DINGG — Privacy Policy

1. Introduction

Vrienden Tech Private Limited ("Company," "we," "us," or "our") operates the DINGG platform — a B2B SaaS solution that empowers salons, spas, and beauty businesses ("Business Partners") to manage appointments, customer relationships, marketing, and operations. The DINGG platform includes the DINGG Vendor application (used by Business Partners), the DINGG consumer-facing application, and the DINGG website (collectively, the "Service").

This Privacy Policy explains how we collect, use, disclose, and protect personal information in the context of our Service. It applies to two distinct categories of individuals:

Business Partners: Salon owners, managers, and staff who directly register for and use the DINGG platform.

End Consumers: Customers of our Business Partners whose data is processed through the DINGG platform on behalf of the respective Business Partner.

⚠️ Important: Understanding Your Relationship with DINGG

If you are an end consumer (e.g., a customer booking an appointment at a salon), your primary relationship is with the salon or spa you visit — not with DINGG directly. The salon/spa is the data controller for your personal information and determines how your data is collected and used. DINGG acts as a data processor, handling your data on behalf of and under the instructions of the business you interact with.

For questions about how a specific business uses your data, please contact that business directly. For questions about how DINGG processes data as a platform, contact us using the details in Section 14.

By using the Service (as a Business Partner) or by interacting with a business that uses DINGG (as an end consumer), you acknowledge the practices described in this Privacy Policy.

2. Our Role: Data Controller vs. Data Processor

DINGG operates in a dual capacity depending on the context of data processing.

When a business signs up for DINGG, we (Vrienden Tech) act as the data controller for the business owner's and staff's personal information. We determine how and why this data is processed.

When an end consumer books an appointment or interacts with a salon that uses DINGG, the salon or spa is the data controller for that consumer's personal data. DINGG acts as a data processor, handling the consumer's information strictly on behalf of and under the instructions of the business.

Similarly, when consumers receive SMS messages, appointment reminders, or notifications from a salon through the DINGG platform, the Business Partner remains the data controller for the consumer's contact information, and DINGG processes it solely to deliver those communications on their behalf.

When DINGG uses aggregated and anonymized usage data for platform analytics and improvement, we act as the data controller for that anonymized data, which is not linked to any identifiable individual.

2.1 When DINGG Acts as Data Controller

We are the data controller for information collected directly from our Business Partners during account registration, platform usage, billing, and communications. We determine the purposes and means of processing this data.

2.2 When DINGG Acts as Data Processor

When Business Partners use the DINGG platform to manage their end consumers' data (appointments, contact details, preferences, purchase history, etc.), DINGG processes this data on behalf of the Business Partner. The Business Partner remains the data controller and is responsible for ensuring they have the appropriate legal basis (e.g., consent, legitimate interest) to collect and process their customers' information through DINGG.

DINGG processes end-consumer data strictly in accordance with our Business Partners' instructions and the terms of our Data Processing Agreement (DPA).

3. Information We Collect

3.1 From Business Partners (B2B — Direct Collection)

When a salon, spa, or beauty business registers for and uses the DINGG platform, we collect:

Business registration details: business name, address, GST/tax identification, business category

Account holder information: name, email, phone number, role/designation

Staff information: names, roles, work schedules, service specializations (as entered by the Business Partner)

Billing and payment information: invoices, subscription details, payment method data (processed via secure third-party payment gateways)

Platform usage data: features used, configuration preferences, login activity, support tickets

Service catalog: services offered, pricing, duration, and associated staff assignments

3.2 From End Consumers (B2C — Processed on Behalf of Business Partners)

When end consumers interact with a business that uses DINGG (e.g., booking an appointment, receiving notifications, or completing a transaction), the following data may be processed through our platform:

Contact information: name, phone number, email address (as provided to the business)

Appointment details: booking date/time, services selected, staff preferences, booking history

Transaction records: payment amounts, invoices, loyalty points, membership details

Communication logs: appointment reminders, promotional messages, and feedback sent via DINGG on behalf of the business

Preferences and notes: service preferences, special requests, and notes added by the business staff

Note for End Consumers: DINGG does not independently collect your data. All end-consumer data is provided to us by, or generated through your interactions with, the specific salon or spa you visit. We process this data solely to provide our services to the business.

3.3 Automatically Collected Technical Data

For all users of our applications and website, we may automatically collect:

Device information: type, model, operating system, unique device identifiers

Network data: IP address, browser type, mobile network information

Usage analytics: pages visited, features accessed, time spent, interaction patterns

Log data: error reports, crash diagnostics, performance metrics

Approximate location based on IP address (precise GPS location only with explicit consent)

4. How We Use Information

4.1 For Business Partners (Controller Purposes)

Providing, maintaining, and improving the DINGG platform and its features

Processing subscriptions, billing, and payments

Communicating about account status, product updates, new features, and support

Analyzing usage patterns to improve platform performance and user experience

Providing onboarding assistance, training, and customer support

Ensuring platform security, fraud prevention, and abuse detection

Complying with legal and regulatory obligations

4.2 For End-Consumer Data (Processor Purposes)

We process end-consumer data exclusively to provide our Service to Business Partners. This includes:

Facilitating appointment booking, rescheduling, and cancellations

Sending appointment reminders, confirmations, and follow-up messages on behalf of the business

Processing transactions and maintaining billing records for the business

Managing loyalty programs, memberships, and promotional campaigns as configured by the business

Generating business analytics and reports for the Business Partner (using their own customer data)

We do not use end-consumer data for our own marketing purposes or share it with other businesses. End-consumer data is siloed per Business Partner.

