Privacy Policy

Privacy Policy

Last updated: September 1, 2025

Beyondwork Ventures Private Limited (“Beyondwork”, “we”, “us”, or “our”) is committed to protecting your personal information. This Privacy Policy explains how we collect, use, share, and safeguard personal data in the course of our business in India, including through our brands BeyondXP (corporate events & experience marketing) and Wedbeyond (wedding planning services). We adhere to the requirements of India’s Digital Personal Data Protection Act, 2023 and follow global best practices for transparency, consent, use of data, and third-party integrations. By using our services or providing your information, you agree to the practices described in this Policy (consent which is free, informed, and unambiguous). If you do not agree, please do not use our services.

Information We Collect

We only collect personal information that is necessary for the purposes set out in this Policy. The types of personal data we may collect include:

  • Identity and Contact Information: Name, email address, phone number, and other contact details.

  • Location Information: Your general location or address (for example, city or venue location for an event).

  • Payment Information: Payment details such as credit/debit card information or UPI details for processing transactions. (For security, payments may be handled via trusted payment gateways; we do not store full card numbers on our systems).

  • Service Details: Information specific to the services you request from us. For BeyondXP, this may include company name, event preferences, attendee information, etc. For Wedbeyond, this may include wedding dates, venue preferences, number of guests, and other event-related details you provide.

  • Usage and Technical Data: When you visit our website or use our online services, we collect data through cookies and similar technologies (explained below). This may include IP address, browser type, device identifiers, pages viewed, and interactions with our site.

  • Communications: Copies of your communications with us (e.g. emails, WhatsApp messages, chat logs, phone call records or voicemails) and any other information you voluntarily send us.

We do not intentionally collect any sensitive personal data (such as passwords, financial account passwords, health information, etc.) unrelated to the above, and we do not provide services to or knowingly collect data from individuals under 18 years of age (see Minors’ Privacy below).

How We Collect Your Information

We gather personal information from you in several ways:

  • Directly from You: You may provide data when you fill out forms on our websites (e.g. inquiry or booking forms), enter information at events, or communicate with us via phone, email, or in person.

  • Via Messaging and Chat: If you contact us through messaging platforms such as WhatsApp or other chat services, we will collect the information you share (e.g. your phone number and message content).

  • Third-Party Integrations: We may receive information through third-party platforms or APIs. For example, if you choose to sign up or log in via Google or Meta (Facebook/Instagram), we will obtain the personal data (like your name or email) that you authorize those platforms to share with us. Similarly, if we integrate a map service (Google Maps) to help you locate venues, or use a scheduling API, some data may be collected through those tools.

  • Cookies and Automated Technologies: When you visit our website, we use cookies and similar tracking technologies to automatically collect technical data about your browsing (see Cookies and Tracking Technologies below for details). This helps us understand how you use our site and personalize your experience.

  • Offline and In-Person Interactions: We may collect data at our physical events or meetings. For example, if you attend a BeyondXP event or a wedding expo booth for Wedbeyond, we might collect your contact details or feedback through sign-up sheets, business cards, or surveys (with your knowledge).

In all cases, we collect personal data in a lawful manner and, where required, with your consent or deemed consent. We will inform you at the time of collection why we are collecting the data and how it will be used, as required by law.

Use of Personal Data

We use the collected personal information for the following purposes, and we ensure that such use is for legitimate business needs and with appropriate consent:

  • Providing and Personalizing Services: To plan, organize, and execute the experiences you request. Your information allows us to customize our corporate events or wedding planning services to your needs, preferences, and location.

  • Communication: To communicate with you regarding your inquiries, bookings, or ongoing services. We will use your contact details to send service-related messages such as confirmations, updates, event schedules, and respond to your questions or support requests.

  • Payments and Transactions: To process payments for our services and provide receipts or invoices. Payment information is used strictly for completing the transaction you authorized.

  • Improvement and Analytics: To understand how our services are used and to improve our offerings. We analyze usage data and feedback to enhance user experience, fix issues, and develop new features. We may also anonymize or aggregate data to gain insights (for example, analyzing event trends or website traffic patterns) without identifying individuals.

  • Marketing and Promotions: To send you promotional materials, newsletters, or recommendations about our services or upcoming events that may interest you, only if you have opted in to such communications. You can opt out of marketing communications at any time by contacting us or using the “unsubscribe” link in emails.

