Privacy Policy

Privacy Policy – EAMZN.IN

Last Updated: January 4, 2026

Effective Date: January 4, 2026

Introduction

EAMZN.IN (“we,” “us,” “our,” or “Company”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website www.eamzn.in (the “Platform”) and make purchases of e-commerce products and services.

This Privacy Policy is designed to comply with the Digital Personal Data Protection Act (DPDPA), 2023, and other applicable Indian privacy laws. Please read this policy carefully. If you do not agree with our data collection and processing practices, please refrain from using our Platform.

Information We Collect

We collect personal data in various ways to provide you with optimal e-commerce services, ensure smooth transactions, and improve your shopping experience.

2.1 Information Provided by You

Contact Information:

Full name
Email address
Phone number
Postal address (including city, state, postal code)
Country of residence

Account Information:

Username and password (encrypted)
Account preferences and settings
Wishlist and saved items

Payment Information:

Credit/debit card details (processed securely through payment gateways; we do not store full card numbers)
Banking details for refunds
Payment transaction history
UPI ID or digital wallet information

Order Information:

Products purchased
Order dates and amounts
Shipping preferences
Delivery address
Returns and refund requests

Communication Data:

Messages sent through our customer support channels
Feedback, reviews, and ratings you provide
Newsletter subscriptions

Additional Information:

Product preferences and browsing history
Search queries on our Platform
Complaints and grievances filed

2.2 Automatically Collected Information

Technical Data:

IP address and device identifier
Browser type and version
Operating system
Device type (mobile, desktop, tablet)
Internet Service Provider (ISP)

Usage Information:

Pages visited and duration
Clicks and interactions
Referral source (how you reached our Platform)
Timestamps of activities
Error logs

Cookies and Tracking Technologies:

Cookies (persistent and session-based)
Web beacons and pixels
Local storage data
Cross-site tracking pixels

Purpose of Data Collection and Processing

In compliance with DPDPA 2023 principles of purpose limitation and data minimization, we collect and process your personal data solely for the following legitimate purposes:

3.1 Core E-commerce Operations

Account creation and management
Processing and fulfilling your orders
Payment processing and verification
Delivery and logistics coordination
Providing customer support
Handling returns, refunds, and exchanges
Resolving disputes and complaints

3.2 Customer Communication

Sending order confirmations and shipping updates
Providing customer service responses
Notifying you of changes to our Platform or policies
Responding to your inquiries
Obtaining feedback and conducting surveys

3.3 Marketing and Promotions

Sending promotional offers, discounts, and personalized recommendations (only with your explicit consent)
Running loyalty and reward programs
Conducting market research and analytics
Testing new features and improving user experience

3.4 Legal and Compliance

Complying with applicable laws, regulations, and court orders
Preventing fraud, unauthorized access, and misuse of our Platform
Protecting our legal rights and preventing disputes
Maintaining audit trails for tax and GST compliance
SEBI compliance (if applicable as investment advisor)

3.5 Security and Risk Management

Detecting and preventing fraudulent transactions
Monitoring for suspicious account activities
Protecting against cyberattacks and data breaches
Conducting security audits and vulnerability assessments

Legal Basis for Data Processing

Under the DPDPA 2023, our data processing is based on:

Explicit Informed Consent: We obtain your prior, clear, and unambiguous consent before collecting or processing personal data
Contract Performance: Processing necessary to fulfill our obligations under the terms of service
Legitimate Business Interests: Fraud prevention, security, and Platform improvement
Legal Compliance: Fulfilling legal obligations under Indian laws, including the Information Technology Act, 2000, Consumer Protection Act, 2019, and GST regulations

Data Sharing and Disclosure

We respect your privacy and only share your data with carefully selected third parties when necessary to provide our services.

5.1 Third-Party Service Providers

We share your data with the following categories of service providers:

Payment Processors:

Razorpay, PayU, Instamojo, and other authorized payment gateways
These providers process payments securely and comply with PCI-DSS standards

Logistics and Shipping Partners:

Courier and delivery partners (DHL, Delhivery, Ekart, Flipkart Logistics, etc.)
Only receive necessary shipping address, phone number, and order details

Hosting and Cloud Services:

Web hosting providers managing our server infrastructure
Cloud storage providers for data backup

Analytics and Marketing:

Google Analytics (for website usage insights)
Facebook Pixel and Google Ads (for advertising purposes, only with consent)
Email marketing platforms (Mailchimp, SendGrid, etc.)

