Privacy policy

PRIVACY POLICY

Posted as of 11 May 2020

Last updated as of 09 June 2026

Welcome to Priya Odisha’s Privacy Policy

This Website is created and operated by M/s Priyadarshini Handloom, having its registered office at “V.I.P Road, Puri – 752001, Odisha, India” (GSTIN: 21AABFP5880E1ZI), represented by its partners, hereinafter referred to as the “Firm” (where such expression shall, unless repugnant to the context thereof, be deemed to include its respective legal heirs, representatives, administrators, permitted successors and assigns).

This legal agreement is an electronic record in terms of Indian Information Technology Act, 2000 and rules there under as applicable and the amended provisions about electronic records in various statutes as amended by the Indian Information Technology Act, 2000. This electronic record is generated by a computer system and does not require any physical or digital signatures.

This legal document is published in accordance with the provisions of the Digital Personal Data Protection Act, 2023 and the rules thereunder, Rule 3 (1) of the Indian Information Technology (Intermediaries guidelines) Rules, 2011 and Rule 4 of the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 of Information Technology Act, 2000 amended through Information Technology Amendment Act, 2008 that require publishing the privacy practices and policies for access or usage of www.priyaodisha.com (the “Website”).

The creator of this Privacy Policy maintains a steady commitment to Your privacy with regard to the protection of the invaluable information that you may share with us. This Privacy Policy contains information about the Website www.priyaodisha.com (hereinafter referred to as the “Platform”).

To provide You with Our uninterrupted use of the Platform, We may collect and, in some circumstances, disclose information about you with your permission. To ensure better protection of Your privacy, We provide this notice explaining Our information collection and disclosure policies, and the choices You make about the way Your information is collected and used.

This Privacy Policy is intended to comply with the Digital Personal Data Protection Act, 2023 of India and the applicable rules thereunder, as well as the Information Technology Act, 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011. We process your personal data for specified, lawful purposes and on the basis of your free, specific, informed and unambiguous consent (or other lawful grounds, including the certain legitimate uses permitted under the Act, such as fulfilling an order or request you have voluntarily made to us). As a Data Principal you have the right to access a summary of your personal data, to correct, complete, update and erase your personal data, to withdraw consent at any time, to nominate another person to exercise your rights in the event of your death or incapacity, and to grievance redressal. To exercise any of these rights, or to reach our Grievance Officer, write to us at hello@priyaodisha.com or call +91 89175 05059. This Privacy Policy shall also, for the benefit of our overseas customers, be read in a manner consistent with the General Data Protection Regulation (GDPR) in effect from May 25, 2018, to the extent applicable; nothing in this Policy is intended to derogate from the rights available to you under the Digital Personal Data Protection Act, 2023. If you do not agree with the terms and conditions of our Privacy Policy, including in relation to the manner of collection or use of your information, please do not use or access the Site. If you have any questions or concerns regarding this Privacy Policy, you should contact our Customer Support Desk at hello@priyaodisha.com.

ANY CAPITALIZED WORDS USED HENCEFORTH SHALL HAVE THE MEANING ACCORDED TO THEM UNDER THIS AGREEMENT. FURTHER, ALL HEADINGS USED HEREIN ARE ONLY FOR THE PURPOSE OF ARRANGING THE VARIOUS PROVISIONS OF THE AGREEMENT IN A CONVENIENT MANNER. NEITHER THE USER NOR THE CREATORS OF THIS PRIVACY POLICY MAY USE THE HEADINGS TO INTERPRET THE PROVISIONS CONTAINED WITHIN IT IN ANY MANNER.

