logo

Cookies & Data Policy

Cookie & Similar Technologies Policy
Effective date: August 17, 2025​
Owner: MarkupX Brands Technologies Private Limited​
Contact: team@looktara.com | founder@markupxbrands.com | +91 9599272272​
Address: U-55, GF, Solanki Road, Uttam Nagar, New Delhi 110059, India

1) Scope
This policy explains how Looktara (“we”, “us”) uses cookies and similar technologies on:

●​ looktara.com and subdomains, the web app, and dashboards (“Site/App”)​

●​ APIs served to the Site/App​

●​ The Chrome Extension (uses local storage instead of traditional cookies)​

If anything here conflicts with local non-waivable law, the law prevails to that extent.

2) What are cookies & similar tech?
●​ Cookies: Small text files stored by your browser.​


●​ Local/Session Storage & IndexedDB: Browser storage controlled by the website/app.​


●​ SDKs/Pixels/Web Beacons: Code snippets that measure usage, performance, and errors.​


●​ Chrome Extension storage: Uses chrome.storage.local (on-device), not third-party cookies.​

3) Why we use them (purposes)
●​ Strictly Necessary: Authentication/session, security, fraud/abuse prevention, load balancing.​


●​ Functionality: Remember preferences (language, theme), product settings.​


●​ Performance/Analytics: Understand feature usage, diagnose issues, improve reliability.​


●​ (Optional) Marketing/Attribution: If enabled, measure conversions from our own ads.​

We do not use third-party advertising cookies for behavioral ads.​

4) Cookie categories we set
Category Examples (illustrative) Ty

pi

ca
l

du
ra
tio
n

Strictly Necessary __session, csrf_token,
lb_affinity

Se
ssi
on

30
da
ys

Functional locale, theme,
consent_choice

6–
12
m
on
th
s

Performance/Anal
ytics

app_metrics, event_seq,
privacy-centric analytics
cookies

1–
12
m
on
th
s

Marketing/Attributi
on (if enabled)

first_touch, utm_*,
conv_*

1–
3
m
on
th
s

Actual names can vary by build. We keep strictly necessary to the minimum required to run the
service.

5) The Chrome Extension
●​ Uses on-device storage (chrome.storage.local) for preferences and auth state.​


●​ Interacts only with declared hosts (e.g., LinkedIn/X) when you invoke it.​

●​ Does not collect general browsing history or set third-party cookies.​

6) Your choices
●​ Consent banner / Preferences Center: On first visit (and when we change vendors/categories where

required), you can grant/withdraw consent for non-essential categories.​

●​ Global Privacy Control (GPC): If your browser sends a GPC signal, we treat it as an opt-out of
non-essential cookies where required.​

●​ Do Not Track (DNT): Not standardized; we honor it as a preference where feasible by limiting non-essential
scripts.​

●​ Browser controls: You can block or delete cookies in your browser. Blocking strictly necessary cookies may
break core features.​

7) Third parties
We may use privacy-centric analytics, crash/error monitoring, CDN, and email/SMS/WhatsApp providers. Where
they drop cookies or use SDKs, they do so under our instructions and only for service operation/measurement—not
for their independent advertising.

8) Retention
●​ Cookie/Storage lifetimes match their purpose (see table).​


●​ Server-side logs tied to cookies are retained per our Privacy Policy retention windows.​

9) Updates
We may update this policy; we’ll change the “Effective date” and, where required, re-prompt for consent.

10) Contact
Questions about this policy or your choices? team@looktara.com

Acceptable Use & Content Policy (AUP)
Effective date: August 17, 2025

1) Purpose

To keep Looktara safe and lawful, these rules apply to all use of our Site/App, APIs, Chrome Extension, and
WhatsApp features.

2) You must not
●​ Illegal/harmful content: Child sexual abuse/exploitation (CSAM), bestiality, non-consensual intimate

imagery, doxxing, threats, incitement to violence or hatred, terrorism support, or explicit criminal instructions.​

●​ Likeness abuse & deepfakes: Impersonating real people without explicit written consent; generating
deceptive political or election content; forging IDs/documents.​

●​ IP/privacy violations: Infringing copyrights/trademarks; violating privacy/publicity rights; uploading
confidential materials without authorization.​

●​ Security abuse: Malware, scraping outside allowed APIs, credential stuffing, DDoS, circumventing
credits/paywalls, reverse engineering (except where legally allowed).​

●​ Minors: No models or outputs of minors (under 18), even with parental permission.​

3) Enforcement
We may block prompts, remove content, throttle features, suspend/terminate accounts, and report illegal content to
authorities. Repeated or egregious violations will result in permanent bans.

