Privacy Policy

INTRODUCTION  

This Privacy Policy (“Policy”) describes how Eddie Teddie & Co. (“Company”, “We”, “Us”, or “Our”) collects, uses, stores, shares, and safeguards Personal Data of individuals (“You”, “Your”, or “User(s)”) who access or use Our website www.eddieteddie.com (“Site”), place orders through digital channels such as WhatsApp or social media platforms operated by Us, or otherwise interact with Our products and services (collectively, the “Services”).

This Policy is issued in accordance with the Digital Personal Data Protection Act, 2023, the Information Technology Act, 2000, and applicable data protection laws in jurisdictions where We operate or where Our Users are located. 

By accessing or using Our Site, purchasing Our products, or otherwise interacting with Us, You acknowledge that You have read, understood, and agree to the terms of this Policy. If You do not agree with this Policy, You should refrain from using Our Services. 

  1. INFORMATION WE COLLECT 

    1. Personal Data You Provide Directly

      1. We collect the following categories of Personal Data that You voluntarily provide to Us when You access or use Our Services, including when You register on Our Site, place an order, communicate with Us, or otherwise interact with Us:

        1. Identity Information: full name, age (where required for verification), and gender (if provided).

        2. Contact Information: billing and shipping address, email address, telephone number, and country of residence.

        3. Payment Information: payment method details such as partial credit/debit card information, UPI ID, or wallet details processed through third-party payment gateways (e.g., Razorpay, PhonePe). We do not store Your full financial information; payments are processed securely by Our authorized service providers.

        4. Order Information: details of products purchased, customization options, order history, and delivery preferences.

        5. Communications: records of correspondence with Us (via email, WhatsApp, Website Inbox, or other communication channels), including customer service inquiries, reviews, and testimonials.

        6. Supporting Evidence for Claims: unboxing videos, photographs, proof of purchase or invoices submitted in case of defective, incorrect, or damaged product claims.

    2. Information Collected Automatically 

      1. When You use Our Site or Services, We automatically collect certain information to improve functionality, security, and user experience, including: 

        1. Device and Log Information: IP address, browser type, operating system, device identifiers, access times, and referring website addresses.

        2. Usage Data: pages visited, search queries, time spent on pages, and interactions with content.

        3. Transaction Data: details of purchase amounts, discounts, returns, refunds, and shipping activity.

        4. Cookies and Tracking Technologies: We may use cookies, pixels, and similar technologies including Judge.me reviews, GSC Instagram feed, Globo Product Option, Google Analytics, Facebook Pixel, YouTube, and Mailchimp integrations to collect information about browsing behavior, product engagement, and marketing interactions. Users can manage cookie preferences through their browser settings, subject to applicable law.

    3. Information from Third-Party Sources

      1. We may receive additional information about You from third parties, including:

      2. Social Media and Logins: If You interact with Us through social media platforms such as Instagram, Facebook, or YouTube, or use Oxi Social Login, We may collect information made available by such platforms, including but not limited to Your profile name, email address, publicly shared content, and any other information You choose to disclose through such interactions.

      3. Third-Party Integrations: We may also collect information provided via third-party integrations used in connection with Our Services, including but not limited to Shopify (hosting and e-commerce), Shiprocket (logistics and shipping management), Linktree (link aggregation), and Mailchimp (email marketing and newsletters). Such integrations may provide Us with transaction details, customer engagement data, or analytics depending on Your interaction with those services.

      4. Publicly Available Sources: Reviews, feedback, or testimonials published through Judge.me, Google or other public forums.

    4. Offline Collection

      1. We may also collect Personal Data through offline means, including:

        1. Orders or inquiries placed by phone, WhatsApp, or at events/exhibitions.

        2. Identity and contact details shared during physical interactions.

      2. All Personal Data collected offline is processed in accordance with this Policy.

  1. CHILDREN’S PRIVACY 

    1. Our Services are intended for use by individuals who are at least eighteen (18) years of age or the age of majority in their jurisdiction, whichever is higher. By accessing or using Our Site or Services, You represent and warrant that You meet this requirement.

    2. We do not knowingly collect Personal Data directly from children under the age of eighteen (18). If You are under the applicable age of majority, You must not provide any Personal Data to Us and may only use the Services under the supervision and with the involvement of a parent or legal guardian.

    3. Parents or guardians are expected to monitor their children’s interactions with Our Site and Services. If You are a parent or guardian and believe that We may have inadvertently collected Personal Data of a minor without appropriate consent, please contact Us immediately at [insert contact email]. Upon verification, We will take prompt steps to delete such information from Our records.

    4. Where applicable under law, We may require verified parental or guardian consent before collecting, processing, or retaining the Personal Data of a minor. Such consent will be obtained in accordance with the procedures prescribed by applicable data protection regulations.

  1. WHY WE COLLECT INFORMATION

    1. We collect, use, and process Personal Data for purposes that are necessary, lawful, and proportionate to Our business operations, including but not limited to the following: 

      1. Order Processing and Fulfilment

        1. To receive, confirm, and process Your product orders.

        2. To arrange shipping and delivery through Our logistics partners (e.g., DTDC, Delhivery, Xpressbee, Trackon, Shiprocket and local courier services).

