Privacy Policy

1. Introduction

Sri Venkateshwara Jewellers ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal information when you use our SVJ Scheme App (the "App"). By using our App, you acknowledge and agree to the collection and use of information in accordance with this policy.

This policy applies to use of the App on both Apple iOS and Android platforms.

Sri Venkateshwara Jewellers acts as the Data Fiduciary (data controller) for the purposes of applicable Indian data protection laws, including the Digital Personal Data Protection Act, 2023.

2. Definitions

• App: The SVJ Scheme App, a mobile application designed for managing jewellery scheme payments and viewing scheme details.
• Personal Information: Any information that relates to an identified or identifiable individual, including but not limited to name, contact details, and transaction history.
• Scheme: A structured jewellery savings program offered by Sri Venkateshwara Jewellers.
• Services: All features and functionalities offered through the App, including payment processing, scheme balance viewing, and payment history. Scheme enrollment is performed in-store only.
• Metal Rate: Current market prices of gold and silver as applicable to scheme transactions.

3. Geographical Restrictions

The SVJ Scheme App is exclusively available for use within India. Please note:

• The App can only be downloaded and used within Indian territory
• User accounts are restricted to Indian mobile numbers only
• All transactions are processed in Indian Rupees (INR)
• All services are provided in accordance with Indian laws and regulations
• Customer support is available in English and select Indian regional languages

Any attempts to access or use the App from outside India will be restricted.

4. Age Restrictions

The SVJ Scheme App and its services are exclusively available to individuals who are 18 years of age or older. We do not knowingly collect or maintain information from individuals under 18 years of age. By using the App, you represent and warrant that you are at least 18 years old. In the event we discover that we have collected personal information from individuals under 18 years of age, we will take immediate steps to delete such information from our records.

5. Information Collection and Use

6. App Privacy Details

Apple App Store Privacy Labels

The following table summarises data collected by this App, in accordance with Apple's App Store privacy label requirements. Data labelled Linked to You is associated with your identity. Data labelled Not Linked to You is collected in a form that cannot be traced back to you.

KYC information (name, address, PAN, ID documents) is collected in-store only and is not processed through the App. We do not sell any data to third parties, and we do not use any collected data for targeted advertising.

Google Play Data Safety

In accordance with Google Play's Data Safety requirements, the following summarises our data practices:

• Data collected: Phone number (for authentication), purchase history (scheme payments), app activity and interactions, device identifiers, crash logs, and performance diagnostics.
• Data shared: Payment information is shared with Razorpay (our payment aggregator) and its partner acquiring banks, including IDFC FIRST Bank, acting as service providers solely to process transactions. No data is shared with third parties for advertising.
• Security practices: All data transmitted between the App and our servers is encrypted in transit using TLS (Transport Layer Security). We provide a mechanism for users to request deletion of their data.
• Data deletion: Because our savings scheme involves ongoing financial obligations (instalments, maturity payouts, and goods delivery), account deletion requires manual review by our store team to ensure all scheme dues and commitments are settled before data is removed. You may request deletion by contacting us directly via the details in this policy.

7. Tracking & App Tracking Transparency (iOS)

All data collected is used exclusively to operate the SVJ Scheme App and deliver services to you. Specifically:

• We do not share your data with data brokers
• We do not build advertising profiles based on your activity
• We do not track your activity across third-party apps or websites
• Firebase Analytics data is aggregated and not used to directly identify you

8. Data Security

Protecting your personal information is our top priority. We follow industry-standard security practices and reasonable security measures as required under applicable Indian law, including the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011. We implement comprehensive security measures including:

• TLS (Transport Layer Security) encryption for all data transmitted between the App and our servers
• Secure cloud storage through Firebase infrastructure
• Regular security audits and vulnerability assessments
• Strict access controls and authentication mechanisms
• Automated data backup systems
• Comprehensive incident response procedures
• Protection against unauthorised access and data breaches

9. Third-Party Services

Our App integrates with the following trusted third-party services. Each maintains its own privacy policy.

1. Firebase (Google) — Privacy Policy
   • Handles user authentication
   • Provides secure cloud storage
   • Manages analytics and performance monitoring
2. Razorpay (payment aggregator, processing payments through its partner acquiring banks, including IDFC FIRST Bank) — Privacy Policy
   • Processes secure payments as an RBI-authorised Payment Aggregator
   • Manages transaction security
   • Ensures PCI-DSS compliance
3. MSG91 — Privacy Policy
   • Delivers SMS notifications
   • Manages OTP verification
   • Ensures secure communication

These third-party service providers maintain their own privacy policies and provide the same or equivalent protection of your data as described in this policy. We encourage you to review their respective privacy policies.

