If there is a conflict between our Terms of Service and this Privacy Policy, this Privacy Policy controls with respect to the collection, processing, and disclosure of your personal information.
Please read this Privacy Policy carefully so that you understand how and why we use your personal information before you share it with us.
Goddiva India is operated by Grace Infotech (“Goddiva India,” “we,” “us,” or “our”), located at 2 Madambakkam Main Road, Madambakkam, Chennai, Tamil Nadu 600126, India. For any privacy-related enquiries, requests, grievances or concerns regarding the processing of your personal data, you may contact us at admin@goddiva.in. For the purposes of the DPDP law, we act as the Data Fiduciary responsible for the personal data we collect about you through the Services. Where the Services are hosted and operated on Shopify, Shopify processes certain personal data as described in the “Relationship with Shopify” section below.
When we use the term “personal information” or “personal data,” we are referring to information that identifies or can reasonably be linked to you or another person. Personal information does not include information that is collected anonymously or that has been de-identified, so that it cannot identify or be reasonably linked to you. We may collect or process the following categories of personal information, including inferences drawn from this personal information, depending on how you interact with the Services, where you live, and as permitted or required by applicable law:
• Contact details including your name, address, billing address, shipping address, phone number, and email address.
• Financial Information including payment method, transaction details, payment confirmations and billing information. Payment card information is processed securely by authorised payment gateways and banking partners. Goddiva India does not store complete debit card or credit card details on its systems.
• Account information including your username, password, security questions, preferences and settings.
• Transaction information including the items you view, put in your cart, add to your wishlist, or purchase, return, exchange or cancel, and your past transactions.
• Communications with us including the information you include in communications with us, for example, when sending a customer support inquiry.
• Device information including information about your device, browser, or network connection, your IP address, and other unique identifiers.
• Usage information including information regarding your interaction with the Services, including how and when you interact with or navigate the Services.
We may collect personal information from the following sources:
• Directly from you including when you create an account, visit or use the Services, communicate with us, or otherwise provide us with your personal information;
• Automatically through the Services including from your device when you use our products or services or visit our websites, and through the use of cookies and similar technologies;
• From our service providers including when we engage them to enable certain technology and when they collect or process your personal information on our behalf;
• From our partners or other third parties.
We use cookies, pixels, web beacons and similar technologies to improve your browsing experience, analyse website traffic, remember your preferences and provide personalised content and advertising.
These technologies may include:
• Essential Cookies – required for website functionality, account login and checkout.
• Analytics Cookies – used to understand how visitors interact with our website and improve performance.
• Functional Cookies – used to remember user preferences and settings.
• Advertising Cookies – used to deliver relevant advertisements and measure marketing effectiveness.
We may use third-party technologies provided by Shopify, Google Analytics, Meta (Facebook), Pinterest, TikTok, Microsoft Clarity and other advertising or analytics providers.
You may control or disable cookies through your browser settings. However, doing so may affect certain website functionality.
Depending on how you interact with us or which of the Services you use, and subject to the consent and notice requirements described in the “Your Consent and Choices” section below, we may use personal information for the following purposes:
• Provide, Tailor, and Improve the Services. We use your personal information to provide you with the Services, including to perform our contract with you, to process your payments, to fulfil your orders, to remember your preferences and items you are interested in, to send notifications to you related to your account, to process purchases, returns, exchanges or other transactions, to create, maintain and otherwise manage your account, to arrange for shipping, to facilitate any returns and exchanges, to enable you to post reviews, and to create a customised shopping experience for you, such as recommending products related to your purchases. This may include using your personal information to better tailor and improve the Services.
• Marketing and Advertising. Where you have consented (or where otherwise permitted by applicable law), we use your personal information for marketing and promotional purposes, such as to send marketing, advertising and promotional communications by email, text message or postal mail, and to show you online advertisements for products or services on the Services or other websites, including based on items you previously purchased or added to your cart and other activity on the Services. You can withdraw your consent or opt out of marketing communications at any time, as described below.
• Security and Fraud Prevention. We use your personal information to authenticate your account, to provide a secure payment and shopping experience, to detect, investigate or take action regarding possible fraudulent, illegal, unsafe, or malicious activity, to protect public safety, and to secure our Services. If you choose to use the Services and register an account, you are responsible for keeping your account credentials safe. We highly recommend that you do not share your username, password or other access details with anyone else.
• Communicating with You. We use your personal information to provide you with customer support, to be responsive to you, to provide effective services to you, and to maintain our business relationship with you.
• Where you provide your mobile number and consent, we may communicate with you through WhatsApp, SMS or similar messaging platforms regarding order updates, customer support, delivery notifications, returns processing and promotional offers.
