Engaxe Logo

Privacy Policy

Last updated: 2026-04-20

Draft: this document is a working placeholder. Counsel must review before public launch.

1. Who we are

Engaxe (“Engaxe”, “we”, “us”) operates the interactive video platform at engaxe.com. For questions about this policy, contact privacy@engaxe.com.

2. Data we collect

  • Account data: email, display name, hashed password, role (user / creator / admin).
  • Content data: projects, videos, interactions, comments, uploads you create or submit.
  • Usage data: pages viewed, actions taken, device / browser metadata, approximate IP geolocation.
  • Payment data: handled by Razorpay; we store only order identifiers and status, never card numbers.
  • Analytics data: Google Analytics 4 identifiers when you grant analytics consent. Disabled by default.

3. Legal basis (GDPR)

  • Contract: account, content, and payment data to deliver the service.
  • Consent: analytics and marketing cookies, optional communications.
  • Legitimate interest: fraud prevention, abuse detection, platform security.
  • Legal obligation: tax records, law-enforcement requests.

4. How we share data

  • Service providers: Razorpay (payments), Bunny (video CDN), SMTP provider (email), Google (analytics, with consent).
  • Legal compliance: court orders, statutory requests.
  • No sale of personal data.

5. Data retention

Account data retained while the account is active plus 30 days after deletion request. Payment records retained 7 years for tax purposes. Analytics identifiers retained per Google Analytics defaults (14 months).

6. Your rights

  • Access a copy of your data.
  • Rectify inaccurate data.
  • Delete your account and associated data (subject to retention obligations above).
  • Port your data in a machine-readable format.
  • Withdraw consent at any time via the cookie settings link in the site footer.
  • Lodge a complaint with your local data protection authority.

Exercise these rights via your account settings or by emailing privacy@engaxe.com.

7. International transfers

Servers are located in Singapore. Data transfers outside the EEA/UK rely on Standard Contractual Clauses with processors as applicable.

8. Security

TLS in transit, bcrypt-hashed passwords, encrypted secrets at rest, role-based access control, and audit logging for administrative actions.

9. Children

Engaxe is not directed to children under 13. We do not knowingly collect data from children under 13.

10. Changes

Material changes will prompt a notice in-product and an email to account holders. The “Last updated” date reflects the most recent revision.