PRIVACY POLICY

This Privacy Policy (“Policy”) describes how AEQEA (“AEQEA”, “we”, “us”, or “our”), acting as a Data Fiduciary and Data Controller where applicable, collects, uses, stores, shares, and protects personal information obtained through your access to or use of our website, products, and services. By accessing or using our website, you acknowledge that you have read, understood, and consent to the practices described herein.

SECTION 1: SCOPE AND APPLICABILITY

This Policy applies to all personal data collected through AEQEA’s website, associated services, and communications. It governs the processing of personal data of users located in India and internationally, in compliance with applicable data protection laws, including the Digital Personal Data Protection Act, 2023 (“DPDP Act”) and, where applicable, the General Data Protection Regulation (“GDPR”).

SECTION 2:  INFORMATION WE COLLECT

We collect personal information that you voluntarily provide when interacting with our website, placing an order, creating an account, or contacting us. Such information may include your name, email address, phone number, billing and shipping address, payment details (processed securely via third-party gateways), and any additional information you choose to provide.

We also collect certain information automatically when you access our website, including but not limited to your IP address, device identifiers, browser type, operating system, referring URLs, pages viewed, and interactions with our website. This information is collected through cookies and similar technologies for purposes of analytics, functionality, and security.

SECTION 3: PURPOSE OF PROCESSING

Your personal data is processed for legitimate and necessary purposes, including order fulfilment, payment processing, customer support, delivery coordination, fraud prevention, service improvement, analytics, and compliance with legal obligations. With your consent, we may also process your data for marketing communications, product updates, and promotional activities.

SECTION 4: LEGAL BASIS FOR PROCESSING

We process personal data based on one or more lawful grounds, including your explicit consent, performance of a contract, compliance with legal obligations, and our legitimate interests in operating, securing, and improving our business. Where required under applicable law, we obtain clear and informed consent prior to processing personal data for specified purposes.

SECTION 5: CONSENT AND WITHDRAWAL

By providing your personal information, you consent to its collection and processing for the purposes described in this Policy. Where processing is based on consent, you retain the right to withdraw such consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before such withdrawal. Withdrawal requests may be submitted by contacting us at aeqea.help@gmail.com.

SECTION 6: DATA PRINCIPAL RIGHTS

Subject to applicable laws, including the DPDP Act and GDPR, you may exercise rights in relation to your personal data, including the right to access, correct, update, or delete your personal information, the right to withdraw consent, the right to object to or restrict processing, and the right to request information regarding the processing of your data. Requests may be submitted via the contact details provided in this Policy, and we will respond within a reasonable timeframe as required by law.

SECTION 7: DATA SHARING AND DISCLOSURE

We do not sell or rent personal data. We may share personal information with trusted third-party service providers who assist in operating our business, including payment processors, logistics partners, analytics providers, marketing platforms, and hosting providers such as Shopify Inc. These parties are authorised to process personal data only to the extent necessary to perform their services and are contractually obligated to maintain confidentiality and implement appropriate security measures.

We may also disclose personal data where required by law, regulation, legal process, or governmental request, or where necessary to enforce our agreements, protect our rights, or prevent fraud or security threats.

SECTION 8: INTERNATIONAL DATA TRANSFERS

Your personal data may be transferred to and processed in countries other than your country of residence. In such cases, we take appropriate safeguards to ensure that such transfers comply with applicable data protection laws and that your personal data receives a level of protection consistent with this Policy.

SECTION 9: SHOPIFY INFRASTRUCTURE AND PAYMENT SECURITY

Our website is hosted on Shopify Inc., which provides the infrastructure and tools necessary to operate our online store. Data is stored on secure servers protected by industry-standard safeguards, including firewalls and encryption.

All payment transactions are processed through PCI-DSS-compliant payment gateways. Payment information is encrypted during transmission using Secure Socket Layer (SSL) technology and is not stored in an unencrypted form on our systems.

SECTION 10: DATA RETENTION

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including order processing, legal compliance, dispute resolution, fraud prevention, and business operations. Once the retention period expires, personal data is securely deleted or anonymised in accordance with applicable standards.

SECTION 11: SECURITY MEASURES

We implement reasonable administrative, technical, and organisational safeguards to protect personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption protocols, access controls, and secure storage systems. While we follow industry best practices, no system can guarantee absolute security.

SECTION 12: COOKIES AND TRACKING TECHNOLOGIES

We use cookies and similar technologies to enable core website functionality, maintain user sessions, improve user experience, and analyse website performance. These technologies may also support marketing, personalisation, and analytics, including tools used for advertising and retargeting.

You may manage or disable cookies through your browser settings. However, certain features of the website may not function properly if cookies are disabled.

SECTION 13: MARKETING AND ADVERTISING

With your consent, we may use your data for marketing communications and targeted advertising through platforms such as analytics and advertising networks. You may opt out of receiving marketing communications at any time by following the unsubscribe instructions provided in our communications or by contacting us directly.

SECTION 14: CHILDREN’S DATA

Our services are not intended for individuals under the age of eighteen (18). We do not knowingly collect personal data from minors without appropriate parental or guardian consent. If we become aware that such data has been collected without consent, we will take appropriate steps to delete it.

SECTION 15: GRIEVANCE REDRESSAL

In accordance with applicable Indian laws, we have established a grievance redressal mechanism to address concerns relating to personal data processing. You may contact our grievance officer by emailing aeqea.help@gmail.com or writing to AEQEA, Delhi, IN 110027. We endeavour to address grievances in a timely and effective manner.

SECTION 16: THIRD-PARTY LINKS

Our website may contain links to third-party websites or services. We are not responsible for the privacy practices or content of such external platforms. We encourage users to review the privacy policies of any third-party sites they visit.

SECTION 17: CHANGES TO THIS POLICY

We reserve the right to modify or update this Privacy Policy at any time. Any changes will be effective immediately upon posting on the website. Continued use of the website following such changes constitutes acceptance of the revised Policy.

SECTION 18: CONTACT INFORMATION

For any questions, requests, or concerns regarding this Privacy Policy or the handling of your personal data, you may contact us at:

Email: aeqea.help@gmail.com
Address: AEQEA, Delhi, IN 110027