Last Updated: February 27, 2026
Welcome to Huzzler (“Company”, “we”, “our”, or “us”).
This Privacy Policy (“Policy”) describes how we collect, use, store, share, and protect your personal data when you access or use our website, mobile application, and related services (collectively, the “Platform”).
We are committed to protecting your privacy and handling your information in compliance with the Digital Personal Data Protection Act, 2023 (DPDP Act), the Information Technology Act, 2000, and all applicable Indian data protection laws.
For the purposes of this Policy, Zuntra Digital Private Limited acts as the Data Fiduciary under the DPDP Act, and any third-party service providers engaged by us act as Data Processors under written contracts ensuring equivalent protection.
This Policy forms part of and shall be read with the Huzzler Terms of Service (effective 31 October 2025).
By using the Platform, you consent to the practices described in this Policy.
a)This Policy applies to:
All users of the Platform, including Freelancers, Clients, and visitors;
All personal data collected, processed, or stored by the Company in India;
Any personal data transferred or accessed from outside India, as permitted by law.
This Policy does not apply to third-party websites or services linked from our Platform.
We encourage you to review the privacy policies of those third parties independently.
we may collect the following categories of data:
Full name, phone number, email address;
Address, city, state, and country;
Profile photo or avatar (optional)
Login credentials;
Freelancer skills, portfolio, and service details;
Client project descriptions;
Communication logs between freelancers and clients.
Access time, pages visited, and referral links;
Cookies, analytics, and tracking technologies.
(d) Sensitive Personal Data (if applicable)
We do not collect biometric or financial data since the Platform does not process payments.
a) We receive your information when you provide it to us while using our Services, including: i. Account Creation. When you create an account, we collect information such as your name, email address, password, location, and profile photograph (optional). Identity Verification. We may verify your identity using email or phone-based authentication methods to prevent fraud and ensure platform integrity. We do not collect government-issued identification documents. Your Communications with Us. We may collect personal information such as email address or phone number when you request information about our Services, seek customer support, apply for or post an opportunity, or otherwise communicate with us. Surveys & Interviews. We may invite you to participate voluntarily in surveys or user interviews. Participation is optional, and any information shared will be used only for improving our Services. Imported External Network Information. If you choose to import professional contacts from other platforms, we may collect information you voluntarily provide to help connect you with your existing network. User Content. Information you choose to make publicly available on your profile or through platform features will be visible to other users according to your privacy settings. Live Events. If we host events, we may collect contact information from attendees for event coordination purposes. Business Development. We may collect contact information from individuals or companies for partnership or business inquiries.
a) We automatically collect data about you when you visit our website and use our services. The types of data we automatically collect include:
Device and Network Information. We may collect certain information automatically when you use our Services, such as your Internet protocol (IP) address, user settings, cookie identifiers, browser or device information, location information (including approximate location derived from IP address).
Usage Information. We may also automatically collect information regarding your use of our Services, such as pages that you visit before, during and after using our Services, information about the links you click, the types of content you interact with, the frequency and duration of your activities, and other information about how you use our Services. In addition, we may collect information that other people provide about you when they use our Services, including information about you when they tag you and/or provide referrals and/or feedback regarding your work performance and project results and/or other interactions between you and a Client or Independent.
Cookies, Pixel Tags/Web Beacons, and Other Technologies. We, as well as third parties that provide content, advertising, or other functionality on our Services, may use cookies, pixel tags, local storage, and other technologies (“Technologies”) to automatically collect information through your use of our Services. Cookies are small text files placed in device browsers that store preferences and facilitate and enhance your experience. A pixel tag (also known as a web beacon) is a piece of code embedded in our Services that collects information about engagement on our Services. The use of a pixel tag allows us to record, for example, that a user has visited a particular web page or clicked on a particular advertisement. We may also include web beacons in e-mails to understand whether messages have been opened, acted on, or forwarded. Our uses of these Technologies fall into the following general categories:
Operationally Necessary. This includes Technologies that allow you access to our Services, applications, and tools that are required to identify irregular website behavior, prevent fraudulent activity and improve security or that allow you to make use of our functionality;
Performance-Related. We may use Technologies to assess the performance of our Services, including as part of our analytic practices to help us understand how individuals use our Services (see Analytics below). For example, we may track your website activity, including recordings of your interactions with the website;
Functionality-Related. We may use Technologies that allow us to offer you enhanced functionality when accessing or using our Services. This may include identifying you when you sign into our Services or keeping track of your specified preferences, interests, or past items viewed;
Advertising- or Targeting-Related. We may use first-party or third-party Technologies to deliver content, including ads relevant to your interests, on our Services or on third-party websites.
We collect data through:
Direct input from users during registration, profile setup, or communication;
Automated collection via cookies and analytics tools;
Information shared voluntarily through emails, forms, or surveys.
We process your personal data for the following lawful purposes:
Purpose
Legal Basis under DPDP Act
Account creation and management
Performance of contract / User consent
Displaying freelancer profiles and projects
User consent
Matching clients and freelancers
Legitimate use for service delivery
Communication and notifications
Consent / legitimate business interest
Security, fraud prevention, and compliance
Legal obligation
Data analytics and platform improvement
Legitimate business interest
Responding to legal or government requests
Legal obligation
By using the Platform and providing your personal data, you consent to:
The collection and processing of your information;
Communication via email, SMS, or in-app notifications;
Data transfers and disclosures as described herein.
All personal data is stored securely on servers located within India, unless otherwise specified for backup or analytics.
We retain user data only for as long as necessary to fulfill the purposes described in this Policy or as required by law - which is 180 days for safety purposes under India’s IT Rules 2021.