  • Artificial Intelligence (AI) Training and Development: To innovate and improve our service quality, we may use certain data to train our algorithms and AI models. For example, we might analyze common customer inquiries or preferences to improve our AI-driven recommendations or chat support. Any such use of your data for AI training is done in accordance with applicable privacy laws and with respect for your privacy – typically using anonymized or aggregated data. We do not use sensitive personal details in AI training without explicit consent, and we ensure your personal data is not misused by any AI tools.

  • Compliance and Legal Obligations: To comply with applicable laws, regulations, and lawful requests from authorities. For instance, we may process and retain certain data for tax accounting, to respond to a court order, or to prevent fraud and enforce our agreements. We also use data as needed to protect our rights, your safety, and the rights or safety of others (e.g. for fraud prevention or security monitoring).

We will not use your personal information for any purpose that is incompatible with the original purpose without obtaining your consent. If we intend to process your personal data for a new purpose, we will provide you with notice and seek consent when required.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies on our websites to collect information and enhance your experience. Cookies are small text files placed on your device. Specifically:

  • Types of Cookies Used: We use both session cookies (which expire when you close your browser) and persistent cookies (which remain for a set period or until deleted). These include necessary cookies to enable core site functionality, as well as analytics and functionality cookies to remember your preferences and understand how you navigate our content. We do not use cookies to collect sensitive personal data.

  • Analytics: We use third-party analytics services such as Google Analytics to gather information about site traffic and usage. Google Analytics may set its own cookies to track page views and interactions in order to provide these analytics services. The information collected (e.g. your IP address, browser type, pages visited, time spent) is transmitted to Google Analytics and helps us analyze aggregate user behavior on our site. We use these insights to improve site performance and content. This data is not used to identify you personally, and we do not allow Google to use it for their own purposes beyond providing us the analytics. (For more details, see Google’s privacy policy on how they handle Analytics data.)

  • Advertising and Third-Party Cookies: We may use third-party tools like Meta Pixel (Facebook Pixel) or Google Ads cookies to help deliver relevant advertisements about our services on third-party platforms. These tracking technologies help us understand the effectiveness of our ads and may provide you with tailored advertisements on other websites or social media, based on your interactions with our site. Any such cookies will be used in compliance with applicable law and platform policies – for example, Meta and Google require that we inform users of such data collection for targeted advertising. You can opt out of targeted advertising through mechanisms provided by those platforms (such as Facebook’s ad preferences or Google’s Ad Settings).

  • Your Choices: You can control or delete cookies through your browser settings. Most browsers allow you to refuse new cookies or delete existing ones. However, please note that if you disable cookies, some features of our website may not function as intended (for instance, your preferences might not be saved). By using our site without disabling cookies, you consent to our use of cookies as described in this Policy. We also honor Do-Not-Track signals to the extent possible – if your browser is set to DNT, our site will try to limit tracking behaviors.

For more information on how we use cookies or how to opt out of certain cookies (such as Google Analytics), please refer to our Cookie Policy or reach out to us with any questions.

Sharing and Disclosure of Personal Data

We value your privacy and handle your personal data with care. We do not sell or rent your personal information to third parties for their own marketing or other uses. We also do not share your data externally except as necessary to run our business or provide our services, as detailed below:

  • Within Beyondwork: Your information may be shared between our own brands and internal teams on a need-to-know basis. For example, if both BeyondXP and Wedbeyond teams are involved in serving you (such as a corporate client also planning a personal event), we may share relevant details internally to ensure seamless service.

  • Service Providers (Processors): We use trusted third-party companies to perform certain business operations on our behalf – for instance, cloud hosting providers, CRM (customer relationship management) and support software, email/SMS delivery services, payment gateways, or analytics tools. We share the necessary personal data with these service providers only to the extent needed for them to carry out their functions (and only for the purposes described in this Policy). These providers are contractually obligated to protect your data with appropriate security measures and to use it solely under our instructions. For example, our payment processor will receive your payment details to process a transaction, or our email service may handle your email address to send a booking confirmation. They are not permitted to use your data for any other purposes.

  • Event Partners and Vendors: As part of delivering our services (especially for Wedbeyond wedding planning or BeyondXP events), it may be necessary to share some information with third-party vendors or partners at your behest. For example, if you have selected a particular venue, caterer, or photographer through our planning services, we would share the relevant details (such as your name and event details) with those vendors to secure bookings and arrangements. We will only do this with your knowledge and for fulfilling the service contract you have with us. These parties will receive only the information required and are expected to protect it and use it only for the specified event purpose.

