PRIVACY POLICY

Introduction

GemShopify (“we,” “us,” “our,” or “Company”) is committed to protecting your privacy and ensuring transparency in how we collect, use, store, and protect your personal information. This Privacy Policy outlines our practices regarding data collection and use on our website www.gemshopify.com and through our e-commerce platform.

This Privacy Policy applies to all visitors, customers, and users of our website and services. By accessing and using GemShopify, you agree to the terms and conditions of this Privacy Policy. If you do not agree with our data handling practices, please do not use our services.

Company Information:

Business Name: QUIKCYBER MALL PRIVATE LIMITED
Address: Third Floor, Unit No. 317, RG Complex, Sector-9, Rohini, North West Delhi, Delhi, 110085, India
Contact Number: 9211841788
Email: info@gemshopify.com , quikcyber2@gmail.com

1. TYPES OF INFORMATION WE COLLECT

We collect various types of information to provide you with our services, improve our platform, and communicate with you effectively. This information includes:

1.1 Information You Provide Directly

Account Registration Information:

Full name
Email address
Phone number
Postal address (billing and shipping)
Date of birth
Gender (optional)
Username and password

Payment and Transaction Information:

Credit card details or other payment method information (processed securely through third-party payment gateways)
Billing address
Purchase history
Order details and preferences
Invoice information

Communication Information:

Messages you send us via email, contact forms, or customer support
Customer service inquiries and feedback
Complaints and grievances
Newsletter subscription preferences
Product reviews and ratings

Profile Information:

Wishlist items
Product preferences
Saved items
Delivery preferences
Customer notes and special requests

1.2 Information Collected Automatically

Website Usage Information:

IP address
Browser type and version
Operating system
Pages visited and time spent
Referral source (how you found us)
Device identifiers (mobile devices)
Clickstream data

Cookie and Tracking Technologies:

Session cookies
Persistent cookies
Web beacons and pixels
Analytics tracking
Advertising identifiers

Location Information:

General location data (city/region level)
GPS data (if enabled by your device settings)

2. PURPOSE OF DATA COLLECTION AND USE

We collect and use your personal information for the following legitimate purposes:

2.1 Service Delivery and Transaction Processing

Processing and fulfilling your orders
Managing payments and transactions
Delivering products to your specified address
Providing order tracking and status updates
Handling returns, refunds, and exchanges
Customer service and support

2.2 Communication

Sending order confirmations and shipping notifications
Responding to customer inquiries and complaints
Providing customer support
Sending important updates about our services
Notifying you about policy changes

2.3 Marketing and Promotional Activities

Sending newsletters with product updates and offers (only with your consent)
Offering personalized product recommendations
Sending promotional emails and special discounts
Conducting market research and surveys
Analyzing customer preferences for product development

2.4 Website Improvement and Analytics

Analyzing website usage patterns
Improving user experience and website functionality
Conducting technical diagnostics and troubleshooting
Optimizing our website and mobile application
A/B testing and performance monitoring

2.5 Security and Fraud Prevention

Detecting and preventing fraudulent transactions
Identifying and addressing security vulnerabilities
Protecting against unauthorized access
Complying with legal obligations
Protecting the rights and safety of our customers and business

2.6 Legal and Regulatory Compliance

Complying with Indian laws including Information Technology Act, 2000
Complying with Digital Personal Data Protection (DPDP) Act, 2023
Complying with Consumer Protection Act, 2019
Maintaining records for tax and accounting purposes
Responding to legal requests and court orders

We are committed to maintaining your privacy and will not sell your personal information to third parties. However, we may share your information with the following trusted partners for legitimate business purposes:

3.1 Service Providers and Partners

Payment Gateway Providers: Razorpay, Stripe, PayU, or other payment processors for secure transaction processing
Shipping and Logistics Partners: Delivery companies for order fulfillment and tracking
Email Service Providers: For sending transactional and marketing emails
Hosting Providers: Web hosting and cloud storage services
Analytics Tools: Google Analytics, Microsoft Clarity, and similar analytics platforms

3.2 Third-Party Service Integrations

Customer Support Tools: Ticketing systems and support platforms
CRM Systems: For managing customer relationships
Marketing Tools: For email campaigns and analytics
Social Media Platforms: Only with your explicit consent for social media integrations

3.3 Legal and Regulatory Disclosures

Government authorities, law enforcement agencies, and judicial bodies when required by law
As necessary to comply with court orders, subpoenas, or legal investigations
To protect against fraud, security threats, or illegal activities
To enforce our Terms of Service and other agreements

3.4 Business Transfers

In the event of a merger, acquisition, bankruptcy, or sale of assets, your personal information may be transferred as part of that transaction. We will notify you of any such change and provide you with the opportunity to opt-out.

