Privacy Policy

Effective Date: 20.11.2025
Business Name: Thuni Bazaar
Website: https://www.thunibazaar.com/

Thuni Bazaar (“we”, “our”, “us”) is committed to protecting your personal information and your privacy. This Privacy Policy outlines how we collect, use, store, disclose, and safeguard your information in compliance with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and general global privacy standards including the General Data Protection Regulation (GDPR) where applicable.

By using our website or services, you agree to the terms of this Privacy Policy.

1. Information We Collect

We collect the following categories of information:

1.1 Personal Information

(As defined under Rule 3 of the IT Rules 2011)

• Full name

• Mobile number

• Email address

• Shipping and billing address

• Payment details (processed securely by third-party payment gateways)

• Customisation details for orders (texts, images, designs uploaded)

1.2 Sensitive Personal Data

We do not collect sensitive personal data such as passwords, biometric data, financial account passwords, medical history, etc., as described under the IT Rules 2011.

1.3 Non-Personal Information

• IP address

• Browser type

• Device details

• Website usage statistics

• Cookies, pixels, and analytics data

2. How We Use Your Information

Your information is used strictly for legitimate business purposes under Section 43A of the Information Technology Act and GDPR Article 6 (Lawful Basis of Processing):

• To process and deliver your orders

• To customise products based on your instructions

• To provide order updates, shipping details, and customer support

• To improve website functionality and user experience

• To prevent fraud, unauthorized access, or illegal activities

• To send promotional messages (only if you provide consent)

Your information is never used for any unlawful purpose.

3. Legal Basis for Processing (GDPR Compliance)

For users visiting from the EU/EEA, we process data under these lawful bases:

• Contractual necessity: Fulfilling orders, processing payments

• Consent: Marketing messages, optional cookies

• Legitimate interest: Improving website experience

• Legal obligation: Maintaining transaction records

4. Sharing of Information

We follow Rule 6 of the IT Rules 2011 while disclosing information.

We may share your data only with trusted third parties necessary for order processing:

• Courier and logistics partners

• Payment gateway providers

• Customer support tools

• Printing/customisation teams

• Website hosting and analytics platforms

We do not sell, rent, or trade your personal information.

5. Data Protection & Security

We comply with Section 43A of the IT Act, 2000 and the IS/ISO/IEC 27001 standard for reasonable security practices.

Security measures include:

• SSL encryption

• Secure servers and firewalls

• Access control for staff

• Regular system audits

• Encrypted payment handling via payment gateways

However, no system is entirely foolproof; users are encouraged to maintain good cybersecurity practices.

6. Retention of Information

We retain data only as long as necessary for:

• Fulfilling your order

• Accounting & audit requirements (as per Indian tax laws)

• Customer support

• Legal compliance

You may request deletion of your data unless required by law or order history preservation.

7. Your Rights

Under Indian Law

You have the right to:

• Access your personal information

• Correct or update information

• Withdraw consent for promotional messaging

• Request deletion of stored data (where legally allowed)

Under GDPR (for EU users)

You have additional rights:

• Right to data portability

• Right to restrict processing

• Right to object to automated decision-making

• Right to be forgotten

Submit a request through our contact details below.

8. Cookies & Tracking Technologies

We use cookies for:

• Improving browsing experience

• Remembering cart items

• Analytics and traffic measurement

Users can disable cookies in their browser settings. Certain site features may not work without cookies.

9. Children’s Privacy

Our services are not intended for children under 13 years.
We do not knowingly collect data from minors. If such data is detected, it will be deleted immediately.

10. Third-Party Links

Our website may contain links to external websites. We are not responsible for their privacy practices. Please review their respective privacy policies.

11. Data Transfer Outside India

If your data is processed or stored outside India, we ensure protection standards consistent with:

• IT Rules 2011

• GDPR international data transfer requirements

Third-party partners must comply with equivalent data protection norms.

12. Updates to This Policy

We may update this Privacy Policy based on legal changes or business requirements. Updates will be posted on this page with a revised effective date.

13. Contact Information

For questions, concerns, or privacy requests, contact us:

? [Your Contact Number]
? [Your Email Address]
? WhatsApp: [Your Link]

Data Protection Officer (Optional but recommended):
[Insert Name / Email]