  • Legal Compliance and Protection: We may disclose personal information to government authorities, regulators, courts, or law enforcement if required to do so by law or legal process (such as a subpoena, court order, or regulatory request). We may also share information when we believe in good faith that disclosure is necessary to protect our rights, privacy, safety or property, and/or that of our customers or others; for example, to detect and prevent fraud or security issues.

  • Business Transfers: If Beyondwork Ventures undergoes a business transaction such as a merger, acquisition, reorganization, or sale of assets, your personal data may be transferred to the successor or acquiring entity as part of the transaction. In such cases, we will ensure that the new owner will continue to honor the privacy commitments made in this Policy, or we will provide you with notice and an opportunity to opt out of the transfer of your personal information.

Aside from the circumstances above, we will not share your personal data with any external third party without your explicit consent. If we ever need to share your information for any other purpose, we will explain why and seek your permission.

Third-Party Platforms and Services

Beyondwork integrates with certain third-party platforms to enhance our services and reach customers. We are committed to ensuring that these integrations respect your privacy:

  • Meta (Facebook/Instagram): We maintain a presence on Meta platforms and may use Meta services (like the Facebook Pixel or Instagram integrations) for advertising and login. Any personal data we collect via Meta – for example, if you use Facebook to log into a Beyondwork service or if you message us through Instagram – is handled in accordance with this Policy and Meta’s platform rules. We do not provide Meta with any personal data beyond what is necessary, nor do we receive more data from Meta than you authorize. Meta requires that apps and websites using its tools have a clear privacy policy and honor user data deletion requests. In compliance, we disclose our use of Meta integrations and you may request deletion of any data we receive through Facebook/Instagram by contacting us (see Your Rights below).

  • Google Services: We use various Google services (such as Google Analytics, Google Ads, or Google Maps integration). Google’s policies mandate transparency about data usage and sharing. Accordingly, we inform you that if you use Google to sign in or interact with our services, we will obtain your basic profile information (like name and email) from Google as per your consent. We also use Google Analytics cookies as described in Cookies above, and Google may receive certain usage data in the process. We ensure that any data shared with Google or obtained from Google is used strictly for the purposes of our services to you, in line with Google’s data use restrictions. We do not share any personally identifiable information with Google beyond what is necessary for the service.

  • OpenAI (ChatGPT) and AI Integration: To improve customer experience, we may utilize AI services such as OpenAI’s ChatGPT (for instance, an AI-powered chatbot or content generation). If you interact with a Beyondwork AI assistant or if your query is processed by an AI model, the content of your query and necessary context might be sent to the AI service to generate a response. We ensure that such third-party AI providers are bound to privacy commitments. For example, our agreements with AI service providers like OpenAI ensure that any data we send (e.g., your query text) is not used to train their public models and is only used to give us the intended output. We do not send any more personal information than required to get relevant assistance. Your data remains confidential and is handled securely in these processes. (OpenAI and similar providers have their own privacy policies; however, our integration is designed to protect your data as per this Policy).

  • Perplexity AI and Other Partners: In keeping with the latest industry standards, we may integrate with emerging AI platforms like Perplexity for enhanced search or answer capabilities. We prioritize privacy in such integrations. If any personal data is involved, we will treat it under the same strict conditions: it will remain anonymized where possible, and not be used by those platforms for purposes other than providing the intended functionality. We actively configure such tools to opt out of model training on our data whenever that option is available, to safeguard your privacy.

  • Third-Party Links and Content: Our services might include links to third-party websites (for example, a link to a vendor’s site or an article). If you click on those, you will be directed to sites we do not operate. This Policy does not govern external sites – their own privacy policies will apply. We recommend you review the privacy policies of any third-party sites or services you interact with. We are not responsible for the privacy practices of those external parties.

We have designed our privacy practices to meet or exceed the requirements of major platforms and regulatory standards. We regularly review our integrations with Meta, Google, OpenAI, Perplexity, and others to ensure full compliance with their data handling rules and to maintain the trust of our users. If you have any questions about a specific integration or data flow, please contact us.

Data Security

We take the security of your personal data very seriously. Beyondwork implements a variety of technical and organizational measures to protect your information from unauthorized access, loss, misuse, alteration, or disclosure. These measures include:

  • Encryption of sensitive information in transit (for example, our website uses HTTPS/TLS to secure data exchange) and encryption at rest where applicable.

  • Secure storage on servers with robust firewalls and access controls. Personal data is stored on systems that are password-protected and accessible only by authorized personnel on a need-to-know basis.

  • Regular security audits and updates. We keep our software and infrastructure updated to protect against vulnerabilities, and we periodically review our security policies.

  • Employee training and confidentiality agreements. Our staff are trained on data protection best practices and are bound by confidentiality obligations to protect your information.

