MadRat 24 Labs Pvt. Ltd. Privacy Policy (Operates as Honestly)
Updated as on: 18 July, 2025
Your privacy matters to MadRat 24 Labs Pvt Ltd (operating as "Honestly") (hereinafter referred to as "Honestly", "we," "us," or "our"). This Privacy Policy ("Policy") explains how we collect, process, use, share, and protect information about you. It also tells you how you can access and update your information and make certain choices about how your information is used. This Policy describes practices for handling user information collected in connection with the services rendered by our website https://www.askhonestly.ai (the "Website"), associated subdomains, and mobile applications on Apple App Store and Google Play Store (collectively, the "Services").
This Policy has been framed in compliance with the Digital Personal Data Protection Act (DPDPA) of 2023 and other applicable laws.
TABLE OF CONTENTS
- Scope
- Consent
- Types of Information We Collect
- How We Collection Information
- Use of Information
- Data Principal Rights
- Data Fiduciary Obligations
- Children's Data
- Data Protection Board
- Data Retention
- Automated Decision Making
- Data Breach Notification
- Grievance Redressal
- Promotional Updates and Communications
- Information Sharing and Disclosure
- Third-Party Content and Integrations
- Event Tracking and Analytics
- Protection of Information
- Security
- Opt-Out Options
- Links to Third-Party Websites
- Changes to This Policy
- How to Contact Us
1. Scope
This Policy applies to all current and former visitors, users, and others who access or use our Services. By accessing or using our Services, you understand and agree to the collection, use, sharing, and processing of Personal Information as described in this Policy.
2. Consent
By using our Services, you expressly provide free, specific, informed, and unambiguous consent to Honestly to collect, use, and disclose your Personal Information in accordance with this Policy. You have the right to withdraw this consent at any time. If you do not agree with the terms of this Policy, please do not use our Services.
3. Types of Information We Collect
Personal Information
Information that relates to a natural person, which, either directly or indirectly, in combination with other information, is capable of identifying such a person. This includes, but is not limited to:
- Contact Information: Mobile phone number, name, and profile picture.
- Order History: Product information imported from third-party e-commerce platforms (only product data is imported; no personal information from these platforms is collected).
- Contacts: Information from your contacts/address book when you choose to share it with us via "Contacts" permission.
- User Content: Searches, reviews, suggestions, edits to product information and imagery, collections, and other content you provide through the Services.
- Usage Data Information about how you use our Services, including interactions with content and other users.
- Search Data: Information you provide when using our search features, including search queries for products, brands, ingredients, skincare concerns, and other information provided is collected to personalize and improve your experience.
- Review Interactions: Data about how you browse, search, filter, and interact with community reviews and third-party review content displayed on our platform.
- Video Content Interactions: Information about your viewing and interaction with video content, including YouTube videos displayed through our Services.
Sensitive Personal Data or Information (SPDI)
- Authentication Data: OTPs and related authentication information used during sign-up and login (managed by third-party services).
- Profile Information: Any demographic related, health-related information you may voluntarily provide in your searches or notes or reviews.
Non-Personal Information
Information that does not specifically identify an individual. This may include:
- Aggregated data on product popularity
- Anonymous usage statistics
- General demographic information not linked to individuals
- Anonymized video viewing patterns and preferences
4. How We Collection Information
We collect information in the following ways:
- Directly from You: When you register, update your account, upload a profile picture, create content (searches, reviews, collections), share your contacts, or communicate with us.
- Search Interactions: When you use our search feature, we automatically record the search queries you enter and the product details you view. This helps us provide better product recommendations and more relevant results.
- Review Interactions: When you browse, search, filter, or interact with community reviews and third-party review content, we collect data about your preferences and interactions to enhance your experience.
- Video Content Interactions: When you view video content (including YouTube videos) through our Services, we may collect viewing data and interaction patterns.
- From Third Parties: When you import your order history from different e-commerce stores via third-party services (e.g., Reclaim Protocol at reclaimprotocol.org), and when we display third-party review content and video content.