INFORMATION WE COLLECT

We are committed to respecting Your online privacy. We further recognize Your need for appropriate protection and management of any Personal Information You share with us. We collect only the information that is necessary for the purposes described in this Policy. The categories of information we may collect are itemised below:

1. Account & contact data: your name, username and password (where you create an account), email address and mobile number;
2. Order & fulfilment data: billing address, shipping/delivery address, recipient name and contact number, order history, and the products you purchase or save (such as wishlist items);
3. Payment data: the fact and amount of a transaction, the payment method and a payment reference. We do not collect or store your full card number, CVV or UPI PIN on our servers – these are handled directly by our PCI-DSS-compliant payment gateways (see “Payments” below);
4. Tracking & device data: the IP address of your device and Device ID when connected to the Internet. This information may include the URL that you just came from (whether this URL is on the Platform or not), which URL you next go to (whether this URL is on the Platform or not), your computer or device browser information, and other information associated with your interaction with the Platform;
5. Usage & analytics data: details of Platform usage, pages viewed and browsing behaviour, collected through cookies and analytics tools for analytics.

This privacy policy also applies to data we collect from users who are not registered as members of this Platform, including, but not limited to, browsing behaviour, pages viewed etc. We also collect and store personal information provided by You from time to time on the Platform. We only collect and use such information from you that we consider necessary for achieving a seamless, efficient and safe experience, customized to your needs including:

1. To enable the provision of services opted for by you;
2. To enable the viewing of content in your interest;
3. To communicate the necessary account and service related information from time to time;
4. To allow you to receive quality customer care services;
5. To comply with applicable laws, rules and regulations;

Where any service requested by You involves a third party, such information as is reasonably necessary by the Company to carry out Your service request may be shared with such third party. We also do use your contact information to send you offers based on your interests and prior activity and also to view the content preferred by you. The Company may also use contact information internally to direct its efforts for service improvement but shall immediately delete all such information upon withdrawal of your consent for the same through the ‘unsubscribe’ button or through an email to be sent to hello@priyaodisha.com .

To the extent possible, we provide You with the option of not divulging any specific information that you wish for us not to collect, store or use. You may also choose not to use a particular service or feature on the Platform and opt-out of any non-essential communications from the platform.

Further, transacting over the internet has inherent risks which can only be avoided by you following security practices yourself, such as not revealing account/login related information to any other person and informing our customer care team about any suspicious activity or where your account has/may have been compromised.

PURPOSE AND LAWFUL BASIS OF PROCESSING

We process your personal data only for the specified purposes for which it is collected, and limited to what is necessary for those purposes. The principal purposes, and the data used for each, are:

1. Order fulfilment – using your name, address, contact number and order details to process, pack and deliver the sarees and dress material you have purchased, including any optional add-on (such as Fall & Pico stitching) you select;
2. Shipping and delivery – sharing your name, delivery address and contact number with our courier partners (and, for international orders, with overseas customs and delivery agents) to complete delivery;
3. Payments – processing your payment securely through our payment gateways;
4. Returns, exchanges and support – processing eligible returns, exchanges and refunds, verifying transit-damage claims, and responding to your queries;
5. Marketing, where you have opted in – sending you offers, updates and content based on your interests, which you may withdraw at any time;
6. Legal and statutory compliance – maintaining records (including GST tax invoices) and meeting our obligations under applicable law.

Where the law requires consent, we rely on your free, specific, informed and unambiguous consent, given by a clear affirmative action. Withdrawing consent is as easy as giving it. For certain “legitimate uses” recognised under the Digital Personal Data Protection Act, 2023 – for example, fulfilling an order or request you have voluntarily made to us, or responding to a support request – we may process your data without separate consent to the extent permitted by law.

OUR USE OF YOUR INFORMATION

The information provided by you shall be used to provide and improve the service for you and all users.

1. To provide you with services on your request.
2. For maintaining an internal record.
3. For enhancing the Services provided.
4. For maintaining record under the legal and statutory provisions.

For more details about the nature of such communications, please refer to our Terms of Service. Further, your data and Sensitive Personal data may be collected and stored by Us for internal record.

We use Your tracking information such as IP addresses, and or Device ID to help identify you and to gather broad demographic information and make further services available to you.

We will not sell, license or trade Your personal information. We will not share your personal information with others unless they are acting under our instructions or we are required to do so by law.