3.5 Aggregated and Anonymized Data

We may share aggregated or anonymized data that cannot identify you with business partners, advertisers, and analytics providers for statistical analysis and market research.

4. DATA RETENTION AND STORAGE

4.1 Retention Period

Active Account Data: Retained for the duration of your account and for 12 months after account closure or last transaction, unless legally required to retain longer
Transaction Records: Retained for minimum 7 years in compliance with Indian income tax regulations and accounting standards
Marketing/Newsletter Data: Retained until you unsubscribe or request deletion
Website Analytics: Retained for up to 26 months
Server Logs: Retained for up to 3-6 months for security purposes
Customer Support Communications: Retained for up to 2 years

4.2 Storage Location

Your personal information is primarily stored on servers located in India or secure cloud infrastructure. In case of international data transfers to our service providers, we ensure adequate data protection measures are in place.

4.3 Data Security Measures

We implement industry-standard security measures to protect your personal information:

Encryption: SSL/TLS encryption for data in transit, AES-256 encryption for data at rest
Secure Payment Processing: PCI-DSS compliant payment gateways
Access Controls: Role-based access restrictions for employees
Firewalls and Intrusion Detection: Multi-layered security infrastructure
Regular Security Audits: Periodic vulnerability assessments and penetration testing
Employee Training: Regular data protection and confidentiality training for staff
Password Protection: Secure password hashing and authentication mechanisms

Limitation: While we implement comprehensive security measures, no data transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security, and you use our services at your own risk.

5. COOKIES AND TRACKING TECHNOLOGIES

5.1 What Are Cookies?

Cookies are small text files stored on your device that help us remember your preferences and improve your user experience.

5.2 Types of Cookies We Use

Essential Cookies:

Session management
Security and fraud detection
Login and authentication
Shopping cart functionality

Performance Cookies:

Website analytics (Google Analytics)
User behavior analysis
Error logging
Performance monitoring

Functional Cookies:

Remembering your preferences
Storing login information
Language preferences
Saved items and wishlist

Marketing/Advertising Cookies:

Tracking for retargeting ads
Social media integration
Advertising performance measurement

5.3 Third-Party Cookies

We use cookies from third-party services including:

Google Analytics – for website analytics
Facebook Pixel – for remarketing and audience analysis
Google Ads – for advertising performance
Payment gateways – for secure transactions

5.4 Cookie Management

You can control cookies through your browser settings:

You may refuse to accept cookies
You can delete previously stored cookies
You can set your browser to alert you when cookies are being sent

Note: Disabling certain cookies may affect the functionality of our website and your ability to complete purchases.

5.5 Do Not Track Signals

If your browser sends a “Do Not Track” signal, we respect your privacy preferences. However, we do not alter our data collection practices based solely on Do Not Track signals as they are not universally standardized.

6. YOUR PRIVACY RIGHTS AND CHOICES

6.1 Rights Under Indian Law

Under the Digital Personal Data Protection (DPDP) Act, 2023, and Information Technology Act, 2000, you have the following rights:

Right to Access:

You can request access to personal information we hold about you
We will provide the information in a structured, commonly used, and portable format
Response timeframe: 30 days (extendable by 30 days in case of complexity)

Right to Correction and Update:

You can request correction of inaccurate or incomplete personal information
You can update your account information at any time through your profile settings
Response timeframe: 30 days

Right to Deletion:

You can request deletion of your personal information, subject to legal retention requirements
We will delete your data unless legal obligations require us to retain it
Response timeframe: 30 days
Some data may be retained for regulatory compliance, fraud prevention, or legitimate business interests

Right to Withdraw Consent:

You can withdraw consent for specific data processing activities
This will not affect the lawfulness of processing before withdrawal
Withdrawal applies only to future processing

Right to Grievance Redressal:

You have the right to lodge a complaint regarding data privacy violations
We have appointed a Grievance Redressal Officer to address your concerns

6.2 Opt-Out Options

Marketing Communications:

Unsubscribe from promotional emails by clicking the “Unsubscribe” link in any email
Manage your communication preferences in your account settings
Request removal from marketing lists by contacting us

Cookies and Tracking:

Disable non-essential cookies through your browser settings
Opt-out of Google Analytics tracking
Opt-out of targeted advertising through your browser settings

Third-Party Sharing:

You can request that we do not share your information with specific third parties (subject to legal requirements)

6.3 Children’s Privacy

GemShopify does not knowingly collect personal information from children under 18 years of age. Parents or guardians who believe their child has provided information to us should contact us immediately. We will delete such information and terminate the child’s account if applicable.

