Privacy Policy

Effective Date: TBD (Set upon launch) Last Updated: TBD (Set upon launch)

Slay ("we," "us," "our," or "Company") operates the Slay mobile application (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

Please read this Privacy Policy in conjunction with the Terms of Use and other policies displayed on our application.

Please read this Privacy Policy carefully If you do not agree with our policies and practices, please do not use our Service.

1. INFORMATION WE COLLECT

We collect information in the following ways:

1.1 Information You Provide Directly

1.1.1 Account Registration:

1.1.2 When Creating or Updating Your Account:

1.1.3 Payment Information:

Note: We do NOT store full credit card numbers, debit card numbers and banking details. Payment information is processed and stored securely by Stripe (our payment processor) and Apple/Google In-App Purchase systems. We only retain limited transaction information, transaction summaries and payment records for accounting purposes.

Purchases made through Apple In-App Purchase are processed by Apple in accordance with Apple's privacy policies. Slay does not control or access Apple's payment data beyond transaction confirmation details provided to us.

1.1.4 Communications:

1.2 Information Collected Automatically

1.2.1 Device Information:

Where required by Apple's App Tracking Transparency framework, we will request your permission before accessing your device's advertising identifier. You may allow or deny tracking at any time through your device settings.

1.2.2 Usage Information:

1.2.3 Camera & AR Filter Data:

Real-time face detection occurs on your device, using on-device machine learning

Camera access is required solely to enable real-time AR features and face detection functionality within the app. We do NOT record, store, or transmit video/photo from your camera

We collect aggregate metrics about filter usage (e.g., "filter X was used 1,000 times") but not individual user images

Slay uses augmented reality (AR) face filters to provide step-by-step makeup application guidance. To use this feature, the app requires access to your device's camera. When you first attempt to use an AR filter, iOS will display a permission prompt asking: 'Slay would like to access your camera to provide AR makeup guidance and demonstrate product application techniques.' You must grant camera permission to use AR features. If you deny permission, you can still access text instructions and video previews, but AR face tracking will be unavailable. While your camera is active, a visual indicator (green dot on iOS 14+) appears in your status bar to confirm camera use. All face tracking and AR processing occurs entirely on your device using Apple's on-device machine learning frameworks. We do not record, capture, store, or transmit any images or video from your camera to our servers or any third parties. We do not use camera data or face tracking information for advertising, marketing, data mining, or any purpose other than providing real-time AR makeup guidance. You can revoke camera permission at any time in iOS Settings > Privacy & Security > Camera > Slay. Such AR Face Data qualifies as "biometric identifiers" or "biometric information" under the Biometric Information Privacy Act ("BIPA")

Slay, prior to the collection or processing of any AR Face Data, will provide users or its legally authorized representative with a clear and conspicuous written notice specifying:

duration for which such biometric data will be collected, stored, and used.

Slay, will obtain prior written consent from users before collecting, capturing, or otherwise processing any AR Face Data.

Slay strictly prohibits the use of any face-related data for advertising, marketing, or promotional purposes.

1.2.4 Location Information:

1.2.5 Cookies and Similar Technologies:

1.2.5.1 Cookies are small text files stored on your device when you visit a website or use an app. They help improve functionality, security, performance, and your user experience.

1.2.5.2 Where cookies involve the processing of identifiable personal data, Slay relies on your explicit consent as the lawful basis for such processing.

1.2.5.3 Analytics cookies are deployed only in anonymized form. If any analytics involve identifiable information, they are activated only after you grant explicit consent.

1.2.6 You agree and voluntarily consent to provide correct, complete and accurate information. We shall not be liable for any inaccuracies in the information provided by You or any direct or indirect consequences of such inaccurate information.

1.2.7 We collect only such personal data as is reasonably necessary to provide the Services, and our data practices are consistent with the disclosures made in the Apple App Store privacy information.

