Privacy Policy

1. Information We Collect

1.1 Personal Information

We collect information that identifies you as an individual, including:

• Contact Information: Full name, email address, phone number, and mailing address

• Account Credentials: Username, password, and account preferences

• Identity Verification: Government-issued ID information (when required for certain transactions)

• Demographic Information: Age, gender, and location (city/zip code)

1.2 Measurement and Physical Data

To provide our custom tailoring services, we collect:

• Body Measurements: 16+ precise measurements taken during at-home consultations

• Style Preferences: Clothing preferences, fabric choices, design selections

• Fit History: Information about previous garments and fit adjustments

• Photos: Optional photos for style reference or fit documentation (with your consent)

1.3 Payment Information

When you make a purchase, we collect:

• Payment Details: Credit/debit card information, UPI details, net banking credentials, or other payment method information

• Billing Information: Billing address and transaction history

• Payment Processor Data: Information processed through our payment gateway partner, Razorpay

Important: Payment card information is collected and processed securely by our PCI-DSS compliant payment processor, Razorpay. We do not store complete credit/debit card numbers on our servers.

1.4 Technical and Usage Information

We automatically collect certain information when you use our Services:

• Device Information: Device type, operating system, browser type, unique device identifiers

• Log Data: IP address, access times, pages viewed, app features used

• Location Data: Precise or approximate location (with your permission) for scheduling at-home consultations

• Cookies and Tracking: Information collected through cookies, pixels, and similar technologies

• App Analytics: Usage patterns, feature interactions, and performance data

1.5 Communication Data

• Customer support inquiries and correspondence

• Feedback, reviews, and survey responses

• Messages exchanged with designers through our platform

• SMS and email communication preferences

2. How We Use Your Information

We use the collected information for the following purposes:

2.1 Service Delivery

• Facilitating at-home consultations and measurement appointments

• Creating and maintaining your measurement profile

• Connecting you with verified designers and vendors

• Processing custom clothing orders and managing production workflow

• Coordinating doorstep delivery of garments

• Providing fit guarantees and handling alterations

2.2 Payment Processing

• Processing consultation fees and garment payments

• Managing refunds, returns, and chargebacks

• Detecting and preventing fraudulent transactions

• Maintaining transaction records and invoices

2.3 Platform Improvement

• Analyzing usage patterns to enhance user experience

• Developing new features and services

• Conducting research and analytics

• Testing and troubleshooting technical issues

2.4 Communication

• Sending order confirmations, status updates, and delivery notifications

• Providing customer support and responding to inquiries

• Sending promotional offers, new designer collections, and platform updates (with your consent)

• Conducting customer satisfaction surveys

2.5 Legal and Security

• Complying with legal obligations and regulatory requirements

• Enforcing our Terms of Service and other policies

• Protecting against fraud, security threats, and illegal activities

• Resolving disputes and enforcing agreements

3. How We Share Your Information

We may share your information in the following circumstances:

3.1 With Designers and Vendors

We share relevant information with verified designers and vendors to fulfill your orders:

• Contact information for scheduling consultations

• Measurement data for creating custom garments

• Style preferences and design specifications

• Delivery address for shipment

3.2 With Payment Processors

We use Razorpay as our payment gateway partner. When you make a payment, your payment information is transmitted directly to Razorpay for secure processing. Razorpay's use of your information is governed by their privacy policy, available at https://razorpay.com/privacy/.

Information shared with Razorpay includes:

• Payment card details or UPI/net banking credentials

• Billing address and contact information

• Transaction amount and order details

• Device and browser information for fraud prevention

3.3 With Service Providers

We may share information with trusted third-party service providers who assist us in operating our platform:

• Cloud Hosting: AWS, Google Cloud, or similar providers

• Analytics: Google Analytics, Firebase, or similar tools

• Communication: SMS gateway providers, email service providers

• Customer Support: Helpdesk and chat support platforms

• Logistics: Delivery and courier partners

These providers are contractually obligated to use your information only for the purposes we specify and to maintain appropriate security measures.

3.4 For Legal Compliance

We may disclose your information when required by law or to:

• Comply with legal processes, court orders, or government requests

• Enforce our Terms of Service or other agreements

• Protect our rights, property, or safety, or that of our users or the public

• Investigate and prevent fraud, security issues, or illegal activities

3.5 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred to the acquiring entity, subject to the same privacy protections.

3.6 With Your Consent

We may share your information for other purposes with your explicit consent.

4. Payment Security and Razorpay Integration

Secure Payment Processing: All payment transactions on Poshfit are processed through Razorpay, a PCI-DSS Level 1 certified payment gateway. This ensures the highest level of security for your payment information.

4.1 How Payment Processing Works

1. When you initiate a payment, you are redirected to Razorpay's secure payment interface

2. Your payment information is encrypted and transmitted directly to Razorpay

3. Razorpay processes the payment and returns a transaction status to us

4. We receive only the transaction confirmation, not your complete payment card details

4.2 Information We Store vs. Razorpay Stores

• Poshfit Stores: Transaction ID, payment status, amount, date/time, last 4 digits of card (for reference)

• Razorpay Stores: Complete payment card details, bank account information, tokenized payment methods

4.3 Saved Payment Methods

If you choose to save payment methods for future transactions, this information is securely tokenized and stored by Razorpay, not on our servers. We only store a reference token that allows you to use the saved method without re-entering details.