7. CONTACT INFORMATION FOR PRIVACY MATTERS

If you have questions about this Privacy Policy, wish to exercise your privacy rights, or have concerns about our data handling practices, please contact us:

Data Protection Officer / Grievance Redressal Officer:

Email: info@gemshopify.com , quikcyber2@gmail.com
Phone: 9211841788
Address: Third Floor, Unit No. 317, RG Complex, Sector-9, Rohini, New Delhi, North West Delhi, Delhi, 110085, India

Response Timeframe: We will respond to all privacy inquiries within 30 days of receipt.

8. THIRD-PARTY LINKS AND EXTERNAL WEBSITES

Our website may contain links to third-party websites and external services. We are not responsible for the privacy practices of these external websites. This Privacy Policy applies only to www.gemshopify.com. We recommend reviewing the privacy policies of linked websites before sharing any personal information.

9. CALIFORNIA ONLINE PRIVACY PROTECTION ACT (CalOPPA) COMPLIANCE

For California residents, we comply with CalOPPA requirements:

We identify the types of personal information we collect
We disclose how your data is used and with whom it is shared
We provide options for accessing, updating, and deleting your information
We respond to “Do Not Track” signals to the extent permitted by law
This Privacy Policy is easily accessible on our website

If you are accessing GemShopify from the European Union or European Economic Area, the following GDPR provisions apply:

We process personal data only with your explicit consent or on other lawful bases
We implement data minimization principles
We provide clear data processing transparency
We have appointed a Data Protection Officer
You have rights to access, rectification, erasure, and data portability
You have the right to lodge complaints with supervisory authorities

11. AMENDMENTS AND UPDATES TO THIS POLICY

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

Posting the updated policy on our website with a new “Last Updated” date
Sending a notification email to your registered email address
Displaying a prominent notice on our homepage

Your continued use of GemShopify after any amendments constitutes your acceptance of the updated Privacy Policy.

12. GRIEVANCE REDRESSAL MECHANISM

12.1 Grievance Redressal Process

If you have a grievance regarding data handling or privacy violations, please follow this process:

Submit Grievance: Send a written complaint to info@gemshopify.com , quikcyber2@gmail.com with details of the issue
Acknowledgment: We will acknowledge receipt within 5 business days
Investigation: Our Grievance Redressal Officer will investigate the matter
Response: We will respond with resolution or explanation within 30 days
Appeal: If unsatisfied, you can escalate the grievance within 30 days of our response

12.2 Escalation

Unresolved grievances can be escalated to:

Information Technology Intermediary Guidelines Committee
Relevant regulatory authorities in India

13. REGULATORY COMPLIANCE

GemShopify complies with the following Indian laws and regulations:

Information Technology Act, 2000 – IT Rules and Reasonable Security Practices
Digital Personal Data Protection (DPDP) Act, 2023 – Data protection and privacy
Consumer Protection Act, 2019 – Consumer rights and dispute resolution
Information Technology (Intermediaries Guidelines) Rules, 2011 – Platform responsibilities
Unsubscribe Preferences & Do Not Spam Regulations – Marketing communications

14. GLOSSARY OF TERMS

Personal Data: Any information relating to an identified or identifiable natural person
Data Principal: The person to whom personal data relates
Data Fiduciary: QUIKCYBER MALL PRIVATE LIMITED (entity collecting and processing data)
Processing: Collection, storage, use, sharing, or deletion of personal data
Consent: Free, specific, informed, and unambiguous approval for processing
Data Breach: Unauthorized access, disclosure, or misuse of personal data

15. FINAL STATEMENT

Your privacy is important to us. We are committed to transparent, ethical, and lawful data practices. If you do not agree with our Privacy Policy, please do not use our services.

For any questions or clarifications regarding this Privacy Policy, please don’t hesitate to contact us using the information provided above.