  • An incident response plan. In the unlikely event of a data breach or security incident, we have procedures in place to contain the issue, mitigate harm, and notify affected users and authorities as required by law.

While we strive to safeguard your data, please note that no method of transmission over the internet or electronic storage is 100% secure. Therefore, we cannot guarantee absolute security. You share and transmit information at your own risk. We encourage you to use caution when sharing information online and to report any suspected unauthorized access to your personal data. If you have an online account with us, it is important that you protect your login credentials and log out after your sessions.

If we become aware of a security breach that compromises your personal data, we will promptly inform you and the relevant authorities (such as the Data Protection Board of India) as required by applicable law.

Data Retention

We will retain your personal information only for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. In general:

  • If you are a customer (for example, you have engaged us for an event), we will keep your data for the duration of our relationship and for a reasonable period thereafter, in case you decide to use our services again or have inquiries regarding past services.

  • If you contact us for an inquiry but do not ultimately use our services, we may retain your provided information for a limited time to follow up on the inquiry and then delete it, unless you consent to receive marketing or stay in touch.

  • We may retain certain transaction records, correspondence, and other information as required for legal compliance (e.g., financial records for tax purposes) or for resolving disputes. The retention period will be the minimum necessary and as mandated by law.

  • Any information that is stored in backups or archives will be protected and secured. When those archives rotate out of use, the data will be deleted or overwritten in line with our backup retention schedule.

When we no longer have a legitimate need or legal obligation to retain your personal data, we will securely delete or anonymize it. For example, we may convert old event records into aggregate statistics that no longer identify individuals.

If you request deletion of your data (see Your Rights below), we will honor that request and delete your data from active systems, unless retention is required by law. Please note that it may not be immediately removed from all backup systems but will be deleted during the next backup cycle.

Your Rights and Choices

As a user of our services and as a data principal under Indian law, you have certain rights regarding your personal data. We are committed to upholding your rights and providing you with control over your information. Your key rights include:

  • Right to Access: You have the right to request a copy of the personal data we hold about you and to obtain information about how we process it. We will provide you with a summary of your data in a structured format, typically within a reasonable time frame.

  • Right to Correction: If any of your personal information is inaccurate or outdated, you have the right to ask us to correct it. You may also request that we complete any data that is incomplete. We encourage you to keep your information updated and will make corrections promptly upon verification.

  • Right to Erasure: You can request that we delete your personal data. This “right to be forgotten” is not absolute – it applies in certain circumstances (for example, if the data is no longer needed for the purpose it was collected, or if you withdraw consent and there is no other legal basis for processing). We will evaluate and comply with valid deletion requests, erasing your data from our systems unless we are required to retain it for legal reasons.

  • Right to Withdraw Consent: Where we rely on your consent to process data (such as for marketing or optional data uses), you have the right to withdraw that consent at any time. For example, you can opt out of marketing emails by clicking “unsubscribe” or by contacting us. Withdrawing consent will not affect the lawfulness of any processing done before your withdrawal, but it means we will stop the specific processing going forward.

  • Right to Data Portability: In cases where applicable (generally when processing is based on consent and carried out by automated means), you may request that we provide your personal data to you, or transmit it to another service provider, in a commonly used, machine-readable format.

  • Right to Grievance Redressal: We provide an accessible and effective way for you to raise concerns or complaints. If you have any grievances about how we handle your data, you can contact our Grievance Officer (contact details in Contact Us section below). We will acknowledge and resolve your complaints within the timeframe prescribed by law. We are dedicated to resolving any issues directly with you in a fair and transparent manner.

  • Right to Lodge a Complaint with Authorities: If you are not satisfied with our response to a privacy concern, you have the right to complain to the relevant supervisory authority. In India, this would be the Data Protection Board established under the DPDP Act. You may lodge a complaint with the Board following the procedures they provide. We hope to address your concerns before it reaches this stage, but this right is available to you.

In addition to the above rights, you have choices regarding certain uses of your data:

  • Marketing and Communications: You can opt out of receiving promotional communications from us by using the unsubscribe link in an email or by contacting us to update your preferences. Even if you opt out of marketing, we may still send you essential service or transactional messages (for example, booking confirmations or event updates).

  • Cookies and Tracking: As described in the Cookies section, you can control cookie settings and opt out of certain analytics or advertising tracking. Tools like browser add-ons (e.g., Google Analytics opt-out) can also help manage these preferences.

