KhelPoint
Legal

Privacy Policy

Effective: May 11, 2026Last updated: May 11, 2026~15 min read

KhelPoint is committed to protecting your privacy. Select the policy that applies to you — we have separate policies for players and venue partners.

Privacy Policy - KhelPoint Users

Effective Date: May 11, 2026
Last Updated: May 11, 2026

1. Introduction

KhelPoint ("we," "us," "our," or "Platform") is committed to protecting your privacy and ensuring you have a positive experience on our platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, mobile application, and related services (collectively, the "Service").

We comply with applicable privacy laws and regulations, including GDPR, PDPA (Pakistan Personal Data Protection Act), and other local data protection laws. Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our Service.


2. Information We Collect

2.1 Information You Provide Directly

Account Registration:

  • Email address
  • Phone number
  • Full name
  • Password
  • Date of birth
  • Proof of identity (optional, for verification)
  • Device ID and device type (for multi-device support)

Profile Information:

  • Profile picture/avatar
  • Bio or description
  • Preferences (notification settings, language, location)

Payment Information:

  • Payment method details (credit card, mobile wallet accounts)
  • Billing address
  • Transaction history
  • Refund requests and details

Booking Information:

  • Search history (venues, dates, times)
  • Booking history (dates, times, locations, amounts paid)
  • Venue preferences and filters
  • Favorites/wishlist

Communication:

  • Messages sent to vendors or support team
  • Support ticket submissions
  • Review and rating content
  • Survey responses

Location Data:

  • GPS location (when permission granted)
  • City/region for venue search
  • IP address

2.2 Information Collected Automatically

Device Information:

  • Device type, operating system, and browser type
  • Device ID and unique identifiers
  • Mobile advertising ID
  • Crash logs and diagnostic data

Usage Information:

  • Pages visited and features accessed
  • Time spent on the Platform
  • Search queries and filters applied
  • Clicks and interactions
  • Referral source

Cookies and Tracking Technologies:

  • Session cookies (temporary)
  • Persistent cookies (remember preferences)
  • Web beacons and pixels
  • Local storage data

2.3 Information from Third Parties

  • Payment Processors: Transaction data from Payment Gateways
  • Social Login Providers: Email, name, profile picture from Google or Apple (with your consent)
  • Venue Owners (Vendors): Information you provide during booking (contact details, booking notes)
  • Customer Support: Information from conversations with our support team
  • Public Sources: Publicly available information for fraud prevention

3. How We Use Your Information

3.1 Service Delivery

  • Creating and managing your account
  • Processing bookings and payments
  • Sending booking confirmations, receipts, and updates
  • Handling refund requests and disputes
  • Resolving technical issues
  • Validating your identity and preventing fraud

3.2 Improving the Service

  • Analyzing usage patterns to improve features
  • Conducting surveys and collecting feedback
  • Testing new features and functionality
  • Personalizing your experience based on preferences
  • A/B testing and optimization

3.3 Marketing & Communications

  • Sending promotional emails, offers, and announcements (with your consent)
  • Push notifications about bookings and promotions
  • Newsletters with curated venue recommendations
  • Special offers for frequent users
  • SMS notifications (if opted in)
  • You can opt-out anytime by adjusting notification settings or unsubscribing

3.4 Safety & Security

  • Detecting and preventing fraud and abuse
  • Protecting against unauthorized access
  • Investigating suspicious activity
  • Enforcing our Terms of Service
  • Monitoring for security threats
  • Complying with court orders and legal requests
  • Meeting regulatory requirements
  • Maintaining audit trails for disputes
  • Tax and accounting purposes
  • Legal claims and defense

3.6 Analytics & Insights

  • Generating anonymized reports on platform usage
  • Understanding user behavior and preferences
  • Improving service quality and performance
  • Market research and trend analysis

4. How We Share Your Information

4.1 With Vendors (Venue Owners)

When you book a venue, we share:

  • Your name and phone number
  • Booking date, time, and duration
  • Special requests or notes
  • Cancellation and refund status
  • Rating and review (if posted)

Vendors do NOT see: Your email, payment details, or device information.