Upon deletion of an account, we anonymise or securely erase personal data unless retention is legally mandated.
a. We implement reasonable security practices and procedures as required under Rule 8 of the IT (SPDI) Rules, 2011, including:
i. Encryption of stored and transmitted data;
ii. Secure access control and authentication;
iii. Regular vulnerability assessments;
iv. Limited employee access on a need-to-know basis.
b. While we take all reasonable steps to protect your data, no electronic transmission or storage system can guarantee absolute security.
Personal data may be transferred to or processed in other jurisdictions only where such transfer is compliant with Section 16 of the DPDP Act, 2023.
Any cross-border transfer will ensure that the receiving country or entity provides adequate data protection safeguards.
By using the Platform, you consent to such international transfers as necessary for service provision (e.g., cloud hosting, analytics).
a) Definition of Force Majeure
The Company shall not be held liable for any delay, failure, loss, or disclosure of personal data resulting from events beyond its reasonable control, including but not limited to:
i.Natural disasters (fire, flood, earthquake, storm, or other acts of God);
ii.War, terrorism, sabotage, civil unrest, or political disturbances;
iii.Pandemic, epidemic, or governmental restrictions;
iv.Power outages, network failures, or telecommunications disruptions;
v.Widespread ransomware attacks, zero-day exploits, denial-of-service (DoS) incidents, or similar malicious cyber intrusions affecting the Company’s or its vendors’ infrastructure;
vi.Cloud service provider outages or third-party data centre failures; or
vii.Any act, omission, or circumstance which is not reasonably foreseeable or preventable despite implementation of industry-standard security measures.
b) Commitment to Security Standards
Zuntra Digital Private Limited (“the Company”) has always maintained and will continue to maintain the highest standards of information security, privacy protection, and data-governance compliance. The Company operates in full adherence to Section 43A of the Information Technology Act, 2000, Rule 8 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023 (“DPDP Act”).
All internal controls, policies, and infrastructure are designed and periodically reviewed in accordance with ISO/IEC 27001 or equivalent global standards to ensure confidentiality, integrity, and availability of information assets.
c) Ransomware or Data Encryption Attacks
In the event of a ransomware or similar encryption-based cyberattack:The Company will immediately isolate affected systems, engage certified cybersecurity specialists, and notify the Indian Computer Emergency Response Team (CERT-In) as mandated under the Cyber Security Directions, 2022 (issued under s.70B of the IT Act) within six (6) hours of detection. The Company will also notify the Data Protection Board of India and affected Users under Section 8(6) and Section 33 of the DPDP Act, 2023, disclosing the nature of the breach, likely impact, and remedial measures taken. No ransom or unlawful demand will be paid by the Company unless legally mandated or approved by competent authorities.
d) Mitigation and Restoration
The Company will make commercially reasonable efforts to restore systems, recover encrypted data (where possible), and prevent recurrence through patching, system hardening, and security upgrades. Users will be informed about measures taken and any required user-side actions (e.g., password resets).
e) Limitation of Liability in Force Majeure Events
While the Company will exercise due diligence, it shall not be liable for any consequential, incidental, or indirect loss of data, goodwill, or reputation caused by such force majeure or ransomware incidents, provided that:
i.It has complied with its legal obligations of prompt notification and mitigation under the DPDP Act and IT Act; and
ii.The event could not reasonably have been prevented by available security technologies or practices.
f) Post-Incident Review and Documentation
A post-incident forensic report will be documented within 30 days of containment, recording root cause, remedial steps, and timelines. Such reports will be preserved as required by Rule 7 of the CERT-In Directions, 2022, and may be shared with regulators upon request.
We may share your personal data with:
(a) Service Providers
Third-party vendors providing IT, hosting, analytics, communication, or verification services — under strict confidentiality obligations.
(b) Legal and Regulatory Authorities
When required by law, regulation, or valid legal process.
(c) Business Transfers
In case of merger, acquisition, or asset sale, user data may be transferred to the new entity, subject to this Policy.
We do not sell or rent personal data to advertisers or third parties.
We use cookies and similar technologies to:
Enable core platform functions;
Analyze site traffic and user behavior;
Remember preferences and login sessions.
You can manage cookie preferences through your browser settings, but disabling cookies may limit certain Platform features.
The Platform may contain links to third-party websites or plugins (e.g., LinkedIn, company websites, or communication tools).
We are not responsible for the privacy practices or content of those external sites.
Zuntra Digital Private Limited (“the Company”) has appointed a Data Protection Officer (DPO) in accordance with Section 10(5) of the Digital Personal Data Protection Act, 2023, read with Rule 3(1)(b) of the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021.
The DPO serves as the single point of contact for all user grievances, privacy-related inquiries, and communications from the Data Protection Board of India or other lawful authorities
Name: VARADHARAJA PERUMAL JANAKIRAMAN
Email: grievance@huzzler.io
Address: ZUNTRA DIGITAL PRIVATE LIMITED - Developed Plot Estate, Plot No 61, Perungudi, Perungudi, Kanchipuram, Saidapet, Tamil Nadu, India, 600096
Complaints will be acknowledged within 24 hours and resolved within 15 business days.
We may amend this Policy periodically to reflect legal or technological changes.
Any updates will be posted on this page with a revised “Last Updated” date.
Continued use of the Platform after such changes constitutes your acceptance of the updated Policy.
This Policy shall be governed by and construed in accordance with the laws of India.
Any disputes arising under this Policy shall be subject to the exclusive jurisdiction of the courts of Chennai, Tamil Nadu, India.
Users may request deletion of their account at any time as follows: