0

Privacy Policy

Why This Policy Matters

Gifting is personal. You share names, addresses, messages, and memories with us so we can deliver them safely to someone you care about. This Privacy Policy explains—in clear language—what we collect, why we collect it, how we protect it, and the choices you have.

We comply with India’s Digital Personal Data Protection Act, 2023 (DPDP Act), the Information Technology Act, 2000 and rules thereunder, and applicable Consumer Protection (E-Commerce) Rules, 2020 and GST requirements.

1) Scope & Acceptance

This Policy applies when you visit maanlo.in, create an account, place an order, contact support (email/phone/WhatsApp), or interact with our marketing (if you opt in). By using our services, you agree to the practices described here.

If you access our services from outside India, your data may be processed in India in accordance with Indian law.

2) What We Collect

We collect only what’s necessary to serve you well.

A. Information you provide

  • Sender details: name, email, phone, billing & shipping addresses
  • Recipient details: name, delivery address, phone (used solely for delivery)
  • Order & personalization: product selections, gift notes, uploaded images/text
  • Support communications: emails, chats, tickets, feedback
  • Tax details (where applicable): GSTIN, invoice preferences

B. Payment information

  • Processed by PCI-DSS compliant gateways (e.g., Razorpay). We do not store full card/bank/UPI credentials. We receive transaction confirmations/IDs.

C. Automatically collected

  • Device/usage: IP address, device/browser, pages viewed, time on site
  • Cookies/SDKs/pixels: session, analytics, preference, and (if you consent) marketing cookies

D. Third-party sources

  • Delivery status/attempts from logistics partners (e.g., Shiprocket and integrated couriers)
  • Social or single sign-on data if you choose those logins

We do not seek or store special categories of personal data (e.g., health, biometrics).

3) How We Use Your Information

  • Order processing & delivery: prepare, pack, and deliver orders; address verification; recipient coordination
  • Payments & accounting: charge your order, issue invoices, manage refunds
  • Notifications: order confirmations, receipts, delivery updates, service messages
  • Customer support: resolve issues, claims, replacements, and refunds
  • Personalization (optional): recommendations, occasion reminders, saved addresses
  • Security & fraud prevention: detect misuse or suspicious activity
  • Legal compliance: records for GST/tax, consumer, and IT law requirements
  • Marketing (only with consent): email/SMS/WhatsApp about offers or new products; unsubscribe anytime

We practice purpose limitation: we only process data for the purposes stated above.

4) Legal Basis & Consent (DPDP Act)

We process your data when:

  • You consent (e.g., marketing subscriptions, cookies)
  • It’s necessary to perform a contract (fulfilling your order)
  • It’s required by law (e.g., invoicing, tax records, grievance handling)

You may withdraw consent for non-essential processing (e.g., marketing) at any time. Some records (e.g., invoices) must be retained for statutory periods even after consent withdrawal.

5) Sharing Your Information

We never sell your personal data. We share it only with:

  • Logistics & delivery partners: Shiprocket and underlying couriers (recipient name, address, phone; item/delivery info)
  • Category vendors (as needed): vetted local florists, bakeries, printers/artisans to fulfill your exact order
  • Payment processors: Razorpay (transaction processing; we don’t see full card/UPI details)
  • Technology providers: secure cloud/hosting (e.g., AWS), analytics, email/SMS providers under data-processing terms
  • Regulatory & legal: government, law enforcement, courts, or tax authorities when lawfully required
  • Business transfers: if our business is reorganized, merged, or sold, data may transfer to the new entity (they must honor this Policy)

All partners are contractually obligated to use your data only for the instructed purpose and to keep it secure.

6) Cookies & Tracking

We use:

  • Essential cookies: sign-in, cart, checkout
  • Analytics cookies: site performance and usage (often aggregated/anonymized)
  • Marketing cookies (consent-based): to show relevant offers across platforms (Meta/Google, etc.)

You can manage cookies in your browser or via our consent banner. Blocking essential cookies may limit site functionality.

7) Storage, Security & Retention

  • Where stored: Primarily on secure cloud infrastructure (e.g., AWS—India region preferred).
  • How protected: TLS/SSL encryption in transit, hardened servers, access controls on a need-to-know basis, periodic security reviews, staff confidentiality.
  • Payment safety: Payment data handled by PCI-DSS compliant processors; we don’t store raw card numbers.
  • Retention:
    • Transactional/GST records: retained as required under applicable tax and accounting laws (currently up to 7 years).
    • Account & support data: retained while your account is active or until your request is fulfilled, then deleted/anonymized unless legally required.
    • Marketing data: retained until you unsubscribe or withdraw consent.

8) Your Rights (DPDP Act)

Subject to law, you can:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete data
  • Delete data (where legally permissible) or withdraw consent for non-essential uses
  • File a grievance/complaint with us; you may also approach the Data Protection Board of India

We aim to respond within 30 days. Requests impacting statutory records (e.g., invoices) will be honored to the extent allowed by law.

9) International Transfers

We primarily process/store data in India. Where partners process data in other jurisdictions, we implement appropriate safeguards (contractual and organizational) to ensure protections consistent with Indian law and the DPDP Act.

10) Children’s Privacy

Our services are intended for adults (18+). We don’t knowingly collect data from children without verifiable parental/guardian consent. If you believe a child has provided data to us, contact us and we will act promptly.

11) Changes to This Policy

We may update this Policy as our services, law, or technology evolves. We’ll post updates here and, where material, notify you (e.g., email/banner). The “Last Updated” date reflects the latest version.

12) How to Contact Us

Grievance Officer / Data Protection Contact
 Chibi Maanlo (OPC) Private Limited
South Delhi, New Delhi – 110030, India
Email: support@maanlo.in

Maanlo Its True: About Us

Maanlo Known as “Khushiyon ka Address,” we bring warmth back to gifting through fresh flowers, cakes, handcrafted hampers, and personalized gifts, delivered across India — same-day in select cities.

Facebook Instagram Youtube X-twitter

Quick links

Information

Let’s get in touch

Sign up for our newsletter and receive 10% off your
© 2025 maanlo All rights reserved. Designed by Maanlo

Shopping Cart0

No products in the cart.