Privacy Policy

Crafting a Privacy Policy for TGL Silver (selling silver
jewellery) on your website requires careful attention to India's data
privacy laws, particularly the Digital Personal Data Protection Act,
2023 (DPDP Act), which is a key framework to consider. While the DPDP
Act is in the process of full implementation, it's wise to align your
practices with its principles now.

Here's a comprehensive Privacy Policy template for TGL Silver,
tailored for an Indian e-commerce website. Remember to replace the
bracketed information [ ] with your specific details.

Privacy Policy for TGL Silver

Effective Date: [June 1, 2023]

At TGL Silver, we are committed to protecting your privacy and
personal data. This Privacy Policy explains how TGL Silver ("we," "us,"
or "our") collects, uses, discloses, and protects your personal
information when you visit and make purchases from our website,
[https://tglsilver.com/] (the "Website"). We operate in compliance with
applicable Indian laws, including the Information Technology Act, 2000,
and the Digital Personal Data Protection Act, 2023 (DPDP Act).

1. What Personal Data We Collect

We collect various types of personal data from you to provide our
services and enhance your shopping experience. This may include:

    Identity and Contact Data: Name, email address, billing address,
shipping address, phone number, and date of birth (if required for age
verification for certain products).
    Account Data: Username, password (encrypted), purchase history, wish list, and saved items.
 
  Transaction Data: Details about payments to and from you, and other
details of products you have purchased from us. We do not store your
full credit card details on our servers; these are securely processed by
our third-party payment gateway providers.
    Technical Data:
Internet Protocol (IP) address, your login data, browser type and
version, time zone setting and location, browser plug-in types and
versions, operating system and platform, and other technology on the
devices you use to access this Website.
    Usage Data: Information
about how you use our Website, products, and services, including Browse
patterns, pages viewed, and search queries.
    Marketing and
Communications Data: Your preferences in receiving marketing from us and
our third parties and your communication preferences.
    Correspondence Data: Records of your communications with us, such as customer support inquiries, emails, and chat logs.

2. How We Collect Your Personal Data

We use different methods to collect data from and about you, including:

    Direct Interactions: You may give us your Identity, Contact, and
Financial Data by filling in forms or by corresponding with us by post,
phone, email, chat, or otherwise. This includes personal data you
provide when you:
        Create an account on our Website.
        Place an order for our products.
        Subscribe to our newsletter or marketing communications.
        Participate in a survey, contest, or promotion.
        Contact customer service.
 
  Automated Technologies or Interactions: As you interact with our
Website, we may automatically collect Technical Data and Usage Data
about your equipment, Browse actions, and patterns. We collect this
personal data by using cookies, server logs, and other similar
technologies.
    Third Parties or Publicly Available Sources: We may receive personal data about you from various third parties, such as:
        Technical Data from analytics providers like Google Analytics.
        Identity and Contact Data from social media platforms if you interact with us through them.
        Transaction Data from payment and delivery service providers.

3. How We Use Your Personal Data

We will only use your personal data when the law allows us to. Most
commonly, we will use your personal data in the following circumstances:

    To process and fulfil your orders, including managing payments,
delivering your purchased jewellery, and providing you with order
updates.
    To manage your account and provide you with customer support.
    To communicate with you regarding your orders, inquiries, and to send you marketing communications (if you have opted-in).
    To improve our Website, products, and services, based on your usage patterns and feedback.
    To personalize your experience on our Website, such as showing you relevant product recommendations.
    To ensure the security of our Website and prevent fraudulent transactions.
    To comply with legal obligations and regulatory requirements.

4. Disclosure of Your Personal Data

We may share your personal data with the following categories of recipients:

    Service Providers: We engage third-party service providers who perform functions on our behalf, such as:
        Payment Gateway Providers: To process your payments securely (e.g., Razorpay, PayU).
        Shipping and Logistics Partners: To deliver your orders (e.g., India Post, Blue Dart, Delhivery).
        Website Hosting and Maintenance Providers: To ensure our Website is operational and secure.
 
      Marketing and Analytics Providers: To help us understand Website
usage and conduct marketing campaigns (e.g., Google Analytics, Facebook
Ads).
        Customer Support Software Providers: To manage customer inquiries.
 
  Legal and Regulatory Authorities: We may disclose your personal data
if required to do so by law or in response to valid requests by public
authorities (e.g., a court order or government agency).
    Business
Transfers: In the event of a merger, acquisition, or sale of all or a
portion of our assets, your personal data may be transferred as part of
that transaction. We will notify you via email and/or a prominent notice
on our Website of any such change in ownership or control of your
personal data.
    With Your Consent: We may share your personal data with third parties when we have your explicit consent to do so.

