Privacy Policy
Effective as on December 01, 2021
Last Updated as on May 20, 2026
OneStack Solutions Private Limited ("OneStack", "we", "our", or "us") is committed to protecting the privacy and personal data of users ("you" or "your") who access or use our website, applications, and services.
This Privacy Policy explains how we collect, use, store, disclose, and protect your information in accordance with applicable laws and regulations.
By accessing or using OneStack services, you acknowledge that you have read and understood this Privacy Policy.
Where required under applicable law, OneStack obtains explicit, informed, free, specific, and unambiguous consent before collecting or processing personal data.
If you do not agree with this Privacy Policy, please do not access or use our services.
1. Information We Collect
1.1 Traffic Data
When you visit our website, we may automatically collect certain technical and usage-related information including:
When you visit our website, we may automatically collect certain technical and usage-related information including:
- IP address
- Browser type and version
- Device information
- Operating system
- Referral source
- Website usage activity
- Date and time of access
- Pages visited and interaction details
1.2 Personal Information
We may collect personal information including:
OneStack does not store users' credit card information.
We may collect personal information including:
- Full name
- Address
- Email address
- Phone number
- Date of birth
- Bank account details
- Payment card details
- Transaction information
- KYC and identity verification documents
- Tax or income-related documents
- Customer support communications
- Survey responses
- Call recordings
- Login information and IP address
OneStack does not store users' credit card information.
1.3 Third-Party Information
We may obtain information from third-party agencies, financial institutions, fraud prevention agencies, and identity verification providers for:
We may obtain information from third-party agencies, financial institutions, fraud prevention agencies, and identity verification providers for:
- Fraud prevention
- AML compliance
- Identity verification
- Credit checks
- Regulatory compliance
2. Consent
OneStack obtains user consent through appropriate opt-in mechanisms including:
OneStack obtains user consent through appropriate opt-in mechanisms including:
- Consent checkboxes
- In-app confirmations
- Buttons or affirmative actions
- Customer onboarding
- KYC verification
- Transaction processing
- Customer support
- Marketing communication
- Analytics and service improvement
- Regulatory compliance
3. Use of Information
We use your information for the following purposes:
We use your information for the following purposes:
- Operating and administering user accounts
- Processing transactions and payments
- Customer onboarding and verification
- Fraud prevention and AML compliance
- Providing customer support
- Improving website functionality and services
- Internal training and analytics
- Legal and regulatory compliance
- Security monitoring and incident prevention
- Sending transactional notifications
- Marketing communications where consent is provided
4. Retention and Storage of
Information
OneStack retains personal data only for as long as necessary for legitimate business, contractual, legal, or regulatory purposes.
Certain financial and transaction-related records may be retained for at least five (5) years or longer where required under applicable law.
Where personal data is no longer required, OneStack will securely:
Website visitor data such as cookies, IP addresses, browsing activity, and device identifiers are retained only as long as necessary for:
OneStack retains personal data only for as long as necessary for legitimate business, contractual, legal, or regulatory purposes.
Certain financial and transaction-related records may be retained for at least five (5) years or longer where required under applicable law.
Where personal data is no longer required, OneStack will securely:
- Delete
- Anonymize
- Pseudonymize
Website visitor data such as cookies, IP addresses, browsing activity, and device identifiers are retained only as long as necessary for:
- Security
- Fraud prevention
- Analytics
- Service improvement
5. Disclosure of Information
OneStack may disclose personal information to:
OneStack may disclose personal information to:
- Law enforcement agencies
- Regulatory authorities
- Courts or government bodies
- Financial institutions and banking partners
- Fraud prevention agencies
- Service providers and vendors
- Referral partners for commission calculation purposes
- Prospective business purchasers or investors
- Process information only for authorized purposes
- Maintain confidentiality
- Retain information only as necessary
- Securely delete or anonymize data after use
6. Fraud Prevention and AML
Compliance
OneStack may conduct identity verification, fraud prevention, credit assessment, and anti-money laundering checks.
We may share relevant information with:
OneStack may conduct identity verification, fraud prevention, credit assessment, and anti-money laundering checks.
We may share relevant information with:
- Banks
- Payment processors
- Credit reference agencies
- Verification service providers
- Regulatory authorities
- Report transactions to authorities
- Restrict account access
- Suspend or terminate accounts
- Withhold funds where legally permitted
7. Communications
Users may receive:
Users can unsubscribe from promotional communications at any time.
Users may receive:
- Transactional emails
- Account notifications
- Security alerts
- Password reset communications
- Service updates
Users can unsubscribe from promotional communications at any time.
8. Cookies and Tracking Technologies
OneStack uses cookies and related technologies including:
Users may disable cookies through browser settings; however, certain website features may not function properly.
