Privacy Policy
We are committed to protecting your personal data and being transparent about how we collect, use, and safeguard your information.
Table of Contents
1 Introduction
Ayurvedic Chikitsalaya ("we", "us", "our") operates this e-commerce platform for the sale of Ayurvedic medicines, healthcare products, and wellness items. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you visit our website or place an order.
By using our Platform, you consent to the practices described in this Privacy Policy. This policy complies with the Information Technology Act, 2000, the IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and other applicable Indian laws.
2 Information We Collect
| Data Category | Examples | When Collected |
|---|---|---|
| Personal Identifiers | Name, email, phone number | Registration, checkout |
| Delivery Address | Street, city, state, PIN code | Checkout, address book |
| Health Information | Prescriptions, medicine orders | Prescription upload, orders |
| Payment Data | Transaction ID, payment method type | Checkout (via Razorpay) |
| Device/Usage Data | IP address, browser type, pages viewed | Automatically on visit |
| Location Data | GPS coordinates, PIN code | With your consent |
3 How We Use Your Information
We use the information collected for the following purposes:
- Order fulfillment — processing, shipping, and delivering your orders.
- Account management — creating and managing your user account.
- Customer support — responding to your enquiries and resolving issues.
- Communication — sending order updates, delivery notifications via SMS/WhatsApp/email.
- Legal compliance — verifying prescriptions and meeting regulatory requirements.
- Service improvement — analysing usage patterns to improve our Platform.
- Fraud prevention — detecting and preventing fraudulent transactions.
4 Information Sharing & Disclosure
We do not sell, rent, or trade your personal information. We may share your data with:
- Payment processors — Razorpay, for processing payments securely.
- Delivery partners — name, address, and phone number for order delivery.
- Service providers — SMS/WhatsApp notification services (e.g., Twilio, WhatsApp Business API).
- Legal authorities — when required by law, court order, or government regulation.
5 Payment Data & Security
All online payment transactions are processed by Razorpay, which is PCI-DSS Level 1 compliant — the highest level of payment security certification.
- We never store your full card number, CVV, or banking password on our servers.
- We only receive a payment confirmation (transaction ID and status) from Razorpay.
- All data transmission is encrypted using 256-bit SSL/TLS encryption.
6 Cookies & Tracking Technologies
We use cookies and similar technologies to:
- Keep you logged in and maintain your session.
- Remember your cart items and delivery preferences.
- Understand how you use our Platform (analytics).
- Improve site performance and user experience.
You can control cookies through your browser settings. However, disabling cookies may affect the functionality of certain features.
7 Data Retention
We retain your personal data for as long as your account is active or as needed to provide you services. Specifically:
- Account data — retained until you request deletion.
- Order history — retained for a minimum of 8 years as required by Indian tax laws.
- Prescriptions — retained for a minimum of 3 years as per Drug and Cosmetics regulations.
- Payment records — retained as per RBI and Income Tax regulations.
8 Your Rights
You have the right to:
- Access — request a copy of your personal data.
- Correction — update or correct inaccurate information via your profile.
- Deletion — request deletion of your account and personal data (subject to legal retention requirements).
- Withdraw consent — opt out of marketing communications at any time.
- Data portability — request your data in a structured, machine-readable format.
To exercise any of these rights, contact us at [email protected].
9 Children's Privacy
Our Platform is not intended for children under 18 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us immediately and we will take steps to delete such information.
10 Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. Continued use of the Platform after changes constitutes acceptance of the updated policy.
11 Contact Us
For any questions or concerns regarding your privacy or this policy, please contact our Grievance Officer:
Privacy Concerns?
Reach out to our data protection team for any privacy-related enquiries.