Privacy Policy

Information We Collect

When you create an account or place an order, we collect:

• Full name and email address
• Phone number (for order confirmation SMS)
• Shipping address (name, address, city, state, pincode)
• Payment information (processed securely by Razorpay — we do not store card details)
• Order history and transaction IDs

How We Use Your Information

• Process and fulfill your orders
• Send order confirmation emails and SMS notifications
• Manage your account and purchase history
• Improve our website and product offerings
• Comply with legal obligations

Third-Party Services

We use the following third-party services, each with their own privacy policies:

• Razorpay — payment processing (PCI-DSS compliant)
• Resend / Nodemailer — transactional email delivery
• Fast2SMS / SMS gateway — order confirmation SMS
• MongoDB Atlas — secure cloud database storage

Data Security

Your password is stored as a bcrypt hash (12 salt rounds) — we never store or have access to your plain-text password. Sessions are managed via HTTP-only cookies using JWT encryption. We do not store payment card details.

Data Retention

Your account data is retained as long as your account is active or as needed to provide services and comply with legal obligations. Order records are retained for a minimum of 7 years for tax and compliance purposes.

Your Rights

You may request access to, correction of, or deletion of your personal data by contacting us at victorscotland00@gmail.com. Note that order records may be retained as required by law.

Cookies

We use HTTP-only session cookies for authentication purposes only. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

Contact

For privacy-related queries: victorscotland00@gmail.com