Privacy policy

1.       Introduction

This Privacy Policy describes how Sattvishtik Wellness Farms Private Limited, a company incorporated under the laws of India and having its registered office at Ahmedabad, Gujarat, India (“Sattvishtik”, “we”, “us”, or “our”), collects, uses, processes, stores, and discloses personal data when you visit or make a purchase from www.sattvishtik.com (the “Website”) or otherwise interact with our products and services (collectively, the “Services”).

We are committed to protecting your personal data and processing it in a lawful, fair, and transparent manner in accordance with applicable data protection laws, including the Digital Personal Data Protection Act, 2023 (India) and other applicable international data protection regulations, where relevant.

By accessing or using our Services, you consent to the collection and use of your personal data in accordance with this Privacy Policy. If you do not agree with this Policy, please refrain from using our Services.

 

2.       Definitions

For the purposes of this Privacy Policy, the following terms shall have the meanings assigned to them below:

“Personal Data” means any data about an individual who is identifiable by or in relation to such data, including but not limited to name, contact details, address, payment information, online identifiers, and transaction history.

“Sensitive Personal Data” means such personal data as may be classified as sensitive under applicable law, including financial information or any other category notified under relevant data protection laws.

“Processing” means any operation or set of operations performed on personal data, including collection, recording, storage, organisation, structuring, adaptation, retrieval, use, disclosure, transmission, alignment, restriction, or deletion.

“Data Principal” means the individual to whom the personal data relates.

“Data Fiduciary” means the entity that determines the purpose and means of processing personal data. For the purposes of this Privacy Policy, Sattvishtik Wellness Farms Private Limited acts as the Data Fiduciary.

“Services” means the Website, products, online store, and all related services offered by Sattvishtik.

“Website” means www.sattvishtik.com

 

3.       Personal Data We Collect

We collect personal data from you in the course of providing our Services. The categories of personal data we collect may include:

(a) Information Provided Directly by You

  • Full name
  • Billing and shipping address
  • Email address
  • Mobile/telephone number
  • Account login credentials (if you create an account)
  • Order and transaction details
  • Customer support communications
  • Product reviews or other content voluntarily submitted by you

(b) Payment Information

Payment details such as credit/debit card information, UPI details, net banking information, or other financial data are collected and processed directly by our authorised payment gateway partners. Sattvishtik does not store full payment card details on its servers.

(c) Automatically Collected Information

When you visit our Website, we may automatically collect certain technical information including:

  • IP address
  • Device type and operating system
  • Browser type
  • Website usage data
  • Pages viewed and interaction patterns
  • Referral source

This information is collected using cookies and similar tracking technologies.

(d) Information from Third Parties

We may receive information from third-party service providers such as:

  • E-commerce platform providers (e.g., Shopify)
  • Payment processors
  • Logistics partners
  • Marketing and analytics service providers

Any personal data obtained from third parties is processed in accordance with this Privacy Policy.

 

4.       How We Use Personal Data

We process your personal data for lawful and legitimate purposes connected with providing our Services. Such purposes include:

(a) Order Fulfilment and Service Delivery

  • Processing and confirming orders
  • Facilitating payments
  • Shipping and delivery coordination
  • Managing returns, refunds, and exchanges
  • Providing customer support

(b) Account Management

  • Creating and maintaining user accounts
  • Enabling login authentication
  • Managing order history and preferences

(c) Communication

  • Sending transactional communications (order confirmations, delivery updates, invoices)
  • Responding to inquiries and support requests
  • Notifying you of important changes to our Services

(d) Marketing and Promotional Activities

  • Sending promotional emails, offers, and newsletters (where you have consented)
  • Personalising content and product recommendations

You may opt out of marketing communications at any time by using the unsubscribe link in our emails or contacting us directly.

(e) Security and Fraud Prevention

  • Detecting and preventing fraudulent transactions
  • Ensuring the security of our Website and Services
  • Investigating suspicious activities

(f) Legal and Regulatory Compliance

  • Complying with applicable laws, tax regulations, and legal obligations
  • Responding to lawful requests from authorities

We process personal data only for the purposes for which it was collected or as otherwise permitted under applicable law.

 

5.       Legal Basis for Processing

We process your personal data in accordance with applicable data protection laws, including the Digital Personal Data Protection Act, 2023 (India).

Our legal basis for processing personal data includes:

(a) Consent

Where you voluntarily provide your personal data for specific purposes, including account creation, order placement, subscription to marketing communications, or other interactions with our Services, you provide consent for such processing.

You may withdraw your consent at any time by contacting us, subject to legal or contractual restrictions.

(b) Performance of Contract

We process personal data as necessary to fulfil orders, provide products and services, process payments, and manage transactions initiated by you.

(c) Compliance with Legal Obligations

We may process personal data to comply with applicable laws, regulations, tax requirements, accounting standards, or lawful requests from government authorities.

(d) Legitimate Uses Permitted Under Law

In certain circumstances, we may process personal data for purposes permitted under applicable law, including fraud prevention, network security, and protection of our legal rights.

 

6.       Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your browsing experience, analyse website traffic, and improve our Services.

Cookies are small data files stored on your device when you visit our Website. They help us remember your preferences and understand how users interact with our Website.

