Your Safety Stays First
Winngoo Infini maintains high privacy standards to protect your information through every interaction.
Last Updated: [09/12/2025]
This Privacy Policy ("Policy") describes in detail how Winngoo Infini India Pvt. Ltd. ("Winngoo", "we", "us", or "our") collects, processes, stores, shares, and protects personal and non-personal data of users ("you", "your") when you access or use the Winngoo Infini platform, including websites, mobile applications, APIs, and services related to digital greeting cards, gift cards, and any other digital products offered. By accessing, browsing, registering, or using our platform, you expressly consent to this Policy and the practices described herein.
We collect data directly, indirectly, and passively, including but not limited to:
Your data is collected for specific, explicit, and legitimate purposes, including:
Winngoo processes your data based on the following legal grounds:
Payment gateways, cloud providers, analytics services, or IT vendors may process your data.
Data may be disclosed in response to court orders, government directives, or regulatory investigations.
In the event of mergers, acquisitions, or sale of assets, user data may be transferred under confidentiality obligations.
Gift card issuers or partner platforms may receive limited information to fulfil orders.
Aggregated datasets may be used for research, AI training, analytics, and marketing without identifying individuals.
Data is stored on encrypted servers with role-based access controls.
Personal data and transaction logs retained as required by law, including GST and audit compliance (usually 7 years).
User-requested deletion may be processed, subject to legal obligations.
Encryption, firewalls, intrusion detection, periodic audits, penetration testing, and employee access monitoring.
Users are solely responsible for maintaining the confidentiality of their account credentials, including usernames, passwords, and security codes. Winngoo recommends using strong passwords and activating multi-factor authentication where available. Users must immediately notify Winngoo if they suspect any unauthorized access, data breach, or suspicious activity associated with their account. Winngoo reserves the right to suspend or terminate accounts exhibiting suspicious behavior to protect platform security and other users.
All personal and sensitive data collected by Winngoo is secured using industry-standard encryption both in transit and at rest. Access to such data is strictly limited to authorized personnel and third-party vendors bound by confidentiality agreements. Winngoo routinely conducts audits, penetration testing, and system vulnerability assessments to maintain the integrity and confidentiality of data. Any detected vulnerabilities are promptly remediated to prevent unauthorized access or leakage of personal information.
Winngoo Infini India does not knowingly collect data from children under the age of 13 years. If any personal data of a child is inadvertently collected, Winngoo will take immediate steps to delete such information from its servers. Users under the age of 18 are required to obtain consent from a parent or legal guardian before using the platform.
The platform may include links to third-party websites, services, or content. Winngoo is not responsible for the privacy practices, content, or security of such external sites. Users are encouraged to review the privacy policies of any third-party services they access. Any interactions with third-party platforms are strictly between the user and the third party, and Winngoo assumes no liability for such engagements.
Winngoo may store, process, or transmit user data outside India to enable platform functionality, cloud storage, or partner services. All international data transfers are carried out in compliance with Indian laws and applicable cross-border data protection regulations. By using the platform, users consent to such transfers and acknowledge that such data may be subject to the laws of the country where it is processed.
In the event of a confirmed data breach affecting user data, Winngoo will promptly investigate, mitigate the impact, and notify affected users in accordance with the Digital Personal Data Protection Act, 2023, and other applicable regulations. Notifications will include details of the breach, potential consequences, and recommended user actions.
Users may opt-in to receive marketing, promotional communications, newsletters, or personalized offers. Such communications are sent only with the user's explicit consent. Users have the right to withdraw consent at any time through account settings or unsubscribe links included in the communication. Withdrawal of consent will not affect the provision of essential services or transactional communications.
Winngoo uses AI and automated tools to personalize card suggestions, layouts, templates, and recommendations. These systems may analyse user preferences, past behaviour, and interactions. Automated decisions do not have legal consequences or a significant impact on users' rights. Users may request explanations regarding AI-driven outcomes, recommendations, or personalised results.
Winngoo may aggregate and anonymise user data for analytics, research, and platform improvement purposes. Aggregated data does not identify individual users. Such data may be shared with partners, researchers, or analytics providers for analysis, AI training, and market insights without compromising personal privacy.
To fulfill services, Winngoo may share necessary user information with partner merchants, gift card issuers, and delivery services. Such partners are contractually obliged to follow strict security, confidentiality, and data protection measures. Data shared is limited strictly to what is necessary for service delivery and fulfilment.
Users are responsible for providing accurate, complete, and current information during registration, transactions, and interactions on the platform. Failure to provide accurate information may impact the provision of services, refunds, or account verification. Users must secure their accounts and promptly report any unauthorized activity or breaches.
All data collection, storage, and processing is conducted in compliance with Indian laws, including the Information Technology Act, 2000, the Digital Personal Data Protection Act, 2023, GST laws, and other applicable statutes. Users are also expected to comply with applicable laws when using the platform, particularly regarding content uploaded and shared.
Winngoo may periodically update this Privacy Policy to reflect changes in laws, platform functionality, services, or security practices. Users will be notified of material updates via email, website notifications, or in-app alerts. Continued use of the platform after updates constitutes acceptance of the revised Policy.
Winngoo adheres to the principle of data minimisation, collecting only what is necessary for the specific purpose of providing services. Data will not be processed for purposes incompatible with those originally disclosed without the user's consent.
Winngoo ensures reasonable steps to maintain data accuracy. Users may review, update, or correct inaccurate personal information at any time through their account settings or by contacting support. Regular verification processes may be conducted to ensure continued accuracy.
Users may request a structured, commonly used, and machine-readable format of their personal data. This right allows users to transfer data to another service provider without hindrance, where technically feasible.
Users retain ownership of content uploaded to the platform. Winngoo acts as a custodian and may process content only for the purposes described herein. Content violating applicable laws, terms of use, or public safety standards may be removed without prior notice.
Third-party vendors and service providers may process user data on behalf of Winngoo for operational purposes, including payment processing, cloud storage, analytics, and marketing. Vendors are contractually bound to implement security measures and maintain confidentiality.
Access to user data by Winngoo employees is strictly limited to those with a legitimate business purpose. All personnel undergo regular training, sign confidentiality agreements, and are subject to monitoring to ensure compliance with data protection policies.
Data is retained only for as long as necessary to fulfill the purposes of collection, comply with legal obligations, resolve disputes, and enforce agreements. Expired data is securely deleted or anonymised. Users may request deletion, subject to legal and regulatory requirements.
Winngoo may anonymise or pseudonymise data to reduce risk of identification while maintaining utility for analytics, research, or AI development. Anonymised data cannot be traced back to individual users.
Winngoo has established a comprehensive incident response plan to promptly detect, contain, and mitigate any data breaches. In the event of a confirmed breach, Winngoo will notify affected users in accordance with the Digital Personal Data Protection Act, 2023 and other applicable Indian laws. Notifications will include details of the breach, the types of data affected, potential consequences, and steps users should take to protect themselves.
Winngoo uses cookies, web beacons, and similar tracking technologies to enhance platform functionality, personalise content, and improve user experience. Cookies may be essential for session management, security, preference storage, analytics, or marketing. Users can manage or disable cookies via their browser settings, but some features may become inaccessible or limited. Third-party cookies may also be used for analytics and advertising purposes, and Winngoo ensures that personal data shared with third parties is anonymised where feasible.
Winngoo takes additional precautions to ensure the safety of minors. Personal data from children under 13 is not knowingly collected, and if discovered, it will be deleted immediately. Parents or guardians are encouraged to supervise the use of the platform by children and to provide consent where required. Any content uploaded by minors is subject to removal if deemed inappropriate or in violation of laws.
All data transfers, whether internal or to third-party vendors, are logged and maintained for auditing purposes. Logs include the type of data transferred, recipients, time, and purpose of transfer. These records are maintained in accordance with regulatory obligations and are periodically reviewed to ensure compliance.
User consent for marketing communications is logged and retained to demonstrate compliance with applicable laws. Withdrawal of consent is respected immediately, and users will no longer receive promotional communications unless they choose to opt-in again. These consent records may also be used for audits and legal verification.
Winngoo engages third-party vendors for services such as payment processing, cloud storage, and analytics. Vendors are required to implement security measures that comply with Winngoo's internal policies. Any breach or non-compliance by a vendor triggers immediate review, corrective action, and, if necessary, termination of the vendor agreement.
Winngoo monitors transactions and user activity to detect suspicious behavior and prevent fraud. Accounts engaging in illegal or unauthorized activities may be temporarily suspended or permanently terminated. Users are informed of any fraudulent activity detected in their account, and corrective actions are advised.
Winngoo may disclose personal data if required by law, government authorities, courts, or regulatory bodies. Such disclosures are limited to what is strictly necessary for compliance. Where permissible, users are notified of legal requests affecting their data.
Users have the right to request an audit of their personal data processed by Winngoo. Such requests are handled in compliance with applicable Indian data protection laws. Audits may include access, correction, deletion, or explanation of data processing practices.
Data processed or stored outside India is handled in accordance with Indian laws governing cross-border data transfers. Users consent to international transfer of data where required to maintain platform functionality, host services, or enable analytics and AI features.
Winngoo implements proactive measures to mitigate data breaches, including isolating affected systems, conducting forensic investigations, informing stakeholders, and implementing remediation measures to prevent recurrence. Detailed incident reports are maintained for legal and regulatory purposes.
Aggregated and anonymised data may be used for research, AI model training, analytics, and product development. Such data cannot be traced to any individual, ensuring privacy while supporting innovation.
Winngoo ensures that all user rights under the Digital Personal Data Protection Act, 2023 are enforced promptly. Users can contact the Data Protection Officer for unresolved concerns. Complaints are addressed in accordance with statutory timelines.
Server logs, audit trails, and transaction records are maintained securely for regulatory compliance, tax audits, and operational integrity. Expired or redundant logs are deleted or anonymised according to retention policies.
Winngoo conducts regular internal and third-party security testing to identify vulnerabilities. Detected issues are prioritized and addressed promptly to ensure data protection. Penetration testing reports are retained for internal audits and compliance verification.
Regular data backups are performed to ensure business continuity in case of system failures, natural disasters, or cyber incidents. Backups are stored securely and encrypted. Disaster recovery protocols are tested periodically to ensure minimal disruption to user services.
This Privacy Policy is governed by the laws of India. Any dispute arising from or in connection with this Policy shall be subject to the exclusive jurisdiction of courts located in Chennai, Tamil Nadu, unless arbitration is agreed upon by both parties.
Users acknowledge that no system can be completely secure and that they bear certain responsibilities, including maintaining account security, providing accurate information, and complying with platform rules and applicable laws. Users agree to indemnify Winngoo for any damages arising from misuse or negligence.
This Privacy Policy, together with the Terms and Conditions, Refund Policy, and other applicable policies, constitutes the entire agreement regarding the collection, processing, storage, and use of personal data on the Winngoo Infini platform. Any previous agreements, representations, or understandings are superseded.
By accessing or using Winngoo Infini India, users explicitly accept this Privacy Policy in its entirety. Continued use of the platform after updates or amendments constitutes acceptance of the revised Policy. Users who do not agree with any provision must immediately cease using the platform.
Winngoo Infini India is the official promotion platform of Winngoo India. It makes savings simple with cashback, vouchers, and loyalty rewards. It connects customers and businesses through smarter solutions for growth and value.