Mathurs24
All Services
AI ServicesHOT
Chatbots, automation & AI agents
Branding & Identity
Logo, guidelines & visual identity
CMS Solutions
WordPress, Strapi & headless CMS
CRM SoftwareHOT
Custom CRM & HubSpot / Zoho
Ecommerce Development
Shopify, WooCommerce & custom stores
Mobile App DevelopmentHOT
iOS & Android apps that perform
SEO & Digital Marketing
Rankings, Google Ads & social media
SSL Certificates
DV, OV & EV certs — sold & installed
Web Design & Development
Custom websites with Next.js & React
Web Hosting ServicesHOT
99.9% uptime, SSL & India servers
Website Maintenance
Updates, security & performance
Zoho Implementation
CRM, Books, Desk, Campaigns & more
Not sure what you need? We'll help you figure it out — for free.
View all servicesFree Consultation
Get a detailed proposal within 24 hours — no strings attached.
AI ServicesHOT
Chatbots, automation & AI agents
Branding & Identity
Logo, guidelines & visual identity
CMS Solutions
WordPress, Strapi & headless CMS
CRM SoftwareHOT
Custom CRM & HubSpot / Zoho
Ecommerce Development
Shopify, WooCommerce & custom stores
Mobile App DevelopmentHOT
iOS & Android apps that perform
SEO & Digital Marketing
Rankings, Google Ads & social media
SSL Certificates
DV, OV & EV certs — sold & installed
Web Design & Development
Custom websites with Next.js & React
Web Hosting ServicesHOT
99.9% uptime, SSL & India servers
Website Maintenance
Updates, security & performance
Zoho Implementation
CRM, Books, Desk, Campaigns & more
Mathurs24
Effective Date: 1 June 2025 | Last Updated: 25 June 2026
Mathurs24 is a digital services company operating from New Delhi, Delhi, India, providing web design, development, SEO, hosting, and related digital services primarily to businesses in India. We also operate PostStage (trypoststage.com), a social media content scheduling and publishing tool.
Website: https://mathurs24.com
Contact: info@mathurs24.com
This Policy applies to all visitors, users, and clients who access our website or engage our services — including PostStage users regardless of location. Our core agency services are primarily intended for businesses located within India. PostStage may be used globally; international users' rights are addressed in Section 12.
We do not intentionally collect Sensitive Personal Data or Information as defined under the IT (SPDI) Rules, 2011, including passwords, financial information, biometric data, health information, or sexual orientation. If any such data is inadvertently submitted, it will be deleted immediately upon discovery.
PostStage integrates with third-party social media platforms — including Facebook, Instagram (Meta), Google, LinkedIn, and X (Twitter) — via their official APIs. This section explains exactly how we handle that data.
When you connect a social media account, we receive an OAuth access token and the minimum profile or page data required to publish content on your behalf — typically a page name, page ID, and profile identifier. We do not access personal messages, friend lists, follower data, or any information unrelated to the scheduling and publishing function.
Solely to enable you to schedule and publish content to your connected social media accounts. We do not use this data for advertising, audience profiling, resale, or any purpose beyond operating the scheduled publishing service.
Access tokens received from social media platforms are stored securely using AES-256 encryption at rest and TLS in transit. Tokens are retained for the duration of your PostStage account, or until you disconnect the account — whichever occurs first. We do not store your social media account passwords under any circumstances.
When you disconnect a social media account within PostStage, or revoke access directly through that platform's own settings (e.g., Facebook Settings > Apps and Websites), the associated OAuth token is immediately and permanently deleted from our systems.
We do not sell, rent, share, or transfer your social media data, OAuth tokens, connected account information, or any data obtained through platform APIs to any third party for advertising, analytics, or commercial purposes.
Our collection and use of data through social media platform APIs complies with the developer policies of each respective platform, including the Meta Platform Terms, Google API Services User Data Policy, LinkedIn API Terms of Use, and the X Developer Agreement & Policy.
PostStage's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically, PostStage uses Google API data solely to provide and improve the scheduling and publishing features of the PostStage service. We do not use Google user data for serving advertisements, for data broking, to determine creditworthiness, or for any other purpose unrelated to providing PostStage functionality to you.
