Last Updated: [15-05-2025]
Siyamukhi ("Company", "we", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and safeguard your personal information when using our e-commerce website or services to purchase organic products across India. We handle your personal data in accordance with applicable Indian laws, including the Information Technology Act, 2000, and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (the "SPDI Rules"). By using our website or providing your information, you agree to the practices described in this Privacy Policy.
Note: In this policy, "personal information" refers to any information about an individual that can identify them (such as name, contact details, etc.). This includes "Sensitive Personal Data or Information" as defined under Indian law (for example, passwords or financial details), which we handle with special care and security.
Information We Collect and Why
We collect various types of information to serve you better. Below is what we collect and the purpose for collecting it:
- Personal and Contact Information: This includes your name, email address, phone number, and other contact details you provide. We collect these details to identify you, create and manage your account, and to communicate with you – for example, to send order confirmations, updates, or respond to your inquiries.
- Shipping and Billing Information: This includes your shipping address, postal code, and (if applicable) billing address. We use this information to deliver your products to the correct address and to process billing or invoices for your orders.
- Account Credentials: If you create an account on our website, we collect your login credentials such as username and password. This information is used to allow you to securely access your account and order history. (For your security, passwords are stored in an encrypted form.)
- Payment Information: When you make a purchase, you provide payment details (e.g., credit/debit card number, UPI, or other payment data). This information is collected through our secure third-party payment gateway, CCAvenue, to process your transaction. We do not store your full card or bank details on our servers; these are handled directly by CCAvenue on their secure platform.
- Order Details and Transaction History: We maintain records of your orders, such as the products purchased, quantity, date and time of purchase, transaction amount, and payment status. This information is necessary to fulfill your orders, provide customer service (like handling returns or refunds), and maintain records for accounting and legal compliance.
- Communications with Us: If you contact us (through email, phone, or chat) or respond to surveys/feedback requests, we collect the information you choose to provide in those communications. We use this to address your questions or concerns, improve our services, and keep records of correspondence.
- Usage Data (Cookies & Technical Information): When you interact with our website, we automatically receive certain information about your device and usage of the site. This includes your IP address, browser type, device type, pages visited, time spent on pages, and referring website. We collect this data through cookies and similar tracking technologies. The purpose is to personalize your experience, understand how our website is used, and improve our platform. For example, this data helps us remember your preferences, keep you logged in, and analyze site performance. (See the Cookies and Tracking section below for more details.)
- Marketing Preferences: If you opt-in to receive our promotional emails or newsletters, we record your preferences (such as your email subscription status or consent to receive marketing SMS). We use this information to send you updates about new products, special offers, or other news about Siyamukhi’s organic products. You can opt out of these communications at any time if you change your mind.
Optional Information: You have the choice not to provide certain information. However, please note that if you decline to provide information that is necessary for a service (for example, your address for delivery or payment details for completing an order), we may not be able to fulfill that order or provide the service to you.
How We Use Your Information
We use the personal information we collect for the following purposes:
- Order Processing and Delivery: To process your purchases and transactions, arrange for shipping, and deliver the products you ordered. This includes sending you notifications about your order status (e.g., order confirmation, shipping/delivery updates).
- Providing Our Services: To facilitate and maintain your account, enable core site functionalities (like your shopping cart and checkout), and provide you with the services and features of our e-commerce platform. We also use data to troubleshoot issues, perform data analysis, testing, and improve the performance of our website.
- Communication: To communicate with you about important information. This includes responding to your inquiries or support requests, sending service-related announcements (such as changes to terms, conditions, and policies), and sending confirmation or reminder messages related to your transactions.
- Marketing and Promotions: To send you newsletters, offers, or promotional communications about our products and deals, but only if you have opted in or otherwise given consent. These communications might include information about new organic products, special discounts, or loyalty programs. You can opt out of marketing communications at any time (see Your Rights and Choices below).
- Personalization: To personalize content and product recommendations on our website. For example, we may use your past purchase history or browsing behavior to suggest other products you might be interested in.
- Analytics and Improvements: To understand how users use our website, so we can improve our products and user experience. We analyze aggregated usage data (such as overall visitor numbers and page popularity) to make informed decisions on improving website layout, product offerings, and services.
- Security and Fraud Prevention: To keep our platform safe and secure. We may use personal data to verify user identities, monitor for fraudulent transactions or suspicious activity, and mitigate risks. This helps protect both our customers and our business from fraud, theft, or other misuse.
