Privacy Policy.
Your privacy is our priority. This document explains exactly how Mad Falcon Enterprises collects, processes, and fiercely protects your data.
Zero-Trust Auth
We use PASETO tokens and mandatory 2FA. We never store your passwords in plain text; everything is bcrypt-hashed.
No Card Data Saved
Payment details are processed directly by PCI-DSS compliant gateways (Stripe, Paytm). We never touch your raw card numbers.
AWS S3 Encryption
Your purchased source codes and uploaded assets are locked in encrypted AWS buckets behind strict IAM policies.
1. Information We Collect
We collect information to provide better services to all our users. The types of data we collect include:
- Account Data: Name, email address, mobile number, and encrypted passwords.
- Billing & Tax Data: Company name, GST/VAT numbers, billing address, and country of residence (legally required for tax compliance).
- Usage & Device Data: IP addresses, browser types, device identifiers, and interaction logs (pages visited, assets downloaded) to prevent fraud and bot abuse.
- Vendor KYC Data: For creators, we collect government-issued ID proofs, bank account details, and selfies to comply with Anti-Money Laundering (AML) laws.
2. How We Use Your Information
Mad Falcon Enterprises uses the data we collect for the following essential purposes:
- To authenticate your identity and secure your digital vault.
- To process transactions, generate tax invoices, and disburse payouts to creators.
- To enforce our Terms of Service, identify copyright infringement, and permanently block malicious IP addresses.
- To send transactional emails (OTPs, order receipts, security alerts).
3. Data Sharing & Third Parties
We do not sell, rent, or trade your personal information to marketing agencies. We only share data with trusted third parties strictly necessary for platform operations:
- Payment Processors: Stripe, Easebuzz, and Paytm require your billing details to securely process credit card transactions.
- Cloud Infrastructure: Amazon Web Services (AWS) hosts our databases and encrypted file vaults.
- Communication APIs: Twilio and Fast2SMS are used exclusively for routing OTPs to your mobile device.
- Legal Authorities: We will disclose data if required by a valid subpoena, court order, or government request in India or Singapore to prevent fraud or illegal acts.
4. Data Retention & Deletion Rights
We retain your personal data only as long as your account is active or as needed to provide you services. Under the GDPR (Europe) and DPDP Act (India), you have the right to:
- Request a complete export of your personal data stored on our servers.
- Request the permanent deletion of your account and personal data (Right to be Forgotten).
Note: If you have engaged in financial transactions, we are legally mandated by tax authorities to retain invoice and billing data for up to 7 years. Furthermore, if your account is banned for piracy or fraud, we will retain your IP and hardware hashes to prevent future network access.
5. International Data Transfers
DazzleMarket operates globally. Your information may be stored and processed in data centers located in India and Singapore. By using the Platform, you consent to the transfer of information to countries outside of your country of residence, which may have different data protection rules.
If you have questions regarding this Privacy Policy or wish to exercise your data rights, please contact our Data Protection Officer at support@dazzlemarket.in.