OneStack uses cookies and related technologies including:
- Cookies
- Web beacons
- Email pixels
- Analytics tools
- Script-based trackers
- Improve website performance
- Analyze traffic
- Personalize user experience
- Maintain security
Users may disable cookies through browser settings; however, certain website features may not function properly.
9. Security
OneStack implements appropriate technical and organizational safeguards including:
In the event of a personal data breach, OneStack will take reasonable measures to:
OneStack implements appropriate technical and organizational safeguards including:
- Access controls
- Encryption where appropriate
- Secure network configurations
- Security monitoring
- Periodic security reviews
In the event of a personal data breach, OneStack will take reasonable measures to:
- Assess and contain the incident
- Investigate the breach
- Notify affected users and regulators where required
10. User Rights
Subject to applicable laws, users may have the right to:
Subject to applicable laws, users may have the right to:
- Access personal data
- Correct inaccurate information
- Request deletion of personal data
- Withdraw consent
- Object to certain processing activities
- Raise grievances
- Nominate another person to exercise rights on their behalf
11. Third-Party Links
Our website may contain links to third-party websites or services.
OneStack is not responsible for the privacy practices, security measures, or content of external websites.
Users are encouraged to review the privacy policies of third-party websites before sharing personal information.
Our website may contain links to third-party websites or services.
OneStack is not responsible for the privacy practices, security measures, or content of external websites.
Users are encouraged to review the privacy policies of third-party websites before sharing personal information.
12. Public Information
Any information voluntarily shared in public forums, reviews, comments, or discussions may become publicly accessible.
Users should exercise caution before posting personal information publicly.
Any information voluntarily shared in public forums, reviews, comments, or discussions may become publicly accessible.
Users should exercise caution before posting personal information publicly.
13. Language Accessibility
This Privacy Policy may be made available in multiple Indian languages listed under the Eighth Schedule of the Constitution of India.
In case of any inconsistency between translated versions and the English version, the English version shall prevail.
This Privacy Policy may be made available in multiple Indian languages listed under the Eighth Schedule of the Constitution of India.
In case of any inconsistency between translated versions and the English version, the English version shall prevail.
14. International Data Transfers
OneStack does not currently transfer personal data outside India.
If any future cross-border transfer becomes necessary, such transfer shall be carried out in accordance with applicable legal and regulatory requirements and subject to appropriate safeguards.
OneStack does not currently transfer personal data outside India.
If any future cross-border transfer becomes necessary, such transfer shall be carried out in accordance with applicable legal and regulatory requirements and subject to appropriate safeguards.
15. Updates to This Privacy Policy
OneStack may update this Privacy Policy periodically to reflect changes in:
OneStack may update this Privacy Policy periodically to reflect changes in:
- Legal requirements
- Regulatory obligations
- Business operations
- Technology platforms
- Data processing practices
- Website notices
- In-app notifications
- Email communications
16. Limitation of Liability
OneStack provides services on an "as-is" basis and does not guarantee uninterrupted or error-free operation.
To the maximum extent permitted by law, OneStack disclaims liability for:
OneStack provides services on an "as-is" basis and does not guarantee uninterrupted or error-free operation.
To the maximum extent permitted by law, OneStack disclaims liability for:
- Indirect damages
- Consequential damages
- Loss of data
- Service interruptions
- Unauthorized access by third parties
17. Governing Law
This Privacy Policy shall be governed by and construed in accordance with the laws of India.
Any disputes arising under this Privacy Policy shall be subject to the exclusive jurisdiction of competent courts in India.
This Privacy Policy shall be governed by and construed in accordance with the laws of India.
Any disputes arising under this Privacy Policy shall be subject to the exclusive jurisdiction of competent courts in India.
18. Contact Us
For any questions, requests, or concerns regarding this Privacy Policy or personal data processing practices, users may contact:
OneStack
Email: support@onestack.in
Grievance Officer
Name: Mr. Vishal Gupta
Email: vishal@onestack.in
Working Hours: Monday to Friday, 10:00 AM to 6:30 PM IST (excluding public holidays)
For any questions, requests, or concerns regarding this Privacy Policy or personal data processing practices, users may contact:
OneStack
Email: support@onestack.in
Grievance Officer
Name: Mr. Vishal Gupta
Email: vishal@onestack.in
Working Hours: Monday to Friday, 10:00 AM to 6:30 PM IST (excluding public holidays)
19. Policy Review
This Privacy Policy shall be reviewed periodically, at least annually, or whenever required due to changes in applicable laws, regulations, services, or business operations.
This Privacy Policy shall be reviewed periodically, at least annually, or whenever required due to changes in applicable laws, regulations, services, or business operations.