- Automatically: Through event tracking software, we collect information about your interactions with our Services. This helps us understand user behavior and improve our app functionality.
- Third-Party Services: We use several third-party services (e.g., for OTP authentication, data import, analytics) which may collect information as part of providing their services.
5. Use of Information
We use the collected information to:
- Provide and Improve Services: Deliver the functionalities of our app, including search and recommendation, browsing products, viewing ingredient information and product features derived from reviews, creating and sharing collections, and collaborating with friends.
- Authentication: Verify your identity during sign-up and login using mobile number and OTP.
- Personalization: Customize your experience, such as showing you content based on your interests and interactions.
- Review and Content Curation: Analyze community reviews and third-party content to provide relevant product features, recommendations, and search results.
- Social Features: Enable you to collaborate with friends, view friends' notes/experiences, and share collections.
- Communication: Send you service-related notifications via WhatsApp, push notifications, or other means, which you can opt out of at any time.
- Security: Detect and prevent fraud, abuse, and other harmful activities.
- Legal Compliance: Comply with legal obligations and enforce our Terms of Service.
6. Data Principal Rights
As a data principal under the DPDPA, you have the following rights:
- Right to Access: Request access to the personal data we hold about you.
- Right to Correction: Request correction of inaccurate or incomplete personal data.
- Right to Erasure: Request deletion of your personal data under certain circumstances.
- Right to Data Portability: Receive your personal data in a structured, commonly used, and machine-readable format.
- Right to Withdraw Consent: Withdraw your consent to processing at any time.
- Right to Nominate: Nominate a person to exercise your rights in the event of death or incapacity.
- Right to Grievance Redressal: Lodge a complaint with us or the Data Protection Board if your rights are violated.
To exercise these rights, please contact our Data Protection Officer at help@askhonestly.ai
7. Data Fiduciary Obligations
As a data fiduciary, Honestly commits to:
- Fair and Lawful Processing: Process personal data fairly and reasonably, ensuring transparency.
- Purpose Limitation: Collect personal data only for specified, explicit, and legitimate purposes.
- Data Minimization: Limit the collection and storage of data to what is necessary for the purposes specified.
- Accuracy: Take reasonable steps to ensure that personal data is accurate, complete, and updated.
- Security Safeguards: Implement appropriate security measures to protect personal data against unauthorized access, alteration, disclosure, or destruction.
- Data Breach Notification: Notify the Data Protection Board and affected data principals in the event of a data breach.
8. Children's Data
Our Services are not intended for individuals under the age of 18. We do not knowingly collect or process personal data of children without verifiable parental consent. If you believe we have collected such data, please contact us immediately.
9. Data Protection Board
The Data Protection Board of India oversees the enforcement of the DPDPA. You have the right to approach the Board for any grievances not addressed satisfactorily by us.
10. Data Retention
We retain data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. All data is stored in an anonymized form, and data handling is conducted in an aggregated and anonymized manner. When we no longer need the data, we delete it.
Specific Retention Periods:
- User-generated content and reviews: Retained until account deletion or withdrawal of consent.
- Search and interaction data: Retained in anonymized form for service improvement.
- Third-party content references: Retained only as necessary for service functionality.
11. Automated Decision Making
We use automated decision-making processes for the following purposes:
- User Authentication: Verify your mobile number and OTP during sign-up and login (managed by third-party services).
- Order History Integration: Automatically integrate your order history from third-party platforms via Reclaim Protocol.
- Content Personalization: Provide personalized content and recommendations based on your interactions, including search queries and any skincare-related information you voluntarily provide.
- Review Ranking and Filtering: Automatically rank and filter community reviews and third-party content based on relevance and user preferences.
- Social Connections: Use your shared contacts to connect you with friends and display their notes/experiences.
- Communications: Send automated notifications via WhatsApp and push notifications.
We ensure that automated decisions do not have legal or similarly significant effects without appropriate safeguards.
12. Data Breach Notification
In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the Data Protection Board without undue delay, typically within 72 hours of becoming aware of the breach.
