Privacy Policy
Last updated: 10 July 2026
This Privacy Policy explains how Tararani Foods (“we”, “us”) collects, uses, stores, and protects your personal data when you use our website and place orders. We are the data fiduciary for the personal data you provide, and we handle it in line with India’s Digital Personal Data Protection Act, 2023 (DPDP Act).
1. What we collect
- Contact and delivery details you enter at checkout: name, phone number, email address, and delivery address (street, city, state, PIN code).
- Order information: the items, quantities, prices, and order history associated with your purchases.
- Payment status information from our payment gateway. We do NOT collect or store your card number, UPI PIN, CVV, or bank credentials — these are handled entirely by the gateway.
- Basic technical data needed to operate and secure the site (e.g. IP address for fraud and rate-limiting).
2. How we use it
- To process, confirm, pack, and deliver your orders.
- To send you order updates by email and SMS (order placed, confirmed, shipped, delivered, or refunded).
- To provide customer support and handle cancellations, refunds, and complaints.
- To meet legal, tax, and accounting obligations.
We do not sell your personal data, and we do not use it for third-party advertising.
3. Payments
Online payments are processed by Razorpay, a PCI-DSS compliant payment gateway. Your card, UPI, and netbanking details are entered on the gateway and never pass through or get stored on our servers. We only receive a confirmation of whether a payment succeeded or failed and a payment reference id.
4. How we protect your data
- Sensitive personal details (your name, phone, email, and address) are stored encrypted at rest using strong (AES-256-GCM) authenticated encryption.
- Access to order data is restricted to authorised staff through an authenticated admin area.
- The site is served over HTTPS, so data in transit is encrypted.
5. Sharing with third parties
We share the minimum data necessary with service providers who help us run the business:
- Payment gateway (Razorpay) — to process online payments.
- Delivery / courier partners — your name, address, and phone number, so they can deliver your order.
- Email and SMS providers — to send you order notifications.
- Government authorities — only where required by law.
6. Data retention
We keep your order and contact data for as long as needed to fulfil your order and to meet legal, tax, and accounting requirements, after which it is deleted or anonymised.
7. Your rights
Under the DPDP Act you may, subject to law, ask us to:
- Access the personal data we hold about you.
- Correct or update inaccurate or incomplete data.
- Erase your data where it is no longer required.
- Withdraw consent for future processing.
To exercise any of these rights, contact us using the details below.
8. Grievance officer
9. Changes to this policy
We may update this policy from time to time. The current version, with its “last updated” date, is always available on this page.