Privacy Policy

Last Updated: April 3, 2026

1. INTRODUCTION

This Privacy Policy (“Policy”) describes how we collect, use, process, store, and disclose your personal data when you access or use our wholesale eCommerce mobile application (“App”), services, or platform.

We are committed to ensuring that your privacy is protected in accordance with applicable laws, including but not limited to:

• Digital Personal Data Protection Act, 2023
• General Data Protection Regulation (GDPR)
• Other applicable data protection and privacy laws across jurisdictions

By accessing or using our App, you agree to the practices described in this Policy.

2. BUSINESS MODEL & ACCESS RESTRICTIONS

Our App operates under a restricted-access wholesale model, meaning:

• The App is not open for public registration or retail users
• There is no in-app signup functionality
• Only pre-approved wholesale customers may access the platform
• Access is granted through manual onboarding, verification, or invitation
• Unauthorized access attempts are strictly prohibited

We reserve the right to approve, reject, suspend, or revoke access at our sole discretion.

3. DEFINITIONS

• “Personal Data”: Any information that identifies or relates to an individual or business user
• “Processing”: Collection, storage, use, sharing, or deletion of data
• “User” / “You”: Approved wholesale customer accessing the App
• “We” / “Company”: The owner/operator of this App

4. INFORMATION WE COLLECT

4.1 Personal & Business Information

We may collect:

• Full Name
• Business/Company Name
• GSTIN, PAN, or other tax identifiers (if applicable)
• Phone Number
• Email Address
• Billing and Shipping Address
• Account identifiers assigned internally

4.2 Authentication & Security Data

To ensure secure access:

• Mobile number used for OTP verification
• OTP request and verification logs
• Session tokens and login timestamps
• Device authentication signals

🔐 Biometric Authentication

• Biometric login (fingerprint/face recognition) is optional
• It is handled by your device’s secure system (Android/iOS)
• We do not collect, store, or access biometric data at any point

4.3 Device & Technical Information

We automatically collect:

• Device type, model, and OS version
• App version and build number
• IP address and approximate location
• Device identifiers (non-sensitive)
• Error logs, crash reports, and diagnostics

4.4 Transactional Information

• Order history
• Product selections
• Payment method (masked or tokenized only)
• Invoice and billing data
• Delivery details

4.5 Communications

• Customer support interactions
• Emails, messages, or feedback
• Notifications and alerts

5. PURPOSE OF DATA PROCESSING

We process your data for the following purposes:

5.1 Core Services

• Account authentication via OTP
• Enabling biometric login functionality
• Processing wholesale orders
• Managing inventory, pricing, and transactions

5.2 Operational Use

• Customer support and dispute resolution
• Sending order updates and service notifications
• Maintaining system security and integrity

5.3 Legal & Compliance

• Tax compliance (GST, invoicing, accounting)
• Regulatory obligations
• Fraud detection and prevention

5.4 Improvements

• App performance optimization
• Feature enhancements
• Analytics and usage insights

6. LEGAL BASIS FOR PROCESSING

Depending on your jurisdiction, we rely on:

• Consent – for OTP authentication and optional features
• Contractual necessity – to fulfill orders and services
• Legal obligation – compliance with tax and regulatory laws
• Legitimate interest – security, fraud prevention, and platform improvement

7. DATA SHARING & DISCLOSURE

We do not sell or rent your personal data.

We may share your data only in the following circumstances:

7.1 Service Providers

• Payment processors
• SMS/OTP gateway providers
• Cloud hosting and infrastructure providers
• Logistics and delivery partners

All third parties are bound by strict confidentiality and data protection obligations.

7.2 Legal Requirements

We may disclose data if required:

• By law or court order
• To government or regulatory authorities
• To enforce legal rights or prevent fraud

7.3 Business Transfers

In case of:

• Merger
• Acquisition
• Business restructuring

Your data may be transferred subject to applicable safeguards.

8. CROSS-BORDER DATA TRANSFER

Your data may be processed or stored outside your country, including in:

• India
• Other jurisdictions with secure cloud infrastructure

We ensure:

• Adequate safeguards
• Standard contractual protections
• Compliance with international data transfer laws

9. DATA SECURITY

We implement industry-standard safeguards, including:

• Encryption (in transit and at rest)
• Secure APIs and authentication systems
• Access control and role-based permissions
• Continuous monitoring and threat detection
• Regular security audits and updates

Despite our efforts, no system is 100% secure, and users should also take precautions.

10. DATA RETENTION

We retain personal data:

• As long as your account is active
• As necessary for business operations
• To comply with legal/tax requirements
• For fraud prevention and dispute resolution

After retention periods, data is:

• Deleted securely, or
• Anonymized irreversibly

11. YOUR RIGHTS

11.1 Under Indian Law

As per Digital Personal Data Protection Act, 2023:

• Right to access information
• Right to correction and updating
• Right to withdraw consent
• Right to grievance redressal

11.2 Under GDPR (EU Users)

Under General Data Protection Regulation:

• Right to access your data
• Right to rectification
• Right to erasure
• Right to restrict processing
• Right to data portability
• Right to object

11.3 Exercising Your Rights

You may contact us at any time to exercise your rights.

We may require identity verification before processing requests.

12. COOKIES & TRACKING TECHNOLOGIES

We use limited tracking mechanisms such as:

• Secure session tokens
• Essential cookies (if web components exist)
• Minimal analytics tools

We do not use invasive advertising trackers.

13. THIRD-PARTY SERVICES

Our App may rely on third-party services such as:

• Payment gateways
• SMS providers
• Cloud platforms

These services operate under their own privacy policies.

We ensure they meet reasonable data protection standards.

14. CHILDREN’S PRIVACY

• The App is intended only for business users (18+)
• We do not knowingly collect data from minors
• If such data is identified, it will be deleted promptly

15. ACCOUNT SECURITY RESPONSIBILITIES

You are responsible for:

• Maintaining device security
• Protecting OTP access
• Not sharing login credentials
• Reporting suspicious activity immediately

16. CHANGES TO THIS POLICY

We may update this Privacy Policy periodically.

Updates may be communicated via:

• App notifications
• Email (if available)
• Website or app updates

Continued use of the App constitutes acceptance of the revised Policy.

17. CONTACT & GRIEVANCE OFFICER

For any privacy concerns, requests, or complaints:

Email: support@[yourdomain].com

Address: [Your Registered Business Address]

For India compliance, a Grievance Officer may be appointed as required under law.

18. CONSENT

By accessing or using the App, you:

• Confirm that you are an authorized wholesale user
• Agree to the collection and use of your data
• Acknowledge that you have read and understood this Privacy Policy