Privacy Policy

1. Introduction

Healthbridge Sports & Management Private Limited ("Company", "we", "us", or "our"), a company incorporated under the laws of India bearing GSTIN 27AAGCH36345B1ZU, operates the Jointhevent platform (accessible at jointhevent.com), including all associated websites, mobile applications, and services (collectively, the "Platform").

This Privacy Policy explains how we collect, use, disclose, store, and protect your personal information when you access or use our Platform. This policy is published in compliance with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and other applicable Indian data protection laws and regulations.

By accessing or using the Platform, you acknowledge that you have read, understood, and consent to the practices described in this Privacy Policy. If you do not agree with this policy, please do not use the Platform.

2. Information We Collect

We collect various types of information to provide and improve our services. The categories of information we collect include:

2.1 Personal Information

When you create an account or use our Platform, we collect the following personal information as a minimum:

• Full name (required)
• Email address (required)
• Phone number (required)

Depending on your use of the Platform, you may also choose to provide:

• Date of birth
• Gender
• Blood group
• T-shirt size
• Profile photograph
• Postal address (street, city, state, pincode, country)
• Emergency contact details (name and phone number)
• Dietary restrictions
• Accessibility needs and preferred seating

2.2 Custom Registration Data

Event organizers may configure custom registration forms for their events. When you register for or purchase tickets for such events, you may be asked to provide additional information as defined by the organizer (e.g., team name, organisation, skill level, or any other event-specific details). The specific fields vary from event to event and are displayed at the time of registration or purchase.

This custom data is stored on the Platform and shared with the respective event organizer for the purposes of event management. You should review the information requested before completing your registration.

2.3 Payment Information

All payment transactions on the Platform are processed securely by our third-party payment partner, Razorpay, in accordance with PCI-DSS (Payment Card Industry Data Security Standard) requirements. We do not store full credit or debit card numbers, CVVs, or net banking credentials on our servers.

However, for the purposes of transaction reconciliation, dispute resolution, and record-keeping, we retain the following payment-related information:

• Transaction identifiers, order IDs, payment status, and amounts
• Payment method used (e.g., UPI, card, net banking, wallet)
• Card network and type (e.g., Visa/Mastercard, credit/debit), if a card was used
• UPI address (VPA), if UPI was used
• Bank name, if net banking or UPI was used
• Whether the payment was made using an international card
• A reference to the full transaction record from Razorpay for audit and dispute purposes

2.4 Event Data

We collect information related to your activity on the Platform, including:

• Event registrations and ticket purchases
• Check-in history at events
• Coupon and discount code usage

2.5 Technical Information

We may collect limited technical information in certain contexts, including:

• IP (Internet Protocol) address (e.g., when submitting a refund request)
• Browser user agent string (e.g., when submitting a refund request)

We do not currently use third-party analytics or tracking services on the Platform. Our cloud infrastructure provider (Convex) may collect standard server logs as part of its normal operations. If we implement analytics tools in the future, this section will be updated accordingly.

2.6 Communication Data

We may collect information from your interactions with us, including:

• Customer support requests and correspondence
• Feedback and reviews
• Any other communication you send to us

2.7 Organizer and Business Information

If you register as an event organizer, we collect additional information as part of our Know Your Customer (KYC) and onboarding process, including:

• Legal name and business name
• Business type (e.g., individual, company, partnership, LLP, trust, society)
• PAN (Permanent Account Number)
• GSTIN (GST Identification Number), if registered for GST
• Bank account details (account number, IFSC code, bank name, beneficiary name) for settlement of event proceeds
• Business address
• KYC verification documents (PAN card copy, address proof)

This information is collected solely for identity verification, legal compliance, and to facilitate timely settlement of event proceeds to organizers.

