Cookies & Data Policy
Effective date: 30 September 2025
Company: MARKUPX BRANDS TECHNOLOGIES PRIVATE LIMITED ("Looktara", "we", "us")
Website/App: looktara.com and associated subdomains, browser extension, and WhatsApp flows (collectively, the "Services")
Contact: [email protected] | WhatsApp: +91 82008 68193
We use cookies and similar technologies to operate our Services, keep accounts secure, understand usage, and improve your experience. This Policy explains what these technologies are, why we use them, and the choices you have.
1) What are cookies and similar technologies?
Cookies are small text files stored on your device by your browser. They can be "session" (deleted when you close your browser) or "persistent" (stored until they expire or you delete them).
Local Storage / Session Storage are browser storage areas used to remember settings on your device.
Beacons/Pixels are tiny images or scripts that help us measure usage.
SDKs are software components used in our mobile/extension experiences for functionality and analytics.
We refer to all of these as "cookies" for simplicity.
2) Why we use cookies (purposes)
We use cookies for these purposes:
- Strictly Necessary – operating the site/app, authentication, security, fraud prevention, payment, and performance of core features.
- Preferences – remembering your choices (e.g., language, theme, WhatsApp opt-in).
- Analytics – understanding how people use Looktara so we can improve speed, reliability, and usability.
- Experiments – A/B testing to ship better features without disrupting your workflow.
We do not run third‑party advertising cookies on looktara.com. If this changes, we will update this Policy and ask for consent where required.
3) Cookies we set (first‑party)
Below is the current list of first‑party cookies and browser storage keys used by Looktara. Names may vary slightly across subdomains/environments.
| Name | Type | Purpose | Expires |
|---|---|---|---|
| lt_session | Strictly Necessary (Cookie) | Core session identifier to keep you logged in and route requests. | 7 days (rolling) or on logout |
| lt_auth | Strictly Necessary (HttpOnly Cookie) | Authentication token to securely access your account. | 30 days or on logout/password reset |
| lt_csrf | Strictly Necessary (Cookie) | Protects forms and API calls from cross‑site request forgery. | End of session |
| lt_cookie_consent | Preferences (Cookie) | Stores your cookie category choices (e.g., analytics on/off). | 6 months |
| lt_lang | Preferences (Local Storage) | Saves your language/locale selection. | 12 months |
| lt_pref_theme | Preferences (Local Storage) | Saves light/dark/system theme. | 12 months |
| lt_timezone | Preferences (Local Storage) | Stores your time zone for scheduling and timestamps. | 12 months |
| lt_utm | Analytics/Attribution (Cookie) | Remembers UTM/referral parameters to understand how you found us. | 90 days |
| lt_ref | Analytics/Attribution (Cookie) | Tracks referral codes for creator/partner attribution. | 90 days |
| lt_ab | Experiments (Cookie) | Assigns your browser to an A/B test bucket to keep experience consistent. | 180 days |
| lt_analytics | Analytics (First‑Party Cookie/Local Storage) | Stores pseudonymous analytics identifiers and sampling info. | 13 months |
| lt_rate_limit | Security (Cookie) | Helps mitigate abuse and unusual request bursts. | 1 hour |
| lt_device | Security/Diagnostics (Cookie) | Pseudonymous device fingerprint for fraud/risk controls. | 12 months |
| lt_last_seen | Diagnostics (Local Storage) | Tracks last active timestamp to improve performance. | 30 days |
| lt_wa_optin | Preferences/Compliance (Local Storage) | Records your WhatsApp communications opt‑in status. | 12 months |
4) Third‑party technologies
We aim to minimize third‑party tracking and do not serve third‑party advertising cookies. However, some partners set cookies to provide their services:
- Payments: Our payment processors (international: Dodo Payments; India: Razorpay) may set strictly‑necessary cookies during checkout to detect fraud and complete transactions. These cookies are controlled by the processor's own policies and are only active when you use checkout/embedded payment flows.
- Infrastructure & Security: Content delivery networks, DDoS protection, and error monitoring may place strictly necessary cookies or local storage entries to ensure security and availability.
We review our vendors and request privacy‑protective settings where possible.
5) Legal basis for cookies
Strictly Necessary: Our legitimate interests in operating secure, reliable Services (and performance of a contract with you when you sign in or pay).
Preferences, Analytics, Experiments: Your consent where required by local law. You can withdraw consent at any time through our cookie settings (see below) or by disabling cookies in your browser.
6) Your choices
A) Cookie banner & settings
On your first visit (and periodically thereafter), we display a cookie notice. You can accept, reject, or tailor categories (except Strictly Necessary). You can update choices anytime via the "Cookie Settings" link in our footer.
B) Browser controls
Most browsers let you block/delete cookies. If you block strictly necessary cookies, some features may not work. Links for common browsers: Chrome, Edge, Firefox, Safari, Opera (see their help pages).
C) Global Privacy Control (GPC) & Do Not Track
If your browser sends a GPC signal, we treat it as a request to disable non‑essential cookies to the extent required by applicable law. We also respect Do Not Track where legally mandated.
D) Analytics opt‑out
When analytics is off (via banner or GPC), we refrain from setting analytics identifiers and use only aggregated, non‑identifying measurements where feasible.
7) Data we derive from cookies
Depending on your choices, cookies may capture: device type, browser version, approximate location (city/country), pages viewed, time on page, scroll/click events, referral/UTM data, error logs, and pseudonymous identifiers. We use this to: keep you signed in, secure the Services, fix bugs, measure feature adoption, improve speeds, and attribute partner referrals. We do not build behavioral advertising profiles on looktara.com.
8) Data retention
Cookie lifetimes are listed in the table above.
Analytics and logs derived from cookies are retained up to 13 months unless a shorter/longer period is required for security, fraud prevention, or legal obligations.
If you withdraw consent, we stop setting non‑essential cookies going forward and will delete associated identifiers within a reasonable time.
9) Children
Looktara is not directed to children under 13 (or a higher age where required by local law). We do not knowingly place non‑essential cookies for users identified as underage.
10) International considerations
We operate globally. Cookie‑derived data may be processed in or transferred to countries with different data protections. Where applicable, we use safeguards recognized by law (e.g., contractual protections) and privacy‑protective technical measures.
11) Your privacy rights
Depending on your region, you may have rights to access, correct, delete, or obtain a copy of your personal data, and to object to or restrict certain processing. To exercise rights or withdraw consent to non‑essential cookies, use Cookie Settings or contact [email protected]. We respond within 24 hours.
India (DPDP Act): You may write to [email protected] (subject: "Grievance") for complaints. We acknowledge within 24 hours and aim to resolve promptly.
12) Updates to this Policy
We may update this Policy to reflect changes in law or our practices. Significant changes will be communicated via banner or in‑product notice. The "Effective date" at the top shows when this Policy last changed.
13) Contact us
Email: [email protected]
WhatsApp: +91 82008 68193
Postal: MARKUPX BRANDS TECHNOLOGIES PRIVATE LIMITED, New Delhi, India (Attn: Privacy)