A clear privacy policy for “maajewels” should explain what data you collect, how you use it, users’ rights, and how they can contact you, in language that matches current data‑protection expectations (India’s DPDP Act 2023/Rules 2025 and global norms like GDPR/CCPA, if you target those regions). Below is a customizable, legally‑informed draft you can adapt with your actual details and have a lawyer review before publishing.
Introduction
This Privacy Policy explains how MaaJewels (“we”, “us”, “our”) collects, uses, shares, and protects your personal information when you visit or make a purchase from our website maajewels (the “Site”). By using the Site, you agree to the practices described in this Privacy Policy, subject to applicable data‑protection laws in your jurisdiction.
If you do not agree with this Policy, please discontinue use of the Site and our services.
Information we collect
We may collect the following types of information when you use our Site or interact with us:
- Identity and contact information: name, email address, phone number, billing and shipping address.
- Order and transaction information: products purchased, payment method (processed by third‑party gateways), order history, invoices.
- Account information: username, password, preferences, wishlist items (if you create an account).
- Technical and usage data: IP address, device identifiers, browser type, pages visited, time and date of visits, referring URLs, approximate location, and cookie data.
- Marketing and communication data: your preferences for receiving marketing messages, responses to campaigns, and interactions with our emails or ads.
- Customer support information: messages, emails, or other communications you send to us (including attachments or additional details you choose to share).
We do not knowingly collect personal data from children under the age required by applicable law (for example, under 18 in India’s DPDP framework and under 13 in COPPA contexts).
How we use your information
We use your information only for specific, lawful purposes described below:
- To provide and operate the Site: processing your orders, payments, deliveries, returns, and account management.
- To communicate with you: sending order confirmations, shipping updates, support responses, and important service or policy notices.
- To personalize your experience: remembering your preferences, showing relevant products, and improving navigation on the Site.
- To improve our products and services: analyzing Site usage, troubleshooting, testing new features, and enhancing security.
- For marketing and promotions: sending you newsletters, offers, and updates if you have consented or where permitted by law, with the option to opt out at any time.
- To comply with legal obligations and enforce our rights: preventing fraud, responding to lawful requests from authorities, and enforcing our terms.
We will only process your personal data where we have a legal basis to do so under applicable laws (such as your consent, performance of a contract, compliance with legal obligations, or our legitimate interests).
Cookies and tracking technologies
Our Site may use cookies, pixels, and similar technologies to:
- Recognize you when you return to the Site
- Remember your cart and preferences
- Analyze Site traffic and performance
- Support advertising and retargeting where applicable
You can manage or disable cookies through your browser settings, but some features of the Site may not function properly if you do so. Where required by law, we will present a cookie notice and/or consent banner to give you control over non‑essential cookies.
Sharing your information
We do not sell your personal information to third parties. However, we may share your information in the following limited circumstances:
- Service providers: with trusted vendors who provide services such as payment processing, order fulfilment, shipping, hosting, analytics, email delivery, marketing tools, and customer support, under contractual obligations to protect your data.
- Business transfers: in connection with a merger, acquisition, restructuring, or sale of assets, where your data may be transferred as part of the transaction, subject to confidentiality and continued protection.
- Legal requirements and protection: when required by law or a valid legal request, or when necessary to protect our rights, safety, or the rights and safety of others.
If applicable law (such as CCPA/CPRA) considers any of our advertising or analytics partnerships to be a “sale” or “sharing” of personal information, we will provide appropriate opt‑out mechanisms and disclosures.
International data transfers
Depending on where you are located and where our service providers operate, your information may be transferred to and processed in countries that may have different data‑protection laws than your home country. When transferring personal data across borders, we will implement appropriate safeguards required by applicable law (such as contractual protections or equivalent mechanisms).
Data security
We use reasonable technical and organizational measures designed to protect your personal information against unauthorized access, disclosure, alteration, or destruction. These measures may include encryption, secure servers (SSL/TLS), access controls, regular monitoring, and contractual safeguards with service providers.
No method of transmission over the internet or electronic storage is completely secure, so absolute security cannot be guaranteed, but we strive to follow industry best practices and applicable regulatory requirements.
Data retention
We retain your personal data only for as long as necessary to fulfill the purposes described in this Policy, to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements.
Order and transaction data may be kept for longer periods where required by tax, accounting, or regulatory rules, after which it will be securely deleted or anonymized.
Your rights and choices
Your rights will depend on the laws that apply to you, but may include:
- Access: Request a copy of the personal data we hold about you.
- Correction: Ask us to correct inaccurate or incomplete information.
- Deletion: Request deletion of your personal data, subject to legal retention requirements.
- Restriction/Objection: Object to or request restriction of certain processing activities, such as direct marketing.
- Portability: Request transfer of your data in a structured, commonly used format, where applicable.
- Withdraw consent: Where processing is based on consent, withdraw it at any time without affecting prior lawful processing.
If you are covered by specific regimes (for example, India’s DPDP Act/Rules, EU/UK GDPR, or California CCPA/CPRA), you may have additional rights, such as the right to lodge a complaint with a data‑protection authority.
You can exercise these rights by contacting us using the details in the “Contact us” section below, and we will respond within the time frame required by applicable law.
Children’s privacy
Our Site and services are intended for adults and are not directed to children below the age limits defined by applicable law (for example, below 18 years under India’s DPDP regime or below 13 years under COPPA in the United States).
We do not knowingly collect personal information from such children; if we discover that we have collected data from a child without appropriate consent, we will delete it as required.
Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. The updated version will be indicated by a revised “Last updated” date and will be effective as soon as it is posted on the Site.
Where required by law, we will notify you of material changes (for example, via email or a notice on the Site) and, if necessary, obtain your consent.
Contact us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:
maajewels – Privacy Enquiries
Email: [your‑privacy‑email@maajewels.com]
Address: [your business address here]
If you are in a jurisdiction with a dedicated data‑protection authority, you may also have the right to lodge a complaint with that authority in addition to contacting us.
For your live site, update placeholders (email, address, legal entity name, last‑updated date, and any jurisdiction‑specific references) and have a qualified legal professional review this text for full compliance with your target markets.