Legal
Privacy Policy
How GoatOut collects, uses, shares, protects, and retains information from users, hosts, visitors, and people who interact with our services.
Last updated: 26 May 2026
Introduction
Goatout Technologies Private Limited, operating under the GoatOut brand, respects your privacy and is committed to protecting personal information. This Privacy Policy explains how we collect, use, disclose, retain, and protect information when you access or use our website, mobile apps, host tools, support channels, booking flows, payment flows, deep links, and related services.
By using the Platform, creating an account, logging in, booking a workshop, applying as a host, uploading content, contacting support, or otherwise interacting with GoatOut, you consent to the processing of your information as described in this Privacy Policy.
If you do not provide information required for a particular feature, we may not be able to provide that feature, verify your account, complete a booking, approve a host profile, process a payment, issue a ticket, complete a check-in, process a refund, or respond to support requests.
Scope and age
This Privacy Policy applies to users, hosts, website visitors, app users, attendees, people who contact support, and people whose information is provided to GoatOut in connection with a booking or workshop.
The Platform is generally intended for persons who are at least 18 years old or who use the Platform with consent and supervision of a parent or legal guardian. If an adult provides information about a minor for a family-friendly workshop or booking, the adult confirms that they have authority to do so.
We do not knowingly create independent accounts for minors without appropriate consent. If we learn that information of a minor has been provided without valid consent, we may delete or restrict that information where appropriate.
Information you provide
We may collect information you provide directly, including name, phone number, email address, city, profile details, gender or age if voluntarily provided, support messages, feedback, ratings, reviews, photographs, workshop preferences, booking details, and any other information submitted through the Platform.
For host accounts, we may collect personal details, preferred host name, professional details, organization name, city, address or venue information, website or social links, tax information such as GSTIN where provided, payout information such as UPI ID or bank details where provided, optional Aadhaar information where provided, workshop details, thumbnails, capacity, pricing, cancellation terms, and operational notes.
For bookings, we may collect workshop ID, booking ID, ticket quantity, attendee details where required, payment status, refund status, QR code or check-in status, venue and city information, and communication or support history related to the booking.
Login, authentication, and verification data
We may process phone numbers, OTP request and verification status, login timestamps, device identifiers, authentication tokens, Truecaller profile information made available with your consent, email OTP information for admin or support flows, and security signals needed to protect accounts.
When you use Truecaller one-tap sign-in, Truecaller may share information you authorize, such as phone number, name, profile information, or email where available. Your interaction with Truecaller is also subject to Truecaller's own terms and privacy policy.
When you use OTP login, our OTP providers may process your phone number, OTP delivery status, template information, timestamps, and delivery metadata as needed to deliver and verify OTPs.
Payment and transaction information
When you make or receive payments through the Platform, payment providers may collect and process payment instrument details, UPI information, card network information, bank response, transaction reference, settlement status, refund status, chargeback information, and fraud signals.
GoatOut does not intend to store full card numbers, CVV, card PIN, net banking passwords, or similar sensitive payment credentials. Such information should be handled by regulated payment gateways, banks, or payment service providers.
We may store payment status, amount, fee, tax, booking reference, order reference, payout reference, refund reference, gateway response, and related records for accounting, support, fraud prevention, compliance, and dispute handling.
Content and media
We may collect and process content uploaded by users or hosts, including workshop thumbnails, images, videos, descriptions, reviews, ratings, messages, profile images, venue images, and support attachments.
Host images and workshop thumbnails may be resized, optimized, watermarked, cached, transformed, or used to generate public previews, deep-link thumbnails, social cards, app listings, admin previews, and marketing materials related to the workshop or Platform.
You should not upload sensitive personal information, private documents, images of other people, or third-party content unless you have the right and consent to do so.
Device, usage, and diagnostic information
We may automatically collect device type, operating system, app version, IP address, approximate location from IP, device identifiers, crash logs, performance logs, feature usage, pages viewed, buttons clicked, timestamps, referral links, and other diagnostic or analytics data.
This information helps us operate the Platform, debug issues, prevent fraud, improve performance, test features, understand demand by city, personalize discovery, and protect users and hosts.
If you use the website, cookies, local storage, pixels, analytics tags, or similar technologies may be used to remember preferences, measure usage, improve pages, and protect the service.
Location information
We may use city-level location, selected city, workshop city, venue information, or approximate location to show relevant workshops, route users to city-specific discovery, support fraud checks, and improve marketplace quality.
If precise device location is introduced or requested in the app, it will be used only after required device permission or consent and for the purpose explained at the time, such as finding nearby workshops or venue-related features.
Information from third parties
We may receive information from payment gateways, OTP providers, Truecaller, communication providers, cloud hosting providers, analytics providers, image hosting providers, app stores, fraud prevention tools, public sources, hosts, users, or other partners where required to operate and protect the Platform.
We may combine information received from third parties with information we collect directly to verify identity, complete bookings, detect fraud, reconcile payments, improve support, personalize the Platform, or comply with law.
How we use information
We use information to create and secure accounts, verify login, approve hosts, display workshops, process bookings, issue tickets, support QR check-in, process payments and refunds, calculate payouts, send confirmations, provide support, resolve disputes, and operate the Platform.
