1. Introduction
Shubhkalash Jewellers ("we", "us", or "our"), a proprietorship firm located at Main Road, Ward No. 15, Ambedkar Chowk, Waraseoni, Balaghat, Madhya Pradesh 481331, India, operates the Shubhkalash Bachat mobile application (the "App") and the associated website (the "Website"), collectively referred to as the "Platform".
This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our Platform. By accessing or using the Platform, you consent to the practices described in this Privacy Policy.
If you do not agree with the terms of this Privacy Policy, please do not access or use the Platform.
2. Information We Collect
2.1 Information You Provide
- Account Registration: Mobile phone number, name, and profile information provided during OTP-based registration.
- Recurring Deposit (RD) Details: Plan selections (Cash RD or Gold RD), deposit amounts, tenure preferences, and maturity options.
- Payment Information: UPI transaction reference IDs, payment gateway transaction records, payment amounts, and payment history.
- Communications: Any messages, feedback, or support requests you send to us.
2.2 Information Collected Automatically
- Device Information: Device type, operating system, unique device identifiers, and mobile network information.
- Usage Data: App usage patterns, features accessed, session duration, and interaction data.
- Log Data: IP address, access times, pages viewed (for the website), and referring URLs.
2.3 Information from Third Parties
- Payment Processors: Transaction confirmation status from UPI payment service providers.
3. How We Use Your Information
We use the information we collect for the following purposes:
- Account Management: To create and manage your user account, verify your identity via OTP, and maintain your profile.
- Service Delivery: To process your recurring deposits (Cash RD and Gold RD), track payments, calculate interest, convert deposits to gold grams, and manage maturity/redemption.
- Payment Processing: To process payments through our integrated payment gateway, confirm transaction status in real time, and maintain transaction records.
- Notifications: To send payment reminders, deposit confirmations, maturity alerts, rate updates, and other service-related communications via push notifications and in-app messages.
- Metal Rate Updates: To display current gold and silver rates within the App.
- Customer Support: To respond to your inquiries, troubleshoot issues, and provide assistance.
- Improvement: To analyze usage patterns, improve our App and services, and develop new features.
- Legal Compliance: To comply with applicable laws, regulations, and legal processes.
4. Payment Information
All payments on the Platform are processed through an integrated third-party payment gateway that supports Unified Payments Interface (UPI) and other payment methods. The payment gateway is PCI-DSS compliant and authorized by the Reserve Bank of India (RBI).
Important: We do not collect, store, or have access to your bank account details, UPI PIN, card numbers, or sensitive financial credentials. All payment transactions are processed securely by the payment gateway. Shubhkalash Jewellers only receives transaction confirmation data from the gateway.
We receive and store the following from the payment gateway:
- Transaction reference IDs (unique identifiers issued by the payment gateway)
- Payment amount and date/time
- Payment status (processing, successful, failed)
- Payment method type (UPI, etc.)
4.1 Payment Gateway Data Sharing
When you make a payment, the following information is shared with the payment gateway for transaction processing:
- Payment amount
- Order/deposit reference associated with your RD
- Your mobile number (for UPI intent and transaction linking)
The payment gateway may collect additional information as per its own privacy policy, including device information and IP address for fraud prevention. We encourage you to review the payment gateway provider's privacy policy.
5. Data Storage & Security
We take the security of your personal information seriously and implement appropriate technical and organizational measures to protect it.
- Cloud Infrastructure: Your data is stored on secure cloud database servers with industry-standard encryption.
- Encrypted Connections: All data transmitted between the App and our servers is encrypted using HTTPS/TLS protocols.
- Access Controls: We implement row-level security policies ensuring that users can only access their own data. Administrative access is restricted and authenticated.
- Authentication: User accounts are secured via OTP-based authentication.
While we strive to use commercially acceptable means to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.
6. Data Sharing & Disclosure
We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:
- Payment Gateway & Processors: With our integrated payment gateway provider and associated UPI payment service providers to process, verify, and settle your transactions. The payment gateway receives transaction details necessary for payment processing and fraud prevention.
- Legal Requirements: When required by law, regulation, legal process, or governmental request.
- Protection of Rights: To enforce our Terms and Conditions, protect the safety and security of our users, or protect our legal rights.
- Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction, with prior notice to you.
- With Your Consent: For any other purpose with your explicit consent.
7. Data Retention
We retain your personal information for as long as your account is active or as needed to provide you with our services. Specifically:
- Account Data: Retained while your account remains active and for a reasonable period thereafter to allow for re-activation.
- Financial Records: Payment history, RD records, and transaction data are retained as required by applicable Indian financial regulations and tax laws (typically a minimum of 8 years).
- Communication Records: Support communications are retained for up to 3 years after resolution.
Upon account deletion request, we will delete or anonymize your personal information within 30 days, except where retention is required by law.
8. Your Rights
Subject to applicable Indian laws, you have the following rights regarding your personal information:
- Right to Access: You can request a copy of the personal data we hold about you.
- Right to Correction: You can request correction of inaccurate or incomplete personal data.
- Right to Deletion: You can request deletion of your personal data, subject to legal retention requirements.
- Right to Withdraw Consent: You can withdraw consent for data processing at any time, which may affect your ability to use certain features.
- Right to Data Portability: You can request your data in a structured, commonly used format.
To exercise any of these rights, please contact us using the details provided in Section 12 below.
9. Cookies & Tracking
Our website may use minimal cookies and similar tracking technologies for:
- Basic website analytics (page views, visitor count)
- Remembering user preferences
- Ensuring website functionality
The mobile App does not use cookies. We do not use cookies for advertising or cross-site tracking purposes.
You can control cookies through your browser settings. Disabling cookies may affect certain website features.
10. Children's Privacy
The Platform is not directed at individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal data from a child under 18, we will take steps to delete such information promptly.
If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes:
- We will update the "Last Updated" date at the top of this page.
- We will notify you through the App via push notification or in-app message.
- For significant changes, we may require you to re-acknowledge the updated policy.
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.