Privacy Policy

Legal Compliance

The policy fully complies with India’s current and upcoming data protection laws:

  • Digital Personal Data Protection Act (DPDP) 2023 – India’s new comprehensive data privacy law
  • Information Technology Act, 2000 and related rules
  • Information Technology Rules, 2021 for e-commerce intermediaries
  • Consumer Protection Act, 2019 for online businesses

Industry-Specific Considerations

The policy includes sections specifically relevant to herbal products companies:

  • Health and wellness information handling – addressing how you collect and use health-related data
  • Ayurvedic consultation services provisions
  • Product safety and efficacy data collection
  • Ingredient and allergy information management
  • Traditional vs. modern usage data handling

Comprehensive Data Categories

The policy clearly outlines all types of data collection:

  • Personal information voluntarily provided
  • Automatically collected technical data
  • Health and wellness preferences
  • Payment and transaction information
  • Customer service interactions

Strong Privacy Rights Framework

Under the DPDP Act 2023, your customers have enhanced rights:

  • Right to access their personal data
  • Right to correction of inaccurate information
  • Right to erasure and data portability
  • Right to withdraw consent at any time
  • Right to restrict processing under certain circumstances

Robust Security Measures

The policy demonstrates your commitment to data protection:

  • Technical safeguards (SSL encryption, secure servers)
  • Organizational measures (employee training, access controls)
  • Data breach notification procedures
  • Regular security audits and updates

Transparent Third-Party Sharing

Clear disclosure of when and why data is shared:

  • Payment processors and shipping companies
  • Technology service providers
  • Legal compliance requirements
  • Explicit statement that personal data is not sold

Customer-Friendly Features

  • Clear contact information for privacy inquiries
  • 30-day response time for data requests
  • Grievance redressal mechanism with escalation options
  • Plain language explanations avoiding legal jargon

Implementation Recommendations

  1. Customize the Template: Fill in all placeholder information (contact details, addresses, specific service providers)
  2. Regular Updates: Review and update the policy every 6-12 months or when business practices change
  3. Prominent Display: Place the privacy policy link prominently in your website footer and at data collection points
  4. Employee Training: Ensure your team understands the policy and can respond to customer inquiries
  5. Compliance Monitoring: Regularly audit your data practices to ensure they align with the policy
Shopping Cart
Scroll to Top