Free shipping on orders above ₹1000
Home / Legal

Privacy Policy

How we collect, use, and protect your information.

Last updated: 24 May 2026

1. Introduction

This Privacy Policy describes how SatyaTerra ("we", "us", or "our") collects, uses, shares, and protects your personal information when you visit our website, register an account, or place an order. By using our Services, you consent to the practices described in this Policy.

We are committed to handling your data in compliance with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023 (as applicable).

2. Information We Collect

We collect the following categories of personal information:

2.1 Information you provide directly

  • Account details: first name, last name, email address, mobile number, password (stored as a one-way bcrypt hash — we never see it in plaintext).
  • Order details: billing and shipping address, products purchased, order history, order notes.
  • Contact details: any information you submit through our contact form, support emails, or WhatsApp.

2.2 Information collected automatically

  • Technical data: IP address, browser type and version, device type, operating system, referring URL, time stamps.
  • Usage data: pages viewed, products viewed, items added to cart, search queries within the site.
  • Cookies and similar technologies: see Section 6 below.

2.3 Information from third parties

We may receive transaction status updates and limited identifying details from Razorpay (our payment processor) and our shipping partners when you place an order.

3. How We Use Your Information

We use your personal information for the following purposes:

  • Order fulfilment: to process, package, ship, and deliver your orders.
  • Account management: to create and maintain your account, authenticate logins, and respond to support requests.
  • Communications: to send order confirmations, shipping updates, delivery notifications, and customer-service replies via email, SMS, or WhatsApp.
  • Marketing: with your consent, to send promotional offers, product launches, and newsletters. You can opt out at any time.
  • Improvement: to analyse usage patterns, troubleshoot issues, and improve our Website, products, and services.
  • Legal compliance: to comply with applicable laws, tax obligations, and lawful requests from authorities.
  • Fraud prevention: to detect and prevent fraudulent transactions, abuse, and security incidents.

4. How We Share Your Information

We do not sell your personal data. We share information only as follows:

  • Service providers: with vendors who help us operate the business, including payment processors (Razorpay), shipping carriers, SMS/email providers, and cloud hosting platforms. They are contractually bound to handle your data only as needed to perform their services.
  • Legal requirements: when required by law, court order, or government request; to enforce our Terms; or to protect the rights, property, or safety of SatyaTerra, our customers, or others.
  • Business transfers: in the event of a merger, acquisition, or sale of assets, your information may be transferred to the successor entity, subject to the same protections.
  • With your consent: in any other case, only with your express consent.

5. SMS & WhatsApp Communications

When you register on our Website, we collect your mobile number and verify it via a one-time password (OTP) sent over SMS. By registering, you consent to receive:

  • Transactional messages: account verification, order confirmations, shipping updates, delivery notifications, and payment receipts. These are essential to fulfilling your order and cannot be opted out of.
  • Promotional messages: with your consent, occasional updates about new products, offers, and brand news, sent via SMS or WhatsApp. You may opt out at any time by replying STOP to any promotional message or by emailing care@satyaterra.in.

Your mobile number is stored securely and is not shared with third parties for marketing purposes.

6. Cookies & Similar Technologies

We use cookies and similar technologies for the following purposes:

  • Essential cookies: required for the Website to function (e.g. login session, cart contents). These cannot be disabled.
  • Analytics cookies: to understand how visitors use the Website so we can improve it.
  • Preference cookies: to remember your preferences, such as language and region.

You may disable non-essential cookies through your browser settings. Disabling essential cookies will impair the functionality of the Website.

7. Payment Data

We do not store your credit card numbers, CVV, or bank account credentials on our servers. All payment information is collected and processed directly by Razorpay, a PCI-DSS Level 1 compliant payment processor. Their privacy practices are governed by Razorpay's own Privacy Policy.

We retain only the following payment-related metadata for our records: order ID, Razorpay payment ID, transaction amount, and payment status.

8. Data Retention

We retain your personal information for as long as necessary to fulfil the purposes outlined in this Policy, including:

  • Account data: for as long as your account is active, plus up to 24 months after closure (in case you reactivate).
  • Order and transaction data: at least 8 years to comply with Indian tax and accounting regulations.
  • Marketing consent records: until you withdraw consent.
  • Support correspondence: up to 3 years from last contact.

After the retention period, your data is securely deleted or anonymised.

9. Security

We implement reasonable technical and organisational measures to protect your personal information, including:

  • HTTPS encryption for all communications between your browser and our servers.
  • Passwords stored as one-way bcrypt hashes — never in plaintext.
  • Authentication tokens stored as httpOnly cookies to mitigate XSS.
  • Parameterised database queries to prevent SQL injection.
  • Rate limits on OTP requests and login attempts.
  • Restricted access to personal data on a need-to-know basis.

While we take security seriously, no system is impenetrable. You are responsible for keeping your password and account credentials confidential.

10. Your Rights

Subject to applicable law, you have the following rights regarding your personal information:

  • Access: request a copy of the personal data we hold about you.
  • Correction: ask us to correct inaccurate or incomplete data.
  • Deletion: request deletion of your account and associated data (subject to legal retention obligations such as tax records).
  • Withdraw consent: opt out of marketing communications at any time.
  • Data portability: request your data in a portable format.
  • Grievance redressal: raise a complaint about how your data is handled (see Section 13).

To exercise any of these rights, email us at care@satyaterra.in. We will respond within 30 days.

11. Children's Privacy

Our Services are not directed to children under 18. We do not knowingly collect personal information from minors. If you become aware that a child has provided us with personal information, please contact us so we can delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the most recent revision. For material changes, we will notify users via email or a prominent Website notice. Your continued use of the Services constitutes acceptance of the updated Policy.

13. Contact & Grievance Officer

For privacy questions, data requests, or complaints, contact:

Grievance Officer — SatyaTerra
Email: care@satyaterra.in
Phone / WhatsApp: +91 99999 99999
Address: Delhi, India
Response time: within 30 days

This Privacy Policy is intended to comply with Razorpay's merchant requirements and applicable Indian law. It should be reviewed by a qualified legal professional before going live.