Dabao LogoDabao

Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, and protect your information in compliance with Indian privacy laws.

Compliant with IT Act 2000, SPDI Rules 2011, and Consumer Protection Act 2019

Last updated: January 2024 | Effective Date: January 1, 2024

Transparency

Clear information about what data we collect and why

Security

Strong security measures to protect your personal information

Your Rights

Full control over your personal data and privacy preferences

1. Information We Collect

Personal Information Categories

We collect information you provide directly to us, such as when you create an account, make a purchase, subscribe to our newsletter, or contact us for support.

1.1 Personal Identifiable Information (PII)

  • Contact Information: Name, email address, phone number, postal address
  • Account Information: Username, password (encrypted), profile picture
  • Business Information: Company name, GST number, business type, business address
  • Payment Information: Billing address, payment method details (processed securely)
  • Identity Verification: Government ID numbers when required for business accounts

1.2 Sensitive Personal Data Information (SPDI)

As per SPDI Rules 2011, we may collect the following sensitive information:

  • Financial information (bank account details for refunds, payment history)
  • Physical and mental health information (only if relevant to product safety)
  • Biometric information (only for business verification if required)
  • Sexual orientation, medical records, and biometric information (NOT collected)

1.3 Automatically Collected Information

  • Device Information: IP address, browser type, operating system, device identifiers
  • Usage Data: Pages visited, time spent, click patterns, search queries
  • Location Data: Approximate location based on IP address (with consent for precise location)
  • Cookies and Tracking: Session cookies, preference cookies, analytics cookies

2. How We Use Your Information

2.1 Primary Business Purposes

  • Order Processing: Process and fulfill your orders, manage payments and shipping
  • Customer Service: Respond to inquiries, provide support, handle returns and refunds
  • Account Management: Create and maintain user accounts, subscription management
  • Product Customization: Create custom packaging solutions based on your requirements
  • Business Communication: Send order confirmations, shipping updates, and important notices

2.2 Marketing and Communication (With Consent)

  • Send promotional emails about new products and special offers
  • Provide personalized product recommendations
  • Share industry insights and packaging tips via newsletter
  • Invite participation in surveys and feedback collection
  • Announce company updates and sustainability initiatives

2.3 Legal and Compliance Purposes

  • Comply with Indian laws and regulations (GST, Consumer Protection Act, IT Act)
  • Prevent fraud, abuse, and security incidents
  • Maintain accurate financial records and tax documentation
  • Respond to legal requests and protect our rights

3. Information Sharing and Disclosure

Our Commitment

We do not sell, trade, or rent your personal information to third parties. We only share your information in the limited circumstances described below.

3.1 Service Providers and Business Partners

  • Payment Processors: Razorpay, Stripe, PayU (for secure payment processing)
  • Shipping Partners: India Post, BlueDart, Delhivery (for order delivery)
  • Cloud Services: AWS, Google Cloud (for secure data storage)
  • Analytics: Google Analytics (anonymized data for website improvement)
  • Customer Support: Email service providers and help desk systems

3.2 Legal Requirements

We may disclose your information when required by Indian law or to:

  • Comply with legal processes, court orders, or government requests
  • Protect our rights, property, or safety and that of our users
  • Investigate and prevent fraud, security breaches, or illegal activities
  • Enforce our Terms and Conditions and other agreements

4. Data Security and Protection

Security Measures

We implement industry-standard security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.

4.1 Technical Safeguards

  • Encryption: SSL/TLS encryption for data transmission, AES-256 for data storage
  • Access Controls: Multi-factor authentication, role-based access, regular access reviews
  • Network Security: Firewalls, intrusion detection, regular security monitoring
  • Data Backup: Regular automated backups with secure storage
  • Vulnerability Management: Regular security audits and penetration testing

4.2 Organizational Safeguards

  • Employee training on data protection and privacy practices
  • Confidentiality agreements with all staff and contractors
  • Regular privacy impact assessments
  • Incident response procedures for data breaches
  • Compliance monitoring and regular policy updates

5. Your Privacy Rights and Choices

Your Rights Under Indian Law

As per the Information Technology Act 2000 and Consumer Protection Act 2019, you have specific rights regarding your personal data.

5.1 Access and Correction Rights

  • Access: Request a copy of all personal information we hold about you
  • Correction: Update or correct inaccurate personal information
  • Portability: Receive your data in a structured, machine-readable format
  • Account Control: Update preferences and manage communication settings

5.2 Deletion and Withdrawal Rights

  • Deletion: Request deletion of your personal information (subject to legal requirements)
  • Withdrawal: Withdraw consent for marketing communications at any time
  • Account Closure: Close your account and delete associated data
  • Objection: Object to specific uses of your information

5.3 How to Exercise Your Rights

To exercise any of these rights, contact us at:

  • Email: privacy@dabao.in
  • Phone: +91 94422 64026
  • Response Time: We will respond within 30 days of your request
  • Verification: We may request identity verification for security purposes

6. Cookies and Tracking Technologies

6.1 Types of Cookies We Use

  • Essential Cookies: Required for website functionality, cannot be disabled
  • Performance Cookies: Help us understand how visitors use our website
  • Functionality Cookies: Remember your preferences and settings
  • Marketing Cookies: Track effectiveness of our advertising (with consent)

6.2 Managing Cookies

  • Use our cookie consent banner to manage preferences
  • Adjust browser settings to block or delete cookies
  • Opt out of Google Analytics tracking
  • Disable marketing cookies while keeping functional ones

7. Data Retention and Deletion

7.1 Retention Periods

  • Account Data: Retained while account is active plus 3 years after closure
  • Transaction Records: 7 years (as required by Indian tax and accounting laws)
  • Marketing Data: Until consent is withdrawn or 2 years of inactivity
  • Support Communications: 3 years for quality assurance and training
  • Website Analytics: 26 months (Google Analytics default)

7.2 Secure Deletion

When data is no longer needed, we securely delete it using industry-standard methods to ensure it cannot be recovered or reconstructed.

