Privacy Policy
Last Updated: December 4, 2025
At DreamyHook Digital Media, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services, including our AI-powered products and digital solutions.
1. Information We Collect
1.1 Information You Provide
We collect information that you voluntarily provide to us when you:
- Register for an account or sign up for our services
- Use our AI Workflow Builder or Identity Service
- Submit contact forms or request information
- Subscribe to our newsletters or marketing communications
- Participate in surveys, contests, or promotional activities
- Communicate with our customer support team
This information may include:
- Name, email address, phone number
- Company name and business information
- Billing and payment information
- Authentication credentials (securely encrypted)
- Profile information and preferences
- Project details and specifications
1.2 Automatically Collected Information
When you access our services, we automatically collect certain information, including:
- Device information (IP address, browser type, operating system)
- Usage data (pages visited, time spent, features used)
- Log data (access times, error logs, performance metrics)
- Location data (general geographic location based on IP address)
- Cookies and similar tracking technologies
1.3 Information from Third Parties
We may receive information about you from third-party sources, including:
- Social media platforms (when you connect your accounts)
- Payment processors and financial institutions
- Marketing and analytics partners
- Publicly available sources
2. How We Use Your Information
We use the information we collect for the following purposes:
Service Delivery & Improvement
- Provide, maintain, and improve our services
- Process transactions and send transaction notifications
- Develop new features and products
- Personalize your experience and content
- Monitor and analyze usage patterns and trends
Communication
- Send administrative information and updates
- Respond to your inquiries and support requests
- Send marketing communications (with your consent)
- Conduct surveys and collect feedback
Security & Compliance
- Protect against fraud, unauthorized access, and security threats
- Comply with legal obligations and enforce our terms
- Investigate and prevent violations of our policies
- Maintain data integrity and system security
3. AI Products & Data Processing
3.1 AI Workflow Builder
Our AI Workflow Builder helps you automate business processes and create intelligent workflows. When you use this service:
- Data Collection: We collect workflow configurations, process data, automation rules, integration settings, and usage analytics
- Processing: Your workflow data is processed using machine learning algorithms to optimize automation and provide intelligent suggestions
- Data Retention: Workflow configurations are stored securely for as long as your account is active. Process execution logs are retained for 90 days for troubleshooting purposes
- Training Data: We may use aggregated, anonymized workflow patterns to improve our AI models, but never use your specific business data without explicit consent
- Security: All workflow data is encrypted in transit (TLS 1.3) and at rest (AES-256 encryption)
3.2 Identity Service (Authentication & Authorization)
Our Identity Service provides secure authentication and authorization for your applications:
- Authentication Data: We process login credentials, multi-factor authentication tokens, session data, and device fingerprints
- Authorization Data: User roles, permissions, access policies, and resource access logs
- Security Measures: Passwords are hashed using bcrypt with salt. We never store plain-text passwords. MFA tokens are time-based and single-use
- Session Management: Sessions are encrypted and expire after 24 hours of inactivity. You can revoke sessions at any time
- Access Logs: We maintain audit logs of authentication attempts and authorization decisions for security monitoring and compliance (retained for 1 year)
- Single Sign-On (SSO): When using SSO integration, we process only the minimum necessary identity information from your identity provider
3.3 AI-Powered Analytics & Insights
Our AI analytics tools process your data to provide insights:
- Data is processed within secure, isolated environments
- AI models analyze patterns to generate recommendations and predictions
- You maintain full ownership and control of your data
- We use differential privacy techniques to protect individual data points
3.4 Data Processing Location
Your data is primarily processed in secure data centers located in India. For global services, we may process data in AWS/Azure regions closest to your location to ensure optimal performance. Data remains within the selected region unless you explicitly configure cross-region features.
4. Data Sharing & Disclosure
We do not sell your personal information. We may share your information in the following circumstances:
Service Providers
We share data with trusted third-party service providers who assist us in operating our services:
- Cloud infrastructure providers (AWS, Azure, Google Cloud)
- Payment processors (Razorpay, Stripe)
- Email and communication platforms
- Analytics and monitoring services
- Customer support tools
All service providers are bound by data protection agreements and can only use your data to perform services on our behalf.
Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your data is transferred and subject to a different privacy policy.
Legal Requirements
We may disclose your information if required by law or in response to:
- Valid legal processes (subpoenas, court orders)
- Government or regulatory requests
- Protection of our rights and safety
- Prevention of fraud or security threats
With Your Consent
We may share your information with third parties when you explicitly consent to such sharing, such as when integrating with third-party applications or services.
5. Data Security
We implement comprehensive security measures to protect your information:
Encryption
Data in transit: TLS 1.3
Data at rest: AES-256
End-to-end encryption for sensitive data
Access Controls
Role-based access control (RBAC)
Multi-factor authentication (MFA)
Principle of least privilege
Monitoring
24/7 security monitoring
Intrusion detection systems
Regular security audits
Compliance
ISO 27001 practices
GDPR compliance
SOC 2 Type II standards
Backup & Recovery
Daily automated backups
Disaster recovery plans
99.9% uptime SLA
Staff Training
Regular security training
Confidentiality agreements
Background checks
Important: No method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.
6. Your Rights
You have the following rights regarding your personal information:
Access
Request a copy of the personal information we hold about you
Correction
Request correction of inaccurate or incomplete information
Deletion
Request deletion of your personal information (subject to legal obligations)
Portability
Request a copy of your data in a structured, machine-readable format
Restriction
Request restriction of processing your personal information
Objection
Object to processing of your information for certain purposes
Withdraw Consent
Withdraw consent for processing (where consent is the legal basis)
Opt-Out
Opt-out of marketing communications at any time
To exercise any of these rights, please contact us at hello@dreamyhook.in or call +91-7042749169. We will respond to your request within 30 days.
7. Cookies & Tracking Technologies
We use cookies and similar tracking technologies to collect and track information and improve our services:
7.1 Types of Cookies We Use
7.2 Managing Cookies
You can control and manage cookies through your browser settings. However, disabling certain cookies may affect the functionality of our services. To opt-out of third-party advertising cookies, visit:
- Google Ads Settings: google.com/settings/ads
- Facebook Ad Preferences: facebook.com/ads/preferences
- Network Advertising Initiative: optout.networkadvertising.org
8. Children's Privacy
Our services are not intended for children under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately, and we will delete such information from our systems.
9. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws different from your jurisdiction. When we transfer data internationally, we ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Adequacy decisions by relevant data protection authorities
- Your explicit consent for specific transfers
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. We will notify you of any material changes by:
- Posting the updated policy on our website
- Updating the "Last Updated" date at the top of this page
- Sending an email notification for significant changes
- Displaying a prominent notice on our website
Your continued use of our services after changes become effective constitutes acceptance of the updated Privacy Policy.
11. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
By Email
By Phone
By Mail
DreamyHook Digital Media
Plot 25B, Industrial Area
Sector 32, Gurugram
Haryana, India - 122001
Data Protection Officer
For data protection inquiries, you can reach our DPO at:
dpo@dreamyhook.in
We aim to respond to all inquiries within 5 business days. For urgent privacy matters, please indicate "URGENT - PRIVACY" in your subject line.