5. Cookies and Tracking Technologies

Our Service may use cookies and similar tracking technologies. While we do not deploy extensive first-party cookies, our third-party integrations (analytics, payment gateways, communication services) may use cookies to:

Collect usage analytics and performance metrics

Remember session preferences

Improve service delivery and reliability

You can manage cookie preferences through your browser or device settings. Disabling cookies may affect certain functionality of the Service.

6. Data Sharing and Disclosure

We do not sell personal information — whether of Business Partners or end consumers.

6.1 With Business Partners (Regarding Their Customers)

Business Partners have full access to their own end-consumer data within the DINGG platform. This data is necessary for them to operate their business. DINGG does not share one Business Partner's customer data with another Business Partner.

6.2 With Service Providers

We engage trusted third-party vendors to support our operations, including:

Cloud hosting and infrastructure providers

Payment processing gateways

SMS, email, and push notification delivery services

Analytics and monitoring tools (e.g., Google Analytics, Firebase)

Customer support tools

These vendors process data solely on our behalf and under contractual confidentiality obligations.

6.3 Legal Requirements

We may disclose information when required by law, regulation, legal process, or government authority, or when necessary to protect the rights, safety, or property of our users, the Company, or the public.

6.4 Business Transfers

In the event of a merger, acquisition, or asset sale, personal information may be transferred. We will provide notice of any such transfer and any choices available to affected parties.

7. Data Retention

7.1 Business Partner Data

We retain Business Partner account data for the duration of the active subscription and for a reasonable period thereafter to comply with legal obligations, resolve disputes, and enforce agreements. Upon account termination, data will be securely deleted or anonymized within a defined retention period, subject to applicable legal requirements.

7.2 End-Consumer Data

End-consumer data processed on behalf of Business Partners is retained for as long as the Business Partner's account is active and as instructed by the Business Partner. Upon termination of a Business Partner's account, associated end-consumer data will be deleted or anonymized in accordance with our Data Processing Agreement and applicable laws.

7.3 Technical and Analytics Data

Aggregated and anonymized analytics data may be retained indefinitely for product improvement purposes. Log data is typically retained for up to 12 months.

8. Data Security

We implement industry-standard technical and organizational measures to protect personal information, including:

Role-based access controls and multi-factor authentication

Regular security audits and vulnerability assessments

Secure cloud infrastructure with redundancy and disaster recovery

Employee and contractor confidentiality agreements and security training

Per-Business-Partner data isolation to prevent cross-tenant access

No system is entirely immune to security risks. While we strive to protect all data entrusted to us, we cannot guarantee absolute security.

9. Rights of Business Partners

As a Business Partner, you may exercise the following rights regarding your data:

Access: Request a copy of the personal data we hold about you and your business account.

Correction: Request correction of inaccurate or incomplete information.

Deletion: Request account deletion, subject to legal and contractual retention requirements.

Data Export: Export your business data, including customer records, in a structured format.

Opt-Out: Unsubscribe from marketing communications at any time.

To exercise these rights, contact us using the details in Section 14.

10. Rights of End Consumers

Primary Point of Contact: Since your salon or spa (the Business Partner) is the data controller for your personal information, you should direct data-related requests — such as access, correction, or deletion — to the business you interacted with.

If you are unable to resolve your request with the business, or if you have concerns about how DINGG processes data as a platform, you may contact us directly. We will work with the relevant Business Partner to address your request.

Depending on your jurisdiction, your rights may include:

Access: Understanding what personal data is held about you.

Correction: Requesting updates to inaccurate data.

Deletion: Requesting removal of your data (subject to the Business Partner's policies and legal requirements).

Opt-Out of Communications: Opting out of promotional messages sent via DINGG (note: transactional messages like appointment confirmations may still be sent).

11. Third-Party Links and Integrations

Our Service may contain links to or integrate with third-party websites, applications, or services. These third parties operate independently and have their own privacy policies. We are not responsible for their privacy practices and recommend reviewing their policies before providing any personal information.

12. Children's Privacy

Our Service is not intended for individuals under the age of 13 (or the applicable minimum age in your jurisdiction). We do not knowingly collect personal information from children. If we discover that a child's data has been inadvertently processed, we will promptly delete it.

If you are a parent or guardian and believe your child's information has been collected through our Service, please contact us immediately.

13. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or platform capabilities.

For Business Partners, we may also notify you via email or in-app notification for significant changes. Continued use of the Service after changes constitutes acceptance of the revised policy.

14. Contact Us

For any questions, concerns, or requests regarding this Privacy Policy or our data practices:

Vrienden Tech Private Limited Email: support at dingg.app

For end-consumer data requests, please contact the specific salon or spa you visited in the first instance. If further assistance is needed, reach out to us and we will coordinate with the relevant Business Partner.

Please allow up to 30 business days for us to respond to your request.