PRIVACY POLICY

Effective Date: March 2026

This Privacy Policy (“Policy”) is issued by CITIDRIP (“Company”, “we”, “us”, or “our”) and governs the manner in which personal data and information are collected, processed, stored, used, disclosed, and protected when users (“User”, “Customer”, “you”) access or interact with the official website https://citidrip.in/ (the “Website”) or any related services, communication channels, or digital interfaces operated by the Company.

This Policy has been formulated in compliance with applicable Indian laws, including but not limited to the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, the Consumer Protection Act, 2019, the Consumer Protection (E-Commerce) Rules, 2020, and the Digital Personal Data Protection Act, 2023, and reflects the Company’s commitment to lawful processing, transparency, accountability, and protection of user data.

CITIDRIP recognizes that privacy is a fundamental right and is committed to ensuring that all personal information shared with the Company is handled with the highest standards of care, security, and confidentiality. This Policy aims to provide Users with a clear understanding of the nature of data collected, the purpose for which such data is processed, the rights available to Users, and the safeguards implemented to protect such information.

By accessing the Website, creating an account, placing an order, subscribing to communications, or otherwise interacting with the Company, the User expressly consents to the collection, use, processing, and disclosure of their information in accordance with this Policy. If the User does not agree with any part of this Policy, they are advised to discontinue use of the Website and services.

The Company may collect personal information directly from Users during account registration, order placement, subscription to newsletters, customer support interactions, or participation in promotional activities. Such information may include, but is not limited to, the User’s full name, email address, mobile number, shipping and billing address, and transactional details. Payment-related information is processed securely through third-party payment gateways that comply with applicable regulatory standards, and the Company does not store complete financial credentials such as card numbers or UPI authentication data.

In addition to information voluntarily provided by the User, the Company may automatically collect certain technical and usage-related data when the Website is accessed. This may include the User’s IP address, browser type, device information, operating system, pages visited, time spent on the Website, and interaction patterns. Such information is collected through cookies, web beacons, and similar tracking technologies to enhance user experience, analyze performance, improve functionality, and prevent fraudulent activity.

The Company uses the collected information for multiple lawful purposes, including processing and fulfilling orders, managing customer accounts, providing customer support, communicating order updates and service notifications, sending marketing and promotional content (subject to user consent), improving product offerings, personalizing user experience, and ensuring platform security. The Company may also use data for internal analytics, fraud detection, dispute resolution, and compliance with legal obligations.

CITIDRIP does not sell, rent, or trade personal data to third parties. However, the Company may share User information with trusted service providers and third parties strictly on a need-to-know basis and in accordance with applicable laws. Such entities may include payment processors, logistics and delivery partners, technology service providers, analytics tools, and marketing platforms, all of whom are contractually obligated to maintain confidentiality and implement appropriate security measures. Information may also be disclosed where required by law, court order, or governmental authority, or where such disclosure is necessary to protect the rights, property, or safety of the Company, its Users, or the public.

The Company retains personal data only for as long as necessary to fulfill the purposes for which it was collected, including compliance with legal, regulatory, tax, or accounting requirements. Upon expiration of such retention periods, the data is either securely deleted or anonymized in accordance with industry standards and internal data retention policies.

Users have certain rights in relation to their personal data, including the right to access, update, correct, or request deletion of their information, as well as the right to withdraw consent for marketing communications at any time. Users may exercise these rights by contacting the Company through the official communication channels. However, the Company may retain certain information where required by law or for legitimate business purposes, including fraud prevention and dispute resolution.

The Company implements commercially reasonable technical and organizational security measures to safeguard User data against unauthorized access, misuse, loss, or disclosure. These measures include encryption protocols, secure servers, access controls, and periodic security assessments. However, the User acknowledges that no method of transmission over the internet or electronic storage is completely secure, and the Company cannot guarantee absolute security of information.

The Website may contain links to third-party websites or services that are not owned or controlled by the Company. This Policy does not apply to such external platforms, and the Company shall not be responsible for the privacy practices, policies, or content of such third-party websites. Users are advised to review the privacy policies of such platforms before sharing any personal information.

The Company does not knowingly collect or solicit personal information from individuals under the age of eighteen (18) without verifiable parental consent. If the Company becomes aware that personal data of a minor has been collected without appropriate authorization, such information shall be promptly deleted.

In the event of any data breach or unauthorized access to User information, the Company shall take appropriate remedial measures in accordance with applicable laws and may notify affected Users and authorities as required.

This Privacy Policy may be updated, modified, or revised from time to time at the sole discretion of the Company. Any changes shall be effective immediately upon posting on the Website, and Users are encouraged to review this Policy periodically to stay informed. Continued use of the Website after such updates shall constitute acceptance of the revised Policy.

This Policy shall be governed by and construed in accordance with the laws of India, and any disputes arising out of or in connection with this Policy shall be subject to the exclusive jurisdiction of the courts located in Dehradun, Uttarakhand.

For any questions, concerns, or requests relating to this Privacy Policy or the handling of personal data, Users may contact the Company at:

📧 Email: citidrip.in@gmail.com
🌐 Website: https://citidrip.in/contact

By accessing the Website or engaging with CITIDRIP’s services, the User acknowledges that they have read, understood, and agreed to this Privacy Policy in its entirety.