Data Retention Policy for E-commerce Website
Effective Date: OCT,2024

Last Updated: JAN,2025

  1. Introduction
    WINSOME PAYMENTS TECHNOLOGIES PRIVATE LIMITED (“we”, “our”, or “the Company”) is committed to maintaining the privacy and security of customer data in compliance with relevant laws and regulations. This Data Retention Policy outlines how we manage and retain personal data collected from users of our e-commerce website (“https://vellacoutures.com/“), and specifies the retention periods for different categories of data.
  2. Purpose of Data Retention
    The purpose of this policy is to:
  • Ensure that data is retained only for as long as necessary for legitimate business, legal, and operational purposes.
  • Maintain compliance with applicable data protection laws, such as GDPR, CCPA, and others.
  • Safeguard user privacy by limiting the duration of time personal data is stored.
  1. Types of Data Collected
    We may collect the following types of personal data through our Site:
  • Customer Account Data: Name, email address, phone number, shipping and billing addresses, etc.
  • Order Data: Purchase history, product preferences, transaction details, payment information.
  • User Activity Data: Browsing behavior, items viewed, search queries, and IP addresses.
  • Communication Data: Email correspondence, customer support interactions, and feedback.
  • Payment Information: Credit card details and billing information (processed through third-party payment gateways).
  • Marketing Preferences: Subscription preferences, newsletter sign-up data, and responses to promotions or surveys.
  1. Retention Periods
    The following retention periods apply to various types of data we collect:
  • Customer Account Data:
    • Retained for as long as the customer maintains an active account with us.
    • If an account is inactive for 2 years, we will send a notification to the user and may delete or anonymize the data unless retention is required for legal purposes (e.g., fraud prevention).
  • Order Data:
    • Retained for a period of 7 years for accounting, tax, and warranty purposes, or as required by law. This includes invoices, purchase records, and transaction data.
  • Payment Information:
    • Payment information (credit card details) is not stored directly by us. This data is processed and stored by third-party payment processors in accordance with their policies.
  • User Activity Data:
    • Retained for a maximum of 1 year for analysis, improving user experience, and website optimization.
  • Communication Data:
    • Retained for 3 years following the completion of the interaction, unless required for legal or regulatory purposes.
  • Marketing Preferences:
    • Retained as long as the user is subscribed to marketing communications. If the user opts out or unsubscribes, data will be retained for a maximum of 2 years for legal compliance and to manage any future interactions.
  1. Data Anonymization and Deletion
    We are committed to safeguarding user privacy. After the expiration of the retention periods mentioned above:
  • We will anonymize or pseudonymize the data when feasible, ensuring that it cannot be traced back to a specific individual.
  • Data that is no longer required for business purposes will be securely deleted from our systems.
  • If a customer requests that their account be deleted, we will erase or anonymize their personal data, subject to legal or contractual obligations.
  1. Data Retention for Legal Compliance
    We may retain personal data for longer periods if required by law or regulation. This includes:
  • Compliance with tax, accounting, and financial regulations.
  • Cooperation with legal requests, investigations, and litigation.
  • Retention of transaction records for fraud detection or prevention.
  1. Data Security Measures
    We have implemented appropriate security measures to safeguard your personal data during its retention period. These measures include encryption, access control, and secure storage systems to protect data against unauthorized access, alteration, or deletion.
  2. User Rights
    As a user of our Site, you have the following rights regarding your personal data:
  • Access: You may request access to the personal data we hold about you.
  • Correction: You may request corrections to any inaccurate or incomplete data.
  • Deletion: You may request the deletion of your personal data in certain circumstances.
  • Portability: You may request a copy of your data in a structured, machine-readable format.
  • Objection: You may object to the processing of your data for marketing purposes or any processing based on legitimate interests.
  • To exercise your rights, please contact our Data Protection Officer (DPO) at [Insert Contact Information].
  1. Third-Party Data Processing
    We may use third-party service providers to store or process personal data, such as payment processors, cloud service providers, and marketing platforms. These third parties are contractually obligated to follow the principles outlined in this policy and applicable data protection laws. We will ensure that data is retained in accordance with the applicable third-party service provider’s retention policy.
  2. Policy Updates
    This Data Retention Policy may be updated from time to time to reflect changes in legal requirements, business practices, or technological advancements. We will notify users of significant changes through our Site or via email.
  3. Contact Information
    If you have any questions or concerns about this Data Retention Policy, please contact us at:
  • Email: winsomepaymentstechnologiespri@gmail.com
  • Phone: +91 8859930643
  • Address: Office No.109,FF, Vardhman, Market, CSC, Pkt. JG, Vikas Puri,
    West Delhi, New Delhi, Delhi- 110018
  • By using our website, you agree to the retention and processing of your personal data as outlined in this policy.

This policy provides a framework for ensuring that your e-commerce website follows appropriate data retention practices, balancing operational needs with data privacy compliance.