- Legal Compliance: To comply with legal and regulatory requirements. For instance, we may use and retain transaction records for tax filings and audits as required by Indian law. We might also use information to meet requirements under the IT Act, SPDI Rules, or other laws (such as verifying identity for KYC, if ever applicable).
- Enforcement of Terms and Policies: To enforce our Terms of Service, this Privacy Policy, and other agreements. We may use data to investigate potential violations, as well as to protect our rights and the rights of our customers or others (for example, in the event of disputes or to detect and prevent abuse of our site).
We will not use your personal information for any purpose that is not outlined in this Privacy Policy without informing you and obtaining your consent if required.
Cookies and Tracking Technologies
Like many websites, Siyamukhi uses cookies and similar tracking technologies to enhance your user experience and gather information about how our site is used.
What Are Cookies? Cookies are small text files that are placed on your device (computer or smartphone) when you visit our website. They help the website recognize your device and remember information about your visit (like your preferences or items in your cart). We also may use related technologies such as pixel tags or web beacons (small invisible images or code) in our communications to understand if messages were opened or links clicked.
How We Use Cookies: We use cookies for several reasons, including:
- Essential Cookies: These cookies are necessary for our website to function properly. For example, they help keep you logged into your account, remember the items in your shopping cart, and enable the checkout process. Without these cookies, core functionalities of the site would not work.
- Functional Cookies: These improve your shopping experience by remembering choices you make on our site. For instance, they might remember your preferred language or region, so we can show you content relevant to your area.
- Analytics Cookies: We use these to collect information about how visitors use our website. For example, we may use Google Analytics or similar tools that use cookies to collect anonymized statistics (such as which pages are visited, how long people stay on each page, and which products are viewed most). This information helps us understand user behavior on our site and improve our website design, functionality, and content. The data collected by these cookies is aggregated and does not directly identify individual users.
Third-Party Cookies: Some cookies on our site may be set by third parties on our behalf. For example, as mentioned, analytics services like Google Analytics set their own cookies. We may also occasionally embed content from other sites (like a YouTube video or social media plugin) which could set third-party cookies. We do not have control over third-party cookies, but no personally identifiable information is typically collected by them through our site without your consent.
Your Choices (Managing Cookies): You have the ability to manage or disable cookies at any time. Most web browsers automatically accept cookies, but you can usually modify your browser settings to notify you when a cookie is being set or to block cookies altogether. You can also delete cookies that have already been set. Please be aware that if you disable or delete certain cookies, some features of our website may not function as intended. For example, disabling cookies might prevent you from adding items to your cart or completing a checkout, or it might cause you to have to re-enter information more frequently. We recommend allowing essential and functional cookies for the best user experience.
For more information on how to manage cookies and tracking technologies, you can refer to your browser’s help documentation. If you have any concerns about our use of cookies, feel free to contact us using the information in the Contact Us section below.
How We Share Your Information with Third Parties
We value your trust and do not sell or rent your personal information to third parties for their own marketing purposes. However, we do share your information with certain third parties in order to run our business and provide services to you, as described below. In all cases, we share only the information that is necessary for these third parties to perform their services, and we require them to protect and use your data in compliance with this Privacy Policy and applicable law.
- Payment Processing (CCAvenue): When you make a payment on our site, your payment details are securely transmitted to our third-party payment gateway, CCAvenue, which processes the transaction. We share the necessary information (such as your order number and transaction amount, and redirect you to enter your card or banking details) to facilitate payment. Siyamukhi itself does not store your sensitive payment information (like full credit card numbers or banking passwords). CCAvenue is a PCI-DSS compliant payment processor, which means they follow strict industry standards to protect your payment data. Please note that your use of the payment gateway is also subject to CCAvenue’s own privacy and security policies.
- Courier and Logistics Partners: In order to deliver your orders, we work with trusted delivery partners (courier or postal services). We share only the information required for shipping: for example, the recipient’s name, delivery address, contact phone number, and sometimes order contents (for shipping labels/invoices). These partners are authorized to use your information only for the purpose of picking up and delivering your orders, and they are not permitted to use it for any other purposes.
- Service Providers and Vendors: We may employ other companies and individuals to perform functions on our behalf – for example, companies that assist with:
- Website Hosting and IT Infrastructure: Storing website data and ensuring our site runs smoothly.
- Email/SMS Communications: Sending out emails or text messages (such as order confirmations or promotional messages) to our customers.
- Analytics and Advertising Services: Helping us analyze usage of our website or run marketing campaigns.
- Customer Support Tools: Providing platforms or services that help us manage customer inquiries or chat support.
- These third-party service providers have access to personal information needed to perform their functions but may not use it for any other purpose. We require these providers to maintain the confidentiality and security of the information and to comply with applicable data protection laws.
