Introduction
Dreabee ("we", "our", or "us") is committed to protecting your personal information. This Privacy Policy describes how we collect, use, store, share, and protect information about you when you use our website at dreabee.com, our mobile applications, and our influencer marketing platform (collectively, the "Platform").
This policy applies to all users of the Platform including registered account holders, visitors to our public website, and users of our free tools. It should be read alongside our Terms of Use.
We process personal data in accordance with applicable Indian data protection laws (including the Digital Personal Data Protection Act, 2023, "DPDP Act"), and where applicable, the EU General Data Protection Regulation (GDPR) for users in the European Economic Area.
📌 In plain English: We collect information to make the Platform work and to improve it. We don't sell your personal data. You have rights over your data and can contact us to exercise them.
Information We Collect
Information You Provide Directly
- Account information: Name, email address, password (stored as a hashed value), company name, job title, and billing details when you register.
- Payment information: Billing address and payment card details. Note: we use third-party payment processors and do not store full card numbers on our servers.
- Communications: Messages you send us via email, chat support, or contact forms, including feedback and support requests.
- Profile information: Any optional profile details you add, such as a profile photo or company description.
Information Collected Automatically
- Usage data: Pages visited, features used, search queries entered, reports generated, and time spent on the Platform.
- Device and browser information: IP address, browser type and version, operating system, device identifiers, and screen resolution.
- Cookies and tracking technologies: Session cookies, persistent cookies, and similar tracking technologies. See our Cookie section below for details.
- Log data: Server logs including access times, error logs, and referral URLs.
Information from Third Parties
- Social sign-on: If you log in using Google or another social account, we receive your name, email, and profile picture from that provider.
- Payment processors: Confirmation of payment status and fraud signals from our payment partners.
- Analytics partners: Aggregated analytics data from tools we use to understand Platform usage.
ℹ️ About influencer data: Our Platform analyses public social media data about influencers (audience size, engagement, public posts). This is publicly available information and is not sourced from private accounts.
How We Use Your Information
| Purpose | Legal Basis | Examples |
|---|---|---|
| Providing the Platform | Contract performance | Account management, processing searches, generating reports |
| Billing & Payments | Contract performance | Processing subscriptions, sending invoices, managing renewals |
| Customer Support | Legitimate interest | Responding to queries, troubleshooting technical issues |
| Platform Improvement | Legitimate interest | Analysing usage patterns, fixing bugs, developing new features |
| Security & Fraud Prevention | Legal obligation / legitimate interest | Detecting account misuse, protecting against unauthorised access |
| Marketing Communications | Consent | Product updates, blog newsletters, feature announcements |
| Legal Compliance | Legal obligation | Responding to lawful requests, maintaining required records |
We will not use your personal data for purposes incompatible with those listed above without first notifying you and, where required, seeking your consent.
How We Share Your Information
We do not sell, rent, or trade your personal information to third parties. We share data only in the following limited circumstances:
Service Providers
We engage trusted third-party companies to help us operate the Platform. These providers have access to your data only to perform specific tasks on our behalf and are obligated not to disclose or use it for other purposes. Our service providers include:
- Cloud infrastructure: Hosting and database services (e.g., AWS, Google Cloud)
- Payment processing: Stripe or Razorpay for secure payment handling
- Email delivery: Transactional and marketing email platforms
- Analytics: Product analytics and error tracking tools
- Customer support: Helpdesk software for managing support tickets
Business Transfers
If Dreabee is acquired by or merged with another company, your information may be transferred as part of that transaction. We will notify you via email or prominent notice on our Platform before your data is transferred and becomes subject to a different privacy policy.
Legal Requirements
We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency), provided such requests comply with applicable legal standards.
With Your Consent
We may share your information with third parties when you have given us explicit consent to do so, such as when you integrate third-party tools with your Dreabee account.
