1. Introduction

At Raahi Roots, we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and safeguard your information when you use our website, mobile application, and services (collectively, the “Platform”).

This policy complies with the Information Technology Act, 2000, the Digital Personal Data Protection Act, 2023 (DPDP Act), and other applicable Indian laws.

2. Information We Collect

2.1 Personal Information

We may collect the following personal information:

• Identity: Name, username, profile picture
• Contact: Email address, phone number, postal address
• Payment: Payment method details (processed securely through Razorpay; we do not store complete card numbers)
• Demographic: Age, gender (optional)
• Account: Login credentials, account preferences

2.2 Usage Information

We automatically collect information about how you use our Platform:

• IP address, browser type, and device information
• Pages visited, time spent, and navigation paths
• Event bookings, purchases, and transaction history
• App usage data and crash reports

2.3 Location Data

With your consent, we may collect your location data to provide location-based services such as finding nearby events or tracking deliveries.

3. How We Use Your Information

We use your personal data for the following purposes:

• Service Provision: To process bookings, purchases, and payments
• Account Management: To create and manage your user account
• Communication: To send booking confirmations, updates, and support messages
• Marketing: To send promotional offers and newsletters (with your consent, which can be withdrawn)
• Improvement: To analyze usage patterns and improve our Platform
• Security: To detect and prevent fraud and unauthorized access
• Legal Compliance: To comply with applicable laws and regulations

4. Payment Data Security

We use Razorpay as our payment gateway provider. All payment transactions are processed through Razorpay's secure, PCI DSS Level 1 certified infrastructure. We do not store your complete credit or debit card numbers on our servers.

Razorpay uses industry-standard encryption and security measures to protect your payment information. For more details, please refer to Razorpay's Privacy Policy.

5. Data Sharing and Disclosure

We may share your information with:

• Service Providers: Payment processors (Razorpay), shipping partners, and IT service providers
• Artists/Sellers: When you purchase a product, we share necessary details (name, address, contact) with the seller for order fulfillment
• Legal Authorities: When required by law, court order, or government regulation
• Business Transfers: In connection with a merger, acquisition, or sale of assets

We do not sell your personal information to third parties for marketing purposes.

6. Data Storage and Security

Your data is stored on secure servers located in India, in compliance with RBI's data localization requirements. We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction.

Despite our efforts, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security but continuously work to protect your information.

7. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law. Typically, we retain:

• Account information: Until you delete your account or for 5 years of inactivity
• Transaction records: For 7 years as required by tax and accounting laws
• Communication records: For 3 years

8. Your Rights

Under the DPDP Act, you have the following rights:

• Access: Request a copy of your personal data
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your personal data (subject to legal retention requirements)
• Withdraw Consent: Withdraw consent for marketing communications
• Data Portability: Request transfer of your data to another service provider

To exercise these rights, please contact us at roots.raahi@gmail.com.

9. Cookies and Tracking

We use cookies and similar technologies to enhance your browsing experience, analyze site traffic, and personalize content. You can manage cookie preferences through your browser settings.

10. Children's Privacy

Our Platform is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we learn that we have collected such information, we will promptly delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page with an updated revision date.

12. Grievance Officer

In accordance with the Information Technology Act, 2000 and the DPDP Act, 2023, we have appointed a Grievance Officer to address any concerns regarding data protection:

Name: [Grievance Officer Name]
Email: grievance@raahiroots.com
Address: [Your Physical Address], [City/Region], [State], India
Response Time: Within 30 days of receiving the complaint

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: roots.raahi@gmail.com
Phone: +91 8530849767
Address: Raahi Roots, Manu Temple Rd, Old Manali, Manali, Himachal Pradesh 175131