1.2.8 Slay complies with Apple's App Tracking Transparency (ATT) framework. 'Tracking' refers to linking data collected from our app with data from other companies' apps, websites, or offline properties for targeted advertising or sharing data with data brokers. Currently, Slay does NOT engage in tracking as defined by Apple. We do not access your device's advertising identifier (IDFA), we do not share your data with advertising networks for cross-app targeting, we do not sell or share your data with data brokers, and we do not combine your Slay activity with data from other apps or websites you use. If our practices change in the future and we begin tracking, we will: (1) Request explicit permission through Apple's ATT prompt before any tracking occurs, (2) Update this privacy policy with 30 days advance notice, (3) Clearly explain what data will be tracked and why, (4) Respect your choice - if you deny tracking permission, we will not track you. You can control tracking permissions at any time in iOS Settings > Privacy & Security > Tracking. Currently, you will see 'Slay has not requested permission to track you' in this menu because we do not engage in tracking activities

2. HOW WE USE YOUR INFORMATION

We use collected information for the following purposes:

2.1 Service Delivery

Sending transactional emails (order confirmations, license access, payout notifications)

2.2 Product Improvement

2.3 Marketing and Communications

Sending promotional emails about new looks, creators, or features (with your consent)

Notifying you of updates to Terms, Privacy Policy, or Community Guidelines

2.3.1 Opt-Out: You may opt out of promotional emails by clicking the "Unsubscribe" link in any marketing email or by changing your preferences in your account settings.

2.4 Safety and Legal Compliance

Detecting, preventing, and addressing fraud, abuse, and security issues

Protecting the rights, property, and safety of Slay, users, and creators

2.5 Analytics and Aggregated Insights

Generating aggregated analytics (e.g., "50% of users are in California")

Slay is committed to data minimization in compliance with Apple's privacy requirements. We collect only the minimum amount of personal information necessary to provide our services effectively. We do not request access to unnecessary data, we limit data collection to what is directly relevant to core app functionality, we do not collect data 'just in case' it might be useful later, and we regularly review our data collection practices to ensure we're not gathering excessive information. If you believe we're collecting data that isn't necessary for the services you have requested, please contact us at support@slaymylooks.com.

3. INFORMATION SHARING & DISCLOSURE

3.1 What We DON'T Share

We do NOT sell, rent, or trade your personal information to third parties for their marketing purposes.

3.2 What We DO Share

By accepting the User Terms and the Privacy Policy, you expressly consent to the collection, use, processing, storage, and disclosure of your personal data (including sensitive personal data or information, if any) by Slay to its affiliates and third-party service providers (except government agencies) for the purposes set out in this Privacy Policy, including without limitation, for the provision of services, payment processing, verification, analytics, and platform operations.

We may share your information in the following circumstances:

3.2.1 Service Providers We share necessary information with service providers who perform functions on our behalf solely for the purpose of providing you Services:

Stripe (payment processing): Credit card details, name, email, billing address

AWS, Firebase, or similar (cloud hosting): Account data, user-generated content, usage logs

SendGrid, Twilio, or similar (email/SMS delivery): Email address, phone number, communication content

Analytics providers (Amplitude, Mixpanel, Segment): Aggregated usage data, device information

Support tools (Zendesk, Intercom): Support inquiries, contact information

Monitoring tools (Sentry, DataDog): Error logs, crash reports, performance data

Apple Guidelines Compliance: We ensure that all third-party service providers comply with Apple's App Store Review Guidelines regarding data privacy and security. Our agreements with service providers require them to: (1) Maintain the same or greater level of privacy protection as described in this privacy policy, (2) Use your data only for the specific services they provide to Slay, (3) Implement appropriate technical and organizational security measures, (4) Not sell, rent, or share your data for their own purposes, (5) Delete or return your data upon termination of services.

3.2.2 Creators (For User Payments) When you license a creator's content, we share:

Confirmation that you licensed their look (but NOT your personal details)

Usage metrics (aggregated data about how many users licensed their content)

3.2.3 Legal Requirements We may disclose information when required by law, court order, or government request:

3.2.4 Business Transfers If Slay is acquired, merged, or dissolved:

3.2.5 Aggregated & Anonymized Data We may share aggregated, anonymized data that cannot identify you:

3.3 Limitations on Sharing

3.3.1 Service providers are contractually bound to:

Use your information only for purposes necessary to provide services to Slay

Not share your information with third parties (except subcontractors bound by similar terms)

We may de-identify or aggregate personal data so that it can no longer reasonably be used to identify you. Such data is not considered personal information and may be used for analytics, research, and business insights.

3.3.2 Third-Party SDKs

3.3.2.1 The Service may incorporate software development kits, libraries, or tools provided by third parties ("Third-Party SDKs") to support functionality such as analytics, performance monitoring, crash reporting, authentication, payments, communications, or security.

