StatixBack to home
Legal

Privacy policy

Last updated: 18 May 2026

This Privacy Policy describes how Statix (“Statix”, “we”, “us”, “our”) collects, uses, stores, and shares information when you visit getstatix.co, use the Statix dashboard, or place an order with us. We are committed to handling your data responsibly and in line with the Indian Digital Personal Data Protection Act, 2023 (“DPDP Act”) and applicable Indian law.

1. Information We Collect

We collect only what we need to deliver creatives and operate our business.

  • Account & contact: name, email address, phone number (where given), and login credentials.
  • Brand information: brand name, logo, brand guidelines, hex colours, fonts, tone-of-voice notes, and any reference URLs or ad swipes you share.
  • Order content: product images, product descriptions, offers, claims, and any other material you upload for use in your creatives.
  • Tax & billing: billing address, GSTIN (if you provide one), and invoice metadata.
  • Payment metadata: transaction IDs, payment method type, last four digits of card or UPI handle, and status. Full card numbers, CVVs, and bank credentials are never seen or stored by Statix — these are handled directly by Razorpay.
  • Usage data: device, browser, IP address, pages viewed, and dashboard interactions, collected through standard server logs and cookies.

2. How We Use Information

  • To deliver the creatives you have ordered.
  • To process payments, issue invoices, and meet our tax obligations.
  • To communicate about your order — delivery notifications, revisions, support.
  • To improve the Service, fix bugs, and protect against fraud or abuse.
  • To send occasional product updates or offers (you can opt out at any time).
  • To comply with applicable law and respond to lawful requests from authorities.

3. Information Sharing

We do not sell your personal information. We share data only with trusted processors who help us run the Service:

  • Razorpay — payment processing, refunds, and invoice metadata.
  • Supabase — primary database and authentication, hosted in Mumbai (ap-south-1).
  • Resend — transactional email delivery (order confirmations, delivery notifications, password resets).
  • Vercel — web hosting and edge serving for getstatix.co and the dashboard.
  • Cal.com — scheduling discovery calls when you book a call with us.
  • Government authorities — when required by law, court order, or to protect rights, safety, and property.

Each processor is contractually required to protect your data and use it only for the purpose we engage them for.

4. Data Storage & Location

Primary customer data — accounts, orders, brand info, delivered files, invoices — is stored in Supabase’s Mumbai region (ap-south-1). Backups are encrypted and retained as part of routine database operations.

5. Cookies & Tracking

We use a small number of cookies to keep you signed in, remember preferences, and understand how the site is used. We do not use third-party advertising cookies. You can clear or block cookies in your browser settings, though some parts of the dashboard may not function correctly without them.

6. Your Rights

Under the DPDP Act and applicable law, you have the right to:

  • Access a copy of the personal data we hold about you.
  • Correct or update inaccurate or incomplete information.
  • Delete your account and associated personal data, subject to legal retention requirements.
  • Withdraw consent at any time, where processing is based on consent.
  • Nominate another individual to exercise these rights on your behalf in the event of death or incapacity.
  • Raise a grievance with our Grievance Officer (see section 12).

To exercise any of these rights, write to admin@getstatix.co from your registered email. We will respond within a reasonable time, generally within 30 days.

7. Children’s Privacy

The Service is not intended for, and we do not knowingly collect data from, anyone under the age of 18. If you believe a minor has provided us with personal information, please contact us so we can delete it.

8. Data Retention

We keep your account and order data for as long as your account is active and for a reasonable period afterwards to comply with tax, accounting, and audit obligations under Indian law (generally 7 years for invoices). When data is no longer needed, we delete or anonymise it.

9. Security

We use encryption in transit (HTTPS), encryption at rest on managed databases, role-based access for our team, and secure authentication via our hosting providers. No system is 100% secure, but we work hard to protect your data and will notify you and the appropriate authorities of any material breach as required by law.

10. International Transfers

While our primary data lives in India (Supabase Mumbai), some of our processors — including Vercel (USA), Resend (USA), and Cal.com (USA) — operate infrastructure outside India. Where data is transferred outside India, we rely on the standard contractual protections offered by these providers and the permissions granted under the DPDP Act and notifications issued thereunder.

11. Changes to This Policy

We may update this policy from time to time. The “Last updated” date at the top of the page reflects the latest version. Material changes will be notified by email or via a notice on the dashboard.

12. Grievance Officer

In line with the DPDP Act and the Information Technology Rules, our Grievance Officer can be reached at:

Grievance Officer, Statix
Email: admin@getstatix.co
Phone: +91 95560 45365
Address: E-318, Avinash Capital Homes, Phase 2, Saddu, Raipur, Chhattisgarh 492014, India

We aim to acknowledge complaints within 48 hours and resolve them within 30 days. The name of the Grievance Officer will be published on this page once formally appointed; until then, complaints received at the email above are handled by the Statix operations team.