- Business Transfers: If Siyamukhi or its assets are involved in a merger, acquisition, reorganization, or sale of assets, or in the unlikely event of bankruptcy, your personal information could be one of the assets transferred to or acquired by a third party. In such a case, we will ensure that the new owner or successor entity is bound by terms that are at least as protective of your personal information as this Privacy Policy. We will notify you (for example, via a notice on our website or email) of any such change in ownership or control of your personal information.
- Legal Compliance and Protection: We may disclose your personal information if required to do so by law or if we in good faith believe that such disclosure is necessary to:
- Comply with a legal obligation, government request, or judicial order (such as a subpoena, warrant, or court order).
- Enforce our Terms of Service, this Privacy Policy, or other agreements.
- Detect, prevent, or address fraud, security, or technical issues.
- Protect the rights, property, or safety of Siyamukhi, our customers, or the public.
- For example, we might share information with law enforcement agencies if required to investigate a fraudulent transaction or a cyber-security incident. We will only do so in accordance with applicable laws.
- With Your Consent: Apart from the cases listed above, if there is ever a need to share your information with any other third party for a new purpose, we will inform you and obtain your explicit consent before doing so. For instance, if we ever introduce a partnership with another company to offer joint promotions, we will only share your information if you agree to participate.
Note: Whenever your information is shared with third parties, we strive to ensure that they handle it with an adequate level of security and confidentiality. We remain responsible for the personal data we collect, and any third party that processes such data on our behalf is required to adhere to standards and practices at least as stringent as our own. We also do not allow any third party to use your personal information for their own marketing or other purposes not authorized by us.
Data Storage and Security Measures
We understand the importance of securing your personal information. Siyamukhi takes reasonable security measures – as required under Indian law and aligned with international best practices – to protect your data from unauthorized access, disclosure, alteration, or destruction. Here’s how we safeguard and store your information:
- Secure Servers: Your personal data is stored on secure servers that we operate or that are provided by reputable cloud service providers. We implement administrative, physical, and technical safeguards to protect these servers and the data they hold.
- Encryption in Transit and at Rest: We use industry-standard encryption protocols. When you enter sensitive information on our website (such as your login credentials or payment details), that data is transmitted to us over a secure connection using SSL/TLS encryption (you’ll see a padlock icon in your browser indicating a secure HTTPS connection). Sensitive data that we store (like passwords) is further protected – for example, passwords are hashed or encrypted in our database, meaning we do not store them in plain text.
- Payment Security: All payment transactions on our site are processed through CCAvenue’s secure payment gateway. CCAvenue is certified for PCI-DSS (Payment Card Industry Data Security Standard) compliance, which is a strict standard for protecting cardholder data. Your card information and other payment details are handled via secure encryption by CCAvenue. We do not see or store your full card details on our systems, adding an extra layer of security for financial data.
- Access Controls: We limit access to personal information strictly to Siyamukhi employees and authorized service providers who need that information to process it for us (for example, customer support staff or order fulfillment team). All such persons are bound by confidentiality obligations. We have implemented permission levels and authentication controls to ensure that even within our organization, your data is accessed only on a need-to-know basis.
- Regular Security Audits and Updates: We periodically review our information collection, storage, and processing practices to guard against unauthorized access or alteration. Our website and servers are regularly updated with security patches and monitored for vulnerabilities or potential threats. We also employ firewalls, anti-malware tools, and intrusion detection systems to prevent and detect unauthorized system access.
- Training and Policies: Our team members are trained on data protection best practices and we have internal policies in place to handle personal data safely. We follow the "reasonable security practices and procedures" as prescribed under the IT Act and SPDI Rules. In fact, we strive to adhere to recognized standards such as ISO/IEC 27001 for information security management, to the extent applicable to our operations.
- Data Location and Transfers: We primarily store and process personal data within India. However, some of our service providers (for example, cloud infrastructure or email service providers) might store or process data in servers located in other countries. If your data is transferred outside India, we take steps to ensure it remains protected: we only work with partners that have robust data protection measures, and we ensure that such transfers comply with Indian data protection requirements. In all cases, your information will receive the same level of security as it would under Indian jurisdiction.
- No Guarantee of 100% Security: While we are committed to protecting your information and use a combination of security measures to do so, no method of transmission over the internet or method of electronic storage is completely secure. Therefore, we cannot guarantee absolute security of your data. Nonetheless, we continuously work to update and improve our security practices to mitigate risks as much as possible.