3. How We Use Your Information

We use the information we collect for the following purposes:

• Processing Transactions: To process your ticket purchases, event registrations, and associated payments.
• Order Communications: To send you order confirmations, ticket details, e-tickets, and QR codes for event check-in.
• Refund Processing: To process refund requests and send you updates on the status of your refund in accordance with our Refund Policy.
• Customer Support: To respond to your enquiries, resolve disputes, and provide technical assistance.
• Event Organizer Coordination: To share relevant attendee information with event organizers for the events you register for, enabling them to manage their events effectively.
• Platform Improvement: To analyse usage patterns, diagnose technical issues, and improve the features, functionality, and user experience of the Platform.
• Service Notifications: To send you important service-related notifications, including changes to event details, policy updates, and security alerts.
• Legal Compliance: To comply with applicable laws, regulations, legal processes, and governmental requests.

4. Information Sharing

We value your privacy and are committed to limiting the sharing of your personal information. We may share your information only in the following circumstances:

4.1 Payment Processor (Razorpay)

We share necessary transaction details with Razorpay to process your payments securely. Razorpay's collection and use of your information is governed by its own privacy policy, which we encourage you to review.

4.2 Event Organizers

When you register for an event, the following information may be shared with the respective event organizer:

• Your name
• Email address
• Phone number
• Any data you provide through custom registration form fields configured by the organizer

This information is shared solely for the purpose of event management and communication related to the specific event you have registered for. Event organizers are expected to handle your data responsibly and in compliance with applicable laws.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities, including:

• Court orders and legal process
• Requests from government or regulatory authorities
• Enforcement of our Terms and Conditions or other agreements
• Protection of the rights, property, or safety of the Company, our users, or the public

4.4 No Sale of Personal Data

We never sell, rent, or trade your personal data to third parties for marketing, advertising, or any other commercial purposes. Your personal information is not a commodity, and we treat it with the respect it deserves.

5. Data Storage and Security

We take the security of your personal information seriously and implement appropriate technical and organisational measures to protect it:

• Cloud Infrastructure: Your data is stored on Convex cloud infrastructure, which employs industry-standard security practices including encryption at rest and in transit.
• Encryption in Transit: All data transmitted between your browser and our servers is encrypted using HTTPS (TLS/SSL) protocols.
• Access Controls: We maintain strict access controls and authentication mechanisms to ensure that only authorised personnel can access personal data, and only on a need-to-know basis.
• Security Reviews: We conduct regular security reviews and updates to address emerging threats and vulnerabilities.

Despite our best efforts, no method of electronic transmission or storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. In the event of a data breach that affects your personal information, we will notify affected users and the relevant authorities within 72 hours of becoming aware of the breach, as recommended by applicable data protection regulations.

6. Cookies and Tracking Technologies

Cookies are small text files stored on your device when you visit a website. We use cookies and similar technologies in the following ways:

6.1 Essential Cookies

We use essential cookies that are necessary for the proper functioning of the Platform, including:

• Authentication Cookies: To maintain your login session and keep you securely signed in.
• Preference Cookies: To remember your user preferences such as theme settings (light/dark mode).

6.2 Analytics

We plan to implement analytics tools in the future to better understand how users interact with our Platform. When we do so, this Privacy Policy will be updated accordingly to reflect the specific analytics services used and the data they collect.

6.3 Third-Party Advertising

We do not use third-party advertising trackers, pixels, or beacons on our Platform. Your browsing activity on Jointhevent is not shared with advertising networks.

6.4 Cookie Consent

When you first visit Jointhevent, you will see a cookie consent banner informing you about our use of essential cookies. By clicking "Got it" or continuing to use the Platform, you consent to our use of essential cookies as described above.

6.5 Managing Cookies

You can manage or delete cookies through your browser settings. Please note that disabling essential cookies may affect the functionality of the Platform and your ability to use certain features.

