Policy

1.Introduction

MECASTART INNOVATIONS PRIVATE LIMITED, CIN: U62020DL2025PTC447410, ROC: RoC-Delhi,
Registered Office: Flat No 2 GF Shop No-3 Amichand Khand Giri Nagar Kalkaji South Delhi Delhi India 110019 ("Company," "we," "our," "us," or "InvestHind").

InvestHind is a platform facilitating connections between Indian startup founders and global investors.
We are committed to protecting your personal data in compliance with:

  1. India’s Digital Personal Data Protection Act, 2023 (DPDP)
  2. EU’s General Data Protection Regulation (GDPR)
  3. Other applicable data protection laws
This Privacy Policy explains how we collect, use, share, and protect your personal data.

2.Information We Collect
2.1 Information You Provide:

  1. Identity: Name, DOB, gender, photo
  2. Contact: Email, phone, address
  3. Professional: Resume, company, role
  4. Startup Data: Pitch deck, financials, documents
  5. Investor Data: Preferences, portfolio KYC: Government IDs, PAN, Aadhaar
2.2 Automated Collection:

  1. Technical: IP address, device, browser
  2. Usage: Clickstream, time on site
  3. Cookies: Essential, functional, analytics, marketing
2.3 Third-Party Sources:

  1. Social logins (LinkedIn)
  2. Public registries
  3. Verification services
3.How We Use Your Data
3.1 Service Delivery:

  1. Account creation, authentication, security
  2. Matchmaking between startups and investors Payment 
  3. processing and subscription management
3.2 Platform Improvement:

  1. Analytics for performance optimization A/B 
  2. testing and feature enhancements
3.3 Communication:

  1. Service updates, announcements
  2. Marketing (with consent)
  3. Surveys and feedback
3.4 Legal Compliance:

  1. KYC, AML, regulatory reporting Tax
  2.  and audit requirements
4.Legal Basis for Processing Consent

  1. Contract performance
  2. Legal obligations
  3. Legitimate interests
5.Sharing and Disclosure
5.1 Service Providers:

  1. Cloud hosts (AWS, Azure)
  2. Payment gateways
  3. Analytics tools
5.2 Legal Requirements:

  1.   Courts, regulators, law enforcement
5.3 Business Transfers:

  1.   M&A, asset sales
6.International Transfers

  1. GDPR-standard SCCs
  2. DPDP-approved jurisdictions
  3. Data localization for critical data
7.Data Retention    

Data Type

Retention Period

Basis

Account data

Account lifecycle +7y

Business & legal

Transaction records

7 years

Tax & audit

KYC documents

10 years post-close

PMLA

Analytics logs

12 months

Security & optimization

Consent records

Until withdrawal

Consent
8.Data Security

  1. Encryption in transit & at rest
  2. Access controls & monitoring
  3. Regular audits & vulnerability scans
9.Data Subject Rights

  1. Access, correction, deletion
  2. Restrict, object, portability
  3. Consent withdrawal
Exercise via:  Account dashboard, DPO contact

10.Children’s Privacy

  1. Minimum age 18
  2. Data of minors deleted
11.Changes to this Policy

We may update this Privacy Policy with notice. Continued use implies acceptance.
This document is subject to change on a timely and/or need basis at the sole discretion of the Company’s management team.