1.  Introduction

This Privacy Policy explains how Aumak Foods, proprietorship, registered at Mumbai, Maharashtra, collects, uses, stores, shares, and protects the personal information of its customers and business partners.

This Policy applies to three groups of people:

  • Individuals who purchase jaggery directly from us online through our website, WhatsApp Business, Instagram/Facebook page, or any online marketplace listing.
  • Individuals who purchase from our retail counter or warehouse outlet, if applicable
  • Retail shop owners and their staff who purchase jaggery from us wholesale for resale in their stores across Mumbai and surrounding areas

2.  Information We Collect

2.1  Online Purchases

  • Full name
  • Phone number and email address
  • Delivery address
  • Order details items, quantity, order value, order history
  • Payment information we do NOT store full card/UPI details; these are processed by our payment gateway. We retain only: transaction ID, amount, and payment status
  • Communication history WhatsApp chats, emails, call notes related to your order
  • Device and browser data IP address, approximate location, browser type — if you use our website or app (see Section 6 on Cookies)

2.2  Walk-in / Retail Counter Purchases

  • Name and phone number collected only if you want a printed bill, wish to be added to repeat-customer offers, or request home delivery
  • Purchase details for billing and GST record-keeping
  • CCTV footage where cameras are installed on our premises, for security. Retained for [30 / 60 / 90] days, then automatically deleted
📌  Note: We do not require ID proof or personal data for simple cash or UPI walk-in purchases unless you request a delivery or credit arrangement.

2.3  Retail Shop / Wholesale Partners

  • Shop or business name and registered address
  • Owner or contact person’s name, phone number, and email address
  • GSTIN (GST Registration Number)
  • FSSAI licence number, if applicable to your shop
  • Bank account details for refunds, credit notes, or recurring payment arrangements
  • Order quantities, pricing terms, credit period, and order history
  • Delivery address(es) if different from billing address
  • Signed delivery acknowledgements and proof-of-delivery records

2.4  Information We Do Not Collect

We do not knowingly collect sensitive personal data such as health records, religious beliefs, or biometric data. Our products are not directed at individuals below 18 years of age.

3.  How We Collect Your Information

  • Directly from you order forms, WhatsApp messages, phone calls, in-person conversations at our counter or warehouse, or through your retail shop’s onboarding / KYC paperwork
  • Automatically through our website or app, if you browse or place an order online
  • From payment gateways and logistics partners confirming transaction status and delivery completion
  • From publicly available business directories if used to identify and onboard new retail shop partners. Limited to business contact details only, not personal data

4.  How We Use Your Information

Purpose of UseApplies To
Processing and fulfilling your orderAll customers
Generating GST-compliant invoicesAll customers
Coordinating delivery to your locationOnline buyers, retail partners
Managing credit terms and wholesale ordersRetail partners
Sending order confirmations and delivery updatesOnline buyers, retail partners
Responding to queries, complaints or refund requestsAll customers
Sharing offers and new stock updates (with consent only)Online buyers, retail partners
Tax and legal compliance record-keepingAll customers
Store security via CCTVWalk-in customers only

We do not use your data for purposes beyond what is listed above without informing you and seeking fresh consent where required.

5.  Legal Basis for Processing

Under the Digital Personal Data Protection Act, 2023 (DPDP Act), we process personal data based on:

  • Your consent for marketing communications, optional loyalty programmes, and online order processing
  • You may withdraw consent at any time for purposes that rely on it, without affecting orders already placed
  • Legitimate use for fulfilling a contract you have voluntarily entered (placing an order) and for routine business activities like invoicing and delivery that you would reasonably expect
  • Legal obligation for GST records, tax filings, and other statutory requirements under Indian law

6.  Cookies and Online Tracking

(Applicable only if you operate a website or mobile app. Remove this section if you are purely WhatsApp / phone-order based.)

If you visit our website, we may use cookies or similar technologies to:

  • Keep your cart or order details active during a browsing session
  • Understand which products and pages customers visit most
  • Remember your delivery address for repeat orders

You can disable cookies through your browser settings. This may affect certain features such as saved carts or auto-filled addresses.

