Privacy Policy for VIIAA
Effective Date: August 8, 2025
Welcome to Viiaa ("we," "us," "our"). We operate an online marketplace platform (the "Platform") that connects buyers with independent, third-party jewellery sellers ("Sellers"). We are committed to protecting the privacy and security of your personal information.
This Privacy Policy describes how we collect, use, share, and protect your personal data when you visit our website (www.Viiaa.in), use our mobile application, or engage with our services (collectively, the "Services").
Because we are a marketplace, it's important to understand that to complete a transaction, we need to share some of your information with the Seller you choose to purchase from. This policy outlines our responsibilities and provides information on the data shared.
This Privacy Policy complies with:
Digital Personal Data Protection Act, 2023 (DPDPA)
As per Indian law:
• Data Principal Rights: You have the right to access, correct, and erase your personal data.
• Consent Management: You can withdraw consent at any time.
• Data Fiduciary Obligations: We act as a Data Fiduciary and ensure lawful processing.
• Significant Data Fiduciary: If applicable, we comply with additional obligations.
• Cross-border Transfer: We ensure adequate protection for international data transfers.
Information Technology Act, 2000 (IT Act)
We comply with the IT Act and its amendments regarding:
• Electronic records and digital signatures.
• Data protection and privacy.
• Cybersecurity measures.
We collect information to provide and improve our Services. This includes:
• Account Registration: Name, email address, phone number, password.
• Profile Information: Shipping/billing address, date of birth.
• Transaction Information: Product details, shipping address, order total (payment processed via third-party gateways; we only receive confirmation and partial details).
• Communications: Via email, phone, or platform messaging.
• Reviews and Ratings: Feedback provided on Sellers or products.
• Product Preferences: Type, size, style preferences.
• Certification Data: Hallmark, BIS certification details.
• Valuation Information: For insurance or resale purposes.
• Custom Orders: Special design requirements and measurements.
• Authentication Data: For premium jewellery verification.
• Usage and log data, device information, location data.
• Cookies and tracking technologies (see Section 13).
• Sellers: Order fulfillment updates.
• Social Media: Information from connected accounts (e.g., Google, Facebook).
We use your data to:
• Operate and manage our Services.
• Fulfill orders and facilitate transactions.
• Personalize your experience.
• Communicate with you (including marketing, with consent).
• Prevent fraud and ensure security.
• Conduct analytics and improvements.
• Comply with legal obligations.
When you purchase from a Seller, we share:
• Order Details: Product specifications, quantity, price.
• Shipping Information: Name, address, phone number.
• Contact Information: For order updates and delivery.
• Payment Confirmation: Transaction status (no card details).
• Return/Refund Requests: For customer service purposes.
Seller Privacy Policies: Each Seller has their own privacy policy. We recommend reviewing their policies before making purchases.
• Contract Performance: To fulfill your orders.
• Legitimate Interest: To improve our services.
• Consent: For marketing communications.
• Legal Obligation: For tax and regulatory compliance.
We use cookies to ensure website functionality, analyze performance, and personalize your experience.
Types of Cookies We Use:
• Essential Cookies: For core functionality.
• Analytics Cookies: To understand usage patterns.
• Marketing Cookies: For personalized ads.
• Third-party Cookies: From payment gateways and analytics services.
Cookie Management: You can manage cookies via browser settings or our cookie consent banner.
We implement administrative, technical, and physical safeguards, including SSL/TLS encryption and access controls. No system is 100% secure, but we take all reasonable measures to protect your data.
• Account Data: Until account deletion or 7 years (tax purposes).
• Transaction Data: 7 years (legal requirement).
• Marketing Data: Until consent withdrawal.
• Analytics Data: 2 years (anonymized after 1 year).
• Support Communications: 3 years.
If a data breach affects your personal information:
• We will notify you within 72 hours of becoming aware.
• We will report to relevant authorities as required by law.
• We will provide guidance on protective measures.
• We will maintain breach records for audits.
You may have rights under DPDPA and other laws to access, correct, erase, restrict, and port your data, and to object to processing. You may withdraw consent at any time.
Marketing Opt-Out: Click "unsubscribe" in our marketing emails.
Our Services are not for children under 18. We do not knowingly collect their data.
Your data may be processed in:
• India: Primary location.
• United States: Cloud services (AWS, Google Cloud).
• European Union: Analytics and marketing services.
We ensure adequate protection through:
• Standard Contractual Clauses (SCCs).
• Adequacy decisions.
• Binding corporate rules.
We may update this policy from time to time. Changes will be posted with a revised effective date.
Viiaa
Attn: Data Protection Officer
[Your Physical Address]
[City, Postal Code]
Email: privacy@viiaa.in
Phone: [Your Contact Number]