13. Grievance Redressal
For any grievances or queries regarding your personal data, please contact our Grievance Officer at v@askhonestly.ai. We will acknowledge your complaint within 24 hours and strive to resolve it within 15 days.
14. Promotional Updates and Communications
We may send you promotional communications based on your preferences. You have the right to opt out of these communications at any time by following the unsubscribe instructions or contacting us.
15. Information Sharing and Disclosure
We may share your information with:
- Service Providers: Third-party vendors who assist us in providing our Services (e.g., authentication services, data import services, analytics providers).
- Social Features: Other users, when you share content or interact with friends (e.g., sharing collections, viewing friends' notes/experiences).
- Legal Obligations: Regulatory and legal authorities when required by law or to protect our rights.
- Business Transfers: In connection with a merger, acquisition, or sale of all or a portion of our assets.
- Third-Party Content Providers: When necessary to display third-party reviews and video content within our Services.
We require that any third parties with whom we share data adhere to similar levels of data protection as required by the DPDPA.
16. Third-Party Content and Integrations
Community Reviews and Third-Party Content
We display community reviews and content from various third-party sources to enhance your product discovery experience. This includes:
- Reviews from various platforms and communities.
- Video content including YouTube videos displayed through native webview.
- Product information aggregated from multiple sources.
YouTube Integration
Our Services may display YouTube videos through native webview integration. Your interaction with YouTube content is subject to YouTube's privacy policies and terms of service . We may collect anonymized data about your viewing patterns to improve content relevance.
Data Collection from Third-Party Sources
We collect publicly available product information, reviews, and related content from various sources. This data is processed to provide you with comprehensive product insights and recommendations. We do not collect personal information from these third-party sources.
Third-Party Service Privacy Policies
When you interact with third-party content or services through our platform, you are also subject to their respective privacy policies. We encourage you to review these policies.
17. Event Tracking and Analytics
We use event tracking software to monitor app usage, analyze user interactions (including review browsing and video viewing), and enhance our Services. This data is collected in an anonymized and aggregated manner. You can control certain data collection preferences through your device settings.
18. Protection of Information
We implement appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing and against accidental loss, destruction, or damage. This includes encryption, secure storage, and access controls.
19. Security
While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security. We regularly review and update our security measures in line with technological advancements.
20. Opt-Out Options
You have choices regarding the collection and use of your information:
- Communications: You can opt out of receiving promotional communications by following the unsubscribe instructions or contacting us.
- Contacts Sharing: You can choose not to share your contacts; however, this may limit certain social features.
- Notifications: You can manage push notifications and WhatsApp messages through your device settings or app preferences.
- Review Interaction Tracking: You can limit certain tracking of your review browsing patterns through app settings.
- Video Content Tracking: You can control video viewing analytics through your device settings.
- Data Deletion: You can request deletion of your personal data under certain circumstances.
To exercise Data Deletion, please contact us at help@askhonestly.ai or use the in-app option on your settings page in order to proceed with the deletion. Your data will be deleted within 72 hours after your confirmation.
21. Links to Third-Party Websites
Our Services may contain links to third-party websites or services, including YouTube and other content platforms. We are not responsible for the privacy practices or content of these third parties. We encourage you to review the privacy policies of any third-party sites or services you use.
22. Changes to This Policy
We may update this Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any significant changes by posting the new Policy on this page and updating the "Updated as on" date at the top. We encourage you to review this Policy periodically for any changes.
23. How to Contact Us
If you have any questions about this Privacy Policy, please contact us at:
MadRat 24 Labs Pvt Ltd
HD-189, WeWork Salarpuria Symbiosis, Venugopal Reddy Layout, Arekere, Bangalore, Karnataka 560076
Email: v@askhonestly.ai
Phone: +91-9818076312
For data protection inquiries, you can reach our Data Protection Officer at help@askhonestly.ai
For grievances, please contact our Grievance Officer at v@askhonestly.ai
Effective Date: 18 July, 2025
Please note that by continuing to use our Services after any changes to this Policy, you accept the updated terms of use.