5. International Transfers

While TGL Silver is based in India, some of our third-party service
providers may be located outside of India. When we transfer your
personal data outside of India, we ensure a similar degree of protection
is afforded to it by ensuring at least one of the following safeguards
is implemented:

    We will only transfer your personal data to countries that have
been deemed to provide an adequate level of protection for personal data
by the Indian government.
    Where we use certain service
providers, we may use specific contracts approved by the Indian
government which give personal data the same protection it has in India.

6. Data Security

We have implemented appropriate technical and organizational security
measures to protect your personal data from accidental loss,
unauthorized access, use, alteration, or disclosure. These measures
include:

    Encryption: Use of SSL/TLS encryption for data transmission on our Website.
 
  Access Control: Restricting access to personal data to only those
employees, agents, contractors, and other third parties who have a
legitimate business need to know.
    Regular Security Audits: We regularly review our security practices to ensure they are up-to-date and effective.
    Secure Payment Processing: All payment transactions are handled by reputable, PCI DSS compliant payment gateways.

Despite these measures, please be aware that no method of transmission over the Internet or electronic storage is 100% secure.

7. Data Retention

We will retain your personal data only for as long as necessary to
fulfil the purposes for which we collected it, including for the
purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we
consider the amount, nature, and sensitivity of the personal data, the
potential risk of harm from unauthorized use or disclosure of your
personal data, the purposes for which we process your personal data and
whether we can achieve those purposes through other means, and the
applicable legal requirements.

For example, we retain your transaction data for [10 years] as required by Indian tax laws.

8. Your Rights

Under the DPDP Act and other applicable laws, you have certain rights regarding your personal data. These rights may include:

    Right to Access: You have the right to request a copy of the personal data we hold about you.
 
  Right to Correction: You have the right to request that we correct
any inaccurate or incomplete personal data we hold about you.
   
Right to Erasure (Right to be Forgotten): You have the right to request
the deletion of your personal data under certain circumstances (e.g.,
when the data is no longer necessary for the purpose for which it was
collected).
    Right to Grievance Redressal: You have the right to
lodge a complaint with our Grievance Officer regarding the processing of
your personal data.
    Right to Nominate: You have the right to
nominate another person to exercise your rights in the event of your
death or incapacity.
    Right to Withdraw Consent: Where we rely on
your consent to process your personal data, you have the right to
withdraw that consent at any time. This will not affect the lawfulness
of any processing carried out before you withdraw your consent.

To exercise any of these rights, please contact our Grievance Officer
using the details provided below. We may need to request specific
information from you to help us confirm your identity and ensure your
right to access your personal data (or to exercise any of your other
rights).

9. Children's Privacy

Our Website is not intended for children under the age of 18. We do
not knowingly collect personal data from children under 18. If we become
aware that we have collected personal data from a child under 18
without parental consent, we will take steps to remove that information
from our servers. If you believe we might have any information from or
about a child under 18, please contact us at titlisilver@gmail.com

10. Third-Party Links

Our Website may include links to third-party websites, plug-ins, and
applications. Clicking on those links or enabling those connections may
allow third parties to collect or share data about you. We do not
control these third-party websites and are not responsible for their
privacy statements. When you leave our Website, we encourage you to read
the privacy policy of every website you visit.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect
changes in our practices or for other operational, legal, or regulatory
reasons. We will notify you of any significant changes by posting the
new Privacy Policy on this page and updating the "Effective Date" at the
top of this policy. We encourage you to review this Privacy Policy
periodically for any changes.

12. Grievance Officer

In accordance with the Information Technology Act, 2000, and rules
made thereunder, and the Digital Personal Data Protection Act, 2023, the
name and contact details of the Grievance Officer are provided below:

Name: [Keyush Kirtikumar Jain]
Email: [titlisilver@gmail.com]
Phone: [9833226420]
Address:
[TGL Silver's 7,1st floor,plot no 223,Moti dharam kata bldg.,entry from
back side staircase,opp. Mumbadevi temple,Mumbai-02]
Timeframe for
response: The Grievance Officer will acknowledge your complaint within
24 hours and resolve it within 30 days from the date of receipt.

13. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

Email: [titlisilver@gmail.com]
Phone: [9833226420]
Address:
[TGL Silver's 7,1st floor,plot no 223,Moti dharam kata bldg.,entry from
back side staircase,opp. Mumbadevi temple,Mumbai-02]