3.3.2.2 Slay represents and confirms that all Third-Party SDKs integrated into the iOS version of the Service are selected, configured, and used in compliance with:

Apple App Store Review Guidelines;

applicable Apple privacy, data use, and tracking requirements, including App Tracking Transparency (ATT), where applicable.

3.3.2.3 Third-Party SDKs are used solely for legitimate platform purposes, including service delivery, security, analytics, and product improvement, and not for unauthorized data collection, cross-app tracking, or misuse of personal data. Any data processed through Third-Party SDKs is handled in accordance with this Agreement and Slay's Privacy Policy.

3.3.2.4 Slay does not permit Third-Party SDKs to engage in tracking or data collection that violates Apple's policies or applicable law. Where required, user consent will be obtained prior to enabling tracking or access to device identifiers.

3.3.2.5 Slay may update, replace, or remove Third-Party SDKs from time to time to maintain compliance with Apple policies, legal requirements, or operational needs. Such changes may affect certain features or functionality of the Service.

Nothing in this clause creates any rights in favor of third-party SDK providers against users of the Service. Any use of Third-Party SDKs is governed by Slay's agreements with such providers and applicable platform requirements.

4. DATA RETENTION

4.1 Retention

We shall retain your data until the purpose of collecting your data is achieved and or until you request for erasure of data whichever is earlier. Provided that, we shall once purpose is achieved shall retain the data for a minimum period of one year from the last date of such processing. Additionally, subject to applicable laws, any information that is provided by you may be retained by the Company, for the compliance purposes as mandated under applicable laws.

4.2 Deletion Upon Request

4.2.1 For Users: Upon written request to support@slaymylooks.com, we will, subject to compliance with applicable laws:

Anonymize your transaction history (dates and amounts retained for tax compliance, but personal details removed)

4.2.2 For Creators: Upon account deletion:

Your content may remain accessible to users with existing 60-day licenses

All other creator data is deleted per the User deletion process mentioned herein above

4.3 Automatic Deletion

After 90 days of account inactivity:

Transaction records may be retained as per applicable laws.

We will NOT delete account data if you have a pending payout or active licenses

5. DATA SECURITY

5.1 Security Measures

We employ industry-standard security practices to protect your information:

5.1.1 Technical Safeguards:

5.1.2 Administrative Safeguards:

5.1.3 Physical Safeguards:

Secure data centers (we use AWS, Firebase, or similar enterprise providers with physical security)

5.1.3.1 Additionally, we ensure to take following reasonable security safeguards to prevent personal data breach, which include:

appropriate measures to control access to the computer resources used by us or the service providers or sub-contractors.

visibility on the accessing of such personal data, through appropriate logs, monitoring and review, for enabling detection of unauthorised access, its investigation and remediation to prevent recurrence.

reasonable measures for continued processing in the event of confidentiality, integrity or availability of such personal data being compromised as a result of destruction or loss of access to personal data or otherwise, such as by way of data-backups.

for enabling the detection of unauthorised access, its investigation, remediation to prevent recurrence and continued processing in the event of such a compromise, retain such logs and personal data for a period of one year, unless compliance with any law for the time being in force requires otherwise.

5.2 Third-Party Security

We partner with PCI-DSS compliant payment processors (Stripe) and secure cloud providers (AWS, Firebase). These providers undergo regular security audits and maintain industry-standard security practices.

5.3 Limitations

While we implement comprehensive security measures, no method is 100% secure. We cannot guarantee absolute security of your information. By using Slay, you acknowledge and accept this inherent risk.

Unauthorized access, though unlikely, may occur through:

5.4 Breach Notification

If we discover a data breach affecting your information, we will:

Notify affected users via email no later than 72 hours of becoming aware of the breach

Provide details about the breach and information affected along with consequences that are likely to arise

User Generated Content: Content you upload or publish on Slay may be viewed by other users in accordance with the visibility settings and licensing terms applicable to such content. While we take reasonable steps to protect content access through technical and contractual safeguards, we cannot prevent authorized users from downloading, copying, or capturing screenshots of content made available to them. Slay disclaims responsibility for any use of content by users in violation of the applicable license terms.

6. YOUR DATA RIGHTS & CHOICES

6.1 Access Your Information

You may request a copy of all personal information we hold about you. Send a request to support@slaymylooks.com with the subject line "DATA ACCESS REQUEST" and we will provide a copy within 90 days in a machine-readable format.

