Privacy Policy

Last Updated: June 28, 2026

TrustGate (trustgate.in) is a brand operated by Pratyasha Fashion Galaxy OPC Private Limited (“we,” “us,” or “our”). This Privacy Policy explains how we collect, use, store, and share your personal information when you use our services (“Services”), including when you:

  • Visit our website at https://trustgate.in/ or any page that links to this policy
  • Register as a user or business on the platform
  • Submit reviews, ratings, or fraud reports
  • Participate in our review verification system
  • Contact us for support or other purposes

If you have any questions or concerns about this policy, please contact us at admin@trustgate.in. If you do not agree with our practices, please do not use our Services.


Summary of Key Points

What personal information do we collect? We collect information you provide directly (such as your name, email address, and username) and information collected automatically when you use our platform (such as your IP address and device data). In specific circumstances — such as when submitting a negative review on a verified business — we may also collect Government-issued identity documents and proof of purchase. See Section 1 for full details.

Do we process sensitive personal information? In limited and specific circumstances, yes. When a reviewer voluntarily submits a Government-issued ID to authenticate a negative review through our manual verification path, we process that document as sensitive personal data. This is done only with your explicit, informed consent and the document is permanently deleted within 30 days of verification. See Sections 1 and 8 for details.

Do we receive information from third parties? Yes, in limited circumstances. We may receive data from third-party services such as Google Analytics and social media login providers when you choose to use those features. In addition, when a reviewer submits transaction details to verify a negative review, we may transmit those details to the relevant brand’s order verification API to confirm the transaction. See Sections 4 and 7 for details.

How do we process your information? We process your information to provide and improve our Services, manage your account, communicate with you, verify the authenticity of reviews, and for security and fraud prevention purposes. We only process your data when we have a valid legal basis to do so.

Who do we share your information with? We share information in specific situations and with specific third parties, including Google Analytics, social media platforms, and brand verification APIs. We do not sell your personal data. See Section 4 for details.

How do we keep your information safe? We have technical and organisational safeguards in place, including restricted-access storage and server-level protections for sensitive documents. However, no system is completely immune to risk. See Section 9 for details.

What are your rights? Depending on where you are located, you may have rights over your personal data. Indian users have rights under the Digital Personal Data Protection Act, 2023. See Sections 11 and 12 for details.

How do you exercise your rights? Visit https://trustgate.in/contact/ or email us at admin@trustgate.in.


1. What Information Do We Collect?

Information You Provide to Us

We collect personal information that you voluntarily provide when you register on the platform, submit reviews or reports, contact us, or otherwise interact with our Services. This may include:

  • Full name
  • Email address
  • Username and password
  • Phone number
  • Mailing address
  • Contact preferences
  • Any other information you choose to provide in your profile or submissions

Review Verification Documents (collected only in specific circumstances)

When you submit a negative review (1–2 star rating) on a business that holds a TrustGate Verified Badge, you may be asked to provide one or more of the following to authenticate your review:

  • Proof of Purchase: A receipt, invoice, order confirmation, payment screenshot, or other document verifying a genuine transaction with the business. This is stored in a restricted private folder, is never shown to the business or other users, and is accessible only to TrustGate’s moderation team for verification purposes.
  • Government-issued Identity Document (Path B only): If your transaction cannot be verified through the brand’s direct system (for example, if you purchased through a third-party marketplace or offline), you may voluntarily upload a Government-issued ID (Aadhaar, PAN, Voter ID, Passport, or Driving Licence) to establish your identity as part of manual verification. Uploading a Government ID is entirely voluntary. It is collected only with your explicit informed consent, stored in a separate high-security private folder inaccessible to the public or the business, and permanently deleted within 30 days of the verification outcome. See Section 8 for the full retention policy.

Business Owner Documents

When a business claims its profile on TrustGate, the business owner must submit Government-issued business verification documents (such as GST registration, MCA filings, or other Government-backed documents) to verify the legitimacy of the business. These documents are used solely for the purpose of verification and are accessible only to TrustGate’s administration team.

NDA Digital Signature Data

When a business owner applies for and activates a TrustGate Verified Badge, they sign a Partner Non-Disclosure Agreement digitally within their dashboard. We record the following information as evidence of the electronic signature:

  • Full name as entered at the time of signing
  • Date and time of signing
  • IP address at the time of signing
  • The exact text of the agreement that was agreed to

This data is retained permanently as a legally valid electronic signature under the Indian Information Technology Act, 2000 (Section 5) and is never deleted.

All personal information you provide must be accurate and up to date. Please notify us if any of your details change.

Information Collected Automatically

When you visit or use our Services, we automatically collect certain technical information. This does not directly identify you by name but may include:

  • Log and Usage Data: Your IP address, browser type, device information, pages visited, features used, date and time stamps, and error reports.
  • Device Data: Information about the device you use to access the platform, including hardware model, operating system, and internet service provider.
  • Location Data: We may collect approximate or precise location data from your device, such as GPS data or location derived from your IP address. This information is used to suggest nearby businesses and display location-relevant search results. You can disable location access through your device settings, though this may limit certain features.

We also collect information through cookies and similar technologies. See Section 6 for details.

Social Media Login Data

If you register or log in using a social media account (such as Facebook, Twitter/X, or others), we will receive certain profile information from that provider. See Section 7 for more details.


2. How Do We Process Your Information?

We process your personal information for the following purposes:

  • Account creation and management: To set up and maintain your account on the platform.
  • Delivering our Services: To process and display your reviews, ratings, and fraud reports.
  • Review verification: To authenticate reviews submitted through our verification system, including calling a brand’s order verification API with transaction details you provide, or manually reviewing identity and purchase documents you upload.
  • Customer support: To respond to your questions and resolve issues.
  • Administrative communications: To send you updates about policy changes, service notices, and other essential information.
  • Marketing communications: To send promotional communications where you have opted in. You can opt out at any time by clicking the unsubscribe link in any marketing email.
  • Targeted advertising: To serve personalised content and advertising based on your activity and interests, using tools such as Google Analytics.
  • Security and fraud prevention: To monitor and protect against fraudulent activity on the platform.
  • Analytics and improvement: To understand how users interact with the platform so we can improve it.
  • Legal compliance: To meet our obligations under applicable law, including retention of NDA signature records.

3. Legal Bases for Processing Your Information

We only process your personal information when we have a valid legal basis to do so. Depending on your location, the applicable legal framework will differ.

For Users in the European Union or United Kingdom

Under the GDPR and UK GDPR, we rely on the following legal bases:

  • Consent: Where you have permitted us to process your data for a specific purpose (including the voluntary upload of Government ID documents). You may withdraw consent at any time by contacting us.
  • Contractual necessity: Where processing is necessary to provide you with our Services.
  • Legitimate interests: Where processing is reasonably necessary to operate and improve our platform, provided those interests do not override your rights.
  • Legal obligation: Where we are required to process your data to comply with applicable law.

If you are located in the EEA or UK and believe we are unlawfully processing your data, you have the right to lodge a complaint with your local data protection authority.

For All Other Users

We rely on your consent and our legitimate interests in operating a transparent, consumer-focused review platform. See also Section 12 for rights specific to Indian users under the DPDP Act, 2023.


4. When and With Whom Do We Share Your Information?

We do not sell your personal data. We may share your information in the following circumstances:

  • Business transfers: If TrustGate is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
  • Brand Order Verification APIs (Path A review verification): When you submit transaction details (Order ID and billing email) to verify a negative review through Path A of our review verification system, we transmit those details to the relevant brand’s registered order verification API. This is done solely to confirm whether a genuine transaction matching your details exists in the brand’s system. We transmit only the Order ID, billing email, and an API authentication key. We do not share your name, TrustGate account details, or any other personal information with the brand’s API. The brand receives only a verified/not verified response from their own system — they do not receive your identity from TrustGate.
  • Google Analytics: We use Google Analytics, including Display Network Impressions Reporting, Demographics and Interests Reporting, and Remarketing features, to understand how our platform is used. To opt out of Google Analytics tracking, visit https://tools.google.com/dlpage/gaoptout. You may also opt out of advertising features via Google’s Ads Settings or through http://optout.networkadvertising.org/.
  • Google Maps Platform: We use Google Maps APIs for location-related features. Your location may be cached on your device for up to one month. You can revoke this consent by contacting us.
  • Business partners: We may share data with trusted partners to offer relevant services or promotions.
  • Other users: When you post a review, rating, fraud report, or other content on the platform, that content is visible to other users and may be publicly accessible. Proof of purchase documents and Government ID documents are never shared with other users or the business being reviewed. If you register through a social network, certain profile information may be visible to your contacts on that network.

5. Third-Party Websites

Our platform may contain links to external websites or services that are not operated by us. We are not responsible for the privacy practices or content of those third-party sites. We recommend reviewing their privacy policies before sharing any personal information with them.


6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies (including web beacons and pixels) to collect and store information about how you use our Services.

What Cookies We Use

  • Essential cookies: Required for the platform to function correctly, including maintaining your login session.
  • Analytics cookies: Set by Google Analytics to collect usage data and help us understand how visitors interact with the platform.
  • Advertising cookies: Used to deliver relevant advertising and remarketing through Google’s Display Network.

Managing Cookies

Most browsers accept cookies by default. You can configure your browser to block or delete cookies, though doing so may affect certain features of the platform. To opt out of interest-based advertising, visit http://optout.networkadvertising.org/ or adjust your settings in Google’s Ads Settings.


7. Social Media Logins

Our platform allows you to register and log in using existing social media accounts, including Facebook, Twitter/X, and others. When you choose this option, we receive profile information from that provider. This typically includes your name, email address, and profile picture, along with any other information you have made public on that platform.

We use this information only for the purposes described in this policy. We do not control how your social media provider uses your data, so we recommend reviewing their privacy policy as well.


8. How Long Do We Keep Your Information?

We retain your personal information for as long as your account is active or as long as is necessary to fulfil the purposes described in this policy.

Specific retention periods for verification documents:

Data TypeRetention PeriodReason
Government ID documentsPermanently deleted within 30 days of the verification outcome (approved or rejected)DPDP Act 2023 consent obligation
Proof of purchase documentsRetained for the duration of the review’s active status, then deleted upon account closureVerification evidence
NDA digital signature records (name, timestamp, IP)Retained permanentlyLegal evidence under IT Act 2000
Business verification documents (GST, MCA)Retained for the duration of the business’s active status on the platformVerification evidence

When there is no longer a legitimate reason to retain your data, we will delete or anonymise it. Where deletion is temporarily not possible (for example, data stored in backup systems), we will isolate that data from further processing until deletion can be completed.


9. How Do We Keep Your Information Safe?

We have implemented appropriate technical and organisational security measures to protect your personal information. These include:

  • Access controls and authenticated user sessions
  • Encryption in transit (HTTPS/TLS)
  • Regular security assessments

Enhanced security for sensitive verification documents:

Government ID documents and proof of purchase documents are stored in restricted private directories that are:

  • Inaccessible via direct public URL (blocked at the server level via access control rules)
  • Protected against directory browsing and direct file access
  • Served to authorised administrators only through authenticated, secure download handlers
  • Subject to file type validation and image reprocessing to neutralise any embedded malicious content before storage
  • Never stored in publicly accessible folders or served with executable permissions

That said, no method of transmitting or storing data over the internet is completely secure. We cannot guarantee that your information will never be accessed by an unauthorised party. You should access the platform only from a secure environment and keep your login credentials confidential.


10. Minors

We do not knowingly collect personal information from anyone under the age of 18. By using our Services, you confirm that you are at least 18 years old, or that you are the parent or legal guardian of a minor and consent to their use of the platform.

