Currently Empty: ₹0.00
Data Protection & GDPR Compliance Policy
- Effective Date: 01/01/2025
- Brand: Zari Diamonds (Owned by SGOC Global)
- Email: info@zaridiamonds.com
- Contact: +91 98454 24448
- Jurisdiction: Courts of Bangalore, India
Zari Diamonds is committed to ensuring the privacy, confidentiality, integrity, and availability of customer data. This detailed Data Protection Policy describes how we comply with GDPR, Indian IT Act (2000), SPDI Rules (2011), and global security standards.
1. Definitions
- Personal Data: Any information relating to an identified or identifiable natural person (name, email, address, phone number).
- Processing: Collection, storage, usage, transmission, modification, deletion of data.
- Controller: Zari Diamonds, who determines data purpose.
- Processor: Third parties who process data (logistics, payment gateways).
- Data Subject: Customer or website user.
2. Principles Of Data Processing (GDPR Article 5)
Zari Diamonds adheres to these core principles:
- Lawfulness, fairness, transparency
- Purpose limitation
- Data minimization
- Accuracy
- Storage limitation
- Integrity and confidentiality
- Accountability
3. What Data We Collect
3.1 Personal Data
- Full name
- Address (shipping/billing)
- Mobile number
- Date of birth (optional)
3.2 Sensitive Personal Data
We do NOT collect or store:
- Passwords
- Biometric data
- Financial information (stored by payment gateway only)
3.3 Technical Data
- IP address
- Browser information
- Device metadata
- Location (approximate)
3.4 Behavioral Data
- Browsing history
- Clickstream
- Cart patterns
- Purchase trends
4. Legal Bases For Processing (GDPR Articles 6 & 9)
We process data under:
4.1 Consent
- Newsletters
- Promotions
- Cookies & tracking
4.2 Contractual Necessity
To fulfill your order:
- Payment
- Shipping
- Order updates
4.3 Legitimate Interests
- Fraud prevention
- Security monitoring
- Customer experience
- optimization
4.3 Legitimate Interests
- Fraud prevention
- Security monitoring
- Customer experience
- optimization
4.4 Legal Obligation
- GST compliance
- Government audit requirements
- Court orders
5. Data Sharing & Third Parties
We share data only with partners essential for order fulfillment:
- Shipping & courier companies
- Payment gateways (Razorpay/Stripe/PayPal etc.)
- Hosting providers
- Customer service tools (CRM, ticketing platforms)
- Fraud detection tools
We never sell, rent, or disclose your data to advertisers or external marketers.
6. International Data Transfer
Some partners (hosting/CDN/payment processors) may operate outside India.
Zari Diamonds ensures:
- Standard Contractual Clauses (SCCs)
- Adequate data protection frameworks
- GDPR-aligned vendor agreements
7. Data Retention Policy
- Order data: retained for 7 years (legal requirement)
- Marketing data: retained until user withdraws consent
- Cookies: stored between 30 days to 1 year
- Account data: deleted upon request
8. Data Security Measures
We follow a multi-layered security model:
8.1 Technical Safeguards
- SSL encryption
- Firewall protection
- ISO 27001-grade hosting
- Secure backups
- DDoS protection
8.2 Organizational Safeguards
- Access controls
- Confidentiality agreements with employees
- Regular staff training
8.3 Incident Response
In case of a breach:
- Users notified within 72 hours (GDPR requirement)
- Internal investigation initiated
- Corrective actions implemented
9. Rights Of Users (Gdpr Articles 12-23)
You have the right to:
- Access your data
- Rectify inaccuracies
- Erase data (“Right to be Forgotten”)
- Restrict processing
- Withdraw consent anytime
- Object to marketing emails
- Request copies of your data (Data Portability)
To exercise rights: info@zaridiamonds.com
10. Children’S Data
We do not knowingly collect data from individuals under 18 years.
11. Dispute Resolution
All disputes related to data protection fall under:
Exclusive Jurisdiction: Bangalore Courts, Karnataka, India
