Privacy Policy

Last Updated: June 1, 2025

Compliance and Data Protection

At SthitiShagun, we are committed to ensuring full compliance with all applicable laws and regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We prioritize the protection of your data and privacy, implementing industry-standard security measures to safeguard your personal information.

Our compliance framework includes regular audits, staff training, and technological safeguards to meet global data protection standards. We maintain documentation of our processing activities and have appointed a data protection officer to oversee compliance efforts.

Data Collection and Usage

We collect, store, and process personal information strictly in accordance with legal requirements and ethical standards. Our data-handling practices are regularly reviewed to maintain compliance with evolving regulations and industry best practices.

Types of Data Collected:

  • Contact Information: Name, email address, phone number, shipping/billing address
  • Order Details: Products purchased, payment method (but not full payment details), order history
  • Website Usage Data: IP address, browser type, pages visited (via cookies and similar technologies)
  • Communications: Copies of correspondence when you contact us

We use this data solely for order processing, customer service, website improvement, and (with consent) marketing communications. Data minimization principles guide our collection practices - we only gather what's necessary for these specified purposes.

Data Sharing and Disclosure

We do not sell or rent your personal information to third parties. Limited data sharing occurs with:

  • Service Providers: Shipping carriers, payment processors, and IT support under strict confidentiality agreements
  • Legal Requirements: When compelled by law enforcement or regulatory authorities
  • Business Transfers: In case of merger, acquisition, or asset sale, with privacy protections maintained

International transfers (when applicable) are protected by Standard Contractual Clauses or other approved mechanisms under GDPR.

Data Security Measures

We implement appropriate technical and organizational measures to protect your data, including:

  • SSL encryption for all data transmissions
  • Regular security audits and penetration testing
  • Role-based access controls to personal data
  • Secure storage with regular backups
  • Employee training on data protection

While we strive to protect your information, no electronic transmission or storage is 100% secure. We encourage customers to use strong passwords and notify us immediately of any suspected unauthorized activity.

Data Retention

We retain personal data only as long as necessary for the purposes collected, including:

  • Order information: 7 years for tax and warranty purposes
  • Customer accounts: Until deletion requested
  • Marketing data: Until consent is withdrawn
  • Website analytics: 26 months

Upon expiration of retention periods, data is securely deleted or anonymized for statistical purposes.

User Rights and Choices

As part of our commitment to compliance, we respect your rights to:

  • Access: Request copies of your personal data
  • Rectification: Correct inaccurate information
  • Erasure: Delete your data under certain conditions
  • Restriction: Limit processing of your data
  • Portability: Receive your data in a structured format
  • Object: To certain processing activities
  • Withdraw Consent: For marketing communications

To exercise these rights or for any privacy-related inquiries, please contact us at [email protected]. We respond to all legitimate requests within 30 days and may require identity verification for security.

Cookies and Tracking Technologies

Our website uses cookies and similar technologies to:

  • Enable shopping cart functionality
  • Analyze website traffic and usage patterns
  • Personalize content and remember preferences
  • Support social media features

You can control cookies through browser settings, though disabling certain cookies may impact website functionality. Our Cookie Policy provides detailed information about specific technologies we use.

Policy Updates

We may update this policy periodically to reflect changes in our practices or legal requirements. Significant changes will be notified through our website or directly to customers when appropriate. We encourage regular review of this policy to stay informed.

This policy replaces all previous versions and is effective as of the "Last Updated" date shown at the top of this document.