• Legal Reasons. We use your personal information to comply with applicable law or respond to valid legal process, including requests from law enforcement or government agencies, to investigate or participate in civil discovery, potential or actual litigation, or other adversarial legal proceedings, and to enforce or investigate potential violations of our terms or policies.
Where we rely on your consent to collect or process your personal data, we will ask for it through a clear affirmative action, after giving you notice of the personal data we seek to collect and the specific purposes for which it will be processed. Your consent is limited to the personal data necessary for those specified purposes.
You may withdraw your consent at any time. Withdrawing your consent will be as easy as giving it, and we will stop the relevant processing once you do. Withdrawal will not affect the lawfulness of any processing carried out before you withdrew your consent, and it may mean we are no longer able to provide certain features of the Services to you. To withdraw consent or manage your choices, contact our Grievance Officer using the details in the “Contact” section, or use the relevant settings or unsubscribe options within the Services.
On request, we will make the consent notice available to you in English or in any language specified in the Eighth Schedule to the Constitution of India.
In certain circumstances, we may disclose your personal information to third parties for legitimate purposes subject to this Privacy Policy. Such circumstances may include:
• With Shopify, vendors and other third parties who perform services on our behalf (e.g. IT management, payment processing, data analytics, customer support, cloud storage, fulfilment and shipping).
• With marketplace partners including online retail platforms through which our products are sold, where necessary to process, fulfil, manage, return or exchange orders.
• With courier, logistics and fulfilment partners for delivery, collection, returns processing and customer service purposes. Information shared may include your name, address, telephone number, email address and order details.
• With business and marketing partners to provide marketing services and advertise to you, where you have consented. For example, we use Shopify to support personalised advertising with third-party services based on your online activity with different merchants and websites. Our business and marketing partners will use your information in accordance with their own privacy notices. Depending on where you reside, you may have a right to direct us not to share information about you to show you targeted advertisements and marketing based on your online activity with different merchants and websites.
• When you direct, request us, or otherwise consent to our disclosure of certain information to third parties, such as to ship you products or through your use of social media widgets or login integrations.
• With our affiliates or otherwise within our corporate group.
• In connection with a business transaction such as a merger or bankruptcy; to comply with any applicable legal obligations (including to respond to subpoenas, search warrants and similar requests); to enforce any applicable terms of service or policies; and to protect or defend the Services, our rights, and the rights of our users or others.
The Services are hosted by Shopify, which collects and processes personal information about your access to and use of the Services in order to provide and improve the Services for you. Information you submit to the Services will be transmitted to and shared with Shopify, as well as third parties that may be located in countries other than where you reside, in order to provide and improve the Services for you. In addition, to help protect, grow, and improve our business, we use certain Shopify enhanced features that incorporate data and information obtained from your interactions with our Store, along with other merchants and with Shopify. To provide these enhanced features, Shopify may make use of personal information collected about your interactions with our Store, along with other merchants, and with Shopify. In these circumstances, Shopify is responsible for the processing of your personal information, including for responding to your requests to exercise your rights over use of your personal information for these purposes. To learn more about how Shopify uses your personal information and any rights you may have, you can visit the Shopify Consumer Privacy Policy. Depending on where you live, you may exercise certain rights with respect to your personal information via the Shopify Privacy Portal.
We may transfer, store and process your personal information outside the country in which you live, including because the Services are hosted on Shopify’s global infrastructure.
As the Services are hosted through Shopify and supported by global service providers, your personal data may be transferred to and processed in countries including the United Kingdom, United States, Canada, Singapore and other jurisdictions where Shopify or our authorised service providers operate.
For customers in India: the DPDP law permits the transfer of personal data to a country or territory outside India, except to any country or territory that the Central Government of India restricts by notification. Where we transfer your personal data outside India, we do so in accordance with these requirements and subject to any conditions the Central Government may prescribe.
For personal information transferred out of the European Economic Area or the United Kingdom: we will rely on recognised transfer mechanisms such as the European Commission’s Standard Contractual Clauses, or any equivalent contracts issued by the relevant competent authority of the UK, unless the data transfer is to a country that has been determined to provide an adequate level of protection.
The Services may provide links to websites or other online platforms operated by third parties. If you follow links to sites not affiliated or controlled by us, you should review their privacy and security policies and other terms and conditions. We do not guarantee and are not responsible for the privacy or security of such sites, including the accuracy, completeness, or reliability of information found on these sites. Information you provide on public or semi-public venues, including information you share on third-party social networking platforms, may also be viewable by other users of the Services and/or users of those third-party platforms without limitation as to its use by us or by a third party. Our inclusion of such links does not, by itself, imply any endorsement of the content on such platforms or of their owners or operators, except as disclosed on the Services.
