Data Security & Protection Policy

Effective Date: 06-03-2025 05:47:14

At Anand Master Ji, we prioritize the security and privacy of our customers’ data. This policy outlines how we collect, process, store, and protect user data in compliance with industry standards and regulatory requirements.

1. Data Collection & Usage

We collect personal data for order processing, account management, fraud prevention, and customer support.

  • Personal Identifiable Information (PII): Name, email, phone, address, payment details.
  • Behavioral Data: Browsing history, purchase patterns, device information.
  • Technical Data: IP address, geolocation, browser type, login activity.

2. Data Encryption & Secure Storage

We implement advanced encryption technologies:

  • End-to-End Encryption (E2EE): All data transfers use SSL/TLS encryption.
  • Database Encryption: Sensitive data is encrypted using AES-256.
  • Password Security: We use bcrypt hashing with unique salts for passwords.
  • Tokenization: Payment data is tokenized and stored in PCI-DSS-compliant environments.

3. Advanced Security Technologies

We utilize cutting-edge security mechanisms:

  • AI-Based Fraud Detection: Our system detects unusual activities and blocks fraudulent transactions.
  • Blockchain Security: Transaction logs are stored using blockchain technology for tamper-proof security.
  • Zero Trust Architecture: All access to data is strictly authenticated, verified, and monitored.
  • Real-Time Intrusion Detection: Automated monitoring detects and blocks potential security threats.

4. User Data Rights & Consent Management

Under GDPR, CCPA, and global privacy laws, users have the following rights:

  • Right to Access: Request a copy of personal data.
  • Right to Rectification: Correct inaccuracies in stored data.
  • Right to Erasure: Request complete deletion of data.
  • Right to Restrict Processing: Limit how personal data is used.
  • Right to Data Portability: Download data in a structured, readable format.
  • Right to Opt-Out: Decline data tracking and marketing communications.

To exercise these rights, users can visit our Privacy Settings page or email privacy@yourwebsite.com.

5. Data Retention & Deletion

We retain data only as long as necessary:

  • Inactive Accounts: Deleted after 2 years of inactivity.
  • Transactional Data: Retained for 7 years for compliance.
  • Cookies & Analytics: Auto-deleted after 90 days.

6. Data Breach Response & Incident Management

We have a 24/7 Incident Response Plan for security breaches:

  1. Immediate containment of compromised systems.
  2. Notifying affected users within 72 hours.
  3. Engaging cybersecurity forensic teams.
  4. Implementing security patches & future risk mitigation.

7. Compliance with Global Standards

We adhere to the following compliance frameworks:

  • GDPR (General Data Protection Regulation - EU)
  • CCPA (California Consumer Privacy Act)
  • PCI-DSS (Payment Card Industry Data Security Standard)
  • ISO 27001 (Information Security Management System)
  • NIST Cybersecurity Framework

8. Third-Party Data Sharing & Processing

We do not sell personal data. However, we securely share necessary data with:

  • Payment Providers: Razorpay, PhonePe (for secure transactions).
  • Logistics Partners: FedEx, UPS (for order fulfillment).
  • Government Authorities: In case of legal compliance.

9. Contact & Support

For security concerns, contact our Data Protection Officer:

Email: support@anandmasterji.com

Phone: +91-84395 01846

Address: House No.: 2 Sugar Mill Road Near Swaraj Tractor Service Centre BDS Nagar Rampur UTTAR PRADESH 244901