About Us

Haritual is an Indian e-commerce brand specializing in handcrafted spiritual products, including God Idols (Murtis), Car Dashboard Idols, Rudraksha Malas, Karungali products, Spiritual Pendants, and Gifting collections for weddings, housewarmings, corporate occasions, and return gifts. Our products are sold exclusively through haritual.in and are shipped across India with Cash on Delivery (COD) and prepaid payment options.

Contact Information:

• Website: haritual.in
• Email: (available on the Contact Us page)
• Social Media: Instagram, Facebook, Pinterest

Information We Collect

We collect information necessary to fulfil your orders, improve our services, and communicate with you. This includes the following categories:

Information You Provide Directly

• Identity Information: Full name, billing and shipping address, city, state, PIN code.
• Contact Information: Email address and mobile phone number.
• Payment Information: Payment details are processed through secure third-party payment gateways. We do not store full card numbers or UPI credentials on our servers.
• Account Information: Username and hashed password when you create a registered account.
• Communications: Messages, enquiries, and feedback submitted through our contact form, bulk enquiry form, or email.

Information Collected Automatically

• Device & Technical Data: IP address, browser type and version, operating system, device identifiers, time zone, and screen resolution.
• Usage Data: Pages visited, products viewed, search queries entered, clickstream data, time spent on pages, and referring URLs.
• Cookie & Tracking Data: Cookies, web beacons, pixels, and similar technologies (described further in Section 7).

Information from Third Parties

• Payment and shipping partners may share transaction status and delivery updates with us.
• Social media platforms may share limited profile information if you engage with us through those channels.

How We Use Your Information

We use the personal information collected for the following purposes, all of which are reasonable and necessary under the IT Act, 2000 and SPDI Rules, 2011:

• Order Fulfilment: Processing your purchase, arranging delivery, issuing invoices, and handling returns or replacements as per our Return & Replacement Policy.
• Payment Processing: Verifying and completing transactions securely through PCI-DSS compliant payment gateways.
• Customer Support: Responding to your queries, complaints, order tracking requests, and bulk enquiries within our support hours (Monday–Saturday, 10 AM–6 PM IST).
• Account Management: Enabling you to log in, view order history, and manage your preferences.
• Marketing & Personalisation: Sending promotional communications, offers, and product recommendations based on your browsing and purchase history, subject to your opt-in consent. You may opt out at any time.
• Website Improvement: Analysing usage patterns to improve site performance, navigation, product listings, and overall user experience.
• Fraud Prevention & Security: Detecting and preventing fraudulent transactions, unauthorised access, and other illegal activities.

Legal Compliance: Meeting obligations under applicable Indian laws, responding to legal process, and enforcing our Terms of Service.

Disclosure and Sharing of Information

We do not sell, rent, or trade your personal information. We share it only in the following circumstances:

Service Providers & Partners

We engage third-party service providers who assist in operating the Website and fulfilling orders. These include:

• E-commerce Platform: Shopify (data processed in accordance with Shopify's privacy policy and data processing agreements).
• Logistics & Shipping: Third-party courier partners for order dispatch and delivery tracking.
• Payment Gateways: Authorized payment processors operating in India and complying with RBI guidelines.
• Analytics Providers: Google Analytics and similar tools for Website usage analysis.

All service providers are contractually bound to use your data only to perform services on our behalf and to maintain reasonable security standards.

Legal Obligations

We may disclose your information when required to do so by law, court order, government authority, or regulatory body in India, including in response to a summons, search warrant, or any other legal process. We may also disclose information to protect the rights, property, or safety of Haritual, our customers, or the public.

Business Transfers

In the event of a merger, acquisition, restructuring, or sale of assets, your personal information may be transferred as part of that transaction. We will endeavour to ensure the acquiring party honours this Privacy Policy or provides you with reasonable prior notice.

Data Storage, Retention & Security

Storage

Your data is primarily stored on Shopify's servers. Shopify maintains data centres with industry-standard security controls. Some data may be stored or processed outside India by our service providers. In such cases, we take reasonable steps to ensure equivalent data protection standards are maintained.

Retention

We retain your personal information for as long as your account is active, for the duration necessary to fulfil the purposes described in this Policy, or as required by applicable Indian law (e.g., the Companies Act, 2013 requires financial records to be maintained for a minimum of 8 years). When information is no longer required, we delete or anonymize it.