        3. To handle payments securely via third-party payment gateways such as Razorpay and PhonePe.

      2. Customer Communication

        1. To communicate with You regarding order status, delivery updates, and customer service inquiries.

        2. To respond to Your questions, feedback, reviews, or complaints.

        3. To notify You about material changes to Our policies or terms.

      3. Personalisation and Service Improvement

        1. To understand Your preferences, improve Our products and Services, and enhance Your overall shopping experience.

        2. To display tailored product recommendations and promotional offers.

        3. To analyse Site performance and User engagement using tools such as Google Analytics and integrated Shopify applications.

      4. Marketing and Promotions

        1. To send newsletters, promotional emails, and offers via Mailchimp or other approved channels, subject to Your right to unsubscribe or opt-out at any time.

        2. To run loyalty programs, contests, or giveaways, where permitted by law.

      5. Claims, Returns, and Dispute Resolution

        1. To process and verify claims relating to defective, damaged, or incorrect products.

        2. To request and review supporting evidence (such as unboxing videos, photographs, and proof of purchase).

        3. To bear return shipping costs in cases where We are responsible, and to resolve such matters in accordance with Our policies.

      6. Legal, Regulatory, and Compliance Obligations

        1. To comply with applicable laws and regulations under the Digital Personal Data Protection Act, 2023, the Information Technology Act, 2000, consumer protection legislation, and other jurisdictional requirements.

        2. To respond to lawful requests, court orders, or regulatory inquiries.

        3. To maintain transaction records for taxation, accounting, and audit purposes.

      7. Fraud Prevention and Security

        1. To detect, investigate, and prevent fraudulent transactions, cyber threats, and misuse of Our Services.

        2. To secure Our Site, payment systems, and data storage systems against unauthorized access or breaches.

      8. Business Operations and Transfers

        1. To support internal record-keeping, quality assurance, and workforce training.

        2. To facilitate mergers, acquisitions, financing, restructuring, or sale of assets, in which case Personal Data may be transferred subject to the protections outlined in this Policy.

  1. HOW WE PROCESS YOUR INFORMATION 

    1. We process Your Personal Data in accordance with applicable laws, including the Digital Personal Data Protection Act, 2023, the Information Technology Act, 2000, and, where relevant, international data protection standards. Our processing activities are carried out in the following manner: 

      1. Lawful and Fair Processing

        1. Personal Data is processed only for legitimate business purposes, and in a manner that is fair, transparent, and consistent with this Policy.

        2. We limit processing to what is reasonably necessary to achieve the identified purposes.

      2. Digital and Automated Systems

        1. Personal Data collected through Our Site is stored and managed using Shopify’s secure e-commerce platform.

        2. Payment details are processed through integrated gateways (Razorpay, PhonePe), which apply their own encryption and compliance measures.

        3. Customer engagement data may be processed via third-party applications including but not limited to Judge.me (reviews), Mailchimp (marketing), Shiprocket (logistics), and Oxi Social Login (authentication).

      3. Manual Processing

        1. Certain Personal Data may be processed manually, such as reviewing claim evidence (photographs, unboxing videos) or responding to inquiries via WhatsApp, email, or telephone.

        2. All manual handling is logged and restricted to authorised personnel only.

      4. Cross-Border Data Transfers

        1. As We provide Services globally, Your Personal Data may be transferred to, and stored in, jurisdictions outside India, including servers operated by Shopify, Google, Facebook, and other service providers.

        2. In such cases, We ensure that appropriate safeguards are implemented, including contractual and organisational measures, to protect Your data to standards equivalent to those required under applicable law.

      5. Data Minimisation and Accuracy

        1. We collect only such Personal Data as is necessary for the stated purpose and take reasonable steps to ensure that the information remains accurate, complete, and up to date.

        2. Users may request correction of inaccurate or incomplete data at any time.

      6. Retention and Storage

        1. Personal Data is retained only for as long as is necessary to fulfil the purposes of processing, or as required under applicable laws relating to tax, accounting, or dispute resolution.

        2. After the expiry of the retention period, data is securely deleted or anonymised.

      7. Security Safeguards

        1. We may apply a combination of administrative, technical, and physical safeguards to protect Personal Data from loss, misuse, unauthorized access, alteration, or disclosure.

        2. These may include encrypted connections, restricted access controls, secure payment gateways, and monitoring of suspicious activity.

      8. Accountability and Access Control

        1. Processing is limited to authorised employees, agents, or service providers who are bound by contractual confidentiality and data protection obligations.