4.2 With Payment Processors

  • Transaction amount and date
  • Last 4 digits of payment method (for receipt)
  • Booking reference ID
  • Refund requests and status
  • Payout information (for commission calculation)

Payment processors: JazzCash, EasyPaisa, SafePay, and banks

4.3 With Our Service Providers

  • Firebase (Google): For push notifications, cloud messaging, and analytics
  • Email Service Providers: For transactional emails and newsletters
  • Cloud Storage Providers: For booking confirmations and documents
  • SMS Providers: For OTP and notification delivery
  • Analytics Tools: For understanding usage patterns

Use: Fraud prevention, customer support, policy enforcement, compliance

  • When required by court order, subpoena, or legal process
  • To prevent illegal activities
  • To protect safety and security
  • To comply with government regulations
  • Sharing data with third-party services (if you authorize)
  • Social media integration and sharing features
  • Marketing partners (only if you opt in)

4.6 With Your Contacts

  • If you invite friends via referral program
  • Your name appears in their referral history
  • You control what information is shared

4.7 Business Transfers

  • If KhelPoint is acquired or merged, your data may transfer
  • We will notify you of any such transaction
  • You have the right to opt-out

5. Your Privacy Rights

5.1 Access & Portability

You have the right to:

  • Request a copy of all personal data we hold about you
  • Export your data in a machine-readable format (within 30 days)
  • No fee for reasonable requests (excessive requests may incur a small fee)

To request: Contact privacy@khelpoint.com with "Data Access Request" in the subject line

5.2 Correction & Update

  • Update your profile information anytime in account settings
  • Request correction of inaccurate data
  • We will update records within 15 business days

5.3 Deletion & Right to Be Forgotten

You can request deletion of:

  • Your entire account and personal data
  • Specific data categories (reviews, favorites, etc.)
  • Anonymized booking history (kept for 7 years for audit purposes)

Deletion Timeline:

  • Personal data deleted within 30 days of request
  • Backup copies removed within 90 days
  • Some data retained for legal compliance (transaction records, tax purposes)

To request: Account Settings → Privacy & Security → Delete Account, or contact privacy@khelpoint.com

5.4 Opt-Out of Marketing

  • Unsubscribe from promotional emails via link in every email
  • Disable push notifications in app settings
  • Opt-out of SMS marketing in preferences
  • Request removal from marketing lists anytime
  • Disable non-essential cookies via Cookie Manager
  • Some cookies required for service to function
  • Third-party cookies can be disabled in browser settings

5.6 Restriction of Processing

  • Request limitation of data use for specific purposes
  • We will honor restrictions except where legally required

5.7 Object to Processing

  • Withdraw consent for marketing communications
  • Object to automated decision-making (if applicable)
  • Provide reasons and we will respond within 30 days

6. Data Retention

| Data Type | Retention Period | Reason | | --------------------- | ------------------------ | ------------------------------------ | | Account & Profile | Until deletion requested | Active account management | | Bookings & Payments | 7 years | Tax compliance, dispute resolution | | Refund Records | 7 years | Legal compliance, audit trail | | Reviews & Ratings | 5 years or until deleted | Community history, dispute reference | | Device Information | 2 years | Security, fraud prevention | | Marketing Preferences | Until opt-out | Respecting user preferences | | Support Tickets | 3 years | Legal protection, quality review | | Cookies | Session or 2 years | Functionality, analytics | | Transaction Logs | 10 years | Government compliance, chargebacks |

After Deletion: Data is anonymized and cannot be connected to you. Aggregate/statistical data may be retained indefinitely.


