Data Protection & Fair Usage Policy

Data Protection & Fair Usage Policy

The Baisa | baisajaipur.in
Operated by The Consulting Crew | Proprietor: Ashish Kumar
GSTIN: 08FRZPK7330A1ZH | UDYAM: UDYAM-RJ-17-0375209
In compliance with the Digital Personal Data Protection Act, 2023 (DPDP Act) & IT Act, 2000
Last Updated: June 2026

Data Protection Policy and Fair Usage Standards

The Baisa is committed to protecting your personal data with transparency, fairness, and security. We collect only what is necessary, use it only for stated purposes, and never sell your data to third parties.

2. Data We Collect (With Your Consent)

  • Identity & Contact Data: Name, email address, phone number, shipping/billing address
  • Transaction Data: Order history, payment method type (not card details), invoice details, GSTIN (for B2B orders)
  • Device & Usage Data: IP address, browser type, pages visited, time spent (via cookies and analytics tools)
  • Communication Data: WhatsApp messages, emails, and reviews you submit to us

3. Legal Basis for Processing (DPDP Act 2023)

We process your data based on:

  • Consent — given at the time of account creation, checkout, or newsletter signup
  • Contractual necessity — to fulfil your orders and provide customer support
  • Legal obligation — GST compliance, consumer protection laws, and regulatory requirements
  • Legitimate interest — fraud prevention, security, and improving our services

4. How We Use Your Data

  • Processing and fulfilling your orders
  • Sending order confirmations, shipping updates, and delivery notifications
  • Customer support via email and WhatsApp
  • Sending marketing communications (only with your explicit consent; you may opt out anytime)
  • GST invoicing and statutory compliance
  • Fraud detection and prevention
  • Improving our website and product offerings

5. Data Sharing

We share your data only with:

  • Shopify Inc. — our e-commerce platform (data processed per Shopify’s Privacy Policy)
  • Shipping partners (Delhivery, Bluedart) — name, address, phone for delivery purposes only
  • Payment gateways — for secure transaction processing (card details are never stored by us)
  • Marketing tools (Meta, Google) — anonymised/aggregated data for ad targeting (you may opt out)
  • Legal authorities — only when required by applicable law

We do not sell, rent, or trade your personal data.

6. Your Rights Under DPDP Act 2023

As a data principal, you have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete data
  • Erase your data (subject to legal retention requirements)
  • Withdraw consent at any time (without affecting prior processing)
  • Nominate a person to exercise your rights in case of death or incapacity
  • Grievance redressal — contact our Data Protection Officer below

To exercise any of these rights, email: grievance@baisajaipur.in

7. Data Retention

We retain your data for as long as necessary to fulfil the purposes outlined above, or as required by Indian law (typically 7 years for financial/GST records). Account data is deleted within 30 days of a verified deletion request, subject to legal obligations.

8. Cookies & Tracking

We use cookies for website functionality, analytics (Google Analytics), and marketing (Meta Pixel). You may manage cookie preferences via our cookie consent banner. Disabling certain cookies may affect website functionality. For full details, refer to our Cookie & Consent Policy.

9. Fair Usage

Our website and services are for personal, non-commercial use only. The following are strictly prohibited and may result in account suspension and legal action:

  • Automated scraping or bulk data harvesting
  • Reverse engineering of our website or systems
  • Placing fraudulent or malicious orders
  • Unauthorised access to our systems or customer data
  • Commercial use of our content, images, or brand assets without written permission

10. Data Security

We implement industry-standard security measures including SSL/TLS encryption, secure payment processing via PCI-DSS compliant gateways, and strict access controls. However, no internet transmission is 100% secure. We encourage you to use strong passwords and keep your account credentials confidential.

11. Data Protection Officer / Grievance Officer

Ashish Kumar
The Consulting Crew | The Baisa
📧 grievance@baisajaipur.in
📱 WhatsApp: +91 81073 36843
⏰ Mon–Sat, 10 AM–7 PM IST
Resolution Timeline: Within 30 days of receipt, per Consumer Protection (E-Commerce) Rules, 2020

12. Changes to This Policy

We may update this policy periodically. Changes will be posted on baisajaipur.in with the updated effective date. Continued use of our website after changes constitutes acceptance of the revised policy.

13. Governing Law

This policy is governed by the laws of India, including the DPDP Act 2023 and IT Act 2000. Any disputes shall be subject to the exclusive jurisdiction of courts at Jaipur, Rajasthan.

 

Our Commitment to Privacy and Security

 

 

Our data protection policy explains how we collect, use, store, and protect personal information in a clear and responsible way. We are committed to keeping user data safe through secure systems, limited access controls, and careful internal practices. This page is designed to help users understand what information may be gathered, why it is needed, and how it is handled throughout our services. We also aim to be transparent about our processes so users can make informed choices. Protecting privacy is central to our operations, and we regularly review our safeguards to support trust, compliance, and long-term data security.

 

 

How We Use Data Responsibly

 

 

We only use personal data for legitimate business purposes, such as providing services, improving user experience, and meeting legal or operational requirements. Our data protection policy supports fair and responsible use by making sure information is handled in ways that are necessary, relevant, and secure. We do not use data for unrelated purposes without proper notice or consent where required. In addition, we follow data minimization practices to reduce unnecessary collection and retention. This approach helps us maintain accuracy, reduce risk, and respect user expectations while delivering reliable service that remains efficient and user focused.

 

 

Fair Usage and Acceptable Access

 

 

Our fair usage rules are intended to protect service quality for all users and prevent misuse of our systems. This includes avoiding excessive requests, unauthorized access attempts, automated abuse, or any activity that could harm performance or security. By setting clear usage standards, we help ensure that resources remain available, stable, and fair for everyone. These expectations also support our broader data protection policy by reducing the chance of data loss, disruption, or misuse. If activity appears unusual or harmful, we may take action to investigate, restrict access, or apply other necessary safeguards to protect the service and its users.

 

 

Data Sharing, Retention, and Your Rights

 

 

We may share data only when needed to provide services, comply with the law, or work with trusted partners under strict confidentiality and security rules. Any sharing is done with care and only for valid reasons. We also keep personal information only as long as it is necessary for the purpose it was collected or for legal and operational needs. When data is no longer required, we take steps to delete or securely archive it. Depending on applicable laws, users may have rights to access, correct, or request deletion of their information, and we are committed to handling such requests fairly and promptly.