Privacy Policy

Company: MARKUPX BRANDS TECHNOLOGIES PRIVATE LIMITED ("Looktara", "we", "us")

Covered Services: looktara.com and associated subdomains, the Looktara browser extension, and WhatsApp-based features (collectively, the "Services")

Contact: [email protected] | WhatsApp: +91 82008 68193

We respect your privacy and are committed to protecting it. This Policy explains what data we collect, how we use it, when we share it, and the choices and rights you have. It applies to everyone who uses or interacts with the Services.

We collect the following categories of information:

A) Data you provide directly

• Account data: name, email address, password (hashed), country/locale, role (if provided).
• Training photos: images you upload to create your personal model (plus basic metadata like filename, upload time).
• Prompts & references: text prompts, titles, tags, reference image selections/IDs used for generation.
• Generated outputs: images produced in your account and stored with us until you delete them.
• Billing & transactions: plan type, invoices/receipts, amounts, currency, timestamps (we do not store full card numbers).
• Communications: messages you send to support, survey responses, WhatsApp opt‑ins, and preferences.

B) Data collected automatically

• Device/usage: IP address, device type, OS, browser version, time zone, language, page views, feature usage, clicks, scrolls, session duration, referring URLs/UTM parameters, error logs.
• Diagnostics & security: pseudonymous device identifiers, rate‑limit and anti‑abuse signals, login timestamps, and similar telemetry needed to keep the Services reliable and secure.

C) Data from third parties (limited)

• Payments: Payment processors may provide transaction confirmations, fraud risk signals, and partial billing data (e.g., last4 digits, card brand).
• Messaging: WhatsApp or similar channels provide delivery/engagement status for messages we send to you.

See our Cookies & Data Policy for details on cookies, local storage, and analytics controls.

We use personal data to:

• Provide the Services: create and operate your account, process prompts, generate/store your images, and deliver features (packs, extension, WhatsApp prompts).
• Security & integrity: authenticate users, prevent fraud/abuse, enforce content rules, and ensure service availability.
• Payments: process purchases, issue invoices, manage credits/subscriptions, and handle account‑related communications.
• Product improvement: debug errors, measure performance, run A/B tests, and improve rendering quality/likeness/safety (using aggregate or de‑identified data where feasible).
• Communications: send transactional emails/WhatsApp messages (receipts, training status, low credits, renewal notices) and, with your consent where required, product tips and updates.
• Compliance: meet legal obligations, respond to lawful requests, and enforce our Terms.

We do not build behavioral advertising profiles on looktara.com and do not run third‑party advertising cookies.

For rules governing use of the Services, please see our Terms of Use.

• Contract: to provide and support the Services you request (account, generation, payments).
• Legitimate interests: security, fraud prevention, service improvement, and analytics (balanced with your rights).
• Consent: non‑essential cookies/analytics, WhatsApp prompts, and certain regional requirements.
• Legal obligation: tax, accounting, and responses to lawful requests.

We do not sell your personal data. We share data only with:

• Service providers (processors): secure cloud/hosting, storage/CDN, payment processing, messaging (e.g., WhatsApp), security/anti‑abuse, logging, and customer support tooling. These providers access data only to perform services for us under contract and confidentiality.
• Professional advisors: lawyers, accountants, auditors under confidentiality.
• Authorities: when required by law or to protect rights, safety, or integrity of the Services.
• Business transfers: in a merger, acquisition, or reorganization, your data may transfer under the same protections.

We avoid naming vendors in public docs; a current list of typical sub‑processor categories is available on request.

We operate globally and may process data in countries different from yours. When we transfer personal data internationally, we use legally recognized safeguards (e.g., contractual protections) and technical measures to protect it.

We keep data only as long as needed for the purposes above:

• Account data & settings: kept while your account is active; deleted or anonymized within a reasonable time after closure.
• Training photos & outputs: stored until you delete them or request deletion; backups may persist for 30–90 days.
• Prompts/references: stored as part of your account history until deleted.
• Analytics/diagnostics logs: retained up to 13 months (or longer only where required for security or legal reasons).
• Billing records & invoices: retained as required by law (e.g., tax/accounting) which may be 7–8 years in some regions.
• Support communications: typically retained up to 24 months to track resolution and improve service.

We use administrative, technical, and physical safeguards appropriate to the sensitivity of the data, including encryption in transit, access controls, least‑privilege, environment isolation, and abuse monitoring. No system can be 100% secure; you are responsible for keeping your credentials confidential and using strong passwords and secure devices.

Global controls

• Access, correction, deletion: Email [email protected] from your registered address to request a copy, correction, or deletion of your data.
• Portability: See our Data Portability Policy for export formats and process.
• Cookies/Analytics: Manage preferences via our cookie banner and Cookie Settings link; you can also use browser controls and Global Privacy Control (GPC) where supported.
• WhatsApp & emails: You can opt out of non‑essential WhatsApp messages and marketing emails at any time; transactional notices may still be sent.

Region‑specific rights (summary)

• EU/EEA & UK: You may have rights to access, rectify, erase, restrict, object, and data portability, and to lodge a complaint with your supervisory authority. Our lawful bases are listed above.
• United States (CCPA/CPRA and similar): California residents have rights to know/access, delete, correct, and opt out of certain disclosures. We do not sell personal information and do not share it for cross‑context behavioral advertising.
• Brazil (LGPD): You may request confirmation of processing, access, correction, anonymization, portability, deletion, and information about sharing.
• India (DPDP Act): You may request access/copies, correction, and grievance redressal. We acknowledge complaints within 24 hours and aim to resolve promptly.

We will verify your identity before fulfilling a request. If we cannot comply, we will explain why (e.g., legal obligations or security). Some rights may be limited by law.

The Services are not directed to children under 13 (or a higher age where required by local law). We do not knowingly collect personal data from such children. If you believe a child has provided personal data, contact us and we will take appropriate steps.

We use AI to generate solo portraits of the account holder. We prohibit public‑figure impersonation, multi‑person composites, explicit sexual content, and other unsafe uses. Your training photos and outputs are not used to train other users' models. See the AI Usage Disclosure for details.

We use cookies, local storage, and similar technologies to operate and improve the Services. For details and controls, see our Cookies & Data Policy.

The Services may link to third‑party sites or integrate with platforms (e.g., WhatsApp, LinkedIn). Their privacy practices are governed by their own policies. Please review them when you engage those services.

We may update this Policy to reflect product, legal, or operational changes. Material updates will be announced via in‑product notice or email. The Effective date at the top shows when this version took effect.

Questions, requests, or complaints:

• Email: [email protected]
• WhatsApp: +91 82008 68193
• Postal: MARKUPX BRANDS TECHNOLOGIES PRIVATE LIMITED, New Delhi, India (Attn: Privacy)

India Grievance Officer: Please email [email protected] with subject line "Grievance". We acknowledge within 24 hours and aim to resolve quickly.

No refunds reminder: As stated in our Terms and Refund Policy, all sales are final. This does not limit your statutory privacy rights, including access/portability where applicable.