6.2 Correct Your Information

You may update your profile information at any time by logging into your account and editing your settings. You shall be solely responsible for the failure to get Your Personal Information corrected or updated.

6.3 Delete Your Information

You may request account deletion by emailing support@slaymylooks.com with the subject line "ACCOUNT DELETION REQUEST." We will process your request within 5-7 business days. Upon deletion, the following occurs:

Your transaction history is anonymized (dates retained, personal details removed)

6.4 Opt-Out of Communications

6.4.1 Marketing Emails: Click "Unsubscribe" in any promotional email or change your preferences in account settings.

6.4.2 Transactional Emails: We send transactional emails (order confirmations, support responses, policy changes) as required. You cannot opt out of these without deleting your account.

6.4.3 Analytics & Tracking: You may opt out of analytics tracking by:

Note: Limiting analytics may prevent personalization features

6.4.4 Mobile Identifiers (IDFA/AAID):

iOS: Settings > Privacy > Apple Advertising > Toggle off "Personalized Ads"

Android: Google Play Services settings > Ads > Reset your Advertising ID or opt out of personalized ads

6.5. Right to Restrict

You may request us to restrict the processing of Your Personal Information or raise objections related to the processing of Your Personal Information. In the event the restrictions requested impede us in providing the Services, we may have to restrict Your access to the Platform/Website and/or not provide you seamless Services.

6.6 Right to Withdraw Consent

If you consented to processing, you may request us to withdraw your consent at any time, such withdrawal does not affect processing before withdrawal.

You may request to withdraw Consent by emailing support@slaymylooks.com.

6.7. Right to Transfer

You may request that we transfer the Personal Information that we have collected, to some other organization or directly to you.

6.8. Right to Appoint Nominee

You may request to appoint a nominee who shall act in the event of death or incapacity.

6.9 Cross – Border Transfer of data:

Slay, for the purposes of processing your data may transfer it to outside the territory where it is collected, subject to applicable laws. By using Slay, you consent to the transfer of such Personal Data (including sensitive personal data or information) to entities located outside India. Provided that such entities ensure the same level of data protection that is adhered to by Slay in accordance with applicable law.

7. EUROPEAN UNION & GDPR (General Data Protection Regulation)

7.1 Scope

This section applies to residents of the European Union, United Kingdom, and EEA countries.

7.2 Legal Basis for Processing

We process your information on the following legal bases:

7.2.1 Contractual Necessity

7.2.2 Legitimate Interest

7.2.3 Consent

7.2.4 Legal Obligation

7.3 Your GDPR Rights

If you are an EU resident, you have the right to:

7.3.1 Right of Access

7.3.2 Right to Rectification

7.3.3 Right to Erasure ("Right to Be Forgotten")

Exceptions: Legal obligations (tax records, 7-year retention)

7.3.4 Right to Restrict Processing

7.3.5 Right to Portability

7.3.6 Right to Object

Object to processing for marketing, analytics, or legitimate interest purposes

7.3.7 Right to Withdraw Consent

7.3.8 Right to Lodge a Complaint

If you believe we have violated your rights, you may file a complaint with your local data protection authority.

7.4 EU Data Inquiries Contact

For EU residents, contact our data protection representative:

[Data Inquiries Officer / Representative Name & Email] Email: support@slaymylooks.com Response time: 30 days

8. CANADIAN PRIVACY LAWS (PIPEDA)

8.1 Scope

This section applies to residents of Canada.

8.2 Your Rights Under PIPEDA

If you are a Canadian resident, you have the right to:

8.2.1 Right of Access

8.2.2 Right to Request Correction

8.2.3 Right to Understand Use

8.2.4 Right to Withdraw Consent

8.2.5 Right to File a Complaint

File a complaint with the Office of the Privacy Commissioner of Canada (OPCC)

8.3 Cross-Border Data Transfers

Your information may be transferred to and processed in the United States (where Slay operates). By using Slay, you consent to the transfer of such Personal Data (including sensitive personal data or information) to entities located outside India. Your information will receive the same level of protection in the US as under PIPEDA, though US law may not provide equivalent privacy protections.

9. AUSTRALIA & ACL (Australian Consumer Law)

9.1 Scope

This section applies to residents of Australia.

9.2 Your Rights Under Australian Privacy Principles (APPs)

If you are an Australian resident:

Right of Access: You may request a copy of your personal information. We will provide it within 30 days.

Right to Correction: You may request correction of inaccurate information.