Security Measures

In compliance with Rule 8 of the SPDI Rules, 2011, we implement the following reasonable security practices:

• SSL/TLS encryption for data transmission between your browser and our Website.
• Secure, access-controlled servers with regular security audits.
• Payment processing through PCI-DSS compliant gateways; we do not store full card numbers.
• Access to personal data is restricted to authorized personnel with a legitimate business need.
• Regular review of our data collection, storage, and processing practices.

Please note that no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

Your Rights as an Indian User

Under the IT Act, 2000 and SPDI Rules, 2011, and in anticipation of the Digital Personal Data Protection Act, 2023 (DPDPA) provisions coming into full effect, you have the following rights regarding your personal data:

• Right to Access: You may request a copy of the personal information we hold about you.
• Right to Correction: You may request correction or update of inaccurate or incomplete information.
• Right to Withdrawal of Consent: You may withdraw consent to the processing of your personal data at any time. Please note that withdrawal may affect our ability to provide services to you.
• Right to Erasure: You may request deletion of your personal data, subject to our legal and contractual obligations to retain certain information.
• Right to Grievance Redressal: You have the right to raise a grievance with our designated Grievance Officer (see Section 10).
• Right to Opt-Out of Marketing: You may opt out of promotional emails and SMS at any time by clicking 'Unsubscribe' or contacting us directly. Transactional communications relating to your orders cannot be opted out of.

Behavioral Advertising

As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For example:

• We use Google Analytics to help us understand how our customers use the Site. You can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.

• We share information about your use of the Site, your purchases, and your interaction with our ads on other websites with our advertising partners. We collect and share some of this information directly with our advertising partners, and in some cases through the use of cookies or other similar technologies (which you may consent to, depending on your location).

• We use Shopify Audiences to help us show ads on other websites with our advertising partners to buyers who made purchases with other Shopify merchants and who may also be interested in what we have to offer. We also share information about your use of the Site, your purchases, and the email address associated with your purchases with Shopify Audiences, through which other Shopify merchants may make offers you may be interested in.

For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at https://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
You can opt out of targeted advertising by:

• FACEBOOK - https://www.facebook.com/settings/?tab=ads

• GOOGLE - https://www.google.com/settings/ads/anonymous

• BING https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads

Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: https://optout.aboutads.info/.

Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your browsing experience, remember your preferences, and analyze website usage. The types of cookies we use include:

• Strictly Necessary Cookies: Essential for the Website to function. These include session management, cart functionality, and secure checkout. These cannot be disabled.
• Functional Cookies: Remember your preferences such as language settings, region, and previously viewed products.
• Analytics Cookies: Tools such as Google Analytics help us understand how visitors interact with the Website, which pages are popular, and how users navigate. This data is aggregated and anonymized.
• Marketing & Advertising Cookies: Used by our advertising partners (Google, Facebook/Meta, Pinterest) to serve relevant advertisements on other websites and platforms based on your interests.

Children's Privacy

The Website is not directed at individuals under the age of 18 years. We do not knowingly collect personal information from minors. If you are a parent or legal guardian and believe that a minor in your care has provided us with personal information without your consent, please contact us immediately at the details provided in Section 10. We will take prompt steps to delete such information.

Third-Party Websites and Links

Our Website may contain links to third-party websites, social media platforms (Instagram, Facebook, Pinterest), and payment gateways. These third-party sites operate under their own privacy policies, and we have no control over and assume no responsibility for their content, privacy practices, or terms. We encourage you to review the privacy policies of any third-party websites you visit.

Grievance Redressal

In accordance with the Information Technology Act, 2000, the IT (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, and the SPDI Rules, 2011, we have designated a Grievance Officer to address your concerns regarding this Privacy Policy or any aspect of your personal data.

Grievance Officer Details:

• Organization: Haritual
• Website: haritual.in
• Contact: Available via the Contact Us page

We will acknowledge your grievance within 72 hours and endeavour to resolve it within 30 days of receipt. If you are not satisfied with our resolution, you may escalate the matter to the appropriate data protection authority or court of competent jurisdiction in India.

Changes to This Privacy Policy

We reserve the right to update or revise this Privacy Policy at any time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. The revised Policy will be posted on this page with an updated "Last Updated" date. For material changes, we will notify you via email or a prominent notice on the Website. Your continued use of the Website after the effective date of any revision constitutes acceptance of the updated Policy.

Governing Law and Jurisdiction

This Privacy Policy shall be governed by and construed in accordance with the laws of India, including the Information Technology Act, 2000, SPDI Rules, 2011, and the Digital Personal Data Protection Act, 2023 (once fully notified). Any dispute arising in connection with this Policy shall be subject to the exclusive jurisdiction of the courts located in India.

Last Updated: April 2026