We use the following types of cookies:

(a) Essential Cookies

These cookies are necessary for the operation of the Website, including enabling secure login, shopping cart functionality, and payment processing.

(b) Analytics Cookies

These cookies help us understand how visitors interact with our Website, including page visits and traffic patterns. This allows us to improve performance and user experience.

(c) Marketing Cookies

These cookies may be used to deliver relevant advertisements and measure the effectiveness of promotional campaigns.

You may manage or disable cookies through your browser settings. However, disabling certain cookies may affect the functionality of the Website.

Third-party service providers, including analytics and advertising partners, may also place cookies on your device subject to their respective privacy policies.

 

7.       Data Sharing and Disclosure

We do not sell your personal data.

We may share your personal data with trusted third parties only where necessary for legitimate business purposes, including:

(a) Service Providers

Third-party vendors who assist us in operating our Website and Services, including:

  • E-commerce platform providers (e.g., Shopify)
  • Payment gateway providers
  • Logistics and courier partners
  • IT and hosting providers
  • Customer support service providers
  • Analytics and marketing service providers

Such service providers are authorised to process personal data only in accordance with our instructions and applicable law.

(b) Legal and Regulatory Authorities

We may disclose personal data where required to comply with applicable law, court orders, governmental requests, tax regulations, or regulatory obligations.

(c) Business Transfers

In the event of a merger, acquisition, restructuring, or sale of business assets, personal data may be transferred as part of such transaction, subject to applicable legal safeguards.

(d) With Your Consent

We may share personal data with third parties where you have explicitly authorised or directed us to do so.

We ensure that any sharing of personal data is done with appropriate contractual safeguards and in compliance with applicable data protection laws.

 

8.       International Data Transfers

In the course of providing our Services, your personal data may be transferred to, stored, or processed in jurisdictions outside India, including countries where our service providers or technology partners maintain servers or operations.

Where personal data is transferred outside India, we take reasonable measures to ensure that such transfers are carried out in accordance with applicable data protection laws and subject to appropriate safeguards.

By using our Services, you acknowledge and consent to such cross-border transfer, storage, and processing of your personal data, subject to applicable legal requirements.

 

 

9.       Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including for satisfying legal, accounting, tax, regulatory, or reporting obligations.

Personal data relating to transactions may be retained for such period as required under applicable tax, accounting, and commercial laws.

Where personal data is no longer required for the purposes for which it was collected, we will take reasonable steps to delete, anonymise, or securely dispose of such data, unless retention is required under applicable law.

In determining the appropriate retention period, we consider the nature of the data, the purpose of processing, legal requirements, and legitimate business needs.

 

10.  Data Security

We implement reasonable technical and organisational security measures to protect personal data against unauthorised access, alteration, disclosure, loss, or destruction.

Such measures may include encryption, secure server infrastructure, restricted access controls, regular system monitoring, and use of trusted third-party service providers that adhere to appropriate security standards.

Access to personal data is limited to authorised personnel and service providers who require such access for legitimate business purposes.

While we strive to use commercially reasonable means to protect personal data, no method of transmission over the internet or electronic storage is completely secure. Accordingly, we cannot guarantee absolute security of personal data.

 

11.  Your Rights

Subject to applicable law, you may have the following rights in relation to your personal data:

(a) Right to Access Information

You may request confirmation as to whether we process your personal data and seek access to the personal data we hold about you.

(b) Right to Correction

You may request correction or updating of inaccurate or incomplete personal data.

(c) Right to Erasure

You may request deletion of your personal data where it is no longer necessary for the purpose for which it was collected, subject to legal or regulatory retention requirements.

(d) Right to Withdraw Consent

Where processing is based on your consent, you may withdraw such consent at any time. Withdrawal of consent shall not affect the lawfulness of processing carried out prior to such withdrawal.

(e) Right to Grievance Redressal

You have the right to register a grievance with us regarding processing of your personal data and seek resolution in accordance with applicable law.

To exercise any of these rights, you may contact us using the details provided in the Contact section below. We may require reasonable verification of your identity before processing your request.

 

12.  Children’s Data

Our Services are not directed at individuals under the age of 18 years. We do not knowingly collect personal data from children.

If we become aware that personal data of a child has been collected without verifiable parental consent, we will take reasonable steps to delete such data in accordance with applicable law.

Parents or legal guardians who believe that their child has provided personal data to us may contact us using the details provided below to request deletion.

 

13.  Grievance Redressal & Contact Information

If you have any questions, concerns, or grievances regarding this Privacy Policy or the processing of your personal data, you may contact us at:

Email: info@sattvishtik.com

Customer Support: +91 6359635969

In accordance with applicable data protection laws, Sattvishtik has designated a Grievance Officer to address data protection-related concerns.

You may contact the Grievance Officer at:

Email: info@sattvishtik.com

We will acknowledge your grievance within a reasonable period and endeavour to resolve it in accordance with applicable law.

If you are not satisfied with our response, you may have the right to approach the appropriate regulatory authority or Data Protection Board in accordance with applicable law.

 

14.  Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or business operations.

Any updated version will be posted on the Website with a revised “Last Updated” date.

Where required by applicable law, we will provide notice of material changes through appropriate means, including email or prominent notice on the Website.

Your continued use of the Services after the updated Privacy Policy becomes effective constitutes your acceptance of the revised terms.