Customer Support Tools:

Chatbot and support ticket management systems
Customer relationship management (CRM) platforms

Financial and Tax Compliance:

Chartered accountants and auditors
Tax consultants for GST compliance

5.2 When We Must Disclose Data

We may disclose your personal data when required by:

Government agencies and law enforcement authorities (with proper legal authorization)
Court orders or legal proceedings
SEBI or financial regulatory authorities (if applicable)
Public health emergencies

5.3 What We Do NOT Do

We do NOT sell your personal data to third parties for their independent marketing purposes
We do NOT share your full payment card details with any third party
We do NOT disclose your data without legal basis or your consent (except as required by law)

Data Security and Protection

We implement comprehensive security measures to protect your personal data from unauthorized access, modification, disclosure, or destruction.

6.1 Technical Security Measures

SSL/TLS Encryption: All data transmitted between your device and our servers is encrypted using industry-standard protocols
Password Protection: User accounts are password-protected with encryption
Secure Payment Gateway: PCI-DSS compliant payment processing systems
Firewalls and Intrusion Detection: Multi-layered network security
Regular Security Audits: Periodic vulnerability assessments and penetration testing

6.2 Administrative Security Measures

Access Control: Only authorized personnel with legitimate business needs access personal data
Data Minimization: We only retain data necessary for stated purposes
Employee Training: Regular data protection and privacy awareness training
Confidentiality Agreements: All staff and contractors sign confidentiality agreements

6.3 Physical Security

Secure data centers with restricted access
Environmental controls and monitoring
Backup systems and disaster recovery protocols

Data Retention and Deletion

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, in compliance with DPDPA 2023 storage limitation principles.

7.1 Retention Periods

Data Category	Retention Period	Reason
Account Information	Until account closure + 1 year	User service and dispute resolution
Order and Transaction Data	7 years	GST compliance and tax requirements
Payment Information	As per payment processor guidelines	Financial auditing and fraud prevention
Customer Support Records	3 years	Handling grievances and disputes
Marketing Consent Records	Until consent withdrawn	Regulatory compliance (DPDPA)
IP Logs and Cookies	1 year (typical session data)	Security and website optimization
Marketing and Analytics Data	1-2 years	Understanding user behavior and trends
Bank/Account Details (for refunds)	3 years	Financial reconciliation

7.2 Data Deletion Rights

Upon your request, we will delete your personal data within 30 days, except where:

Retention is required by law (tax records, compliance files)
Data is necessary for pending transactions or disputes
Data is anonymized (we may retain anonymized, non-identifiable data for analytics)

Your Rights Under DPDPA 2023

As a data principal under the Digital Personal Data Protection Act, 2023, you have the following rights:

8.1 Right to Access

You have the right to request access to all your personal data we hold. We will provide this information in a structured, portable, machine-readable format within 30 days of your request.

8.2 Right to Correction

You can request correction of inaccurate or incomplete personal data. We will verify and correct such data promptly.

8.3 Right to Erasure (Right to be Forgotten)

You can request deletion of your personal data, except where retention is legally required. We will honor your deletion request within 30 days unless exempted under law.

8.4 Right to Withdraw Consent

You can withdraw your consent for data processing at any time. However, this will not affect the validity of processing done before consent withdrawal.

8.5 Right to Grievance Redressal

You have the right to file a grievance with our Grievance Redressal Officer if you believe your data has been mishandled.

8.6 Right to Opt-Out

You can opt-out of:

Marketing communications and promotional emails
Personalized recommendations
Cookies and tracking technologies (except essential cookies)
Behavioral advertising

Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your browsing experience, remember your preferences, and analyze Platform usage.

9.1 Types of Cookies

Essential Cookies:

Necessary for Platform functionality (login, payment processing, security)
Cannot be disabled

Performance Cookies:

Google Analytics for understanding user behavior and traffic patterns
Help us optimize Platform performance

Marketing Cookies:

Used for personalized recommendations and targeted advertising
Require your explicit consent

Preference Cookies:

Remember your choices (language, currency, etc.)

9.2 Cookie Consent

We obtain your explicit and informed consent before using non-essential cookies. You can:

Accept or reject cookies through our cookie banner
Modify cookie preferences in your account settings
Disable cookies through your browser settings (may affect Platform functionality)

9.3 Third-Party Cookies

Third-party vendors like Google may set cookies to display relevant advertisements across the web. You can opt out of Google’s advertising by visiting Google’s Ads Settings.