Information collected via Our server logs includes users' IP addresses and the pages visited; this will be used to manage the web system and troubleshoot problems. We also use third-party analytics, tracking, optimization and targeting tools to understand how users engage with our Platform so that we can improve it and cater personalized content/ads according to their preferences.

HOW INFORMATION IS COLLECTED

Before or at the time of collecting personal information, we will identify the purposes for which information is being collected. If the same is not identified to you, you have the right to request the Company to elucidate the purpose of collection of said personal information, pending the fulfilment of which you shall not be mandated to disclose any information whatsoever.

We will collect and use your personal information solely to fulfil those purposes specified by us, within the scope of the consent of the individual concerned or as required by law. We will only retain personal information as long as necessary for the fulfilment of those purposes. We will collect personal information by lawful and fair means and with the knowledge and consent of the individual concerned.

Personal data should be relevant to the purposes for which it is to be used, and, to the extent necessary for those purposes, should be accurate, complete, and up-to-date.

PAYMENTS

Payments on the Platform are processed through trusted, PCI-DSS-compliant payment gateways, namely Shopify Payments, Razorpay, and supported UPI providers. When you make a payment, your card, bank or UPI details are entered on and handled directly by these gateways. We do not collect, see or store your full card number, CVV or UPI PIN on our own servers. The payment gateways process this data in accordance with their own privacy policies and applicable Reserve Bank of India (RBI) requirements, including card-on-file tokenization and the storage of payment transaction data within India. We receive only limited confirmation data (such as whether the payment succeeded and a transaction reference) needed to process your order.

ANALYTICS, COOKIES AND MARKETING TOOLS

To understand how our Platform is used and to improve it, we use the following analytics and marketing technologies: Shopify’s built-in analytics (as part of the hosting platform), Google Analytics and Google Ads, and the Meta (Facebook/Instagram) Pixel. These tools may set cookies and collect usage and device data as described in the COOKIES section. They help us measure traffic, understand engagement and show you relevant content and advertisements. We do not currently use any separate third-party email or SMS marketing tool; any promotional communication we send is operated through our own store systems and is subject to your opt-in and right to unsubscribe.

EXTERNAL LINKS ON THE PLATFORM

The Platform may include advertisements, hyperlinks to other Websites or resources. We have no control over any other website or resources or contents available on these other websites, which are provided by companies or persons other than Us. You acknowledge and agree that we are not responsible for the availability of any such external sites or resources, and do not endorse any advertising, products, services or other materials on or available from such sites or resources. You acknowledge and agree that We are not liable for any loss or damage which may be incurred by you as a result of the availability of those external sites or resources, or as a result of any reliance placed by you on the completeness, accuracy or existence of any advertising, services or other materials on, or available from, such Websites. These external third party websites and resource providers may have their privacy policies governing the collection, storage, retention and disclosure of Your Personal Information that You may be subject to. We recommend that you enter the Website and review their privacy policy.

COOKIES

We use data collection devices such as “cookies” on certain pages of our Platform. “Cookies” are small files sited on your hard drive that assist us in providing customized services. We also offer certain features that are only available through the use of a “cookie”. Cookies can also help us provide information which is targeted to your interests. Cookies may be used to identify logged in or registered users. Our Platform uses session cookies to ensure that you have a good experience. These cookies contain a unique number, your 'session ID', which allows our server to recognize your computer and 'remember' what you've done on the site. The benefits of this are:

1. You only need to log in once if you're navigating secure areas of the site
2. Our server can distinguish between your computer and other users, so you can see the information that you have requested.

You can choose to accept or decline cookies by modifying your browser settings if you prefer. This may prevent you from taking full advantage of the Platform. We also use various third-party cookies for usage, behavioural, analytics and preferences data. The following are the different types of cookies used on the Platform:

1. Authentication cookies: To identify the user and share the content that he or she requested.
2. Functionality cookies: For the customized user experience and remembering your preferences and saved items.
3. Tracking, optimization, and targeting cookies: To capture usage metrics such as the device, operating system and browser used. To capture behavioural metrics for better content delivery, and to suggest the products and content most suited to you.