We may update or replace third-party service providers from time to time as our operations evolve. Any new providers will be held to the same data protection standards described in this policy. Material changes to the nature of data sharing will be reflected in an updated version of this policy.

10. Data Retention

We retain your personal information for the following durations:

• Throughout your active scheme enrollment period
• For seven years after scheme completion (as required by Indian law)
• As needed for security and fraud prevention purposes
• As required for compliance with financial regulations

Upon a valid deletion request (see Your Rights below), we will delete data that is not subject to legal retention requirements within 30 days.

11. Your Rights

As our valued customer, you have the following rights:

• Access: Request a copy of the personal information we hold about you.
• Correction: Ask us to correct inaccuracies in your personal information.
• Transaction history: Request a record of your transactions within the App.
• Opt out: Unsubscribe from non-essential or marketing communications.
• Deletion: Request deletion of your personal information, subject to legal retention requirements. Because our savings scheme involves active financial obligations — instalment schedules, maturity payouts, and jewellery delivery — account deletion cannot be processed as an automated self-service action. All deletion requests must be submitted by contacting our store directly (see the Contact Us section below) so that any pending scheme dues or commitments can be settled first. Upon receiving a valid request:
  • Your account and personal data will be deleted within 30 days
  • Payment transaction records required by law (e.g., tax and financial regulations) will be retained for the legally mandated period and then deleted
  • Certain records (such as invoices, payment logs, and KYC records) may be retained to comply with legal obligations even after account deletion
  • Anonymised analytics data that cannot identify you will not be deleted
  • You will receive confirmation once your data has been deleted
• Data portability: Request a copy of your personal data in a structured, commonly used, and machine-readable format.
• Complaints: Lodge a complaint with us or with the relevant data protection authority if you believe your privacy rights have been violated.
• Transparency: Receive clear information about our data processing practices.

12. App Permissions

The App requests the following device permissions. All permissions are requested only when needed and used solely for their stated purpose.

Android

• Internet access: Required for all app functionality and updates
• Network state: To check connectivity before transactions
• Storage: For saving payment receipts (optional, requested on demand)
• Push notifications: For scheme payment reminders and transaction alerts (managed via Firebase Cloud Messaging)

iOS

• Network access: Required for all app functionality and updates
• Local storage / Files: For saving payment receipts (optional, requested on demand)
• Push notifications: For scheme payment reminders and account alerts (you may deny or revoke this permission in iOS Settings at any time)

The App does not request access to your camera, microphone, contacts, location, or photo library.

13. Tracking Technologies

The App uses the following technologies:

• Firebase Analytics: Collects aggregated usage data to improve app performance and user experience. This data is not used to directly identify you.
• Device Identifiers: Collected solely for authentication and security purposes.
• Crash Reports: Automatic crash diagnostics help us identify and fix technical issues. Reports do not contain personal information.

We do not use these technologies to track users across third-party apps or websites.

14. Compliance

Our App adheres to the following Indian laws and regulations, as well as platform-specific requirements:

• Information Technology Act, 2000
• Information Technology Rules, 2011 (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information)
• Reserve Bank of India guidelines for digital payments
• Prevention of Money Laundering Act, 2002 (PMLA)
• GST regulations for jewellery schemes and sales
• Digital Personal Data Protection Act, 2023 (DPDPA) and rules thereunder
• Apple App Store Review Guidelines (including Section 5.1 – Privacy)
• Google Play Developer Policy — User Data and Data Safety requirements

15. Data Storage and Transfer

Data is stored on secure cloud infrastructure (Firebase by Google), which may involve processing on servers located in India or other jurisdictions, in compliance with applicable data protection laws. Google's data handling practices are governed by their Privacy Policy and applicable data processing terms.

We do not transfer your personal data outside India for any purpose beyond the technical requirements of operating the Firebase and Razorpay platforms listed in Section 9, unless required by law or with your explicit consent.

16. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or for operational, legal, or regulatory reasons. We will notify you of any material changes through:

• Posting the updated Privacy Policy on our website
• Updating the "Last Updated" date at the top of this policy
• Sending a notification through the App
• Obtaining your consent where required by law

We review and update this policy at least once every 12 months.

17. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please reach out:

We are committed to addressing your privacy concerns promptly and thoroughly.