Privacy Policy

FragSocial is a social platform for fragrance enthusiasts — discovery, reviews, collections, and peer-to-peer trading of perfumes. It is operated as a solo-founded project based in India.

For data-related queries, contact our Grievance Officer at grievance@fragsocial.com.

We collect only what we need to run the platform:

• Account data — name, email address, username, and password hash. Used to identify you and secure your account.
• Phone number — collected at seller verification. Used to confirm you can be contacted as a seller and to prevent ban evasion (stored as a one-way hash for banned accounts).
• Identity verification reference — for high-value sellers, Aadhaar or PAN verification is done through a licensed aggregator. We store only a tokenized reference, not your raw Aadhaar or PAN number. The aggregator holds the sensitive data and carries the heavy DPDP compliance burden.
• Profile content — reviews, collection entries, discussion posts, and comments you create voluntarily.
• Device and security data — hashed device fingerprints and hashed IP addresses on login. Used to detect account theft (we notify you of new device logins) and to identify sock-puppet rings. We store hashes, not raw values.
• Usage signals — wishlist adds, marketplace contact requests, affiliate link clicks, and search queries. Used to personalise your experience and improve the platform.

• We do not store raw Aadhaar or PAN numbers.
• We do not store raw IP addresses or raw device fingerprints — only one-way hashes.
• We do not use display advertising and do not share your data with ad networks.
• We do not track private messages. When a buyer contacts a seller, we log that contact happened (buyer ID, seller ID, listing ID, timestamp) but we do not read or store the conversation.

We only email you about perfumes you have explicitly added to your wishlist or marked as "Watch." We never send you listing alerts based on conversations you have had or pages you have visited.

You can configure notification preferences from your account settings. Digest emails include a one-click unsubscribe link. We stop sending digests if you have not opened them after several sends — inactive recipients hurt email deliverability for everyone.

Perfume pages include "Where to buy" links to retailers. These links may carry affiliate tracking codes that earn FragSocial a small commission at no cost to you. We log which link you clicked (retailer, perfume, timestamp) to reconcile affiliate payouts. We disclose this clearly on every page that includes affiliate links.

• Active account data — kept for as long as your account exists.
• After account deletion — your reviews, contributions, and posts remain but are re-attributed to a "[deleted]" tombstone. Your name, email, and login are removed. See the "Account deletion" section below.
• Hashed identifiers on banned accounts — if your account is banned, one-way hashes of your email, phone, and (if ID-verified) Aadhaar reference are retained indefinitely on a denylist. This prevents a banned scammer from re-registering with the same identifiers.

Deleting your account de-identifies it — it does not erase your content from the platform. This is the same model Reddit uses and is standard for community platforms.

Your reviews, discussion posts, comments, and approved contributions stay on the platform re-attributed to "[deleted]." Thread coherence and the community-built catalog are preserved. Your username is freed for others to use.

If you want your text gone, remove it yourself before deleting your account. We do not perform bulk content wipes on deletion — plan accordingly.

• Access — you can request a copy of the personal data we hold about you.
• Correction — you can update most profile data directly in settings. For other corrections, contact us.
• Deletion — you can delete your account from settings. See "Account deletion" above for what this means in practice.
• Grievance — if you have a complaint about how we handle your data, contact the Grievance Officer. We respond within 30 days.

To exercise any right, email grievance@fragsocial.com.

We use a session cookie to keep you logged in. We do not use third-party tracking cookies or ad-network pixels. If we add analytics in the future, we will update this policy and use a privacy-respecting provider (no cross-site tracking).

As required by India's IT (Intermediary Guidelines) Rules 2021, we publish a named Grievance Officer:

We will update this page when the policy changes and bump the version number at the top. Significant changes will be announced in-app. Continued use of FragSocial after a policy update constitutes acceptance of the revised terms.