1. Introduction

At Rudraalaya.com, Rudraalaya.in, and Bookapandit.online, we value the privacy of our users and are committed to protecting your personal data in compliance with *Indian IT Laws, the General Data Protection Regulation (GDPR), and the laws applicable to digital advertising platforms such as Google Ads, Facebook Ads, YouTube Ads, and Instagram Ads. This Privacy Policy explains how we collect, use, store, and protect your personal data.

By using our websites, you consent to the collection and use of your information as outlined in this policy.

2. Data Collection

We collect personal data for the purpose of processing orders, improving the user experience, and for astrological software, shipping on e-commerce. Selling products online and marketing purposes, including targeted advertising across multiple platforms.

• Personal Information: This includes name, email, contact number, address, payment details, and other identifiable information you provide when purchasing products or services from our websites. Payment details are only used by Payment gateway and we do not save any kind of Payment details information on our website your payments are secured via the payment gateway of Razorpay and ICICK bank Payment gateway services.
• Behavioural Data: This includes data on your browsing patterns, device information, IP address, location data, and interactions with our websites which is only stored with our Google and Facebook Advertising Accounts but never shared with us directly.
• Third-Party Data Collection: Our website uses third-party advertising platforms (Google Ads, Facebook, Instagram, YouTube) that collect data for personalized ads and analytics.

3. Legal Basis for Data Processing (GDPR Compliance)

For users in the European Union (EU), we process your personal data based on:

• Consent: By providing your data (e.g., subscribing to a newsletter or making a purchase), you consent to our use of this data for processing and advertising purposes.
• Contractual Obligations: When you make a purchase, we process your data to fulfil the contract between you and us.
• Legitimate Interest: We may use your data to improve our services, protect against fraud, or for other legitimate business interests.

4. Usage of Collected Data

We use your data for the following purposes:

• Order Processing and Delivery: Your personal information is required to fulfil product and service orders, including shipping, invoicing, and customer service communication.
• Personalized Marketing and Advertising: We use your data to tailor ads displayed on third-party platforms (Google, Facebook, YouTube, Instagram) based on your preferences and purchase history.
• Website Improvement: Your browsing behaviour and feedback help us optimize our website’s functionality and content.
• Compliance: We may process data to comply with legal and regulatory obligations under applicable laws.

5. Third-Party Advertising Platforms

We utilize third-party platforms such as Google Ads, Facebook Ads, Instagram Ads, and YouTube Ads to deliver personalized ads.

• Data Sharing: Your data (email, location, device info) may be shared with these platforms to display relevant advertisements.
• Cookies and Tracking: These platforms use cookies to track your interactions and display personalized ads. You may control your cookie preferences through your browser settings or platform-specific tools.
• Opt-out Options: You may opt out of receiving targeted ads by changing your ad preferences on the respective platforms or by contacting us to withdraw consent.

6. User Rights (GDPR)

If you are located in the EU, you have the following rights regarding your personal data:

• Access: You can request access to the personal data we hold about you.
• Rectification: You can ask us to correct any inaccurate or incomplete data.
• Erasure: You can request that we delete your personal data, where applicable.
• Data Portability: You can request your personal data in a portable format.
• Objection to Processing: You can object to the processing of your data for direct marketing purposes.

To exercise any of these rights, please contact us at support@rudraalaya.com.

7. Security of Data

We take the security of your personal data seriously and use appropriate technical measures to protect it from unauthorized access, alteration, disclosure, or destruction. However, no data transmission over the Internet is completely secure, and we cannot guarantee the absolute security of your data.

8. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes outlined in this policy unless a longer retention period is required by law.

9. Cookies and Tracking Technologies

We use cookies and similar technologies to collect data about your browsing activities on our website and deliver a better user experience.

• Types of Cookies: We use essential cookies for website functionality, analytics cookies to track user behaviour, and marketing cookies for personalized ads.
• Cookie Control: You can manage your cookie preferences through your browser settings or opt out of certain cookies used for advertising.

10. Data Sharing with Third Parties

We do not sell, trade, or rent your personal information to third parties. However, we may share your data with:

• Service Providers: Third-party vendors who assist with payment processing, shipping, and marketing.
• Advertising Partners: Platforms such as Google, Facebook, and Instagram for the purpose of displaying targeted ads.
• Legal Compliance: If required by law, we may disclose your data to authorities or legal entities.

11. Data Transfer to Non-EU Countries

For users located in the EU, please note that your data may be transferred to and processed in countries outside the European Economic Area (EEA), including India. We ensure that any such transfers comply with GDPR requirements and protect your data to the same standards as within the EEA.

12. Children’s Privacy

We do not knowingly collect or solicit personal data from individuals under the age of 16. If you believe we have collected such data, please contact us, and we will take steps to delete it. We do allow anyone below the age of 18 to buy or use our services.

13. Compliance with Indian IT Laws

In accordance with Indian IT laws, we collect and process data under the guidelines of the Information Technology Act and Data Protection Rules, 2011. We ensure that all sensitive data is handled securely and in accordance with legal obligations.

14. Changes to the Privacy Policy

We reserve the right to modify this Privacy Policy at any time. Any changes will be posted on our website with the updated date. By continuing to use our services after the updates, you agree to the revised policy.

15. Indemnity Clause

By using our websites (Rudraalaya.com, Rudraalaya.in, and Bookapandit.online), you agree to indemnify, defend, and hold harmless Rudraalaya and its affiliates, employees, agents, and partners from and against any and all claims, damages, liabilities, costs, and expenses (including, but not limited to, legal fees) arising from or related to any hacking incidents, server breaches, malware infiltration, virus attacks, unauthorized access, or other forms of cyber-attacks on our platforms. While we implement stringent security measures to safeguard our websites, no system is entirely immune to cyber threats or threats due to cyber war. You acknowledge and agree that we will not be held liable for any damages or losses, direct or indirect, resulting from such incidents, and you agree to cooperate fully in the event of any legal proceedings associated with these matters.

16. Contact Us

For any questions or concerns regarding this Privacy and Data Usage Policy, or to exercise your rights under GDPR or Indian IT laws, please contact us at:

• Email: support@rudraalaya.com / rudraalaya.com@gmail.com
• Phone: +91 7065801810 (WhatsApp only)
• Office Address: 2201, Tower A3, CASA Greens 1, GH04, Sector 16,
  (Near SKS World School), Greater Noida West,
  Gautam Buddha Nagar, Uttar Pradesh, India, Pin Code – 201318.

By using Rudraalaya.com, Rudraalaya.in, or Bookapandit.online, you consent to the terms of this Privacy and Data Usage Policy.

*Indian IT Laws – The primary legislation governing information technology and data protection in India is the Information Technology Act, 2000 (IT Act, 2000). This Act provides the legal framework for electronic governance by recognizing electronic records and digital signatures. It also addresses cybercrime and electronic commerce.

Some key amendments and rules include:

• Information Technology (Amendment) Act, 2008: This introduced several changes, including more provisions for data protection, privacy, cyber security, and punishment for cybercrimes.

• Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011: Often referred to as the IT Rules, 2011, these rules define sensitive personal data and require organizations to implement reasonable security practices for protecting this data.

• Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021: These rules mandate intermediaries (such as social media platforms) to follow specific due diligence procedures when handling data and also regulate content on digital platforms.

These laws and rules together form the backbone of India’s IT governance and data protection framework, ensuring the regulation of online transactions, data protection, and handling of cybercrimes.

Key Aspects of the IT Act, 2000:

• Legal Recognition of Electronic Transactions: The IT Act recognizes electronic records, digital signatures, and contracts, giving them the same legal standing as paper-based agreements.

• Offences and Penalties:

• Cybercrime: The act defines cyber offences such as hacking, identity theft, phishing, and cyber terrorism, with corresponding penalties.

• Data Protection: Section 43A mandates compensation for failure to protect sensitive personal data.

• Intermediary Liability: Section 79 provides guidelines for intermediaries like ISPs and social media platforms on how to handle user-generated content and exempts them from liability if they comply with due diligence requirements.

• Amendments: The IT (Amendment) Act, of 2008 introduced new provisions to address emerging threats like cyber terrorism, pornography, and phishing. It also increased the emphasis on data protection and privacy.

• Digital Signature and Authentication: The act lays down regulations for secure digital signatures and the role of Certifying Authorities (CAs) in authenticating digital transactions.

• Certifying Authorities: It mandates the appointment of authorities that issue digital signatures to authenticate documents.

• Cyber Appellate Tribunal: The act provides for the establishment of tribunals to resolve disputes related to electronic governance and cybercrime.

For more comprehensive protection of privacy, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, provide additional guidelines for handling sensitive personal information.

In 2019, the Personal Data Protection Bill was introduced to enhance data privacy provisions, and it is anticipated to provide more robust data protection laws in the future.