We use information to prevent fraud, abuse, spam, unauthorized access, ticket misuse, payment misuse, policy violations, unsafe activity, and violations of law.
We use information to improve product design, test features, understand user behavior, personalize discovery, measure city-level demand, improve host quality, perform analytics, train support operations, and maintain service reliability.
We may use contact information to send transactional, service, security, booking, refund, host-review, payout, policy, account, and support communications. Promotional communications may be sent where permitted and may include opt-out options where required.
How we share information
We may share information with hosts where needed to deliver a booking, including attendee name, ticket quantity, booking ID, QR check-in status, registered contact details where operationally required, and support context relevant to that workshop.
We may share host information with users where needed to evaluate or attend a workshop, including host name, organization details, workshop details, venue information, contact or support-mediated information, and public host profile details.
We may share information with service providers that help us operate the Platform, including cloud infrastructure providers, database providers, payment gateways, OTP and communication providers, email providers, image and media hosting providers, analytics providers, fraud prevention tools, support tools, and app distribution platforms.
We may disclose information to law enforcement, courts, regulators, tax authorities, payment networks, banks, or other authorized parties where required by law, legal process, safety needs, fraud prevention, rights protection, or enforcement of our terms.
If GoatOut undergoes merger, acquisition, investment, restructuring, asset sale, financing, or similar transaction, information may be shared with relevant parties under appropriate confidentiality or legal safeguards.
Information shared with payment and communication providers
Payment providers process payment and refund information under their own legal and security obligations. Banks, card networks, UPI systems, wallets, and gateways may independently process transaction data.
OTP, WhatsApp, SMS, email, and notification providers may process contact details and delivery metadata to send login codes, booking confirmations, tickets, support messages, refunds, policy updates, or service notices.
We are not responsible for independent privacy practices of third-party providers, but we aim to work with providers that are appropriate for the service being delivered.
Public and host-visible information
Workshop pages, deep links, social previews, and shared links may publicly display workshop title, city, venue area, date, time, price, host name, host profile, thumbnail, description, cancellation terms, and other listing information.
Reviews, ratings, or public contributions may be visible to other users, hosts, or visitors. Do not post information that you do not want to be public.
Admin users with authorized access may view user, host, booking, workshop, payment, refund, and operational records to operate support, approval, moderation, and compliance workflows.
Data storage and retention
We may store and process information in India or in other locations where our service providers operate, subject to applicable law and contractual safeguards where appropriate.
We retain information for as long as needed to provide the Platform, maintain accounts, complete bookings, resolve disputes, process payments and payouts, comply with law, prevent fraud, enforce agreements, maintain business records, and protect legal rights.
Booking, payment, refund, tax, payout, fraud prevention, chargeback, support, safety, audit, and legal records may be retained even after account deletion where required or reasonably necessary. Backup copies may remain for a limited period before deletion or isolation according to backup cycles.
Your choices and rights
You may request access, correction, update, export, deletion, or withdrawal of optional consent by contacting us from your registered email or by providing your registered phone number so we can verify account ownership.
You may manage some preferences in the app where available, including profile information, notification preferences, city selection, or support requests.
Some requests may be limited by law, fraud prevention, safety, dispute handling, tax, accounting, payment, or legal retention requirements. If we cannot fully complete a request, we will try to explain the reason where appropriate.
Account deletion and data requests
To request account deletion, data access, correction, export, or consent withdrawal, contact privacy@goatout.in with your registered phone number or email and the request type.
After verification, we may delete or deactivate your profile and non-essential personal information. Records required for bookings, payments, refunds, host payouts, tax, legal compliance, fraud prevention, disputes, or safety may be retained in restricted systems.
If you are a host with active workshops, pending payouts, unresolved refunds, chargebacks, disputes, or compliance issues, deletion may be completed after those obligations are closed or legally retained records are separated from active systems.
Security
We use reasonable technical, organizational, and administrative safeguards to protect information, including access controls, limited admin access, service-provider controls, secure authentication, and operational review where appropriate.
No internet, mobile, payment, or cloud system can be guaranteed to be completely secure. You are responsible for keeping your device, phone number, email account, OTPs, and login sessions secure.
If you believe your account, ticket, payment, host profile, or personal information has been compromised, contact support immediately.
Third-party links and services
The Platform may contain links to app stores, payment pages, host websites, social media, maps, venue pages, third-party support pages, or other external services. Their privacy practices are governed by their own policies.
GoatOut is not responsible for information you provide directly to third parties or information collected by third-party websites, apps, SDKs, payment pages, or services outside our control.
Changes to this policy
We may update this Privacy Policy to reflect changes in law, product features, data practices, service providers, security controls, or business operations.
The updated policy will be posted on the Platform with the latest update date. Your continued use of the Platform after the update means you accept the updated policy where permitted by law.
Contact us
Privacy and data requests: privacy@goatout.in
General support: support@goatout.in
Host support: hosts@goatout.in
Grievance escalation: grievance@goatout.in
Please include your registered phone number or email, booking ID or host ID where relevant, and a clear description of your request so we can verify and respond efficiently.