If we become aware that we have inadvertently collected data from a user under 18, we will deactivate the relevant account and delete the data promptly. If you believe we may have such data, please contact us at admin@trustgate.in.


11. Your Privacy Rights

Depending on where you are located, you may have rights over your personal data, including the right to access, correct, or delete it, and the right to withdraw consent.

To exercise any of these rights, visit https://trustgate.in/contact/ or email admin@trustgate.in. We will respond to all requests in accordance with applicable law.


12. India: Digital Personal Data Protection Act, 2023

TrustGate is operated from India and is primarily governed by Indian data protection law. The Digital Personal Data Protection Act (DPDP Act), 2023 is the primary legislation that applies to how we collect and process personal data.

Data Fiduciary

The Data Fiduciary responsible for your personal data is:

Pratyasha Fashion Galaxy OPC Private Limited (operating as TrustGate) DLF IT Park 1, Tower-B, AF Block, Action Area I New Town, West Bengal 700156, India

Your Rights Under the DPDP Act

As a data principal (i.e., a user whose data we process), you have the following rights:

  • Right to access: You may request confirmation of whether we are processing your personal data and obtain a summary of the data we hold about you.
  • Right to correction: You may request that we correct inaccurate or incomplete personal data.
  • Right to erasure: You may request that we delete your personal data where it is no longer necessary for the purposes for which it was collected, subject to any legal retention obligations (such as NDA signature records which must be retained permanently).
  • Right to grievance redressal: You have the right to raise a grievance with us and receive a response within the timeframes described below.
  • Right to nominate: You may nominate another individual to exercise your rights on your behalf in the event of your death or incapacity.
  • Right to withdraw consent: Where we process your data on the basis of consent (including Government ID documents uploaded for review verification), you may withdraw that consent at any time by contacting us. Withdrawal of consent will not affect the lawfulness of processing carried out prior to withdrawal.

Grievance Officer

In accordance with the DPDP Act, 2023 and the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, we have designated a Grievance Officer to handle data-related complaints.

Grievance Officer Contact: Email: admin@trustgate.in Address: DLF IT Park 1, Tower-B, AF Block, Action Area I, New Town, West Bengal 700156, India

We will acknowledge your grievance within 48 hours of receipt and aim to resolve it within 30 days.


13. International Users

TrustGate is operated from India and is primarily governed by Indian law. While users from any country are welcome to access and use the platform, we do not specifically target users in the European Union, United States, or any other jurisdiction outside India.

If you access the platform from another country, you do so on your own initiative and are responsible for compliance with your local laws. We make reasonable efforts to handle all user data with care and in line with internationally recognised standards, but we cannot guarantee that our practices meet the specific legal requirements of every jurisdiction.

EU and UK users have rights under the GDPR as described in Section 3. For all other international users, please contact us at admin@trustgate.in if you have any concerns about how your data is handled.


14. Do-Not-Track Signals

Some browsers include a Do-Not-Track (“DNT”) feature that signals your preference not to be tracked online. No universally accepted technical standard for DNT currently exists, and we do not currently respond to DNT signals. If a standard is adopted in the future, we will update this policy accordingly.


15. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The “Last Updated” date at the top of this page will always reflect when the most recent changes were made. We encourage you to review this policy periodically. Where changes are material, we will notify you by posting a prominent notice on the platform or by sending you a direct communication.


16. How to Contact Us

If you have any questions, concerns, or requests relating to this Privacy Policy, please contact us:

  • Email: admin@trustgate.in
  • Support: support@trustgate.in
  • Postal Address: Pratyasha Fashion Galaxy OPC Private Limited, DLF IT Park 1, Tower-B, AF Block, Action Area I, New Town, West Bengal 700156, India

17. How to Review, Update, or Delete Your Data

To request access to, correction of, or deletion of your personal data, please visit https://trustgate.in/contact/ or email us at admin@trustgate.in. We will handle all requests in accordance with applicable data protection law.

Scroll to Top