ShagunnLog in →

Legal

Privacy Policy

Shagun ("we", "us", or "our")  ·  Last updated: May 2026

1. Introduction

This Privacy Policy explains how Shagun collects, uses, stores, and shares information when you use our referral and loyalty platform at shagunn.com (the "Platform"). By using the Platform, you agree to the practices described here.

We serve three types of users: Vendors (wedding businesses that sign up to run referral programs), Referrers (past clients who share referral links), and Leads (new prospects who fill inquiry forms through a referral link). Different sections of this policy apply to different user types.

2. Information We Collect

2.1 From Vendors

When you register as a vendor, we collect:

  • Business name, email address, and phone number
  • Password (stored as a one-way hash — we cannot read it)
  • Referral program configuration (coin values, discount settings, expiry windows)
  • Inquiry form customisation preferences
  • Onboarding progress and timestamps

2.2 From Referrers

Referrers are added to the Platform by vendors using their past client lists. We collect:

  • Name and phone number (provided by the vendor)
  • Email address (provided by the vendor, or claimed by you when you activate your link)
  • Your referral activity — link clicks attributed to you, leads generated, coins earned
  • Account credentials if you choose to set a password for the referrer portal

2.3 From Leads

When you click a referral link and submit an inquiry form, we collect:

  • Name, phone number, and email address
  • Wedding date, location, and budget (as entered in the form)
  • Any additional fields configured by the vendor
  • A browser cookie that attributes your inquiry to the referrer who shared the link with you

2.4 Automatically Collected Data

When anyone interacts with the Platform, we automatically collect:

  • IP address and user agent (browser/device information)
  • Referral link click events and timestamps
  • Session identifiers (stored in signed browser cookies)

3. How We Use Your Information

We use the information we collect to:

  • Create and manage vendor, referrer, and lead accounts
  • Generate personalised referral links and track click attribution
  • Create lead records in vendor dashboards when an inquiry form is submitted
  • Issue coupon codes to leads and validate them when a booking is confirmed
  • Credit coin wallets when a referral results in a confirmed booking
  • Send WhatsApp and email notifications to the relevant parties at each step of the referral flow
  • Prevent duplicate inquiries and detect fraudulent activity
  • Monitor platform health, fix bugs, and improve the service
  • Comply with applicable law

We do not use your information for advertising, profiling, or selling to third parties.

4. Cookies and Attribution

When you click a referral link, we set a signed cookie on your browser. This cookie:

  • Stores a session identifier that links your browser to the referrer who shared the link
  • Does not contain your personal information directly
  • Remains active for up to 90 days
  • Is used solely to attribute your inquiry to the correct referrer, even if you return to fill the form at a later date

You can clear cookies through your browser settings. Doing so will break referral attribution — your inquiry may not be credited to the person who referred you.

5. WhatsApp and Email Communications

By providing your phone number or email to this Platform (whether as a vendor, referrer, or lead), you consent to receiving transactional messages from us. These include:

  • Invite messages to referrers when a vendor adds them to their program
  • Notifications to referrers when someone clicks their link or completes a booking
  • Coupon codes to leads after submitting an inquiry form
  • Booking confirmation messages to leads
  • Coin credit and redemption notifications to referrers
  • Account and authentication messages to vendors

These are operational messages, not marketing. We do not send promotional newsletters or unsolicited communications.

WhatsApp messages are sent via Interakt (an authorised WhatsApp Business API provider). Email is sent via Resend. By using the Platform, you acknowledge that your phone number or email may be passed to these providers solely for message delivery.

6. Sharing of Information

We share your information only in the following circumstances:

With vendors: Leads see vendor details (business name, contact information). Vendors see lead details (name, phone, email, inquiry data) and referrer performance statistics. Referrers see only aggregate acknowledgment of their activity, not other referrers' data.

With service providers: We use third-party services to operate the Platform — Railway (infrastructure), Interakt (WhatsApp), Resend (email), Sentry (error tracking), and Redis/PostgreSQL (data storage). These providers process your data only as necessary to deliver their services.

For legal compliance: We may disclose information if required by law, court order, or government authority, or to protect the rights and safety of our users or the public.

We do not sell, rent, or trade your personal information.

7. Data Retention

  • Vendor accounts: Retained for the duration of your account and for a reasonable period after deactivation for audit and legal purposes.
  • Referrer data: Retained while the vendor's program is active. If a vendor deactivates, referrer wallets are frozen and data is retained in accordance with legal obligations.
  • Lead data: Retained for the duration of the vendor's active program.
  • Coin transaction records: Retained for 7 years for financial record-keeping purposes.
  • WhatsApp and email logs: Retained for 90 days for debugging and delivery tracking.

Coin expiry is governed by the vendor's program settings (default: 540 days from credit date). Expired coins are written off but the transaction record is preserved.

8. Security

We take reasonable technical and organisational measures to protect your data, including:

  • All data in transit encrypted via TLS (HTTPS)
  • Passwords stored as irreversible hashes
  • JWT tokens signed with separate signing keys
  • HttpOnly and Secure flags on authentication cookies
  • CSRF protection on all state-changing requests
  • Rate limiting on authentication and submission endpoints
  • Error monitoring via Sentry

No method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

9. Your Rights

Depending on your location, you may have rights under applicable data protection law (including India's Digital Personal Data Protection Act, 2023) to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your data (subject to our legal retention obligations)
  • Withdraw consent for communications

To exercise any of these rights, contact us at the address below. We will respond within a reasonable time, and in any case within 30 days.

10. Children's Privacy

The Platform is intended for use by adults (18 years and older). We do not knowingly collect personal information from anyone under 18. If you believe we have inadvertently collected data about a minor, please contact us and we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For material changes, we will notify vendors via email. Continued use of the Platform after changes are posted constitutes acceptance of the updated policy.

12. Contact Us

For privacy-related questions, requests, or complaints, contact us at:

Email: ronak@shagunn.com
Platform: shagunn.com

This policy applies to the Shagun platform. It does not govern the privacy practices of individual vendors who use our platform to manage their own client relationships.