Privacy Policy

1. Information We Collect

We collect information you provide directly to us and information generated automatically when you use our service:

• Account & Identity: full name, mobile number (used for OTP-based login), and email address.
• Shipping Address: door/flat number, street, city, state, PIN code, and country — collected at checkout for order delivery.
• Order History: items ordered, quantities, prices, order status, and payment method (Prepaid via Razorpay or Cash on Delivery).
• Payment Information: we do not store your card details or banking credentials. Payments are processed securely through Razorpay; we only retain the Razorpay order ID and payment status.
• Custom-print uploads: images or text you submit when ordering a personalised product. These are used solely to fulfil your order.
• Device & Log Data: IP address, browser type, pages visited, and referring URL — collected automatically via server logs and analytics for security and site improvement.
• Cookies: small text files stored in your browser (see Section 5 below).

2. How We Use Your Information

• Process and fulfil your orders, including dispatching to your address.
• Send order confirmations, shipping updates, and delivery notifications via SMS/WhatsApp.
• Authenticate your identity using OTP verification on login.
• Provide customer support and respond to your enquiries.
• Prevent fraudulent transactions and enhance account security.
• Improve our website, product catalogue, and service offerings.
• Send promotional communications (only with your explicit consent; you may opt out at any time).
• Comply with applicable Indian laws and regulations.

3. Sharing of Your Information

We do not sell, trade, or rent your personal information to third parties. We share data only as necessary to run our business:

• Payment Processor — Razorpay: your order amount and contact details are shared with Razorpay to process prepaid payments. Razorpay is PCI-DSS compliant and governs your payment data under Razorpay's Privacy Policy.
• Courier / Logistics Partners: your name, delivery address, and phone number are shared with our courier partners (e.g., Shiprocket, Delhivery, or Bluedart) to facilitate delivery.
• Cloud Infrastructure: we use Supabase (database) and Vercel (hosting) for data storage and website delivery. Both providers maintain industry-standard security measures.
• Legal Obligations: we may disclose information where required by law, court order, or governmental authority in India.

4. Data Security

We implement administrative, technical, and physical safeguards to protect your personal information from unauthorised access, use, or disclosure. Sensitive operations (order creation, payment updates) are performed server-side using encrypted connections (HTTPS/TLS). However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

5. Cookies

We use cookies and similar tracking technologies to:

• Maintain your shopping cart across sessions (stored in localStorage).
• Keep you logged in securely after OTP verification.
• Analyse website traffic via privacy-respecting analytics.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. Note that some features of the site may not function properly without cookies.

6. External Links

Our website may contain links to third-party sites (e.g., courier tracking pages, Razorpay payment gateway, Instagram). We are not responsible for the privacy practices of those sites and encourage you to review their respective privacy policies.

7. Data Retention

We retain your personal information for as long as your account is active or as needed to provide services, fulfil legal obligations, resolve disputes, and enforce our agreements. Order records are typically retained for 5 years in accordance with applicable Indian accounting and tax regulations. Custom-print files are deleted within 90 days of order fulfilment unless you request otherwise.

8. Your Rights

Under applicable Indian data protection principles, you have the right to:

• Access: request a copy of the personal data we hold about you.
• Correction:update inaccurate or incomplete information via your Account > Profile page, or by contacting us.
• Deletion: request deletion of your account and associated personal data (subject to legal retention requirements).
• Opt-out: unsubscribe from marketing communications at any time by replying STOP to any SMS or contacting us directly.

To exercise any of these rights, please contact us at the details below. We will respond within 30 days.

9. Modifications

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page indicates when the policy was last revised. Continued use of the website after any changes constitutes your acceptance of the updated policy. We recommend reviewing this page periodically.