4) Reporting
Email team@looktara.com (subject: “AUP Report”) with URLs, screenshots, timestamps, and a description.

Likeness & Consent Policy
Effective date: August 17, 2025

1) Who can be modeled?
●​ Only yourself, or another adult (18+) who has provided you explicit written consent to upload their images

for model training and generation.​

●​ We may request proof of consent at any time and may suspend service until provided.​

2) Prohibited likeness uses
●​ Minors (any depiction).​


●​ Non-consensual explicit/nudity, sexual content, or pornographic outputs.​

●​ Political persuasion, scams/fraud, harassment, or reputational harm.​

●​ Deceptive use (e.g., fake endorsements, fake identity verification).​

3) Consequences
Violations may result in account termination, deletion of artifacts, and reporting to authorities where required.

Copyright & IP (DMCA-Style) Policy
Effective date: August 17, 2025

1) Notice of claimed infringement
If you believe content on Looktara infringes your rights, email team@looktara.com with subject “IP Takedown” and
include:

●​ Your full name, mailing address, phone, and email.​

●​ Identification of the copyrighted work or mark.​

●​ The specific URL(s) or account where the material appears.​

●​ A statement of good-faith belief that the use is not authorized by you, your agent, or the law.​

●​ A statement under penalty of perjury that the information is accurate and you are the owner or authorized to
act for the owner.​

●​ Your physical or electronic signature.​

We may remove or disable access and, when appropriate, notify the user.

2) Counter-notice
If you believe removal was a mistake:

●​ Send a counter-notice to team@looktara.com with identification of the removed material, your contact info, a
statement under penalty of perjury that the removal was in error, and consent to jurisdiction of courts in New
Delhi, India.​

●​ We may restore the content unless the complainant files an action within the statutory period.​

3) Repeat infringers
Accounts with repeated valid infringements may be terminated.

Security Policy (Customer-Facing)
Effective date: August 17, 2025

1) Overview
We apply layered technical/organizational controls appropriate to the sensitivity of likeness data and generated
content.

2) Key controls (summary)
●​ Access control: Role-based access, least privilege, MFA on production systems, secrets management.​


●​ Encryption: TLS in transit; encryption at rest for sensitive stores; scoped key management.​


●​ Isolation & backups: Segregated environments; routine, encrypted backups; tested restore procedures.​


●​ Monitoring & logging: Structured logs for auth, admin actions, and critical events; alerting for anomalies.​


●​ Secure SDLC: Code review, dependency scanning, vulnerability management, staged rollouts.​


●​ Incident response: Defined playbooks, 24/7 on-call rotation, post-incident reviews, customer notification

where required by law.​

●​ Third parties: Due diligence, contractual data-protection terms, and least-privilege access.​

●​ Content safety: Automated & manual signals for obvious abuse (see AUP/Likeness Policy).​

3) Responsible disclosure
If you believe you’ve found a vulnerability, email team@looktara.com (subject: “Security Report”). Do not publicly
disclose until we confirm a fix or 90 days have elapsed (whichever is earlier). Testing that degrades service or
accesses other users’ data is prohibited.

Data Retention & Deletion Policy
(Customer-Facing)

Effective date: August 17, 2025

Data Type Typical
Retention

Deletion Path

Account &
subscription
metadata

Life of account +
up to 3 years

Close account
+ request
deletion

Training photos &
reference images

Until you delete
or request purge

Delete in app
or email
support

User-scoped model
artifacts (e.g.,
LoRA)

Until you delete
or 12 months of
inactivity

“Purge model”
in app or email
support

Generated images
& galleries

Until you delete
or per gallery
limits

Delete in app

Security/diagnostic
logs

~30–180 days Automatic
lifecycle

Invoices/tax
records

Per law (often
7–10 years)

Legal retention
required

Deletions propagate to backups per standard backup rotation. We may retain minimal records for fraud
prevention and legal obligations.

Subprocessors & International Transfers
Notice

Effective date: August 17, 2025

●​ We use reputable providers for cloud compute/storage, CDN, email/SMS/WhatsApp delivery, analytics,
logging, and payments.​

●​ Providers act under our instructions and data-protection terms; they are not permitted to use your data for
their own advertising.​

●​ Data may be processed outside your country. We implement appropriate safeguards (e.g., contractual
clauses).​

●​ Request current list & regions: email team@looktara.com (subject: “Subprocessors List”).​

Grievance Redressal (India DPDP)
Effective date: August 17, 2025

●​ Grievance Officer (email): team@looktara.com​

●​ We acknowledge grievances promptly and aim to resolve within 30 days.​

●​ If unresolved, you may escalate to the relevant Data Protection Board/authority as per law.​