8. International Data Transfers

Cross-Border Data Transfers

Some of our service providers may process your data outside of India. When this occurs:

  • We ensure adequate protection through contractual safeguards
  • Transfers comply with applicable Indian data protection laws
  • We maintain the same level of protection as required in India
  • You will be notified of any significant changes to transfer practices

9. Children's Privacy

Our services are not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If we discover that we have collected personal information from a child under 18, we will:

  • Delete the information immediately
  • Notify the parent or guardian if possible
  • Terminate the account if applicable
  • Review our processes to prevent similar occurrences

10. Privacy Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make changes:

  • We will post the updated policy on our website
  • We will notify you via email for significant changes
  • The “Last updated” date will be revised
  • We may require your consent for material changes

11. Contact Information and Grievance Redressal

Data Protection Officer

Name: AJITH BERLIN A

Email: privacy@dabao.in

Phone: +91-9442264026

Address: Tamil Nadu, India

Response Time: 30 days maximum for privacy-related queries

Grievance Redressal Mechanism

As per Indian IT Rules, if you have any grievances regarding data protection or privacy:

  1. Contact our Data Protection Officer using the details above
  2. We will acknowledge your complaint within 24 hours
  3. We will investigate and respond within 30 days
  4. If unsatisfied, you may approach the Indian Computer Emergency Response Team (CERT-In)
  5. You may also file complaints with appropriate consumer forums

12. Compliance with Indian Laws

This Privacy Policy complies with:

  • Information Technology Act, 2000 and amendments
  • Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
  • Consumer Protection Act, 2019
  • Indian Contract Act, 1872
  • Goods and Services Tax Act, 2017 (for business data)

Our Privacy Commitment

At Dabao India, protecting your privacy is not just a legal obligation but a fundamental value. We are committed to maintaining the highest standards of data protection and transparency in all our operations. Your trust is essential to our business, and we will continue to earn it every day.

Questions About Your Privacy?

Our privacy team is here to help you understand and exercise your rights

Contact Privacy TeamGeneral Support

1. Information We Collect

We collect information you provide directly to us, such as when you create an account, make a purchase, subscribe to our newsletter, or contact us for support. This may include:

  • Personal information (name, email address, phone number)
  • Business information (company name, billing address, tax ID)
  • Payment information (credit card details, banking information)
  • Order history and preferences
  • Communication preferences and marketing consent

2. How We Use Your Information

We use the information we collect to:

  • Process and fulfill your orders
  • Provide customer service and support
  • Send order confirmations and shipping updates
  • Improve our products and services
  • Send marketing communications (with your consent)
  • Detect and prevent fraud
  • Comply with legal obligations

3. Information Sharing

We do not sell, trade, or otherwise transfer your personal information to third parties except in the following circumstances:

  • With your explicit consent
  • To trusted service providers who assist in our operations
  • To comply with legal requirements or court orders
  • To protect our rights, property, or safety
  • In connection with a business transaction or merger

4. Data Security

We implement appropriate security measures to protect your personal information:

  • SSL encryption for data transmission
  • Secure servers and databases
  • Regular security audits and updates
  • Access controls and employee training
  • Payment processing through PCI-compliant providers

5. Cookies and Tracking

We use cookies and similar technologies to:

  • Remember your preferences and settings
  • Analyze website traffic and usage patterns
  • Provide personalized content and recommendations
  • Enable social media features
  • Measure advertising effectiveness

You can control cookie settings through your browser preferences. For more details, see our Cookie Policy.

6. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your personal data
  • Portability: Receive your data in a machine-readable format
  • Objection: Object to certain processing activities
  • Restriction: Limit how we use your data

7. Data Retention

We retain your personal information for as long as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements. Specific retention periods vary based on the type of information and the purpose for which it was collected.

8. International Transfers

If you are located outside India, your information may be transferred to and processed in India or other countries where our service providers operate. We ensure appropriate safeguards are in place to protect your information during such transfers.

9. Children's Privacy

Our services are not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will take steps to delete it promptly.

10. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any material changes by posting the new policy on our website and updating the “Last updated” date. Your continued use of our services after such changes constitutes acceptance of the new policy.

11. Contact Us

If you have any questions about this privacy policy or our privacy practices, please contact us:

Dabao India

Email: privacy@dabao.in

Phone: +91 9442264026

Address: Tamil Nadu, India

12. Compliance

This privacy policy is designed to comply with applicable privacy laws, including the Information Technology Act, 2000 and its rules, GDPR (for EU residents), and other relevant data protection regulations.

Questions About Our Privacy Policy?

We're committed to transparency. If you have any questions or concerns about how we handle your data, don't hesitate to reach out.