  • Third-Party Data Sharing: If you have linked third-party accounts (Google, Facebook, etc.) or allowed us to obtain data from other sources, you can revoke those permissions by adjusting your settings on the respective third-party platform. For instance, you can remove Beyondwork’s access in your Google account settings or Facebook app settings, which will stop further data sharing from that source.

Exercising Your Rights: To exercise any of your rights, please contact us using the contact information in the next section. We may need to verify your identity (to ensure the security of your data) before fulfilling your request. We will respond to your request as soon as possible, and in any event within any timeframe required by law. If we cannot fulfill your request (due to a legal obligation or other valid reason), we will inform you of the reason and any options available.

We do not discriminate against individuals who choose to exercise their privacy rights. Our aim is to honor your requests and maintain your trust.

Minors’ Privacy

Our services are not directed to individuals under the age of 18, and we do not knowingly collect personal data from minors. If you are under 18, please do not use our websites or provide any personal information to us. Beyondwork’s events and offerings are intended for adults (or businesses) and we require that any users or clients be at least 18 years old.

In the event we learn that we have inadvertently collected personal information from a child under 18 without proper consent from a parent or guardian (as required by law), we will take prompt steps to delete that information from our records. If you believe that a minor may have provided us with personal data, please contact us immediately so we can investigate and take appropriate action.

Parents or legal guardians: if you become aware that a child under your care has provided personal information to Beyondwork, you may contact us to request deletion of that information. We will then delete the child’s data and unsubscribe them from any of our communications in accordance with applicable laws.

International Data Transfers

While we primarily serve customers in India, the personal data we collect may be stored or processed on servers located in other countries. For example, we might use cloud service providers or email systems that are based outside of India. In all such cases, we take steps to ensure your data is afforded a high level of protection consistent with this Policy and applicable law.

The Digital Personal Data Protection Act, 2023 allows transfer of personal data outside India except to certain restricted jurisdictions, subject to adequacy and other conditions. When we transfer data across borders, we do so in compliance with these requirements. This includes:

  • Adequate Safeguards: We rely on industry-standard safeguards such as contractual clauses (Data Processing Agreements with standard data protection clauses) with our service providers to ensure they protect your information. Our contracts with processors stipulate strict confidentiality and security measures, no matter where their servers are located.

  • Trusted Partners: We only work with reputable third-party service providers in jurisdictions with strong data protection standards. For instance, many of our systems are hosted on platforms that are SOC 2 compliant or ISO 27001 certified, which attests to robust data security practices.

  • Continuous Monitoring: We monitor legal developments regarding international data transfers. If a country is officially designated as unsafe for data transfer or if new rules require additional measures, we will adjust our practices accordingly to remain compliant and keep your data secure.

By providing your information or using our services, you consent to the transfer of your data outside India in the situations described above. However, such transfers will always be done in line with the commitments of this Privacy Policy and with respect for your privacy rights. If you have questions about our data transfer practices, feel free to contact us.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our business, services, legal obligations, or for other operational reasons. When we make changes, we will revise the “Last updated” date at the top of this Policy. If the changes are significant, we may provide a more prominent notice (such as on our website’s homepage or via email notification, if appropriate).

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our services after any update constitutes your acceptance of the revised terms (to the extent permitted by law).

If we intend to process your personal data for a purpose materially different from what was stated at the time of collection, we will notify you and obtain your consent if required. We will not reduce your rights under this Privacy Policy without your explicit consent.

Contact Us (Grievance Redressal)

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please do not hesitate to contact us. We have appointed a Grievance Officer to address and resolve any privacy-related issues or complaints you might have. You may reach us through any of the following methods:

  • Grievance Officer: Dharshan S

  • Email: privacy@beyondwork.co.in (Please include “Privacy Request” in the subject line for quicker assistance.)

  • Postal Address: Beyondwork Ventures Private Limited, Room No. 2, Ranjitha Building, Kadugodi Main road, Opp to FCI, Channasandra, Bengaluru – 560067. 

  • Telephone: [+91-9741462229] (available during business hours).

Our Grievance Officer is responsible for overseeing compliance with this Privacy Policy and applicable data protection laws. We will acknowledge your queries or complaints within the timeline prescribed by law and work to resolve them expeditiously. In most cases, we aim to provide a resolution or response within 15 working days. If a matter requires more time, we will inform you of the progress.

Should you feel that we have not addressed your concern satisfactorily, and after contacting us you still have unresolved issues, you have the right to contact the Data Protection Board of India or other relevant authority to lodge a complaint. We sincerely hope that will not be necessary and commit to doing our best to resolve any privacy issues directly.