7. Security Measures

7.1 Technical Security

  • Encryption: All sensitive data encrypted in transit (SSL/TLS)
  • Firewalls: Enterprise-grade firewalls and DDoS protection
  • Intrusion Detection: 24/7 monitoring for unauthorized access attempts
  • Regular Audits: Security audits and penetration testing

7.2 Administrative Security

  • Access Control: Only authorized personnel access customer data
  • Need-to-Know: Data access limited to business requirements
  • Agreements: All service providers bound by data protection agreements

7.3 User Responsibilities

  • Password: Use strong, unique passwords (minimum 8 characters)
  • Device Security: Lock your device with PIN/biometric
  • Public WiFi: Avoid accessing sensitive information on public networks
  • Sharing: Never share account credentials or OTP with others
  • Logout: Always logout after using shared devices

7.4 Limitations

  • No system is 100% secure; we cannot guarantee absolute security
  • You assume some risk in using the internet
  • Report suspected breaches immediately to security@khelpoint.com

8. International Data Transfers

  • Data Location: Your data stored on servers worldwide
  • Safe Harbor: Transfers comply with GDPR adequacy decisions where applicable
  • Your Consent: By using the Service, you consent to international data transfers
  • Protection: Data transferred under appropriate safeguards and contracts

9. Children's Privacy

  • KhelPoint is not intended for users under 18 years old
  • We do not knowingly collect data from minors
  • If we discover a child's data, we delete it immediately
  • Parents/guardians concerned about a child's account should contact us

The Platform may contain links to third-party websites and services (venue websites, payment gateways, etc.). We are not responsible for their privacy practices. Review their privacy policies before using their services.


11.1 Types of Cookies

Essential Cookies (always on):

  • Authentication and session management
  • Security and fraud prevention
  • Site functionality

Preference Cookies (optional):

  • Remember login and language preferences
  • Save booking filters and searches
  • Dark/light mode selection

Analytics Cookies (optional):

  • Track page views and interactions
  • Measure campaign effectiveness
  • Understand user behavior

Marketing Cookies (optional):

  • Show personalized ads
  • Retargeting for campaigns
  • Social media integration

11.2 Managing Cookies

  • Browser Settings: Disable cookies in browser preferences (may affect functionality)
  • App Settings: Disable tracking in KhelPoint app privacy settings
  • Cookie Manager: Use our Cookie Manager tool to select preferences
  • Third-Party Tools: Opt-out of specific services (e.g., Google Analytics)

12. Changes to This Privacy Policy

  • We may update this Privacy Policy to reflect changes in our practices or legal requirements
  • Material changes will be notified via email or prominent notice on the Platform
  • Your continued use after changes constitutes acceptance
  • No reduction in rights: We will not reduce your privacy rights without explicit consent
  • Archived versions available upon request

13. Contact Us

For Privacy Questions, Data Requests, or Concerns:

📧 Email: privacy@khelpoint.com


14. Dispute Resolution

If you have a dispute regarding our privacy practices:

  1. First: Contact us at privacy@khelpoint.com with details
  2. Second: We will respond within 30 days with a resolution
  3. Escalation: If unresolved, submit to arbitration or your local data protection authority
  4. Legal Action: You retain the right to pursue legal remedies

Appendix A: Data We Share with Payment Processors

| Processor | Data Shared | Purpose | | ------------- | ------------------------------ | ----------------- | | JazzCash | Phone, Amount, Reference ID | Process payment | | EasyPaisa | Phone, Amount, Reference ID | Process payment | | SafePay | Card (partial), Amount, Ref ID | Process payment | | Bank Partners | Account, Amount, IBAN | Refunds & payouts |


Appendix B: Firebase Data Categories

Firebase collects:

  • App version and OS
  • Device model and manufacturer
  • App installation date
  • User properties (custom events)
  • Crash and performance data
  • First-party Google Analytics events

View Firebase Privacy Policy


Your privacy matters to us. If you have any questions, don't hesitate to contact us.