4.4 Refunds and Disputes

All refund processing is handled through Razorpay in accordance with our Refund Policy. Refunds are credited to the original payment method used for the transaction.

5. Data Security

We implement industry-standard security measures to protect your information:

5.1 Technical Safeguards

• Encryption: SSL/TLS encryption for data transmission; AES-256 encryption for sensitive data at rest

• Access Controls: Role-based access with multi-factor authentication for internal systems

• Secure Infrastructure: Cloud hosting with enterprise-grade security features

• Regular Audits: Periodic security assessments and vulnerability testing

• Data Backup: Regular encrypted backups with secure disaster recovery procedures

5.2 Organizational Safeguards

• Employee training on data protection and privacy practices

• Strict confidentiality agreements with staff and partners

• Incident response procedures for potential security breaches

• Regular review and update of security policies

5.3 Payment Security

• PCI-DSS compliance through Razorpay integration

• No storage of complete payment card numbers on our servers

• Tokenization of saved payment methods

• Fraud detection and prevention systems

Note: While we implement robust security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but continuously work to protect your information.

6. Data Retention

We retain your information for as long as necessary to fulfill the purposes outlined in this policy:

• Account Information: Retained while your account is active and for 3 years after account closure (unless longer retention is required by law)

• Measurement Profiles: Retained indefinitely while your account is active (to enable easy reordering); deleted within 30 days of account deletion request

• Transaction Records: Retained for 7 years for accounting, tax, and legal compliance purposes

• Communication Logs: Retained for 2 years for customer service and dispute resolution

• Marketing Data: Retained until you unsubscribe or for 2 years of inactivity

• Technical/Log Data: Retained for 90 days unless needed for security or legal purposes

7. Your Rights and Choices

You have the following rights regarding your personal information:

7.1 Access and Portability

• Request a copy of your personal information

• Download your measurement profile and order history

• Receive your data in a structured, machine-readable format

7.2 Correction and Update

• Update your contact information, preferences, and account settings through the app

• Request correction of inaccurate or incomplete information

7.3 Deletion

• Request deletion of your account and associated data

• Remove specific measurements or photos from your profile

Note: Some information may be retained for legal compliance, dispute resolution, or legitimate business purposes even after deletion request.

7.4 Marketing Communications

• Opt out of promotional emails by clicking "unsubscribe" in any marketing email

• Manage SMS preferences through account settings

• Control push notification preferences in your device settings

Note: You will continue to receive transactional communications (order confirmations, delivery updates, etc.) even if you opt out of marketing.

7.5 Location Data

• Control location permissions through your device settings

• Manually enter your address instead of using GPS location

7.6 Cookies

• Manage cookie preferences through browser settings

• Use "Do Not Track" browser settings (though we may not respond to DNT signals)

7.7 Exercising Your Rights

To exercise any of these rights, contact us at:

• Email: [email protected]

We will respond to your request within 30 days and may require identity verification before processing.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience:

8.1 Types of Cookies We Use

• Essential Cookies: Required for platform functionality (login, shopping cart, security)

• Performance Cookies: Help us understand how users interact with our Services (Google Analytics)

• Functional Cookies: Remember your preferences and settings

• Advertising Cookies: Deliver relevant ads and measure campaign effectiveness (with your consent)

8.2 Managing Cookies

Most browsers allow you to control cookies through settings. Note that disabling cookies may limit your ability to use certain features of our Services.

9. Third-Party Links and Services

Our platform may contain links to third-party websites or integrate with third-party services (e.g., social media, Google Maps). We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any information.

10. Children's Privacy

Poshfit is not intended for children under 18 years of age. We do not knowingly collect personal information from minors. If we learn that we have collected information from a child under 18, we will delete it promptly. If you believe a child has provided us with personal information, please contact us immediately.

11. International Data Transfers

Your information may be transferred to and processed in countries other than India, including countries that may not have the same data protection laws. When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

• Standard contractual clauses

• Adequacy decisions by relevant authorities

• Consent where required by law

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. We will notify you of material changes by:

• Posting the updated policy on our website and app

• Updating the "Last Updated" date at the top of this policy

• Sending an email notification for significant changes (to registered users)

• Displaying an in-app notification upon your next login

Your continued use of Poshfit after changes become effective constitutes acceptance of the updated Privacy Policy.

13. Legal Compliance

This Privacy Policy complies with:

• Information Technology Act, 2000 and associated rules

• Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011

• Payment and Settlement Systems Act, 2007

• RBI Guidelines for digital payment security

• Consumer Protection Act, 2019

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: MonsterGrowth Consulting (OPC) Private Limited
Operating as: Poshfit

Email: [email protected]

We will acknowledge receipt of your communication within 48 hours and respond within 30 days.

Acknowledgment

By using Poshfit, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with any part of this policy, please discontinue use of our Services immediately.