PostStage requests only the minimum permissions necessary to schedule and publish content on your behalf. The specific permissions requested from each platform are:
pages_manage_posts, pages_read_engagement, instagram_basic, instagram_content_publishinstagram_content_publish, instagram_basicw_member_social, r_basicprofile, r_emailaddresshttps://www.googleapis.com/auth/youtube.readonly — used once at account connection to read your YouTube channel name, handle, and profile picture so PostStage can display which channel you have connected. No other channel data is accessed.https://www.googleapis.com/auth/youtube.upload — used at publish time to upload videos to your YouTube channel on your behalf, at the exact date and time you scheduled. PostStage never modifies, deletes, or accesses videos you did not create through PostStage.https://www.googleapis.com/auth/business.manage — used to publish and manage posts on your Google Business Profile location (where applicable).We do not request permissions beyond what is required for these functions. You can review and revoke these permissions at any time through your connected platform's app settings — see our Data Deletion page for per-platform revocation instructions.
We use collected data for the following purposes only:
We do not sell, rent, or trade your personal data to third parties for commercial purposes.
Under the DPDP Act 2023 (and GDPR for EEA/UK users), we process your personal data on the following lawful grounds:
We may share your information only in the following limited circumstances:
We do not transfer personal data to any entity outside India except where necessary for service delivery (e.g., cloud hosting, API calls to social media platforms) and only with appropriate safeguards in place.
Our website uses cookies and similar tracking technologies to enhance your experience, analyse traffic, and improve performance. Types of cookies used:
You may disable cookies in your browser settings. Disabling essential cookies may affect website functionality. By continuing to use our website, you consent to our use of cookies as described above.
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by Indian law:
After the retention period, data is securely deleted or anonymised.
We implement reasonable security practices as required under the IT (Reasonable Security Practices and Procedures) Rules, 2011, including:
However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify affected users without undue delay and, where feasible, within 72 hours of becoming aware of the breach. Notification will be sent to the email address associated with your account and will include:
Where Indian law (DPDP Act 2023) or GDPR requires notification to a supervisory authority, we will comply accordingly. If the breach involves Google API data or social media platform data, we will additionally notify the relevant platform in accordance with their developer breach reporting requirements.
As a data principal under the DPDP Act 2023 and applicable Indian law, you have the right to:
To exercise any right, write to: info@mathurs24.com. We will respond within 30 days.
If you are located in the European Economic Area (EEA), United Kingdom, California (under CCPA), or any other jurisdiction with enhanced data protection law, you have the following additional rights in respect of your personal data:
To exercise any of these rights, contact us at info@mathurs24.com. We will respond within 30 days. If you believe your rights have been violated, you may lodge a complaint with the supervisory authority in your jurisdiction (e.g., the ICO in the UK, or your national DPA in the EEA).
Where we process data of EEA/UK individuals, our legal bases under GDPR are: consent (for PostStage account creation and social media connections), contract performance (for service delivery), and legitimate interest (for analytics and security). We do not rely on legitimate interest where your fundamental rights override that interest.
You may request the deletion of all personal data we hold about you at any time. We will complete verified deletion requests within 30 days.
To delete your PostStage account and all associated data email info@mathurs24.com with "PostStage Data Deletion Request" in the subject line. All scheduled post drafts, connected account OAuth tokens, and profile data will be permanently deleted within 30 days.
You may also visit our dedicated data deletion page: mathurs24.com/data-deletion
If you disconnect PostStage from your social media account through that platform's own settings (e.g., Facebook Settings > Apps and Websites > Remove), your OAuth access token is immediately revoked and deleted from our systems — no further action is required from us.
Some data may be retained beyond a deletion request where required by Indian law (e.g., GST invoice records, financial transactions) or where data is needed to resolve a pending dispute or legal claim. We will inform you of any such exception.
As required under Rule 5(9) of the IT (SPDI) Rules, 2011 and the DPDP Act 2023, we have designated a Grievance Officer:
Designation: Grievance Officer — Mathurs24
Address: New Delhi, Delhi, India
Email: info@mathurs24.com
Response Time: Within 30 days of receipt of complaint
Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of those websites. We encourage you to review the privacy policies of any third-party sites you visit.
PostStage and all Mathurs24 services are not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If we become aware that a minor has provided personal data without verifiable parental consent, we will delete it promptly. If you believe a minor has created an account, please contact us at info@mathurs24.com.
This Privacy Policy is governed by the laws of the Republic of India, including the Information Technology Act, 2000, the IT (Amendment) Act, 2008, the Digital Personal Data Protection Act, 2023, and applicable rules thereunder.
Any dispute arising out of or in connection with this Privacy Policy shall be subject to the exclusive jurisdiction of the courts in New Delhi, India.
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The updated policy will be published on this page with a revised "Last Updated" date. Continued use of our website or PostStage after such changes constitutes your acceptance of the revised policy.
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Mathurs24
New Delhi, Delhi, India
info@mathurs24.com