The Services are intended for individuals aged 18 years or older. We do not knowingly collect personal data from children under the age of 18. If we become aware that personal data relating to a child has been collected without the required parental or guardian consent, we will take reasonable steps to delete such information promptly.
We do not knowingly collect or process the personal data of a child without first obtaining verifiable consent from the child’s parent or lawful guardian, in the manner required by the DPDP law. We do not undertake tracking or behavioural monitoring of children, and we do not direct targeted advertising at children.
If you are the parent or guardian of a child who has provided us with personal data without your consent, please contact our Grievance Officer using the details in the “Contact” section, and we will take steps to delete that information.
We maintain reasonable security safeguards designed to protect your personal data against unauthorised access, use, disclosure, alteration, or loss, as required under the DPDP law. However, please be aware that no security measures are perfect or impenetrable, and we cannot guarantee “perfect security.” In addition, any information you send to us may not be secure while in transit. We recommend that you do not use unsecure channels to communicate sensitive or confidential information to us.
We retain personal information only for as long as necessary to fulfil the purposes described in this Privacy Policy, comply with legal obligations and resolve disputes. Typical retention periods may include:
• Customer account information – for the duration of the account and up to three (3) years following account closure.
• Order, invoice and transaction records – up to eight (8) years as required by applicable accounting and tax laws.
• Marketing consent records – up to five (5) years after the last interaction.
• Customer service communications – up to three (3) years after resolution.
We will securely delete, anonymise or erase personal data when retention is no longer required by law or for legitimate business purposes.
In the event of a personal data breach, we will notify the affected individuals and the Data Protection Board of India in the manner and within the timelines prescribed by the DPDP law.
Depending on where you live, you may have some or all of the rights listed below in relation to your personal information. These rights may not be absolute, may apply only in certain circumstances, and, in certain cases, we may decline your request as permitted by law.
• Right to Access / Know. You may have a right to request access to, and a summary of, the personal information we hold about you and how we process it.
• Right to Correct. You may have a right to request that we correct, complete, or update inaccurate or incomplete personal information we maintain about you.
• Right to Erasure / Delete. You may have a right to request that we erase or delete personal information we maintain about you.
• Right of Portability. You may have a right to receive a copy of the personal information we hold about you and to request that we transfer it to a third party, in certain circumstances and with certain exceptions.
• Right to Grievance Redressal. You have a right to a readily available means of registering a grievance with us in respect of any act or omission regarding the processing of your personal data. You may contact our Grievance Officer using the details in the “Contact” section.
• Right to Nominate. You have a right to nominate another individual who may, in the event of your death or incapacity, exercise your rights under the DPDP law on your behalf.
• Managing Communication Preferences. We may send you promotional emails, and you may opt out of receiving these at any time by using the unsubscribe option displayed in our emails to you. If you opt out, we may still send you non-promotional emails, such as those about your account or orders you have made.
You may exercise any of these rights where indicated on the Services or by contacting our Grievance Officer using the details in the “Contact” section. We will not discriminate against you for exercising any of these rights. We may need to verify your identity before we can process your request, as permitted or required under applicable law. In accordance with applicable laws, you may designate an authorised agent to make requests on your behalf; before accepting such a request, we will require the agent to provide proof that you have authorised them to act on your behalf, and we may need you to verify your identity directly with us. We will respond to your request within the timelines required under applicable law. To learn more about how Shopify uses your personal information and any rights you may have, including rights related to data processed by Shopify, you can visit privacy.shopify.com/en.
If you have a complaint about how we process your personal information, please first contact our Grievance Officer using the details in the “Contact” section so that we can try to resolve it.
If you are in India and are not satisfied with our response, you may register a complaint with the Data Protection Board of India. Decisions of the Board may be appealed to the Telecom Disputes Settlement and Appellate Tribunal (TDSAT).
Depending on where you live, you may also have the right to lodge a complaint with your local data protection authority.
We may update this Privacy Policy from time to time, including to reflect changes to our practices or for other operational, legal, or regulatory reasons. We will post the revised Privacy Policy on this website, update the “Last updated” date above, and provide notice as required by applicable law.
Should you have any questions about our privacy practices or this Privacy Policy, or if you would like to exercise any of the rights available to you, please contact our Grievance Officer:
Grievance Officer: Alexandar R
Entity: Grace Infotech
Address: 2 Madambakkam Main Road, Madambakkam, Chennai, Tamil Nadu 600126, India
Email: info@goddiva.in
Phone: 7418189567
We will acknowledge privacy-related requests and grievances within the timelines prescribed under applicable law.
Scan to Chat on WhatsApp