Right to Complaint: You may complain to the Office of the Australian Information Commissioner (OAIC) if you believe we have breached the APPs.

9.3 Mandatory Consumer Law Disclosures

You have consumer rights under the Australian Consumer Law that cannot be excluded. These include:

These guarantees are not limited by this Privacy Policy.

10. CALIFORNIA RESIDENTS (CCPA/CPRA)

Slay is committed to complying with the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act, and applicable regulations. We process, disclose, and protect Personal Information of California residents in accordance with the requirements of such laws, including with respect to consumer rights, transparency obligations, data security, and lawful processing practices.

10.1 Scope

If you are a resident of California, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) may provide you with certain additional rights regarding your Personal Information, subject to applicable limitations and exceptions under the law.

10.2 Your Rights Under CCPA/CPRA

10.2.1 Right to Know

The specific pieces of Personal Information we have collected about you.

The categories of sources from which your Personal Information is collected

The business or commercial purpose for collecting, using, selling, or sharing your Personal Information

The categories of third parties with whom we disclose your Personal Information

The categories of Personal Information that we have sold or shared, and the categories of third parties to whom such Personal Information was sold or shared the categories of Personal Information that we have disclosed for a business purpose and the categories of persons to whom it was disclosed

10.2.2 Right to Delete

Unless retention of the information is required or permitted under applicable law, including for purposes of completing transactions, providing requested services, complying with legal obligations, protecting against fraud or security incidents, or exercising legal rights.

Where we deny a deletion request in whole or in part, we will inform you of the basis for such denial in accordance with applicable law.

Exceptions: Where deletion would prevent us from fulfilling the original purpose

10.2.3 Right to Correct

Where we deny or limit a correction request, we will inform you of the basis for such decision in accordance with applicable law.

10.2.4 Right to Opt-Out

Opt out of "sales" or "sharing" of personal information for cross-context behavioral advertising

Subject to applicable law, you have the right to direct us to not sell or share your Personal Information for purposes of cross-context behavioral advertising.

We will honor valid opt-out requests in accordance with applicable law and will not discriminate against you for exercising this right.

10.2.5 Right to Limit

Limit our use of sensitive personal information to providing and maintaining the services.

Restrict the use of such information for advertising, analytics, or profiling purposes, where applicable

Apply such limitations in accordance with your preferences and applicable regulatory requirements

10.2.6 Right to Non-Discrimination

10.2.6.1 You have the right to not be discriminated against for exercising any of your rights under applicable California privacy laws.

10.2.6.2 We will not, as a result of your exercise of such rights:

You will not be denied services or charged different prices for exercising your rights

10.2.6.3 Any permitted differences in services or offerings shall be based solely on lawful and reasonable factors and in accordance with applicable law.

10.3 Making a CCPA Request

10.3.1 To exercise your CCPA rights, submit a request to support@slaymylooks.com with:

10.3.2 We will respond within 45 days with the following:

For "Right to Know" requests: The specific information or categories requested

For "Right to Delete" requests: Confirmation that deletion has been completed (where lawful)

10.4 Authorized Agent

You may authorize another person to submit CCPA requests on your behalf. They must provide:

10.5 Slay does not sell Personal Information and does not share Personal Information for cross-context behavioral advertising as defined under the CCPA/CPRA.

10.6 Certain information collected by Slay may constitute "Sensitive Personal Information" under the CPRA, including date of birth, skin tone classification, and device identifiers. Such information is used solely for providing and improving the Services, security, fraud prevention, and legal compliance, and is not used for profiling or targeted advertising.

11. CHILDREN'S PRIVACY (COPPA - US)

11.1 No Services to Children

11.1.1 Slay is not intended for children under 18 years old. We comply with the Children's Online Privacy Protection Act (COPPA) and do not knowingly collect personal information from children under 13.

11.1.2 If we discover that a child under 13 has created an account, we will immediately delete the account and notify the parent or guardian.

11.1.3 Parental Notice: If you are a parent or guardian and believe your child under 13 has created a Slay account, please contact us immediately at support@slaymylooks.com.

11.2 18+ Requirement

All Slay users must be at least 18 years old. See User Terms Section 1.2 for age verification procedures.

12. DIGITAL PERSONAL DATA PROTECTION ACT (DPDPA) 2023

12.1 Scope

This section applies to residents of India.