THIRD PARTIES WITH WHOM WE SHARE YOUR INFORMATION

We do not sell or rent your personal information. We share your personal data only with the categories of recipients below, and only to the extent necessary for the purposes described in this Policy:

1. Hosting and platform provider: Shopify, which hosts the Platform and provides our store infrastructure and built-in analytics;
2. Payment gateways: Shopify Payments, Razorpay and supported UPI providers, to process your payment securely;
3. Logistics and courier partners: our domestic couriers (such as BlueDart and Delhivery) and, for international orders, DHL Express and DTDC International, along with relevant overseas customs and delivery agents, to deliver your order;
4. Analytics and advertising partners: Google (Analytics and Ads) and Meta (Facebook/Instagram), as described in the ANALYTICS section;
5. Legal, regulatory and professional advisers: government and law-enforcement authorities where required by law, and our advisers, to the extent necessary.

CROSS-BORDER TRANSFER OF INFORMATION

Because we ship internationally and use cloud-based hosting, payment and analytics services, your personal data may be processed or stored outside India. In particular, for international orders, your name, delivery address and contact number are shared with DHL Express, DTDC International and overseas customs and delivery agents to complete cross-border delivery. Such transfers are made in accordance with the Digital Personal Data Protection Act, 2023, which permits transfer of personal data outside India except to any country or territory restricted by the Central Government. We take reasonable steps to ensure that recipients protect your information to a standard consistent with this Policy. Payment transaction data is stored within India as required by RBI directions.

DATA RETENTION

We retain your personal data only for as long as is necessary to fulfil the purposes for which it was collected, after which it is erased or anonymised. When you withdraw consent or request erasure, we will delete the relevant personal data unless we are required or permitted by law to retain it. In particular, order, invoice and transaction records (including GST tax invoices bearing our GSTIN) are retained for the statutory record-keeping period applicable under GST and other tax laws – typically up to about eight (8) years – even after a deletion request, after which they are deleted. We may also retain limited information where reasonably necessary to resolve disputes, prevent fraud or abuse, troubleshoot problems and enforce our Terms.

YOUR RIGHTS

Unless subject to an exemption, you have the following rights concerning your data, which you may exercise by writing to hello@priyaodisha.com or calling +91 89175 05059:

1. The right to request and obtain a summary or copy of the personal data which we hold about you;
2. The right to request the correction, completion or updating of any personal data if it is found to be inaccurate or out of date;
3. The right to request the erasure of your personal data;
4. The right to withdraw Your consent to the processing at any time;
5. The right to object to the processing of personal data;
6. The right to nominate another person who may exercise your rights on your behalf in the event of your death or incapacity;
7. The right of grievance redressal – to readily and effectively address your grievances by contacting our Grievance Officer (see below);
8. The right to complain to a supervisory authority, including, in India, the Data Protection Board of India.
9. The right to obtain information as to whether personal data are transferred to a third country or an international organization.

To protect your data, we may take reasonable steps to verify your identity before acting on a request. We will respond to and act on your request within the timelines prescribed under applicable law. Where you hold an account with any of our services, you are entitled to a copy of all personal data which we hold concerning you. You are also entitled to request that we restrict how we use your data in your account when you log in.

CHILDREN’S DATA

Our Platform is intended for adults and is not directed at children below the age of 18 years. We do not knowingly collect or process the personal data of children without verifiable consent of a parent or lawful guardian, and we do not undertake any tracking, behavioural monitoring or targeted advertising directed at children, in line with the Digital Personal Data Protection Act, 2023. If you believe that a child has provided us with personal data without appropriate consent, please contact us at hello@priyaodisha.com and we will take steps to delete such information.

