Privacy Policy

We collect personal data only when you provide it to us. The main collection points are:

Contact form submissions (/contact)

• Name, email address, phone number
• Event type, event date (optional), and message text
• Whether the request is marked urgent
• Your IP address and browser user-agent (for security and spam prevention)
• Timestamp of submission

Requirements brief form (/requirements)

• All of the above, plus structured project details: budget range, guest count, service interests, uploaded files, voice notes, and sketches if provided

Direct communication

• If you call or WhatsApp us, we retain your phone number and any notes taken during the conversation
• If you email us, the email thread is retained in our inbox

What we do not collect

• We currently run no analytics cookies, marketing pixels, or advertising trackers on this website
• We do not buy data from third parties
• We do not collect financial data (bank details, cards) through this website

• To respond to your enquiry or brief within 24 hours
• To coordinate your event, including venue booking, travel, and production planning
• To invoice and fulfil tax and accounting obligations under Indian law
• To keep records of service delivery in case of disputes
• To send transactional event updates (not marketing)

We share limited personal data only where it is necessary to deliver the services you booked with us:

• Venue partners (for booking confirmation and guest access)
• Travel and transport partners (for group flight blocks, transfers, hotel rooms)
• Accountants and auditors (for GST and tax filings under Indian law)
• Regulatory or legal authorities if required by valid legal process

We never sell your personal data. We never share it with marketing or advertising partners.

• Active client data: retained for the engagement duration plus 3 years, to meet tax and accounting requirements
• Unsuccessful enquiries (leads that did not convert): retained for 12 months, then deleted
• Anonymised event-delivery records (for portfolio and statistics): may be retained indefinitely in a form that cannot identify you
• Voice notes and sketches from the requirements brief: deleted within 90 days of engagement completion unless required for the project

As a data principal under India's Digital Personal Data Protection Act, 2023, you have the following rights:

• Right of access: request a copy of the personal data we hold about you
• Right of correction: request we correct inaccurate or outdated data
• Right of erasure: request we delete your data, except where we are required by law to retain it
• Right to nominate: nominate another individual to exercise these rights on your behalf
• Right to grievance redressal: escalate unresolved concerns to the Data Protection Board of India

To exercise any of these rights, email info@curatetheevents.com with the subject line "DPDPA Rights Request". We respond within 30 days.

For privacy-related complaints, the Grievance Officer can be reached at info@curatetheevents.com. Please put "Grievance" in the subject line. We acknowledge complaints within 7 working days and resolve them within 30 days.

Unresolved complaints may be escalated to the Data Protection Board of India once it is operational.

• Our website uses HTTPS for all page transfers
• Contact form submissions are stored in an encrypted PostgreSQL database hosted in India
• Internal email access is restricted to the founders and project leads on a need-to-know basis
• File uploads from the brief form are stored in controlled storage with signed URLs
• We do not store card or bank details; invoicing is handled through bank transfer and GST invoices

Our services are for adult corporate and private clients. We do not knowingly collect personal data from individuals under 18. If you believe we have inadvertently received such data, email us and we will delete it immediately.

If we materially change this policy, we will update the 'last updated' date at the top and, for active clients, notify you via email. Your continued use of the website after a change means you accept the updated policy.