- Data Breach Procedures: In the unlikely event of a data breach or security incident that compromises your personal information, we will promptly take necessary actions to contain and remedy the breach. We will also notify affected users and the relevant authorities as required by law, and advise you on steps to protect yourself (if applicable), in a timely manner.
Your Rights and Choices
We respect your rights over your personal data. Under Indian data protection principles (and in keeping with global best practices), you have certain rights regarding the information we hold about you. Below, we outline your rights and how you can exercise them:
- Right to Access & Review: You have the right to know what personal information we have about you. You can review much of your personal data by logging into your Siyamukhi account (to see your profile info, order history, etc.). If you would like a full copy of all personal data we hold about you, you can request this by contacting us (see Contact Us section). We will provide you with the information in accordance with applicable law.
- Right to Correction/Rectification: If your information is inaccurate or has changed (for example, you updated your phone number or moved to a new address), you have the right to have the incorrect information corrected. You can directly update some of your personal details through your account profile on our website. For any details that cannot be self-updated, you can reach out to us with a correction request. We may ask for verification to ensure the accuracy of new information provided. We strive to keep all information up-to-date and will make corrections promptly upon request.
- Right to Withdraw Consent: In cases where we are processing your personal information based on your consent (such as sending marketing emails or using certain types of cookies), you have the right to withdraw that consent at any time. For example, you can unsubscribe from our promotional emails by clicking the "unsubscribe" link in any email, or change your preferences in your account settings. Withdrawal of consent will stop the particular use or activity going forward (it will not affect the lawfulness of processing based on consent before withdrawal).
- Right to Opt-Out of Marketing: Even if you have given consent before, you can opt out of receiving promotional communications from us at any time. If you prefer not to receive promotional SMS, emails, or newsletters, you can use the unsubscribe mechanism provided in those messages or contact us to be removed from our marketing list. Please note, even if you opt out of marketing messages, we will still send you transactional messages about your orders or important updates about your account because those are necessary for providing our services to you.
- Right to Deletion (Right to be Forgotten): You may request deletion of your personal data that we hold. If you want to close your account or have us delete specific personal information, you can contact us with your request. Upon receiving a verifiable deletion request, we will delete or anonymize your personal data from our records within a reasonable timeframe. However, please note that we might retain certain information for reasons permitted by law – for example, to comply with legal obligations (tax, audit, fraud prevention) or to resolve disputes and enforce our agreements. Any data retained for such purposes will be handled securely and only retained for the duration necessary to fulfill those obligations.
- Right to Object or Restrict Processing: If you feel that we should not be processing certain information about you, you can object to or request restriction of our use of that data. For instance, if you believe some information is being processed unlawfully or beyond the scope of stated purposes, let us know your concern. We will review and honor such requests in line with applicable laws. Where applicable (under future data protection laws coming into effect), you may also have rights to data portability (to receive your data in a structured format) – and we will facilitate those as required.
- Cookies and Tracking Choices: As described in the Cookies and Tracking section, you have control over how cookies are used when you interact with our site. You can adjust your browser settings to refuse cookies or remove them. You can also use tools or plug-ins to opt out of certain tracking (for example, Google offers a browser add-on to opt out of Google Analytics tracking). While exercising this choice will not affect your ability to browse our site, it may impact the functionality (e.g., you might not be able to use the shopping cart if cookies are disabled). We do not currently respond to “Do Not Track” signals, but if a uniform standard is adopted in the future, we will follow it as required.
- Grievance Redressal: If you have any grievances, questions, or concerns regarding your privacy or how we have handled your personal data, you have the right to raise those issues. We take such complaints seriously. You can contact our Grievance Officer (see Contact Us section below for details) to report any problems or lodge a complaint. As per the SPDI Rules, we will acknowledge and address any such grievance within a maximum of 30 days from the date of receipt.
To exercise any of your rights mentioned above, or to ask a question about them, please reach out to us through the contact information provided at the end of this policy. For security reasons, we might need to verify your identity (for example, via your email or phone number on record) before fulfilling certain requests, especially for data access or deletion, to ensure that these requests are legitimate.
Please Note: Some rights might be subject to limitations under applicable law. For example, we cannot provide certain data if doing so would violate someone else’s privacy, or we might retain data if required for legal obligations even if you request deletion. But we will inform you accordingly in such a case. Rest assured, we will make every effort to fulfill your requests to the fullest extent required by applicable laws and in accordance with our legal duties.