7. Your Rights

We respect your rights regarding your personal information. Subject to applicable law, you have the following rights:

• Right to Access: You may request a copy of the personal data we hold about you. We will provide this information in a reasonable timeframe.
• Right to Correction: If any of your personal information is inaccurate or incomplete, you may request that we correct or update it.
• Right to Deletion: You may request the deletion of your account and associated personal data. Please note that certain data may be retained as required by law (see Section 8 on Data Retention).
• Right to Data Portability: You may request a copy of your personal data in a structured, commonly used, and machine-readable format.
• Right to Object: You may object to the processing of your personal data for specific purposes, such as direct marketing.

To exercise any of these rights, please send an email to SPJSportsManagement@gmail.com with the subject line "Privacy Request". We will respond to your request within 30 days. We may ask you to verify your identity before processing your request.

8. Data Retention

We retain your personal information only for as long as necessary to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law:

• Active Accounts: Your personal data is retained for as long as your account remains active on the Platform.
• Deleted Accounts: Upon receiving a valid account deletion request, your personal data is anonymised immediately. Your account enters a 30-day recovery window during which you may cancel the deletion. After 30 days, all remaining personal data is permanently purged from our active systems.
• Transaction Records: Records of financial transactions, including invoices, payment confirmations, and GST-related data, are retained for a minimum of 8 years as required under the Indian Income Tax Act, 1961 and the Goods and Services Tax Act, 2017.
• Anonymised Data: We may retain anonymised and aggregated data indefinitely for analytical and statistical purposes. This data cannot be used to identify you personally.

9. Children's Privacy

The Jointhevent Platform is not intended for use by persons under the age of 18. We do not knowingly collect, solicit, or maintain personal information from children under 18 years of age. If we become aware that we have collected personal information from a child under 18 without appropriate consent, we will take immediate steps to delete such information from our records.

If you are a parent or guardian and believe that your child under the age of 18 has provided us with personal information, please contact us immediately at SPJSportsManagement@gmail.com so that we can take appropriate action.

10. Third-Party Links

The Platform may contain links to third-party websites and services, including but not limited to event venue websites, event organizer websites, social media platforms, and payment gateway pages. These third-party sites have their own privacy policies and practices, which are independent of ours.

We are not responsible for the privacy practices, content, or security of any third-party websites or services. We strongly encourage you to review the privacy policy of every website you visit before providing any personal information. Accessing third-party links from our Platform is at your own risk.

11. Changes to This Policy

We reserve the right to update or modify this Privacy Policy at any time. When we make changes, we will revise the "Last updated" date at the top of this page. Changes are effective immediately upon posting to the Platform.

Your continued use of the Platform after any changes to this Privacy Policy constitutes your acceptance of the revised policy. For significant or material changes that substantially affect your rights or how we process your personal data, we may provide additional notice via email to the address associated with your account.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

12. Contact Information

For any privacy-related inquiries, concerns, or to exercise your data protection rights, please contact us through any of the following channels:

• Email: SPJSportsManagement@gmail.com (Please use the subject line "Privacy Request" for data-related enquiries)
• Phone: 7774022415
• Registered Address: Healthbridge Sports & Management Private Limited, C-105, Pristine City, Opp. Weikfield Food Processing, Bakori, Pune 412207, Maharashtra, India

We will acknowledge your enquiry within 48 hours and endeavour to resolve your concern within 30 days. If you are not satisfied with our response, you may escalate your complaint to the appropriate data protection authority in India.

13. Grievance Officer

In accordance with the Information Technology Act, 2000, the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, and other applicable regulations, the details of our Grievance Officer are as follows:

• Designation: Grievance Officer
• Organisation: Healthbridge Sports & Management Private Limited
• Email: SPJSportsManagement@gmail.com
• Phone: 7774022415
• Address: C-105, Pristine City, Opp. Weikfield Food Processing, Bakori, Pune 412207, Maharashtra, India

The Grievance Officer shall acknowledge your grievance within 24 hours and resolve it within one (1) month from the date of receipt, in accordance with applicable law.

14. Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of India. Any disputes arising out of or in connection with this policy shall be subject to the exclusive jurisdiction of the courts in Pune, Maharashtra, India.