Cross-Border Data Transfer

Under DPDPA 2023, personal data transfers to countries outside India are subject to restrictions unless the Central Government has exempted the destination country.

10.1 Our Data Transfer Policy

Primary Storage: We store most personal data on servers located in India
Limited Cross-Border Transfer: Only when necessary for payment processing or essential service delivery
Restricted Countries: We do not transfer data to countries on India’s restricted list unless you provide explicit consent
Data Protection Standards: We ensure equivalent data protection standards apply to transferred data

10.2 GDPR Compliance (EU Users)

If you are accessing our Platform from the European Union, we comply with GDPR requirements:

You have the right to data portability
You can lodge complaints with EU data protection authorities
We have Data Processing Agreements with EU-based third parties

Children’s Privacy

Our Platform is not intended for individuals under 18 years of age. We do not knowingly collect personal data from children.

Age Verification: We assume users are adults (18+)
Parental Consent: If we discover data from minors, we will obtain parental consent immediately
Data Deletion: We will delete children’s data if parental request is received

If you are a parent or guardian concerned about your child’s data, please contact us immediately.

Third-Party Links and Services

Our Platform may contain links to third-party websites and services (social media, payment providers, etc.). We are not responsible for their privacy practices.

We encourage you to review third-party privacy policies before sharing data
We are not liable for unauthorized data collection by third parties
Disabling third-party cookies may affect Platform functionality

Grievance Redressal and Complaint Handling

13.1 Grievance Redressal Officer

Name: [Grievance Officer Name]
Designation: Data Protection Officer / Grievance Redressal Officer
Email: [email protected]
Phone: [Contact Number]
Office Address: [Complete Address]
Response Time: We will acknowledge your grievance within 48 hours and resolve it within 30 days

13.2 Filing a Complaint

To file a data privacy complaint:

Email your grievance to [email protected] with:
- Your name and contact information
- Detailed description of the issue
- Relevant dates and transaction IDs
- Supporting documents
Or submit through our grievance form on the Platform
We will investigate and respond within the stipulated timeframe

13.3 Data Protection Board Escalation

If you are unsatisfied with our response, you can escalate to:

Data Protection Board of India (once operational)

Established under DPDPA 2023
Handles privacy complaints and enforcement

Policy Updates and Changes

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors.

14.1 Notification of Changes

Major Changes: We will notify you via email or Platform notification
Continued Use: Your continued use of the Platform after changes indicates acceptance
Effective Date: Updated policies become effective on the date specified

14.2 Your Consent

If material changes are made, we will obtain your fresh consent before implementing them, where required under DPDPA 2023.

Contact Us

If you have questions about this Privacy Policy, our data practices, or want to exercise your rights under DPDPA 2023, please contact us:

Company Name: WWW.EAMZN.IN
Email: [email protected]
Grievance Email: [email protected]
Phone: +917835983697
Website: www.eamzn.in

Mailing Address:

SHIV TRADERS

HOUSE NO 137A Street no 11

Sainik Enclave sector 1 Mohan Garden New Delhi
PIN: 110059
Country: India

Response Timeframe: We will respond to all inquiries within 7 business days

Legal and Regulatory Compliance

This Privacy Policy is established in compliance with:

Digital Personal Data Protection Act (DPDPA), 2023
Information Technology Act, 2000 (Sections 43A and 72)
Consumer Protection Act, 2019
GST Laws and Regulations (for tax compliance)
RBI Guidelines (for payment security)
SEBI Requirements (if applicable for investment advisory)
E-commerce Rules, 2020
Reasonable Security Practices Standards

Appendix A: Consent Form Template

EAMZN.IN DATA PROCESSING CONSENT FORM

I acknowledge that I have read and understood the Privacy Policy of EAMZN.IN dated January 4, 2026.

I provide my explicit and informed consent to:

☐ Collection of my personal data for account creation and order fulfillment
☐ Processing of payment information through authorized payment gateways
☐ Sharing my data with logistics partners for delivery
☐ Sending promotional emails and marketing communications
☐ Using cookies for website analytics and personalization
☐ Targeted advertising based on browsing behavior
☐ Grievance resolution and customer support
☐ All data processing purposes outlined in Section 3 of the Privacy Policy

I can withdraw this consent at any time by contacting [email protected]

Date: [Date]
User Name: [Full Name]
Email: [Email Address]
Signature: [Digital/Physical Signature]

END OF PRIVACY POLICY

Document Version: 1.0
Last Updated: January 4, 2026
Next Review Date: January 4, 2027