Data Retention Policy
We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, or as required or permitted by law. How long we keep your data can vary depending on the type of information and the purposes of processing. Below is our data retention approach for different scenarios:
- Account Information: If you have a Siyamukhi account, we will keep your personal profile information for as long as your account is active. This allows us to provide you with a personalized experience (like order history). If you choose to deactivate or delete your account (or request us to do so), we will initiate the process of removing your personal information from our systems, as described in the Your Rights section. Keep in mind, even after you delete your account, we may retain certain limited information for the reasons described below (legal compliance, etc.).
- Order and Transaction Records: Information related to your orders (such as invoices, payments, and delivery records) will be retained for a period necessary to comply with legal, tax, and accounting requirements under Indian law. For example, we may need to retain records of transactions for a number of years to comply with tax regulations or audits. This retention period could be typically 5 to 7 years (or as mandated by law). During this time, your data will continue to be protected according to this Privacy Policy.
- Customer Service Communications: If you have contacted us for support or inquiries, we may retain those communications (emails, chat logs, call recordings if any) for a certain period. This helps us in staff training, dispute resolution, and improving our customer service. These records are typically kept only as long as necessary to address your issue and for any further related follow-up, after which they are archived or deleted.
- Legal Obligations and Dispute Resolution: Even if you request deletion of your data, we might retain certain information if necessary to comply with legal obligations or resolve disputes. For instance, we may keep data to enforce our agreements, address any complaints, detect fraud, or comply with court orders. In all such cases, we limit the data to what is necessary for the purpose and for the minimum duration required. For example, if there is an open dispute or investigation, we will retain relevant information until it is resolved or we are legally required to retain it.
- Data Disposal: When the retention period for any personal data expires, or if we determine that we no longer need the data (whichever comes first), we will securely erase, delete, or anonymize the personal information. Secure deletion means we use reasonable measures to irreversibly remove or anonymize data so that it cannot be reconstructed or read. For instance, physical documents are shredded, and electronic files are deleted in a manner that they cannot be recovered (or they are anonymized so that they are no longer associated with any individual).
In summary, we do not keep your personal information indefinitely. We aim to retain it only for as long as it is truly needed and as required by law. If you have any specific questions about our data retention practices (for example, if you want to know if we still have certain information about you), you can contact us for details.
Children's Privacy
Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children (minors) without appropriate parental or guardian consent. If you are under 18, we request that you use our website only with the supervision and involvement of a parent or guardian.
If we become aware that we have inadvertently collected personal information from a child under 18 without proper consent, we will take steps to delete such information from our records as soon as possible. Parents or guardians who discover that their child has provided us with personal information without consent can contact us, and we will promptly remove the data and unsubscribe the minor from any promotional contact.
Changes to This Privacy Policy
We may update or change this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we do so, we will post the revised policy on this page with a new "Last Updated" date at the top.
If there are significant changes that affect your rights or the way we use your personal data, we will take additional steps to notify you – for example, by prominently posting a notice of such changes on our website home page or by sending you an email notification (if you have provided your email and permitted us to contact you). We encourage you to review this Privacy Policy periodically to stay informed about how Siyamukhi is protecting your information.
Your continued use of our website or services after any changes to this Privacy Policy have been posted will signify your acceptance of those changes, provided that we have obtained any required consents from you (if applicable). If you do not agree with any updates to the policy, you should stop using our services and you may contact us if you have concerns.
Contact Us and Grievance Redressal
Your privacy is important to us, and we are here to help if you have any questions or concerns about this Privacy Policy or how your information is handled.
If you have questions, requests, or complaints regarding your personal data or this policy, please contact us through any of the following means:
- Email: siyamukhi@info.in (for general privacy inquiries or requests)
- Phone: +91-9876543265 (customer support helpline)
- Postal Address: {Siyamukhi’s Office Address, including City, State, and PIN, India}
In accordance with the IT Act 2000 and SPDI Rules 2011, we have appointed a Grievance Officer to address any grievances or concerns you might have regarding your personal data. If you are not satisfied with the initial response or if you specifically wish to escalate a privacy-related complaint, you may reach out to our Grievance Officer at:
Grievance Officer: {Vijay Jha}
Email: siyamukhi@info.in(for grievance/complaint escalation)
Phone: +91-9876543265 (direct line for grievances, available [hours])
The Grievance Officer is responsible for redressing grievances expeditiously. We will acknowledge your complaint and strive to resolve it within 30 days of receipt, as mandated by the SPDI Rules.
Thank you for reading our Privacy Policy. We value the trust you place in Siyamukhi to handle your personal information. We are committed to keeping that trust by continually working to protect your data and use it responsibly. If you have any concerns about your privacy or our practices, please do not hesitate to contact us. Your feedback and questions are always welcome, and we will be happy to assist you.