12.2 Legal Basis for processing

12.2.1 We process your information in accordance with the DPDP Act and only for the lawful purposes:

With your Consent (free, specific, informed, unconditional, and unambiguous);

12.3 If you are an Indian resident, you have right to:

12.3.1 Right of Access

You have the right to obtain from Slay, upon making a request, the following information in relation to your personal data:

a summary of the personal data being processed and the processing activities undertaken in respect of such personal data;

the identities with whom your personal data has been shared, along with a description of the personal data so shared;

any other information relating to your personal data and its processing, as may be prescribed under applicable law. We will provide it within 90 days

12.3.2 Right to Request Correction and erasure

You have the right to request correction, completion, updating, and erasure of your personal data for which you have previously provided consent, in accordance with applicable law.

You may request:

Slay, shall erase your personal data unless retention of such data is necessary for the specified purpose or for compliance with any law for the time being in force.

12.3.3 Right to Grievance redressal

You may submit your grievance through the contact details provided below. All grievances shall be acknowledged within 24 hours of receipt.

Slay shall respond to and resolve such grievances within 15 days from the date of receipt, or within such period as may be prescribed under applicable law.

You are required to exhaust the grievance redressal mechanism provided herein before approaching the Data Protection Board of India.

Name: [insert]

Designation: [insert]

Contact: [insert]

12.3.4 Right to Nominate

You shall have the right to appoint a nominee who shall act in the event of your death or inability to exercise your rights, shall exercise such rights as enunciated herein.

12.3.5 Data Breach Notification

In event of a personal data breach affecting your information, Slay shall notify you within 72 hours of becoming aware of the breach.

a description of the breach including its nature, extent, and the timing of its occurrence

the consequences relevant to you that are likely to arise from the breach;

the measures implemented and being implemented by Slay to mitigate such breach;

the safety measures that you may take to protect your interests; and/or lawful guardian consent.

12.3.6 Children's Personal Data

Slay shall implement appropriate technical and organisational measures to ensure that such verifiable consent is obtained, including conducting due diligence to verify that the person providing consent is an adult and is identifiable, by reference to:

identity and age details voluntarily provided by the individual, including through a virtual token issued by an entity entrusted under applicable law or by Central or State Government to issue or verify identity and age details (or a virtual token linked to such details), and includes any entity authorised by it for this purpose, as well as Digital Locker Service Providers or other government-recognised verification frameworks.

Slay do not undertake processing of personal data of children that is likely to cause any detrimental effect on the well-being of a child and shall not engage in tracking, behavioural monitoring, or targeted advertising directed at children.

If we become aware that a child's data has been collected without appropriate consent as per the applicable law, we will immediately cease processing and delete such personal data.

12.3.6 Cross-border Transfer

Slay, for the purposes of processing your data may transfer it to outside the territory where it is collected, subject to applicable laws. By using Slay, you consent to the transfer of such Personal Data (including sensitive personal data or information) to entities located outside India. Provided that such entities ensure the same level of data protection that is adhered to by Slay in accordance with applicable law.

12.4 Slay shall comply with the applicable data protection laws in India including, the Information Technology Act, 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.

12.4.1 Slay is in the process of aligning its data protection practices with the requirements of the Digital Personal Data Protection Act, 2023 and will implement such additional measures as may be required within the timelines prescribed under applicable law.

12.4.2 In the event of any conflict between the provisions of this Privacy Policy and applicable law, the provisions of the applicable law in force at the relevant time shall prevail.

13. THIRD-PARTY LINKS & SERVICES

13.1 Our Service may contain links to third-party websites, apps, or services (including product links, creator social media, etc.). This Privacy Policy applies only to Slay; it does NOT apply to third-party services.

13.2 We are not responsible for the privacy practices of third parties. Before accessing external sites, review their privacy policies. Your use of third-party services is at your own risk.

Examples of Third-Party Services:

14. Dispute Resolution

14.1 Governing Law

14.1.1 For Users and Creators Located in India: This Privacy Policy is governed by and construed in accordance with the laws of India. Any disputes arising out of or relating to this Privacy Policy shall be subject to arbitration under the Indian Arbitration and Conciliation Act, 1996, with the arbitration seated in Bhopal, Madhya Pradesh, India.

14.1.2 For All Other Users and Creators: This Privacy Policy is governed by and construed in accordance with the laws of the State of California, United States, without regard to its conflict of law principles. Any disputes arising out of or relating to this Privacy Policy shall be resolved through binding arbitration in San Francisco, California, as described in Section 14.2.

