Privacy Policy
Privacy Policy
Last updated: June 25, 2025
3.1. Data We Collect
-
Personal Identifiers: Name, email, phone, address.
-
Transactional Data: Order history, cart contents, payment confirmations.
-
Technical Data: IP address, device/browser metadata, geolocation (with consent).
-
Behavioral Data: Browsing patterns, search queries, time spent per screen.
Personal Identifiers: Name, email, phone, address.
Transactional Data: Order history, cart contents, payment confirmations.
Technical Data: IP address, device/browser metadata, geolocation (with consent).
Behavioral Data: Browsing patterns, search queries, time spent per screen.
3.2. Purpose of Processing
-
Order Fulfillment: Process and deliver your Orders.
-
Personalization: Tailor recommendations, offers, and content.
-
Analytics & Improvement: Optimize our app, detect fraud, and improve UX.
-
Marketing: Send promotions, newsletters, and push notifications (opt-in basis).
Order Fulfillment: Process and deliver your Orders.
Personalization: Tailor recommendations, offers, and content.
Analytics & Improvement: Optimize our app, detect fraud, and improve UX.
Marketing: Send promotions, newsletters, and push notifications (opt-in basis).
3.3. Legal Basis for Processing
-
Consent: For marketing communications and optional features.
-
Contractual Necessity: To perform the service you’ve requested.
-
Legal Obligation: Compliance with tax, audit, and regulatory requirements.
-
Legitimate Interests: Fraud prevention, platform improvement (balanced against your rights).
Consent: For marketing communications and optional features.
Contractual Necessity: To perform the service you’ve requested.
Legal Obligation: Compliance with tax, audit, and regulatory requirements.
Legitimate Interests: Fraud prevention, platform improvement (balanced against your rights).
3.4. Data Sharing & Disclosure
-
Service Providers: Logistics partners, payment gateways, cloud hosts.
-
Affiliates & Acquirers: In event of merger, acquisition, or sale of assets.
-
Legal Requests: Courts, law enforcement, or government agencies, when required by law.
Service Providers: Logistics partners, payment gateways, cloud hosts.
Affiliates & Acquirers: In event of merger, acquisition, or sale of assets.
Legal Requests: Courts, law enforcement, or government agencies, when required by law.
3.5. Cookies & Tracking Technologies
-
Essential Cookies: For login, order tracking, and security.
-
Performance Cookies: For analytics (Google Analytics, Mixpanel).
-
Advertising Cookies: To deliver relevant ads on and off our platform.
Essential Cookies: For login, order tracking, and security.
Performance Cookies: For analytics (Google Analytics, Mixpanel).
Advertising Cookies: To deliver relevant ads on and off our platform.
3.6. Data Retention & Security
-
Retention Period: Personal data retained for the longer of (a) 7 years from last activity, or (b) as required by law.
-
Security Measures: SSL/TLS encryption, PCI-DSS compliance, regular vulnerability assessments.
Retention Period: Personal data retained for the longer of (a) 7 years from last activity, or (b) as required by law.
Security Measures: SSL/TLS encryption, PCI-DSS compliance, regular vulnerability assessments.
3.7. Your Rights & Controls
-
Access & Portability: Request a copy of your data.
-
Rectification & Erasure: Correct or delete inaccurate/outdated information.
-
Objection & Restriction: Opt-out of marketing; restrict automated profiling.
-
Withdraw Consent: For any processing that relies solely on consent.
Access & Portability: Request a copy of your data.
Rectification & Erasure: Correct or delete inaccurate/outdated information.
Objection & Restriction: Opt-out of marketing; restrict automated profiling.
Withdraw Consent: For any processing that relies solely on consent.
To exercise any of these rights, contact:
-
Email: privacy@grapzonow.com
-
Phone: +91 7575801515
