Dinklr ("we", "us", or "our") operates the website at dinklr.com and the associated membership and booking services. This Privacy Policy explains what personal data we collect, why we collect it, how it is used and stored, and the rights you have over your data under the Digital Personal Data Protection Act, 2023 (DPDPA) and other applicable Indian laws.
By submitting your personal data on our website, you give your free, specific, informed, and unambiguous consent to the practices described in this policy. You may withdraw consent at any time (see Section 7).
1.What personal data we collect
We collect only the data necessary for the purposes listed in Section 2:
| Data | Why it is required |
|---|---|
| Full name | Membership activation and identification at the venue |
| Email address | Account login, booking confirmations, and membership notices |
| Phone number | Booking reminders, WhatsApp communication, and urgent updates |
We do not collect government IDs, financial account numbers, passwords in plain text, biometric data, or any other Sensitive Personal Data as defined under the IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.
2.Purpose of processing
Your data is used only for the following purposes:
- ›Activating and managing your Dinklr membership
- ›Tracking your player-hour balance and bookings
- ›Sending booking confirmations and membership renewal reminders
- ›Communicating urgent venue updates (e.g., closures, safety notices)
- ›Responding to your enquiries and support requests
We will not use your data for profiling, marketing to third parties, or any purpose beyond those listed above without obtaining fresh, specific consent from you.
3.How we store and protect your data
Personal data is stored on Supabase, a cloud database platform using PostgreSQL. Data is encrypted in transit (TLS 1.2+) and at rest. Access is restricted to authorised Dinklr personnel only, using row-level security policies.
We implement reasonable security practices as required under the IT (Reasonable Security Practices and Procedures) Rules, 2011, including access controls, audit logging, and periodic security reviews.
4.Sharing of personal data
We do not sell, rent, or trade your personal data. Data may be shared only in the following limited circumstances:
- ›With our cloud infrastructure providers (Supabase, Vercel) solely to operate the service — these providers act as Data Processors under data processing agreements.
- ›With WhatsApp (Meta) when you initiate a chat via our booking buttons — this transmission is initiated by you.
- ›When required by law, court order, or a competent government authority under Indian law.
5.Data retention
We retain your personal data for as long as your membership is active, plus a period of 24 months after your last activity, to comply with reasonable record-keeping and dispute-resolution obligations.
After this period, your data will be permanently deleted or anonymised unless retention is required by applicable law.
6.Cookies and local storage
Our website uses browser localStorage only to remember your display theme preference (light/dark). No tracking cookies, advertising pixels, or third-party analytics are currently in use. If this changes, we will update this policy and seek fresh consent where required.
7.Your rights under DPDPA 2023
As a Data Principal under the Digital Personal Data Protection Act, 2023, you have the following rights:
Right to access
Request a summary of the personal data we hold about you.
Right to correction
Request correction of inaccurate or incomplete data.
Right to erasure
Request deletion of your personal data. We will comply within 30 days unless retention is required by law.
Right to withdraw consent
Withdraw consent at any time. This will not affect lawfulness of processing before withdrawal, but we will stop processing your data going forward.
Right to grievance redressal
Raise a complaint with us. If not resolved within 30 days, you may approach the Data Protection Board of India once constituted.
Right to nominate
Nominate another individual to exercise rights on your behalf in case of death or incapacity.
To exercise any of these rights, email us at ajay@dinklr.com with the subject line "Data Rights Request". We will respond within 30 days.
8.Children's data
Our services are intended for individuals aged 18 and above. We do not knowingly collect personal data from minors. If we become aware that a minor has submitted data without verifiable parental consent, we will delete it promptly.
9.Changes to this policy
We may update this policy from time to time. Material changes will be notified via email to active members. Continued use of our services after notification constitutes acceptance of the updated policy. The "Last updated" date at the top of this page always reflects the current version.
10.Contact & grievance officer
Data Fiduciary / Grievance Officer
Dinklr Sports & Lifestyle Venue
Email: ajay@dinklr.com
WhatsApp: +91 93536 10362
Response time: within 30 days of receipt