Privacy Policy

1. PURPOSE AND SCOPE

1.1 This Policy applies to all Users who access or use the
Application for enrolling in or participating in reward programs
offered by participating Jewellers.

1.2 This Policy sets out:
a) the categories of Personal Data collected;
b) the purposes and lawful basis for processing;
c) the manner of storage, usage, and protection;
d) the circumstances under which such data may be
disclosed; and
e) the rights and choices available to Users.

1.3 This Policy is intended to ensure transparency and compliance
with applicable Indian laws, including data protection and
information technology laws.

2. DEFINITIONS

For the purposes of this Policy:

2.1 “Personal Data” means any information relating to an identified
or identifiable natural person.

2.2 “Sensitive Personal Data” shall have the meaning ascribed
under applicable law and may include financial information,
authentication data, or other sensitive categories as notified.

2.3 “Processing” means any operation performed on Personal Data,
including collection, recording, storage, use, disclosure, transfer,
or deletion.

2.4 “Applicable Law” means all laws, rules, and regulations in force
in India relating to data protection, privacy, and information
technology.

3. INFORMATION COLLECTED

3.1 Information Provided by You

The Platform Provider may collect the following Personal Data
voluntarily provided by You:

a) Full name;
b) Mobile number;
c) Email address (if provided);
d) Date of birth (optional, for promotional benefits);
e) Basic profile details;
f) Reward points account and transaction history.

You represent and warrant that all information provided is true,
accurate, complete, and updated.

3.2 Information Collected Automatically

The Application may automatically collect certain technical and
usage-related information, including:

a) Device information (model, operating system, device
identifiers);
b) Application usage data and logs;
c) Date, time, and duration of access;
d) IP address (where applicable);
e) Error logs and diagnostic data.

Such information is used strictly for system functionality,
analytics, performance optimisation, and security.

3.3 Information Not Collected

The Platform Provider does not collect, process, or store:

a) Bank account details;
b) Credit or debit card details;
c) UPI IDs;
d) Digital wallet balances;
e) Passwords, PINs, or authentication credentials for financial
accounts.

All financial transactions occur directly between the User and the
Jeweller.

4. PURPOSE AND LAWFUL BASIS OF PROCESSING

4.1 Personal Data shall be processed solely for the following
purposes:

a) onboarding and registration into the Program;
b) maintenance of User accounts and reward points ledger;
c) enabling redemption and utilisation of reward points;
d) communication of transactional and program-related
information;
e) fraud detection, prevention, and audit trails;
f) system security, analytics, and performance improvement;
g) compliance with legal and regulatory obligations.

4.2 Processing is based on User consent and/or legitimate
business purposes, as permitted under Applicable Law.

4.3 Personal Data shall not be used for unrelated purposes without
obtaining additional consent.

5. ROLE OF PARTIES

5.1 The Platform Provider acts as a data processor and technology
facilitator.

5.2 The Jeweller acts as the data controller for customer data
relating to commercial transactions.

5.3 The Platform Provider:

a) does not sell jewellery;
b) does not issue invoices;
c) does not process payments;
d) does not determine commercial terms of sale.

6. DISCLOSURE AND SHARING OF DATA

6.1 Personal Data may be disclosed strictly on a need-to-know
basis to:

a) the relevant participating Jeweller;
b) authorised service providers bound by confidentiality
obligations;
c) governmental, statutory, or regulatory authorities as
required by law.

6.2 Personal Data shall not be:

a) sold;
b) rented;
c) commercially exploited.

6.3 All disclosures shall be limited to the minimum data necessary
for the intended purpose.

7. DATA STORAGE AND RETENTION

7.1 Personal Data shall be stored in secure electronic systems with
reasonable safeguards.

7.2 Data shall be retained:

a) for the duration of User participation in the Program;
and/or
b) for such period as required under Applicable Law.

7.3 Upon termination, withdrawal, or deletion request, Personal
Data shall be:

a) deleted; or
b) anonymised,

subject to legal retention requirements.

8. DATA SECURITY

8.1 The Platform Provider implements reasonable administrative,
technical, and organisational safeguards to protect Personal Data
against:

a) unauthorised access;
b) misuse or unlawful processing;
c) alteration or destruction;
d) accidental loss or disclosure.

8.2 Notwithstanding the above, the User acknowledges that no
system is completely secure and accepts inherent risks associated
with digital platforms.

9. USER RIGHTS

9.1 Subject to Applicable Law, the User shall have the right to:

a) access Personal Data;
b) request correction of inaccurate or incomplete data;
c) request deletion or anonymisation (subject to legal
obligations);
d) withdraw consent for non-essential processing;
e) opt-out of promotional communications.

9.2 Requests may be submitted using the contact details provided
in this Policy.

10. CONSENT AND WITHDRAWAL

10.1 By using the Application, You provide free, informed, specific,
and unambiguous consent to the processing of Personal Data.

10.2 Withdrawal of consent may:

a) restrict access to certain features; or
b) result in termination of participation in the Program.

11. COOKIES AND TRACKING

11.1 The Application may use limited cookies or similar
technologies strictly for:

a) functionality;
b) performance;
c) security.

11.2 No third-party behavioural advertising or tracking cookies are
used.

12. CHILDREN’S PRIVACY

12.1 The Application is not intended for individuals below eighteen
(18) years of age without lawful parental or guardian consent.

12.2 The Platform Provider does not knowingly collect Personal
Data of minors without valid consent.

13. DATA BREACH MANAGEMENT

13.1 In the event of a data breach, the Platform Provider shall:

a) take reasonable steps to investigate and mitigate the breach;
b) comply with applicable legal notification obligations.

14. POLICY UPDATES

14.1 This Policy may be amended from time to time.

14.2 Updated versions shall be made available on the Application.

14.3 Continued use of the Application after such updates shall
constitute deemed acceptance.

15. LIMITATION OF LIABILITY

15.1 To the maximum extent permitted under Applicable Law:

a) The Platform Provider and Jeweller shall not be liable for
indirect, incidental, consequential, or punitive damages
arising from lawful processing of Personal Data.

b) Liability, if any, shall be limited to direct damages proven and
attributable to gross negligence or wilful misconduct.

16. GOVERNING LAW AND JURISDICTION

16.1 This Policy shall be governed by the laws of India.

16.2 Subject to applicable dispute resolution mechanisms, courts
at Rajkot, Gujarat shall have exclusive jurisdiction.

USER DECLARATION AND CONSENT

“I hereby confirm that I have read, understood, and agreed to this
Privacy Policy and consent to the collection, processing, storage,
and use of my Personal Data in accordance with its terms.”