Data Protection Policy
Purpose
Haventhara protects your personal data in compliance with Indian laws, including the IT Act 2000, IT Rules 2011, and Digital Personal Data Protection Act 2023. This policy applies to customers, employees, and service partners.

Data We Collect
Name, contact info, addresses

Payment & transaction details (no sensitive payment data stored)

Order history, product preferences, browsing data

Identity proof (only when legally required, e.g., KYC for high-value jewellery)

Device & usage data via cookies/analytics

Use & Consent
Data used for order processing, delivery, support, compliance, and site improvements

Collected only with your consent, contract necessity, or legitimate business interest

You can withdraw consent anytime via your account or by contacting support

Storage & Retention
Stored securely on servers in India (as per DPDP)

Retained only as long as required for the purpose or by law

Deleted/anonymized after expiry or upon request (subject to legal limits)

Security Measures
SSL encryption, secure payment gateways, access control

Regular audits & vulnerability checks

Employee/vendor training on data protection

Sharing & Disclosure
Shared only with trusted service providers (e.g., logistics, payment processors) for order fulfilment

Never sold to third parties for marketing

Disclosed to authorities only when legally required

Your Rights
Access, correct, or request deletion of your data

Withdraw consent for non-essential processing

Lodge complaints with our Grievance Officer

Breach Notification
In case of a breach, we notify affected users and authorities promptly with details and corrective actions

Grievance Redressal
Email: msghvt@gmail.com
Acknowledgement: 48 hours | Resolution: 30 days

Policy Updates
Changes will be posted on our website and/or emailed to users