Legal
Privacy Policy
Last updated: 10 June 2026
Viora Jewels (“Viora”, “we”, “us”) respects your privacy. This Privacy Policy explains, in plain English, what personal information we collect when you visit viorajewel.in or buy from us, how we use it, who we share it with, how long we keep it, and the rights you have under India's Digital Personal Data Protection Act, 2023 (“DPDP Act”) and the DPDP Rules, 2025.
1. Information We Collect
- Identity & contact data: name, email, phone number, shipping & billing address.
- Order data: items purchased, payment status, delivery details.
- Usage data: pages visited, device, browser, IP address, and similar tracking signals collected via cookies and the analytics tools listed in Section 4.
2. How We Use Your Information
- To process and deliver your orders.
- To provide customer support and respond to your queries.
- To send order updates, occasional product news, and offers (you can unsubscribe at any time).
- To improve our website, understand how visitors use it, prevent fraud, and meet legal obligations.
3. Sharing of Information
We do not sell your personal data. We share it only with trusted partners that help us run the business — payment gateways (e.g. Razorpay), delivery partners, analytics & marketing providers (Google, Meta, Microsoft), email/communication providers, and hosting services — under appropriate confidentiality and data-processing agreements.
4. Analytics & Marketing Tools We Use
These tools only activate after you give consent through the cookie banner shown on your first visit. Before consent, only essential cookies (cart, login, security) run.
- Microsoft Clarity — records anonymised session recordings, heatmaps, clicks, scrolls, and mouse movement so we can see where the site is confusing or broken. Data is processed by Microsoft Ireland Operations Ltd. See Microsoft's Privacy Statement.
- Meta Pixel & Conversions API (CAPI) — sends events such as page views, add-to-cart, and purchases to Meta so we can measure ads and show you relevant ones. CAPI sends some data server-to-server, including hashed email and phone number plus purchase event details (your raw email/phone are never shared). See Meta's Privacy Policy.
- Google Analytics 4 — collects aggregated traffic and behavioural data (pages, sessions, devices, approximate location) so we can understand site performance. Google acts as a data processor on our behalf. See Google's Privacy Policy.
5. Cookies & Consent
On your first visit, a cookie consent banner asks whether you accept non-essential cookies. We use three categories:
- Essential — cart, login session, security and fraud prevention. These always run; the site cannot function without them.
- Analytics — Google Analytics 4 and Microsoft Clarity. Require consent.
- Marketing — Meta Pixel & CAPI. Require consent.
You can withdraw consent at any time by (a) clicking the “Cookie Preferences” link in our footer to reopen the banner, (b) clearing cookies via your browser settings, or (c) emailing viorajewels6@gmail.com. Withdrawing consent does not affect processing already carried out before withdrawal.
6. How Long We Keep Your Data
- Order & transaction data: 7 years, as required by Indian tax and accounting laws.
- Account & contact data: until you ask us to delete it. After a deletion request, we erase it within 30 days (except where law requires longer retention, e.g. invoices).
- Analytics & behavioural data: per each tool's policy — Microsoft Clarity up to 13 months, Google Analytics 4 up to 14 months.
7. Your Rights Under the DPDP Act
As a Data Principal, you have the right to:
- Access the personal data we hold about you.
- Correct inaccurate or out-of-date data.
- Request erasure of your data.
- Withdraw consent at any time for any processing that relies on consent.
- Nominate another person to exercise these rights on your behalf (for example, in case of incapacity or death), as permitted by the DPDP Act.
- Raise a grievance with us; if unresolved, you may approach the Data Protection Board of India.
To exercise any of these rights, email viorajewels6@gmail.com. We will respond within 30 days.
8. Children's Data
Viora is intended for users aged 18 and above. We do not knowingly collect personal data from minors. If we discover that we have collected data from a person under 18, we will delete it immediately. If you believe a minor has shared data with us, please write to viorajewels6@gmail.com.
9. Data Security
We use industry-standard safeguards to protect your information. Payments are processed over secure (HTTPS) connections by our payment partners, and we do not store your card details on our servers.
10. Data Breach Notification
If a personal data breach occurs that is likely to affect your rights, we will notify affected users and the Data Protection Board of India within a reasonable timeframe, as required by the DPDP Act and its Rules.
11. Updates to This Policy
We may update this Privacy Policy from time to time. The “Last updated” date at the top reflects the most recent change. Material changes will be highlighted on the site.
12. Contact
For any privacy-related questions, requests, or grievances, write to viorajewels6@gmail.com.