7.  Sharing of Information with Third Parties

We share personal data only as necessary to run the business. We never sell your data. Third parties we may share information with:

  • Payment gateways (e.g., Razorpay, PayU, UPI apps) to process online payments securely
  • Logistics and courier partners to deliver jaggery from our warehouse to your address or shop
  • Accounting / GST software providers to generate invoices and maintain statutory records
  • SMS / WhatsApp Business API providers to send order and delivery updates
  • Government authorities where required by law, court order, or for GST / tax compliance
  • Our Kolhapur sourcing and logistics partners only to the extent needed to coordinate stock movement. They do not receive customer personal data, only order quantities

All third-party service providers are required to use your data only for the specific service they provide to us, and not for their own unrelated purposes.

8.  Payment and Financial Data

  • We do not store complete debit/credit card numbers, CVVs, or UPI PINs these are handled entirely by our RBI-authorised payment gateway partner
  • For wholesale or retail partners on credit terms, we maintain records of outstanding dues, payment history, and bank details solely for billing and reconciliation purposes
  • Refunds, where applicable, are processed back to the original payment method or the bank account on file

9.  Data Storage, Security, and Retention

Customer and retail-partner data is stored on [secure cloud servers / local systems specify] with access restricted to authorised staff only.

We use reasonable technical and organisational safeguards including:

  • Password protection and restricted access controls
  • Regular data backups
  • Secure deletion of data no longer required

Retention periods:

  • Order and invoice records 7 years, per GST and tax record-keeping requirements
  • Marketing consent and communication preferences — until you withdraw consent
  • CCTV footage 30 to 90 days, then automatically deleted unless required for an ongoing investigation
  • Retail partner KYC and GST records duration of the business relationship plus the applicable statutory record-keeping period

10.  Your Rights as a Data Principal

Under the DPDP Act, 2023, and applicable Indian law, you have the right to:

  • Access requests a copy of the personal data we hold about you
  • Correct or update request correction of inaccurate or outdated information
  • Withdraw consent at any time, for marketing or optional data uses, without affecting past orders
  • Request erasure of your data where it is no longer needed for the purpose it was collected (subject to GST and statutory retention requirements)
  • Lodge a grievance with us directly, and escalate to the Data Protection Board of India if unresolved within 90 days

To exercise any of these rights, please contact our Grievance Officer using the details in Section 14.

11.  Children’s Data

Our products and services are not directed at individuals under 18 years of age. We do not knowingly collect personal data from minors. If we become aware that such data has been inadvertently collected, we will delete it promptly.

12.  Data Breach Notification

In the unlikely event of a personal data breach affecting your information, we will:

  • Notify the Data Protection Board of India as required under the DPDP Rules, 2025
  • Inform affected individuals without undue delay, describing the nature of the breach and the steps being taken to address it

13.  Retail Partner-Specific Terms

For shop owners purchasing wholesale from us:

  • Your business and contact information is used strictly for order fulfilment, invoicing, credit management, and delivery coordination never sold or shared with competing suppliers
  • If your shop closes its account with us, your data will be retained only as long as required for tax and legal record-keeping, and then securely deleted
  • You may request a copy of all data we hold about your shop at any time by contacting our Grievance Officer

14.  Grievance Officer — Contact Us

If you have questions, complaints, or wish to exercise your data rights:

Emailfoods@aumak.com
Phone+91 7039361225
AddressMumbai, Maharashtra

We will acknowledge your request promptly and resolve it within the timelines prescribed under applicable law, and no later than 90 days.

15.  Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or in Indian data protection law. The ‘Last Updated’ date at the top of this document will reflect the most recent revision. Significant changes affecting how we use your data will be communicated to you directly where required.

16.  Governing Law

This Policy is governed by the laws of India, including the Information Technology Act, 2000, applicable rules thereunder, and the Digital Personal Data Protection Act, 2023, as provisions come into full force through May 2027.

Shopping cart

0
image/svg+xml

No products in the cart.

Continue Shopping