Effective date: 10 September 2025
Brand: FactorySe (factoryse.co.in)
Operator (legal entity): Giftika Technologies Pvt Ltd (“we”, “us”, “our”)
1) Who we are & scope
FactorySe is a direct-from-factory online store. This Policy applies to our website, customer support (email/phone/WhatsApp), marketing communications, and order fulfilment operations in India.
Our store is hosted on Shopify, which provides the ecommerce platform and acts as our service provider (processor/sub-processor) for many data operations. See Shopify’s privacy/DPA for how Shopify processes data for merchants.
2) What we collect
We collect the minimum data needed to sell and support your order:
-
Identity & contact: name, phone, email, shipping/billing address.
-
Order & payment metadata: items, price, invoice, transaction status (note: card/UPI data is handled by our payment gateway—see §5).
-
Device & usage: IP, device/browser, pages viewed, referral, approximate location; cookies and similar tech .
-
Communications & UGC: messages you send us, product Q&A/reviews, media you upload.
-
Logistics info: tracking IDs, delivery status, returns data shared by couriers/returns partners.
We collect data directly from you, automatically via our site/app, and from trusted partners (payment, logistics, fraud prevention, analytics, messaging).
3) How we use your data
-
To fulfil your order: process payments, dispatch, delivery, returns/replacements.
-
Customer support: respond to queries, troubleshoot, warranties.
-
Service messages: order/shipping/returns updates.
-
Improve & secure our service: analytics, performance, debugging, fraud prevention.
-
Marketing (optional): email/SMS/WhatsApp with your consent; you can opt out anytime.
-
Legal & compliance: taxation, accounting, law-enforcement requests where required.
Legal bases (DPDP-aligned): performance of a contract (orders), consent (marketing, certain cookies), legitimate uses like fraud prevention and security, and legal obligation (invoices, records). (DPDP rights and duties are being phased in via government notifications.)
4) Sharing with service providers (categories)
We share data with vendors strictly to operate FactorySe:
-
Ecommerce/hosting: Shopify. (Shopify)
-
Payments: Razorpay and banking/payment networks. (Razorpay)
-
Logistics & returns: Courier partners (for pickup, tracking, delivery, reverse logistics).
-
Communications & marketing: email/SMS/WhatsApp/review tools you opt into.
-
Analytics & security: tools that help us measure performance and prevent abuse.
These providers process your data under their policies and our agreements/DPA with them. (Shopify)
5) Payments (Razorpay)
Payments on FactorySe are processed by Razorpay. We do not store your full card/UPI credentials. Razorpay processes your payment data under its own privacy policy and security standards; banks and networks may also receive data to complete the transaction. (Razorpay)
6) Cross-border transfers
Some partners (e.g., Shopify) may process data outside India. Under the DPDP Act, cross-border transfers are permitted except to countries that the Government of India may specifically restrict by notification (when such lists are issued). We use reputable providers and contractual safeguards consistent with applicable law.
7) Your rights (DPDP)
Subject to law, you may have the right to: access your data, correct inaccuracies, erase data, withdraw consent, raise a grievance, and nominate another person to exercise your rights if you are unable to do so. We will respond within reasonable timelines permitted by law. (McDonald Hopkins)
8) Cookies & similar technologies
We use:
-
Essential cookies (required for cart, checkout, login).
-
Performance/analytics (e.g., GA4) to improve pages and load times.
-
Marketing pixels (e.g., Meta/ads) only if you consent.
You can control cookies in your browser; blocking some cookies may break site features.
9) Data retention
We keep data only as long as needed for the purposes above, or as required by law (e.g., tax records). When no longer needed, we delete or de-identify information using reasonable measures.
10) Security
We use reasonable technical and organisational safeguards appropriate to our size and the nature of data processed (HTTPS, access controls, need-to-know, logging). No system is 100% secure. If a data breach occurs, we will act promptly and make any notifications required by applicable law/rules once notified by the Government.
11) Children
FactorySe is not intended for use by children under 18. If you believe a child has provided us data, please contact us and we will delete it.
12) Third-party links
Our site may link to third-party sites. Their privacy practices are their own; please review those policies.
13) Changes to this Policy
We may update this Policy from time to time. The latest version will always be available on this page with the effective date. If changes are significant, we may notify you via email/admin banners (as Shopify also does for its policies). (Shopify)