Privacy Policy

Effective Date: June 1, 2025

R J Sarees ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you visit our website (www.rjsarees.com - insert your actual website URL) or make purchases from our physical store in Bengaluru, Karnataka, India.

By using our services, you consent to the collection and use of your personal data as described in this Privacy Policy. We process your personal data in accordance with the Digital Personal Data Protection Act, 2023 (DPDP Act) and other applicable Indian laws.

1. What Personal Data We Collect

We may collect the following categories of personal data from you:

• Identity Data: Name, gender, date of birth.

• Contact Data: Billing address, shipping address, email address, phone number.

• Financial Data: Payment card details (processed securely by third-party payment gateways – we do not store full card numbers), UPI details, bank account details for refunds.

• Transaction Data: Details about products you have purchased from us, order history, payment records.

• Technical Data: Internet Protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website.

• Usage Data: Information about how you use our website, products, and services (e.g., Browse history, pages viewed, time spent on pages, clickstream data).

• Marketing and Communications Data: Your preferences in receiving marketing from us and our third parties, and your communication preferences.

• Correspondence Data: Information you provide when you communicate with us, such as customer service inquiries, feedback, or reviews.

2. How We Collect Your Personal Data

We collect personal data through various methods:

• Direct Interactions: You may provide us with your Identity, Contact, and Financial Data by filling in forms or by communicating with us via email, phone, or in person (e.g., when you register an account, place an order, subscribe to our newsletter, or contact customer service).

• Automated Technologies or Interactions: As you interact with our website, we may automatically collect Technical and Usage Data about your equipment, Browse actions, and patterns. We collect this personal data by using cookies, server logs, and other similar technologies. Please see our separate "Cookie Policy" (if you have one) for more details.

• Third Parties: We may receive personal data about you from various third parties, such as:

  • Payment gateways (e.g., Razorpay, PayU) providing Financial Data.

  • Analytics providers (e.g., Google Analytics) providing Technical and Usage Data.

  • Advertising networks providing Technical and Usage Data.

  • Social media platforms if you interact with us through them.

3. Purpose of Processing Your Personal Data

We collect and process your personal data for the following lawful purposes:

• To Process and Fulfill Your Orders: To process your purchases, arrange for shipping and delivery, and manage payments, refunds, and returns.

• To Manage Your Account: To create and manage your online account, provide you with access to your order history, and personalize your shopping experience.

• To Communicate with You: To send you order confirmations, shipping updates, customer service responses, and respond to your inquiries.

• For Marketing and Promotional Purposes: To send you information about our products, promotions, and offers that may be of interest to you (with your explicit consent where required).

• To Improve Our Services: To analyze website usage, understand customer preferences, troubleshoot problems, and improve our website, products, and services.

• For Security and Fraud Prevention: To protect our website and operations from fraud, unauthorized access, and other illegal activities.

• To Comply with Legal Obligations: To meet our legal and regulatory obligations, such as tax requirements, consumer protection laws, and responding to lawful requests from public authorities.

• For Internal Business Operations: For data analysis, auditing, developing new products and services, and identifying usage trends.

4. How We Share Your Personal Data

We may share your personal data with the following categories of recipients for the purposes outlined above:

• Service Providers: Third-party companies that perform services on our behalf, such as payment processing, shipping and delivery, website hosting, data analytics, marketing, and customer support. These service providers are obligated to protect your data and only use it for the purposes for which we disclose it to them.

• Payment Gateways: To process your payments securely. We do not store your full credit/debit card details.

• Courier and Logistics Partners: To deliver your orders to your specified address.

• Legal and Regulatory Authorities: When required by law, court order, or governmental regulation, or if we believe such action is necessary to protect our rights, property, or safety, or the rights, property, or safety of others.

• Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your personal data may be transferred as part of the transaction. We will notify you via email or a prominent notice on our website of any such change in ownership or control of your personal data.

• With Your Consent: We may share your personal data with other third parties when we have your explicit consent to do so.

5. Data Security

We have implemented reasonable technical and organizational security measures to protect your personal data from accidental loss, unauthorized access, use, alteration, or disclosure. These measures include:

• Encryption of data in transit (e.g., using SSL/TLS).

• Secure storage of data on protected servers.

• Access controls to limit who can access your personal data.

• Regular security audits and updates.

• Employee training on data protection best practices.

However, no method of transmission over the internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.

6. Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, and the applicable legal requirements.

7. Your Rights as a Data Principal (under DPDP Act, 2023)

As a data principal, you have certain rights concerning your personal data:

• Right to Access Information: You have the right to request access to your personal data that we hold about you and information about how we process it.

• Right to Correction and Completion: You have the right to request the correction or completion of inaccurate or incomplete personal data.

• Right to Erasure (Right to be Forgotten): You have the right to request the erasure of your personal data in certain circumstances, such as when the data is no longer necessary for the purpose for which it was collected or when you withdraw your consent.

• Right to Grievance Redressal: You have the right to address any grievances related to your personal data directly with us.

• Right to Nominate: You have the right to nominate another individual to exercise your rights in the event of your death or incapacity.

• Right to Withdraw Consent: Where we are relying on consent to process your personal data, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.

To exercise any of these rights, please contact our Grievance Officer using the details provided below. We will respond to your request in accordance with applicable law.

8. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal data from children without parental consent. If we become aware that we have collected personal data from a child without verifiable parental consent, we will take steps to remove that information from our servers. If you believe that we might have any information from or about a child, please contact us.

9. Third-Party Links

Our website may contain links to third-party websites. Please note that we are not responsible for the privacy practices or the content of these third-party websites. We encourage you to read the privacy policies of any website you visit.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the updated Privacy Policy on our website with a new effective date. We encourage you to review this Privacy Policy periodically.