Cookies & Tracking Technologies
We use cookies and similar tracking technologies to operate and improve the Platform. Here's what we use and why:
| Cookie Type | Purpose | Duration |
|---|---|---|
| Essential | Required for login sessions, security, and basic Platform functionality. Cannot be disabled. | Session / up to 30 days |
| Functional | Remember your preferences such as language, display settings, and dashboard layout. | Up to 12 months |
| Analytics | Help us understand how users interact with the Platform so we can improve it. Data is aggregated and anonymised. | Up to 24 months |
| Marketing | Used to measure the effectiveness of our advertising campaigns. Only set with your consent. | Up to 12 months |
You can manage cookie preferences through your browser settings. Disabling certain cookies may affect Platform functionality. We do not currently respond to "Do Not Track" signals, but we do honour legally mandated opt-out mechanisms where applicable.
Data Retention
We retain personal data for as long as necessary to fulfil the purposes outlined in this policy, unless a longer retention period is required by law.
- Active account data: Retained for the duration of your account and for up to 2 years after account closure to allow for reactivation and dispute resolution.
- Billing records: Retained for 7 years to comply with tax and financial regulations.
- Support communications: Retained for 3 years from the date of the interaction.
- Usage logs: Retained for up to 12 months for security and performance purposes.
- Marketing consent records: Retained for the duration of your consent and for 1 year after withdrawal, for audit purposes.
When data is no longer required, it is securely deleted or anonymised in accordance with our internal data disposal procedures.
Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal data. We honour these rights for all users globally, regardless of jurisdiction.
To exercise any of these rights, email us at hello@dreabee.com with the subject line "Privacy Request". We will respond within 30 days. We may need to verify your identity before processing your request. There is no fee for submitting a request.
📌 You also have the right to lodge a complaint with your local data protection authority. In India, this is the Data Protection Board of India once operational under the DPDP Act, 2023.
Data Security
We implement industry-standard security measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security practices include:
- Encryption in transit: All data transmitted between your browser and our servers is encrypted using TLS 1.2 or higher.
- Encryption at rest: Sensitive data including passwords (hashed with bcrypt) and payment tokens are encrypted at rest.
- Access controls: Role-based access controls limit employee access to personal data on a need-to-know basis.
- Regular audits: We conduct periodic security reviews and vulnerability assessments.
- Incident response: We maintain a documented data breach response procedure. In the event of a breach affecting your data, we will notify you within 72 hours of becoming aware of it, as required by law.
While we take all reasonable precautions, no method of transmission over the internet or electronic storage is 100% secure. We encourage you to use strong, unique passwords and to enable two-factor authentication where available.
International Data Transfers
Dreabee is based in India. If you are located outside India, your personal data will be transferred to and processed in India, where data protection laws may differ from those in your country.
For users in the European Economic Area (EEA) or United Kingdom: where we transfer your data outside the EEA/UK, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission, or other legally recognised transfer mechanisms.
By using the Platform, you consent to the transfer and processing of your data in India and other countries where our service providers operate, in accordance with this Privacy Policy.
Children's Privacy
The Platform is not directed at children under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have inadvertently collected personal data from a child under 18, we will take immediate steps to delete that information.
If you believe we have collected data from a minor, please contact us immediately at hello@dreabee.com.
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:
- Update the "last updated" date at the top of this page.
- Notify registered users by email at least 14 days before the changes take effect.
- Where required by law, seek your renewed consent.
We encourage you to review this page periodically. Your continued use of the Platform after the effective date of a revised policy constitutes your acceptance of the changes.
Contact & Data Controller
Dreabee is the data controller for personal data collected through the Platform. If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:
- Email: hello@dreabee.com — subject line: "Privacy Request"
- Phone: +91 7739083447
- Postal address: Dreabee, Office India, Gorakhpur, Uttar Pradesh 273001, India
We aim to acknowledge all privacy requests within 48 hours and resolve them within 30 days. For complex requests, we may require additional time and will notify you accordingly.