MARKETING COMMUNICATIONS

We will send you marketing or promotional communications (such as offers and new-collection updates) only where you have opted in to receive them. Marketing consent is separate from, and not bundled with, the processing necessary to fulfil your order. You can withdraw your consent and opt out at any time by using the ‘unsubscribe’ link in our emails or by writing to hello@priyaodisha.com. Withdrawing marketing consent will not affect the processing of your orders or your access to essential service-related communications.

CONFIDENTIALITY

You further acknowledge that the Platform may contain information which is designated confidential by us and that you shall not disclose such information without our prior written consent. Your information is regarded as confidential and therefore will not be divulged to any third party, unless legally required to do so to the appropriate authorities. We will not sell, share, or rent your personal information to any third party or use your email address for unsolicited mail. Any emails sent by us will only be in connection with the provision of agreed services, and you retain sole discretion to seek discontinuation of such communications at any point of time.

OTHER INFORMATION COLLECTORS

Except as otherwise expressly included in this Privacy Policy, this document only addresses the use and disclosure of information we collect from you. To the extent that you disclose your information to other parties, whether they are on our Platform or other sites throughout the Internet, different rules may apply to their use or disclosure of the information you disclose to them. To the extent that we use third party advertisers, they adhere to their privacy policies. Since we do not control the privacy policies of these third parties, you are advised to ask questions before you disclose your personal information to others.

OUR DISCLOSURE OF YOUR INFORMATION

Information collected will not be considered as sensitive if it is freely available and accessible in the public domain or is furnished under the Right to Information Act, 2005, any rules made thereunder or any other law for the time being in force.

Due to the existing regulatory environment, we cannot ensure that all of your private communications and other personally identifiable information will never be disclosed in ways not otherwise described in this Privacy Policy. By way of example (without limiting and foregoing), we may be forced to disclose information to the government, law enforcement agencies or third parties. Therefore, although we use industry-standard practices to protect your privacy, we do not promise, and you should not expect, that your personally identifiable information or private communications would always remain private. Where permitted by law, we endeavour to notify you of any such disclosure of your personally identifiable information through an email sent to your provided email address.

As a matter of policy, we do not sell or rent any personally identifiable information about you to any third party. However, the following describes some of the ways that your personally identifiable information may be disclosed:

1. External Service Providers: There may be several services offered by external service providers that help you use our Platform. If you choose to use these optional services, and in the course of doing so, disclose information to the external service providers, and/or permit them to collect information about you, then their use of your information is governed by their privacy policy.
2. Law and Order: We cooperate with law enforcement inquiries, as well as other third parties to enforce laws, such as intellectual property rights, fraud and other rights. We can (and you authorize us to) disclose any information about you to law enforcement and other government officials as we, in our sole discretion, believe necessary or appropriate, in connection with an investigation of fraud, intellectual property infringements, or other activity that is illegal or may expose us or you to legal liability.

ACCESSING, REVIEWING AND CHANGING YOUR PROFILE

Following registration, you can review and change the information you submitted at the stage of registration, except Email ID and mobile number. An option for facilitating such change shall be present on the Platform and such change shall be facilitated by the User. If you change any information, we may or may not keep track of your old information. We will not retain in our files information you have requested to remove for certain circumstances, such as to resolve disputes, troubleshoot problems and enforce our terms and conditions, or to comply with legal record-keeping obligations as described in the DATA RETENTION section. Subject to those exceptions, such prior information shall be removed from our active databases. If you believe that any information we are holding on you is incorrect or incomplete, or to remove your profile so that others cannot view it, the User needs to remediate, and promptly correct any such incorrect information.

CONTROL OF YOUR PASSWORD

You are entirely responsible for maintaining the confidentiality of your password. You must protect it against unauthorized access of your account and information by choosing your password carefully and keeping your password and computer secure by signing out after using our services.

