We collect the following types of information to provide and improve our services:

• Personal Information: Name, email address, phone number, shipping and billing address
• Account Information: Username, password (encrypted), date of birth, gender
• Payment Information: Credit/debit card details, UPI ID, bank account information (processed securely through payment gateways)
• Order Information: Purchase history, product preferences, delivery details
• Device Information: IP address, browser type, device type, operating system
• Usage Data: Pages visited, time spent, clicks, search queries, referral sources
• Communication Data: Emails, chat messages, phone call records, customer service interactions
• Location Data: Shipping address, IP-based location for personalized services

Your information is used for the following purposes:

• Order Processing: To process and fulfill your orders, manage payments, and arrange delivery
• Customer Service: To respond to inquiries, resolve issues, and provide support
• Account Management: To create and maintain your account, manage preferences, and track order history
• Personalization: To recommend products based on browsing history and purchase patterns
• Marketing Communications: To send newsletters, promotional offers, wellness tips (with your consent)
• Security: To detect and prevent fraud, unauthorized access, and other illegal activities
• Legal Compliance: To comply with legal obligations, court orders, and government requests
• Analytics: To analyze website performance, user behavior, and improve our services

We use cookies and similar technologies to enhance your experience:

• Essential Cookies: Required for website functionality, shopping cart, checkout process
• Performance Cookies: Help us understand how visitors interact with our website
• Functional Cookies: Remember your preferences, language settings, login details
• Marketing Cookies: Track your activity across websites to show relevant ads
• Analytics: Google Analytics, Facebook Pixel, and other tools to measure website performance
• Session Data: Temporary data stored during your browsing session
• Cookie Management: You can control cookies through browser settings or our cookie consent banner

We share your information only in the following circumstances:

• Service Providers: Payment processors, shipping partners, email service providers, cloud hosting services
• Business Partners: Trusted third-party tools for analytics, customer support, and marketing (with data processing agreements)
• Legal Requirements: When required by law, court orders, government authorities, or to protect our rights
• Business Transfers: In case of merger, acquisition, or sale of business assets (users will be notified)
• With Your Consent: Any other sharing will require your explicit permission
• Aggregated Data: We may share anonymized, aggregated data for research or marketing purposes
• Never Sold: We never sell your personal information to third parties for their marketing purposes

We implement robust security measures to protect your information:

• Encryption: SSL/TLS encryption for all data transmission, AES-256 encryption for stored data
• Secure Servers: Data stored on ISO 27001 certified servers with firewall protection
• Access Control: Strict access controls, multi-factor authentication for employee access
• Regular Audits: Periodic security audits and vulnerability assessments
• PCI-DSS Compliance: Payment processing through PCI-DSS compliant gateways
• Data Backup: Regular encrypted backups to prevent data loss
• Employee Training: Staff trained on data protection and confidentiality protocols
• Incident Response: Immediate notification in case of data breach with remedial actions

You have the following rights regarding your personal information:

• Access: Request a copy of all personal data we hold about you
• Correction: Update or correct inaccurate personal information
• Deletion: Request deletion of your account and associated data (subject to legal retention)
• Opt-Out: Unsubscribe from marketing emails, SMS, and promotional communications
• Data Portability: Receive your data in a structured, machine-readable format
• Objection: Object to processing of your data for direct marketing purposes
• Withdraw Consent: Withdraw consent for data processing at any time
• Complaint: Lodge a complaint with data protection authorities if rights are violated

How to Exercise Your Rights: Email privacy@athaahanand.com or call +91 98765-43210

We retain your information for the following periods:

• Account Information: Retained as long as your account is active plus 3 years after closure
• Order History: 7 years for accounting and tax purposes (as per Indian law)
• Payment Information: Tokenized payment data retained for recurring purchases (can be deleted on request)
• Marketing Data: Deleted immediately upon opt-out or unsubscribe
• Support Communications: 2 years for quality assurance and dispute resolution
• Website Analytics: Aggregated data retained indefinitely, personal identifiers deleted after 26 months
• Legal Hold: Data retained longer if required for legal proceedings or compliance

Protecting children's privacy is important to us:

• Our website and services are not intended for children under 18 years of age
• We do not knowingly collect personal information from children under 18
• If a parent/guardian believes their child has provided us with personal information, please contact us immediately
• We will delete such information within 48 hours of verification
• Orders for minors must be placed by a parent or legal guardian
• Parental consent required for any data collection from users under 18

Our website may contain links to third-party websites:

• We are not responsible for privacy practices of external websites
• Third-party sites have their own privacy policies which we encourage you to review
• Social media plugins (Facebook, Instagram, WhatsApp) may collect information per their policies
• Payment gateways (Razorpay, PayU, Paytm) process payments under their security protocols
• Shipping partners (Delhivery, Blue Dart) handle delivery data per their privacy policies
• Analytics tools (Google Analytics, Facebook Pixel) subject to their data collection practices
• We conduct due diligence on third-party service providers to ensure data protection compliance

Information about data transfers outside India:

• All customer data is primarily stored on servers located in India
• Some service providers may process data in other countries (USA, EU)
• We ensure adequate safeguards through Standard Contractual Clauses (SCCs)
• Data transferred only to countries with adequate data protection laws
• You have the right to obtain information about cross-border data transfers
• By using our services, you consent to such transfers with appropriate safeguards

We may update this Privacy Policy from time to time:

• Material changes will be notified via email or prominent website notice
• Continued use of services after changes constitutes acceptance of updated policy
• Policy version and last updated date mentioned at the bottom of this page
• You can review the previous version by contacting us
• We recommend reviewing this policy periodically for changes
• Significant changes require re-consent for data processing

Last Updated: December 20, 2025 | Version: 2.0

For privacy-related questions, concerns, or requests:

• Privacy Officer: Athaahanand Privacy Team
• Email: privacy@athaahanand.com
• Phone: +91 98765-43210 (Mon-Sat, 10 AM - 6 PM IST)
• Address: Athaahanand Wellness Pvt. Ltd., Narnaund, Haryana, India - 123001
• Response Time: We respond to all privacy requests within 7 business days
• Data Protection Officer: Available for GDPR-related queries
• Grievance Redressal: Escalation process available if concerns not resolved

Office Hours: Monday to Saturday, 10:00 AM - 6:00 PM IST
Emergency Contact: For urgent privacy concerns, call our 24/7 helpline