Privacy Policy

This page explains how [Company Legal Entity] (“we”, “us”, “our”) collects, uses, and protects your information across our website, stores, and services.

1) Who we are & scope

[Company Legal Entity], trading as [Company Name], is the data controller for information collected via [your-domain.com], our retail locations, and customer support channels.

Postal address: [Full business address] • Email: [email@example.com] • Phone: [+91-XXXXXXXXXX]

If you are in the EU/UK and we have appointed a representative or Data Protection Officer, their details go here: [EU/UK Representative or DPO, if applicable].

2) What we collect

We collect the minimum needed to fulfill orders and improve your experience:

Identity & Contact — name, billing & shipping addresses, email, phone.
Order & Delivery — items purchased, order notes, delivery preferences, warranty data.
Payment — last 4 digits, card brand, UPI ref, txn IDs (processed securely by payment gateways; we do not store full card/UPI credentials).
Device & Usage — IP, browser, device, pages viewed, interactions, approximate location (for fraud prevention & analytics).
Cookies/IDs — first-party cookies, pixels, advertising IDs (see Cookies section).
UGC — product reviews, questions, photos you submit.
Support records — messages, call notes, repair/installation requests.

We also receive information from logistics partners, payment providers, and analytics/marketing platforms where permitted by law.

3) How we use your information

Order processing — confirming orders, payments, shipping, returns, refunds.
Customer support — chat, email, and phone assistance.
Personalization — remembering preferences, recently viewed items, saved carts.
Safety & fraud — authentication, abuse & fraud detection.
Improvement — site analytics, A/B testing, bug fixing, quality control.
Marketing — newsletters, offers, and retargeting where permitted; you can opt out anytime.
Legal — compliance with tax, accounting, and regulatory duties.

4) Sharing & processors

We share data with trusted service providers under contracts that limit their use to our instructions:

Category	Purpose	Notes
Payment gateways	Process payments & refunds	We don’t store full card/UPI details
Logistics / Couriers	Pickup, shipping, delivery updates	Address & contact shared
Customer support tools	Tickets, chat, email	Conversations retained for QA
Analytics & A/B testing	Improve site & experience	Aggregated or pseudonymized where possible
Marketing platforms	Newsletters, ads (where permitted)	Consent/opt-out respected
IT & hosting	Secure hosting & backups	Access restricted and logged

We may disclose information if required by law or in connection with a merger, acquisition, or asset sale (you’ll be notified where legally required).

5) Cookies & similar tech

We use first-party cookies and sometimes third-party tags to keep your cart, remember choices, and understand site usage.

Type	What it does	Retention
Strictly necessary	Login, cart, checkout, security	Session to 12 months
Performance	Analytics, load times	6–24 months
Functional	Preferences like currency	6–24 months
Advertising	Offers & retargeting (where permitted)	3–18 months

Manage preferences / opt-out Open Cookie Settings

Tip: Connect the “Open Cookie Settings” button to your Consent Management Platform (CMP).

6) Legal bases (GDPR/UK GDPR)

Contract necessity — to process your orders and provide services.
Legitimate interests — to improve services, prevent fraud, and personalize (balanced with your rights).
Consent — for non-essential cookies/marketing; you may withdraw anytime.
Legal obligation — tax, accounting, compliance.

7) Your rights (global)

Depending on your region, you may have rights to access, correct, delete, port, restrict, or object to certain processing.

Access & portability — request a copy of your data.
Correction — fix inaccurate or incomplete data.
Deletion — ask us to erase data where applicable.
Objection / restriction — object to or limit processing (e.g., marketing).
Consent withdrawal — for cookies/marketing at any time.

California (CCPA/CPRA): You may request access, correction, deletion, and to opt out of “sale” or “sharing” of personal information. Use Do Not Sell or Share My Personal Information.

India (DPDP): You may access, correct, and delete information, and file grievances with our Grievance Officer (see Contact).

Submit a rights request Manage cookies

We will verify requests and respond within applicable timelines. Some rights may not apply if we must retain data for legal reasons.

8) Security & retention

We apply administrative, technical, and physical safeguards, including encryption in transit, access controls, and regular reviews. While no method is perfect, we work to keep risk low.

Retention: We keep data only as long as needed for the purposes above, including legal/accounting obligations. Typical ranges: orders (7–10 years), support tickets (2–3 years), analytics (6–24 months).

9) Children’s privacy

Our site is not directed to children. We do not knowingly collect personal data from individuals under the age required by local law. If you believe a child provided data, contact us for deletion.

10) International transfers

Where data moves across borders, we rely on appropriate safeguards (e.g., SCCs or equivalent) and require our partners to protect it to comparable standards.

11) Changes to this policy

We may update this policy to reflect changes in law or our practices. Material updates will be highlighted on this page. The “Effective” date at the top shows the latest version.

12) Contact & grievance

Controller: [Company Legal Entity], [Registered Address]

Email: email@example.com • Phone: +91 XXXXX XXXXX

Grievance Officer (India): [Name], grievance@example.com, [Address]

DPO / EU-UK Rep (if applicable): [Name], dpo@example.com

When contacting us, please include enough details for verification (order number, email, phone used on the account, etc.).