Privacy Policy

Samplr ("we", "our", or "us") is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform at samplr.in, including our web application and any related services (collectively, the "Platform").

This policy applies to all users of the Platform, including consumers ("Samplers") and businesses ("Brands"). By accessing or using Samplr, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Platform.

We comply with applicable Indian data protection law, including the Information Technology Act, 2000, the IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023 (DPDPA) to the extent it is in force.

Account Information: When you register, we collect your name, email address, phone number, date of birth, gender, and password (stored as a secure bcrypt hash).

Sampler Profile Data: Samplers may provide delivery address (street, city, state, postal code, country), product category preferences, dietary restrictions, skin type, household size, pet ownership, shoe size, shirt size, and pants size. Questionnaire responses are stored to improve matching accuracy.

Brand Profile Data: Brands may provide company name, website, industry, company size, logo, business description, and brand questionnaire responses.

Purchase and Transaction Data: When you place store orders, we collect order details, payment method, delivery address, and transaction references. Payment processing is handled by Razorpay; we do not store your full card details.

Campaign and Feedback Data: We collect feedback submitted by samplers for brand campaigns, including ratings, written responses, purchase intent, and recommendation intent. Video reviews uploaded or recorded by samplers are stored on our servers.

Social Connection Data: If you connect a social media account (Instagram, YouTube, TikTok, Facebook, X, Snapchat), we store the connection status and platform identifier. We do not access your social media content, followers, or private messages.

OAuth Login Data: If you sign in via Google or Facebook OAuth, we receive your name, email address, and profile picture from that provider, subject to the permissions you grant.

Usage Data: We collect information about how you interact with the Platform, including pages visited, features used, timestamps, and device type. This is used for analytics and platform improvement.

Communications: If you contact us via the contact form or email, we retain those communications to respond to your queries and improve our support.

We use the information we collect to:

• Create and manage your account
• Match samplers with relevant brand campaigns using our algorithm
• Process store purchases, payments, and order fulfillment
• Track and update shipment status for samples and store orders
• Administer the points system, including awarding and deducting points
• Send transactional emails: OTP verification, password reset, welcome emails, and campaign updates
• Collect, store, and share feedback with the relevant brand
• Display video reviews in connection with brand campaigns
• Improve and personalise the Platform and matching algorithm
• Detect and prevent fraud, abuse, or policy violations
• Comply with legal obligations

We do not sell your personal data. We may share information with:

• Brands (for samplers): Your delivery address is shared with the relevant brand solely for sample fulfillment. Feedback you submit is shared with the brand that provided the sample. Your name and email are not shared unless you explicitly consent.
• Samplers (for brands): We share the minimum necessary delivery and contact information to enable brands to dispatch samples. Sampler profile data used for matching is not individually disclosed to brands.
• Payment Processors: Razorpay processes all payments. Your payment data is governed by Razorpay's privacy policy.
• Logistics Partners: Shiprocket and other shipping providers receive the recipient name, address, and contact number required to deliver packages.
• Email Service Providers: Resend processes transactional emails on our behalf.
• Authentication Providers: Google and Facebook receive only the OAuth callback data necessary to authenticate your session.
• Legal Requirements: We may disclose information when required by law, court order, or to protect the safety, rights, or property of Samplr or others.

Your points balance and activity log are stored against your account. Points are awarded automatically based on actions you take on the Platform (verifying email, phone, adding address, completing questionnaires, submitting reviews, connecting social accounts). Points deducted for late feedback submissions or store purchases are also logged. This data is used solely to administer the rewards programme.

Video reviews you record or upload are stored on our servers and may be shared with the brand that provided the associated product sample. By submitting a video review, you grant Samplr and the relevant brand a non-exclusive, royalty-free licence to display and use the video for campaign reporting and promotional purposes, subject to your profile remaining active on the Platform.

We retain your personal data for as long as your account is active or as needed to provide services. You may request deletion of your account and associated data by contacting us at hello@samplr.in. Some data may be retained for legal, regulatory, or legitimate business purposes (such as transaction records) even after account deletion. Anonymised and aggregated data may be retained indefinitely.

We implement industry-standard security measures including:

• Password hashing using bcrypt
• JWT-based session authentication with token expiry
• HTTPS encryption in transit
• Rate limiting on authentication and sensitive endpoints
• Input validation and parameterised database queries to prevent injection attacks

No method of transmission over the internet is 100% secure. We cannot guarantee absolute security and encourage you to use a strong, unique password and enable OTP verification.

Under applicable Indian law and the DPDPA, you may have the right to:

• Access the personal data we hold about you
• Correct inaccurate or incomplete data
• Request erasure of your data (subject to legal retention obligations)
• Withdraw consent to processing where processing is based on consent
• Nominate a person to exercise these rights on your behalf in the event of your death or incapacity

To exercise these rights, contact us at hello@samplr.in. We will respond within a reasonable timeframe.

Samplr uses browser local storage (not traditional cookies) to maintain your authentication session and user preferences. We do not use tracking, advertising, or third-party analytics cookies. We do not use cookie-based cross-site tracking.

Our Platform is not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe a minor has provided us with personal data, please contact us at hello@samplr.in and we will delete it promptly.

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page with an updated date and, where appropriate, by sending an email notification. Continued use of the Platform after changes are posted constitutes acceptance of the revised policy.

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us at:
hello@samplr.in
163/D, Maniktala Main Rd, Kolkata, WB, India — 700054