You agree not to use the account, username, email address or password of another Member at any time or to disclose your password to any third party. You are responsible for all actions taken with your login information and password. If you lose control of your password, you may lose substantial control over your personally identifiable information and may be subject to legally binding actions taken on your behalf. Therefore, if your password has been compromised for any reason, you should immediately change your password. You agree to notify us immediately if you suspect any unauthorized use of your account or access to your password even after changing it.

SECURITY

We treat data as an asset that must be protected against loss and unauthorized access. We employ many different security techniques to protect such data from unauthorized access by members inside and outside the Company. We follow generally accepted industry standards to protect the Personal Information submitted to us and information that we have accessed. Our reasonable security safeguards include encryption of data in transit (SSL/TLS), access controls limiting who can access personal data, secured hosting through Shopify’s infrastructure, and reliance on PCI-DSS-compliant payment gateways so that sensitive payment credentials are not stored on our servers.

However, as effective as encryption technology is, no security system is impenetrable. Our Company cannot guarantee the security of our database, nor can we guarantee that information you provide won’t be intercepted while being transmitted to the Company over the Internet.

DATA BREACH NOTIFICATION

In the event of a personal data breach that affects your personal data, we will take prompt remedial action and, in accordance with the Digital Personal Data Protection Act, 2023 and the rules thereunder and any applicable CERT-In directions, notify the affected Data Principals and the Data Protection Board of India (and any other authority as required) without undue delay and within the timelines prescribed by law.

GRIEVANCE OFFICER

In accordance with the Digital Personal Data Protection Act, 2023, the Information Technology Act, 2000 and the rules thereunder, and the Consumer Protection (E-Commerce) Rules, 2020, we have designated a Grievance Officer to address your questions, concerns and complaints regarding this Privacy Policy and the processing of your personal data. You may contact:

• Grievance Officer, Priyadarshini Handloom
• Address: V.I.P Road, Puri – 752001, Odisha, India
• Email: hello@priyaodisha.com
• Phone: +91 89175 05059
• Support hours: 11 AM – 5 PM, Monday to Saturday (closed on Sunday)

We will acknowledge your complaint within forty-eight (48) hours of receipt and endeavour to resolve it within thirty (30) days. If you are not satisfied with the resolution provided, you may escalate your complaint to the Data Protection Board of India in accordance with the Digital Personal Data Protection Act, 2023.

SEVERABILITY

Each paragraph of this Privacy Policy shall be and remain separate from and independent of and severable from all and any other paragraphs herein except where otherwise expressly indicated or indicated by the context of the agreement. The decision or declaration that one or more of the paragraphs are null and void shall not affect the remaining paragraphs of this privacy policy.

GOVERNING LAW AND JURISDICTION

This Privacy Policy and any dispute arising out of or in connection with it shall be governed by and construed in accordance with the laws of India. Subject to your non-excludable statutory rights, the courts at Puri, Odisha shall have exclusive jurisdiction over any such dispute. Nothing in this Privacy Policy shall limit or exclude any rights available to you that cannot be waived under the Digital Personal Data Protection Act, 2023, the Consumer Protection Act, 2019 or any other applicable law.

AMENDMENT

Our Privacy Policy may change from time to time. The most current version of the policy will govern our use of your information and will always be at the Platform, together with the ‘Last updated’ date. Any amendments to this Policy shall be deemed as accepted by the User on their continued use of the Platform.

CONSENT WITHDRAWAL, DATA DOWNLOAD & DATA REMOVAL REQUESTS

To withdraw your consent, or to request the download or delete your data with us for any or all our services at any time, please email to hello@priyaodisha.com or call +91 89175 05059.

CONTACT US

If you have any questions or concerns regarding this privacy policy, you should contact us by sending an e-mail to hello@priyaodisha.com or calling +91 89175 05059. You may also write to us at Priyadarshini Handloom, V.I.P Road, Puri – 752001, Odisha, India (GSTIN: 21AABFP5880E1ZI). Our support hours are 11 AM – 5 PM, Monday to Saturday (closed on Sunday). Information provided on the Platform may not be accurate and may be provided for promotional purposes of the business.