Legal
Privacy Policy
Last updated: 2 June 2026
This policy describes how BookGames handles personal information. For questions, write to support@bookgames.app.
1. Introduction
BookGames respects user privacy and is committed to protecting personal information shared by players, partners, staff, and visitors while using the BookGames website, mobile apps, dashboards, booking flows, payment flows, and related services.
This Privacy Policy explains what personal information BookGames collects, why it is collected, how it is used, how it is shared, how long it is retained, and the choices available to users.
By using BookGames, users agree to the practices described in this Privacy Policy. If a user does not agree, the user should stop using the platform.
2. Information We Collect
Account information: name, mobile number, email address, password (hashed), date of birth where required, profile photo, gender (optional), preferred language, and login provider details such as Google OAuth.
Verification information: One-Time Passwords (OTP), device identifiers, IP address, browser fingerprint, location signals, and verification status for fraud prevention.
Booking information: venue selected, date, time, duration, number of players, station/resource, price, fees, taxes, cancellation policy applied, no-show grace, access code, and session status.
Payment information: transaction identifiers, payment status, refund status, masked card or UPI details returned by the payment gateway, settlement identifiers, and invoice metadata. BookGames does not store full card numbers, CVV, UPI PIN, OTP, or netbanking passwords.
Partner and lounge information: business name, legal entity name, address, GSTIN, PAN, bank account details (handled by the payment partner), owner contact, staff invitations, lounge photos, listing content, pricing rules, and operating hours.
Usage information: pages visited, features used, search queries, filters applied, click events, error logs, performance telemetry, device type, operating system, browser, app version, and crash reports.
Communication information: messages exchanged in chat, support tickets, ratings, reviews, complaints, grievance submissions, and feedback.
3. How We Use Information
Create and manage player, partner, staff, and admin accounts.
Verify mobile numbers, emails, and identities to prevent fraud and unauthorized access.
Process bookings, confirmations, cancellations, extensions, refunds, payouts, invoices, and disputes.
Operate session check-in, access codes, on-site verification, and venue management workflows.
Send transactional messages such as OTP, booking confirmation, payment receipt, cancellation, refund status, session reminders, and account alerts via SMS, WhatsApp, email, or push notification.
Provide customer support, resolve disputes, handle grievances, and respond to legal or regulatory requests.
Detect, investigate, and prevent fraud, abuse, chargebacks, account takeover, prohibited activity, and security incidents.
Improve product features, run analytics, measure performance, optimize pricing displays, and enhance the platform experience.
Comply with applicable laws, court orders, tax requirements, payment gateway requirements, KYC/KYB norms, and law enforcement requests.
4. Legal Basis for Processing
Performance of a contract: to provide booking, payment, support, and partner services that users have requested.
Legitimate interests: to operate the platform securely, prevent fraud, run analytics, and improve services without overriding user rights.
Consent: where required by law, such as for non-essential cookies, optional marketing communication, or location access.
Legal obligation: to comply with tax, accounting, anti-fraud, payment gateway, KYC/KYB, and regulatory requirements.
5. How We Share Information
With partner venues: limited booking and player information needed to fulfil a session, such as player name, contact for the session, booking time, duration, station, and access code.
With payment partners and payment gateways such as Airpay, banks, UPI providers, card networks, and aggregators to process payments, refunds, payouts, settlements, KYC/KYB, and chargeback resolution.
With infrastructure and service providers such as cloud hosting (e.g. Railway), file storage (e.g. Cloudflare R2), database providers, communication providers (e.g. Twilio for SMS/WhatsApp, Resend for email), analytics, error monitoring (e.g. Sentry), and customer support tools, strictly to operate the platform.
With auditors, lawyers, accountants, regulators, courts, and law enforcement where required by law or to enforce legal rights, prevent fraud, or protect safety.
With successors in case of a merger, acquisition, reorganization, asset transfer, or insolvency event, with appropriate confidentiality safeguards.
BookGames does not sell personal information to advertisers or data brokers.
6. Cookies and Similar Technologies
BookGames uses cookies, local storage, session storage, and similar technologies for authentication, session management, fraud prevention, language preference, theme preference, analytics, and remembering user choices.
Users may control cookies through browser settings. Blocking essential cookies may break login, booking, and payment flows.
7. Data Retention
Account, booking, payment, invoice, dispute, complaint, and audit information may be retained for as long as the account is active and for additional periods required by tax law, accounting law, payment partner rules, fraud prevention, or to resolve disputes.
Soft-deleted records such as cancelled bookings or removed listings may be retained for audit purposes and then anonymized or removed in line with retention schedules.
Aggregated or anonymized information that does not identify any individual may be retained indefinitely for analytics, product improvement, and research.
8. Security
BookGames applies administrative, technical, and physical safeguards including HTTPS encryption in transit, encrypted credentials, role-based access control, server-side authorization, audit logging, rate limiting, and least-privilege access for staff.
Despite reasonable safeguards, no system is fully secure. Users should keep credentials, OTPs, and access codes confidential and report suspected unauthorized access immediately to support@bookgames.app.
9. Children
BookGames is not directed at children below the minimum age permitted to enter a binding agreement under applicable law. Where local law sets a higher age for online services or gaming venues, users below that age must use BookGames only under parent or guardian supervision and consent.
10. User Rights
Subject to applicable law, users may request access to personal information held by BookGames, request correction of inaccurate information, request deletion of information no longer required for legitimate purposes, withdraw consent for optional processing, and lodge a complaint with a competent data protection authority.
Users may exercise these rights by writing to support@bookgames.app from the registered contact, subject to verification.
11. International Transfers
BookGames may process information in India and other locations where its service providers operate. Where transfers occur outside the user's country, BookGames takes steps consistent with applicable law to safeguard the information.
12. Changes to this Policy
BookGames may update this Privacy Policy from time to time. Material changes will be reflected on this page with an updated revision date and, where appropriate, notified to users through the platform.
13. Contact and Grievance Redressal
Support email: support@bookgames.app.
Office address: Nexo Arena, opposite to SN Roofs, near Old Post Office, North Paravur, Mannam, Ernakulam, Kerala 683520, India.
Grievance officer details will be published before public launch in compliance with applicable law.