14.1.3 Your location is determined by the address associated with your account or payment method at the time of dispute.

14.1.4 In the event of a dispute arising between the parties, at the first instance, the parties shall attempt to resolve such dispute with bilateral discussion and dialogue. If the dispute is not resolved by mutual discussion within a period of 30 days of initiating such discussion, then the parties shall refer the dispute to a mutually appointed mediator. If the mediation process fails, then the parties shall refer the dispute for arbitration as per the process mandated below. In the event, the arbitration fails, then only as a last resort the parties shall approach the courts as provided for in this Agreement.

14.2 Mandatory Arbitration

14.2.1 Subject to Clause 14.1, YOU AND SLAY AGREE THAT ANY DISPUTE ARISING OUT OF OR RELATING TO THIS PRIVACY POLICY SHALL BE RESOLVED THROUGH BINDING ARBITRATION, except as provided in Section 14.4.

14.2.2 Arbitration Procedure:

Arbitration shall be conducted under the rules of the American Arbitration Association (AAA) for non-Indian users and under Indian Arbitration and Conciliation Act, 1996 for Indian users.

The arbitration shall be conducted in San Francisco, California (for non-India disputes), and Bhopal, Madhya Pradesh (for India disputes), or remotely via video conference

Each party shall bear its own costs and fees, unless the arbitrator determines otherwise

Arbitral awards may be enforced in courts at Bhopal, Madhya Pradesh (for India users) or in courts of California (for non-India users).

14.3 Class Action Waiver and Individual Arbitration

14.3.1 YOU AND SLAY AGREE THAT DISPUTES WILL BE RESOLVED ONLY ON AN INDIVIDUAL BASIS AND NOT AS A CLASS ACTION, REPRESENTATIVE ACTION, OR CONSOLIDATED ARBITRATION, to the fullest extent permitted by applicable law.

14.3.2 Exceptions and Savings Clause:

This class action waiver shall not apply where: (a) Prohibited by applicable law in your jurisdiction (b) Found to be unconscionable or unenforceable by a court of competent jurisdiction (c) The claim qualifies for adjudication in small claims court (see Section 14.4)

14.3.3 Severability: If this class action waiver is found invalid or unenforceable for any reason, the arbitration agreement in Section 14.2 shall remain valid and enforceable on an individual basis. If the arbitration agreement as a whole is found invalid, this Section 14.3 is also severed, and disputes may proceed in court.

14.4 Exceptions to Arbitration

The following disputes shall not be covered vide arbitration:

Small claims court actions (if the dispute qualifies under the jurisdictional limits of small claims court)

Claims for injunctive or equitable relief to protect intellectual property rights

14.5 Waiver of Jury Trial

YOU AND SLAY WAIVE ANY RIGHT TO A TRIAL BY JURY for any dispute arising out of or relating to this Privacy Policy.

14.6 Time Limitation on Claims

Subject to Applicable law, you must bring any claim arising out of or relating to this Privacy Policy within one (1) year after the claim arises, or the claim is permanently barred.

15. CONTACT US

15.1 Privacy Questions

If you have questions about this Privacy Policy or your data, please contact:

Address: Slay / malt.blue Pvt Ltd Parshv Galaxy, A-202, Bawadiya Kalan Rd. Shahpura, Bhopal, MP 462016 India

We will respond to privacy inquiries within 30 days.

15.2 Complaints

15.2.1 For EU/GDPR:

15.2.2 For Australian residents (APPs):

File a complaint with the Office of the Australian Information Commissioner

15.2.3 For California residents (CCPA):

15.2.4 For Canadian residents (PIPEDA):

File a complaint with the Office of the Privacy Commissioner of Canada

15.3 Changes to This Policy

15.3.1 We may update this Privacy Policy periodically. We will notify you of material changes by:

15.3.2 Material changes take effect 30 days after notification (unless required by law). Your continued use of Slay after changes take effect constitutes acceptance.

15.3.3 In the event of any conflict between this Privacy Policy and other Slay policies, this Privacy Policy shall govern with respect to personal data processing.

16. Limitation of liability

In no event shall Slay's aggregate liability under this Privacy Policy exceed USD 100. Slay shall not be liable for any indirect, remote, consequential damages or losses, even if Slay has been advised of the same.

Last Updated: TBD (Set upon launch)

BY USING SLAY, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY.