Legal

Privacy Policy

Last updated

This Privacy Policy explains how ChannelOS ("we", "us") collects, uses, shares and protects personal data when you use the ChannelOS websites, applications, players and APIs (together, the "Service"). We process personal data in accordance with India's Digital Personal Data Protection Act, 2023 (the "DPDP Act") and other applicable Indian law. By using the Service you agree to this Policy. Where we collect data that identifies you, you are the "data principal" and we are the "data fiduciary" responsible for that data.

1. Scope

This Policy applies to personal data we handle when you visit our website, create an account, pair a screen, build or publish a show, or pay for a plan. ChannelOS is a digital-signage platform delivered entirely online — there are no physical goods and no shipping. This Policy does not cover third-party websites or services we link to or integrate with, which have their own privacy policies.

2. Who we are

The Service is provided by ChannelOS, operated as a sole proprietorship (https://channelos.tv). As the data fiduciary, we determine why and how your personal data is processed. You can reach us about this Policy at [email protected] or through our Contact page.

3. Data we collect

We collect only what we need to run the Service:

We do not intentionally collect sensitive personal data, and we ask that you not upload it into your slide content.

4. How we use your data

We use personal data to:

We do not sell your personal data, and we do not use your slide content to advertise to you.

5. Consent and lawful basis

We process your personal data on the basis of your consent, given when you provide it for the purposes described in this Policy, and on the basis that processing is necessary to provide the Service you have signed up for and to meet our legal obligations. Where the DPDP Act permits processing for certain legitimate uses, we may rely on those. You can withdraw your consent at any time (see Section 11); withdrawing consent does not affect processing already carried out, and some processing may be necessary for us to continue providing the Service.

6. Payment data

Payments are handled by Razorpay. When you pay, your card or other payment details are submitted directly to Razorpay's secure, PCI-DSS-compliant systems. Card numbers never touch our servers, and we do not store raw card data. Razorpay processes your payment information as an independent processor under its own terms and privacy policy, and in line with RBI Payment Aggregator requirements. We keep only the transaction records we need to fulfil your order, provide refunds where applicable, and meet our tax and accounting obligations.

7. Sharing with third parties

We share personal data only with service providers that help us run the Service, and only as needed for the purpose shown. Each processes data under its own terms and privacy policy.

ProviderWhat it doesData involved
RazorpayPayment processingBilling and transaction data you enter at checkout; card details go directly to Razorpay.
CloudflareHosting, content delivery and edge storageAccount data, your uploaded content, and technical logs such as IP address.
PexelsStock photo and video librarySearch terms you enter when browsing stock media.
AI model providersGenerating slideshow drafts and imageryPrompts and content you submit for AI generation.
PostHogProduct analytics and usage insightUsage events and device, session and IP data.

We may also disclose personal data where required by law, to enforce our terms, or to protect the rights, safety and security of ChannelOS, our users or the public. If the business is transferred, personal data may pass to the successor subject to this Policy.

8. Cookies and similar technologies

We use cookies and similar technologies to keep you signed in, remember your preferences, secure the Service, and measure usage through PostHog. Strictly necessary cookies are required for the Service to work. You can control non-essential cookies through your browser settings; blocking some cookies may affect how the Service functions.

9. Data retention

We keep personal data only as long as needed for the purposes in this Policy. Account and content data is retained while your account is active and for a reasonable period afterwards, unless you delete it sooner. When you delete content or your account, we remove or de-identify the associated personal data within a reasonable time, except where we must retain certain records — for example payment and tax records — for the period required by applicable law. Aggregated or de-identified data that no longer identifies you may be kept for analytics.

10. International transfers

Some of our service providers — including Cloudflare, PostHog, our AI model providers and Pexels — may process personal data on servers located outside India. Where data is transferred internationally, we do so in accordance with the DPDP Act and rely on contractual and technical safeguards to protect it. We do not transfer personal data to any country restricted for such transfers by the Government of India.

11. Your rights

Subject to the DPDP Act, you have the right to:

To exercise any of these rights, email [email protected] or use our Contact page. We may need to verify your identity before acting on a request, and we will respond within the timelines required by law. If you are not satisfied with our response, you may complain to the Data Protection Board of India.

12. Children

The Service is intended for business users and is not directed to children. We do not knowingly collect the personal data of anyone under 18 without verifiable consent from a parent or lawful guardian, as required by the DPDP Act. If you believe a child has provided us personal data, contact us and we will delete it.

13. Security

We take reasonable technical and organisational measures to protect personal data against loss, misuse and unauthorised access, including encryption in transit, access controls, and reliance on established infrastructure and payment providers. No method of transmission or storage is completely secure, so we cannot guarantee absolute security. If a personal-data breach affects you, we will notify you and the Data Protection Board of India as required by law.

14. Grievance officer and contact

If you have a question, concern or complaint about how we handle your personal data, please contact our grievance officer through our Contact page or at [email protected]. We will acknowledge your complaint within 48 hours and work to resolve it within 30 days, in line with the DPDP Act and the Consumer Protection (E-Commerce) Rules, 2020.

15. Changes to this policy

We may update this Policy from time to time. If we make material changes, we will update the "last updated" date shown above and, where appropriate, give additional notice. Continued use of the Service after changes take effect means you accept the revised Policy.