Gletra commitments, legal bases, and user rights under the General Data Protection Regulation for EEA and UK users.
Gletra Technologies Pvt. Ltd. respects the privacy rights of individuals in the European Economic Area (EEA), United Kingdom, and other jurisdictions where the General Data Protection Regulation (GDPR) and UK GDPR apply. This page outlines our GDPR-specific commitments, legal bases for processing, data subject rights, and contact information for our Data Protection Officer.
While Gletra primarily operates in India, our multi-vendor marketplace, chat, voice and video calling, home services booking, and wallet platform may process personal data of EEA/UK residents who create accounts, purchase products, book services, or interact with Gletra sellers and service providers.
Gletra processes personal data lawfully, fairly, and transparently. We implement appropriate technical and organizational measures to protect data and honor the rights of data subjects as defined in GDPR Articles 12–23.
This GDPR Compliance page supplements our Privacy Policy and Data Protection Policy. In case of conflict regarding EEA/UK users, GDPR-specific provisions in this document prevail.
Data Controller: Gletra Technologies Pvt. Ltd., 42 Brigade Tech Park, Whitefield, Bengaluru, Karnataka 560066, India.
EU Representative: Where required, Gletra appoints an EU representative accessible at dpo@gletra.com for EEA data subject inquiries.
Data Protection Officer: dpo@gletra.com
| Processing Activity | Legal Basis | GDPR Article |
|---|---|---|
| Account creation and order fulfillment | Contract performance | Art. 6(1)(b) |
| KYC and AML compliance | Legal obligation | Art. 6(1)(c) |
| Fraud prevention and platform security | Legitimate interests | Art. 6(1)(f) |
| Marketing communications | Consent | Art. 6(1)(a) |
| Chat and call metadata storage | Legitimate interests / Contract | Art. 6(1)(f)/(b) |
| Analytics and product improvement | Legitimate interests (with opt-out) | Art. 6(1)(f) |
Request a copy of personal data Gletra holds about you.
Correct inaccurate personal data via Account Settings or dpo@gletra.com.
Request deletion where no legal retention obligation exists.
Limit processing during dispute resolution or objection review.
Receive your data in structured, machine-readable format.
Object to processing based on legitimate interests or for direct marketing.
Withdraw marketing consent anytime via Account Settings without affecting prior lawful processing.
Submit requests to dpo@gletra.com with subject "GDPR Data Subject Request." Include account email and request type. Gletra responds within 30 days (extendable by 60 days for complex requests with notice). Identity verification required before disclosure.
Personal data of EEA/UK users may be transferred to India and other countries where Gletra or its processors operate. Transfers are protected by:
Gletra engages vetted processors for payment processing, cloud hosting, KYC verification, email delivery, and analytics. All processors are bound by Data Processing Agreements requiring GDPR-equivalent protections. Sub-processor list available on request from dpo@gletra.com.
| Data Category | Retention Period | Basis |
|---|---|---|
| Account profile | Account lifetime + 2 years | Contract / legal claims |
| Transaction records | 7 years | Tax and AML legal obligation |
| Chat messages | 3 years from last activity | Dispute resolution legitimate interest |
| Marketing consent records | Duration of consent + 3 years | Legal obligation to demonstrate consent |
| KYC documents | 7 years after account closure | AML legal obligation |
Gletra uses automated systems for fraud scoring, product recommendations, and search ranking. These do not produce legal or similarly significant effects without human review. You may request human review of automated fraud holds by contacting dpo@gletra.com.
You have the right to lodge a complaint with your local data protection supervisory authority. Gletra encourages contacting our DPO first at dpo@gletra.com to resolve concerns. List of EU supervisory authorities: edpb.europa.eu.
This document forms part of the Gletra Terms of Service. Gletra Technologies Pvt. Ltd. reserves the right to update this policy at any time with reasonable notice. Material changes will be communicated via email, in-app notification, or a prominent notice on our platform. Continued use of Gletra after changes constitutes acceptance of the revised policy. For questions, contact legal@gletra.com.