Last updated: [03, June 2026]]

PRIVACY POLICY


1. Introduction

gaugewerk.com ("we," "us," or "our") respects your privacy. This Privacy Policy explains what information we collect, how we use it, who we share it with, and the rights you have over it.

This policy applies to all Users of the Platform — Clients, Providers and visitors.

2. Information We Collect

2.1 Information You Provide

  • Account information: name, email, phone, country, password

  • Profile information: profile photo, headline, bio, software skills, hourly rate, availability, portfolio links, accreditation numbers

  • Identity verification: government-issued ID, selfie video, address proof (for Providers and labs)

  • Project information: project descriptions, reference files (CAD, drawings, reports, photos), NDA acceptances

  • Payment information: billing address, GST/VAT number, payout account details (processed by Stripe / Razorpay — we do not store full card numbers)

  • Communications: messages, project notes, support tickets, feedback

2.2 Information Collected Automatically

  • Device and usage data: IP address, browser, operating system, device identifiers, pages viewed, time spent, referral source

  • Cookies and tracking: session cookies, analytics cookies, preference cookies (see Cookie section below)

  • Location data: approximate location from IP address; precise location only with your consent

2.3 Information from Third Parties

  • OAuth logins: if you sign in with Google or LinkedIn, we receive basic profile information

  • Identity verification partners: verification status from HyperVerge / Onfido or equivalent

  • Payment processors: transaction status from Stripe / Razorpay

  • Public business sources: company details for enterprise accounts

3. How We Use Your Information

We use your information to:

  • Operate, maintain and improve the Platform

  • Create and manage your account

  • Match Clients with Providers

  • Process payments, escrow and payouts

  • Verify identity and prevent fraud

  • Generate NDAs and contracts

  • Send transactional emails (matched providers, milestone updates, dispute notifications)

  • Send marketing and product update emails (with opt-out)

  • Provide customer support

  • Detect security incidents and abuse

  • Comply with legal obligations and respond to lawful requests

  • Generate aggregated, anonymised analytics

4. Legal Bases for Processing (GDPR / India DPDP)

We process your data on the following lawful bases:

  • Contract: to perform the services you signed up for

  • Consent: for marketing emails, optional cookies, precise location

  • Legitimate interest: for product improvement, fraud prevention, analytics

  • Legal obligation: to comply with tax, KYC, AML and other applicable laws

You may withdraw consent at any time without affecting the lawfulness of prior processing.

5. How We Share Your Information

We share information only as described below. We do not sell personal data.

RecipientPurposeOther UsersProfile information, proposal details and project communications visible to matched partiesPayment processors (Stripe, Razorpay)To process funding, payouts and refundsIdentity verification providers (HyperVerge, Onfido)To verify Provider identityE-signature providers (Dropbox Sign, DocuSign)To generate and sign NDAs and IP agreementsCloud infrastructure (AWS, Cloudflare, Supabase, Vercel)To host and serve the PlatformAnalytics and product (PostHog, Sentry, Plausible)To improve product and fix bugsEmail and messaging (Resend, Twilio)To send notifications and support messagesLegal and regulatoryWhen required by law, court order, or government requestBusiness transfersIn case of merger, acquisition or asset sale, with notice to you

All third-party processors are bound by data processing agreements requiring them to protect your information.

6. International Data Transfers

We may transfer and process your data outside your country of residence. Where required, we rely on Standard Contractual Clauses, adequacy decisions, or equivalent safeguards.

7. Data Retention

We retain personal data only as long as needed for the purposes described:

  • Account data: for the life of the account, plus 6 years after closure (for tax, audit and dispute records)

  • Transaction data: 8 years (standard accounting record-keeping)

  • NDAs and contracts: for the term of the NDA + 6 years

  • Marketing data: until you opt out

  • Identity verification data: as required by KYC/AML regulations, typically 5 years after last transaction

After retention periods, data is securely deleted or anonymised.

8. Data Security

We implement reasonable safeguards including:

  • 256-bit TLS encryption in transit

  • Encryption at rest for sensitive data

  • Role-based access control with audit logging

  • Two-factor authentication for sensitive operations (payouts, account changes)

  • Regular vulnerability scans and dependency monitoring

  • Vendor security reviews

  • Incident response procedures with breach notification

No system is completely secure. We cannot guarantee absolute security.

9. Your Rights

Subject to local law (including GDPR, India DPDP Act, CCPA), you have the right to:

  • Access your personal data

  • Rectify inaccurate or incomplete data

  • Erase your data (subject to legal retention obligations)

  • Restrict or object to certain processing

  • Portability — receive your data in a machine-readable format

  • Withdraw consent at any time

  • Lodge a complaint with your local data protection authority

To exercise any right, email privacy@industryx.ai. We respond within 30 days.

10. Cookies and Tracking

We use cookies and similar technologies to:

  • Keep you signed in

  • Remember preferences

  • Measure traffic and product usage

  • Prevent fraud

  • Personalise content (with consent)

You can control cookies through your browser. Disabling some cookies may break Platform functionality. Our cookie banner lets you accept or reject non-essential cookies.

11. Children's Privacy

The Platform is not intended for individuals under 18. We do not knowingly collect data from minors. If you believe a minor has provided us data, contact us and we will delete it.

12. Marketing Communications

We send marketing emails only with consent or as permitted by law. You can opt out at any time through the unsubscribe link in any email, or by emailing info@gaugehow.com Transactional messages (milestone updates, payment receipts) cannot be opted out of while you have an active account.

13. Third-Party Links

The Platform may contain links to third-party websites (e.g. software vendor sites, payment processor pages). We are not responsible for the privacy practices of those sites. Review their privacy policies separately.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified at least 30 days in advance by email and on the Platform. Continued use after the effective date constitutes acceptance.

Go back to home

Go back to home