        2. We periodically review internal processes to ensure compliance with data protection obligations and best practices.

  1. THIRD-PARTY DISCLOSURES

    1. In the course of providing Our Services, We may share Your Personal Data with certain third parties. Such disclosures are limited to what is reasonably necessary to fulfil the purposes set out in this Policy. These third parties may include, but are not limited to: 

      1. Technology and Hosting Providers

        1. Shopify (website hosting and e-commerce infrastructure).

        2. Google, YouTube, and Facebook (analytics, integrations, advertising, and social media engagement).

      2. Payment Gateways and Financial Institutions

        1. Razorpay and PhonePe (payment processing).

        2. Banks, credit card issuers, and payment networks for the purpose of completing transactions.

      3. Logistics and Shipping Partners

        1. Shiprocket, DTDC, Delhivery, Xpressbee, Trackon (delivery and order fulfilment).

      4. Marketing, Analytics, and Customer Engagement Tools

        1. Mailchimp (email marketing).

        2. Judge.me (customer reviews and testimonials).

        3. Oxi Social Login (authentication services).

        4. Linktree (link aggregation and customer redirection).

      5. Professional Advisors and Legal Compliance

        1. Auditors, consultants, legal advisors, regulators, or government authorities, where disclosure is required by law or in connection with legal claims, compliance, or enforcement of Our Terms and Conditions.

    2. While we carefully select and engage with reputable service providers, Users are solely responsible for reviewing and understanding the privacy policies and practices of any third-party service providers, applications, or platforms with which they interact through Our Services.

    3. We do not control, endorse, or assume responsibility for the content, security measures, data handling practices, or privacy policies of third parties. Your interactions with such third parties are governed exclusively by their respective terms and policies, and We disclaim any liability arising therefrom.

  1. DATA PROTECTION COMPLIANCE 

    1. We are committed to protecting the privacy and security of Your Personal Data and to processing such information in compliance with applicable data protection and privacy laws, including but not limited to the Digital Personal Data Protection Act, 2023, the Information Technology Act, 2000, and other relevant regulations in jurisdictions where Our Users reside. 

    2. In particular, We adhere to the following principles: 

      1. We process Personal Data only for lawful purposes, on a lawful basis, and in a fair, transparent, and proportionate manner.

      2. Personal Data is collected and processed strictly for the purposes described in this Policy and is not further processed in a manner incompatible with those purposes.

      3. We limit the collection of Personal Data to what is adequate, relevant, and reasonably necessary in relation to the purposes for which it is processed.

      4. We take reasonable steps to ensure that the Personal Data We process is accurate, complete, and kept up to date. Users may request corrections to their information at any time.

      5. Personal Data is retained only for as long as necessary to fulfil the purposes of processing or as required by applicable laws relating to taxation, accounting, compliance, or dispute resolution.

      6. We implement appropriate technical, administrative, and physical safeguards to ensure that Personal Data is protected against unauthorized or unlawful processing, accidental loss, destruction, or damage.

      7. We are accountable for compliance with this Policy and applicable laws and review Our internal processes, contracts with service providers, and security measures periodically to ensure ongoing adherence.

  1. USER RIGHTS  

    1. Subject to applicable laws, You, as a User of Our Services, are entitled to exercise the following rights in relation to Your Personal Data:

      1. Right to Access: You have the right to request confirmation of whether We are processing Your Personal Data and to obtain a copy of such data along with details of how We process it.

      2. Right to Correction/Rectification: You may request correction, updating, or completion of any inaccurate or incomplete Personal Data that We hold about You.

      3. Right to Deletion/Erasure: You may request deletion of Your Personal Data in circumstances where processing is no longer necessary, consent has been withdrawn, or where required under applicable law. Please note that certain legal or regulatory obligations may prevent immediate deletion (for example, retention for tax or accounting purposes).

      4. Right to Withdraw Consent: Where We rely on Your consent for processing, You have the right to withdraw such consent at any time. Withdrawal of consent will not affect the lawfulness of processing carried out before withdrawal.

      5. Right to Restriction of Processing: You may request that We restrict the processing of Your Personal Data in specific situations, such as when the accuracy of the data is contested or where processing is unlawful but You object to deletion.

      6. Right to Object: You may object to the processing of Your Personal Data for direct marketing, profiling, or where processing is based on Our legitimate interests, unless We have compelling lawful grounds to continue.

      7. Right to Lodge a Complaint: You have the right to lodge a complaint with the relevant data protection authority in Your jurisdiction if You believe that We have processed Your Personal Data in violation of applicable law.

  1. POLICY UPDATES AND CHANGES  

    1. We reserve the right to amend, update, modify, or otherwise change this Privacy Policy at any time, in whole or in part, at Our sole discretion. Any such changes will be effective upon posting the revised Policy on this Site or, where required by applicable law, upon providing You with prior notice of such changes.

    2. Where material changes are made, We may, at Our discretion or as required by law, provide additional notice by platform notification, or other reasonable means before the revised Policy becomes effective.

    3. Your continued access to or use of Our Platform and Services after the expiry of any applicable notice period shall constitute Your acceptance of the updated Policy.

    4. If You do not agree with the updated Policy, You may choose to discontinue using the Platform and, where applicable, close Your account with Us.

CONTACT US

For any queries or complaints regarding Users’ privacy rights, our contact information is mentioned below:

Email - info@eddieteddie.com

Phone - +91-9001383889