Privary Policy

 Privacy Policy 

A Privacy Policy is a legal statement that explains how your website collects, uses, stores, and protects customer data.
In India, this is primarily governed by:

  • Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 under the IT Act, 2000.

  • Consumer Protection (E-Commerce) Rules, 2020.

  • Any upcoming data protection laws (like the Digital Personal Data Protection Act, 2023).

Key Sections to Include in an Indian E-Commerce Privacy Policy

1. Introduction

  • State your brand name and purpose of the Privacy Policy.

  • Mention that you respect user privacy and comply with Indian laws.
    Example:
    “At AARA, we value your privacy and are committed to protecting your personal information in accordance with Indian data protection laws.”

2. Information We Collect

Clearly define the types of data you collect:

  • Personal Information: Name, Email, Phone Number, Address, Date of Birth.

  • Payment Information: Card details, UPI, Net Banking (ensure PCI DSS compliance).

  • Account Information: Username, password.

  • Device/Technical Data: IP address, browser type, cookies.

  • Purchase History: Orders, returns, preferences.

3. How We Collect the Information

  • Through account creation.

  • During checkout.

  • Newsletter subscriptions.

  • Cookies and tracking tools.

  • Customer support interactions.

4. Purpose of Collecting Data

Explain why you collect it:

  • To process orders & payments.

  • To deliver products & services.

  • To improve website experience.

  • To send promotional offers & updates (with user consent).

  • For legal compliance.

5. Data Storage & Security

  • State how you protect the data.

  • Use of encryption, secure servers, and restricted access.

  • Mention compliance with Reasonable Security Practices under Indian IT Rules.

6. Sharing of Information

  • With delivery partners.

  • With payment gateways.

  • With marketing service providers (only if consented).

  • Government or legal authorities (if required by law).

7. Cookies Policy

  • Explain cookies and tracking.

  • Let users know they can disable cookies in their browser.

8. User Rights

Under Indian law, users have the right to:

  • Access their data.

  • Request corrections.

  • Withdraw consent for marketing.

  • Delete their account.

9. Third-Party Links

  • If your site links to other sites, state that you are not responsible for their privacy practices.

10. Children’s Privacy

  • State your policy for minors (usually, services are for 18+ only).

11. Changes to the Policy

  • Mention that you can update the Privacy Policy and will notify users.

12. Contact Information

  • Provide an email or phone number for privacy concerns.

  • Mandatory in India: Name and contact details of the Grievance Officer under the IT Act.