This is how Vestra handles your personal information. We've kept it short, specific, and as un-legalese as possible — but it complies with India's Digital Personal Data Protection Act, 2023 and applicable international privacy standards.
01What we collect
When you interact with Vestra, we may collect:
- Identity & contact: name, email address, phone number, shipping and billing address.
- Order data: products purchased, transaction amount, order date.
- Payment data: handled entirely by our payment gateway (Razorpay). We do not store full card numbers, CVV, UPI PINs, or banking credentials. We receive only a transaction ID and status.
- Technical data: IP address, browser type, device info, pages visited, referring site. Standard for any website.
- Newsletter signups: just your email and the date you subscribed.
02How we use it
- To process and fulfil your orders.
- To communicate with you about your order, drops, or questions you've sent us.
- To improve the site (which pages get traffic, where people drop off).
- To prevent fraud and protect the site from abuse.
- To comply with legal obligations (tax records, dispute resolution, lawful government requests).
We do not sell your data. We do not share it with advertisers. We do not use it to train AI models.
03Who we share it with
We share specific data with specific service providers, only to the extent needed for them to do their job:
- Razorpay — payment processing.
- Shopify — order management and checkout infrastructure.
- Shipping partners (e.g., Delhivery, Bluedart, India Post, DHL for international) — to deliver your order.
- Formspree — newsletter form submissions land in their dashboard before reaching us.
- Google Search Console — for technical SEO monitoring (only aggregate, anonymous data).
Each of these has its own privacy practices. We pick partners that meet reasonable security and compliance standards.
04Cookies
The site uses minimal cookies — essentially session cookies for the cart and basic analytics. We don't use ad-tracking cookies. You can disable cookies in your browser, though some site features may not work properly.
05How long we keep your data
- Order records: 7 years (required by Indian tax law).
- Newsletter subscriptions: until you unsubscribe.
- Support emails: typically 2 years from last contact.
- Anonymous analytics: aggregated and retained without personal identifiers.
06Your rights
Under Indian law, you have the right to:
- Access the personal data we hold about you.
- Correct data that's inaccurate or incomplete.
- Erase data we no longer have a legal basis to keep.
- Withdraw consent for marketing emails at any time.
- Lodge a complaint with the Data Protection Board of India if you feel we've mishandled your data.
To exercise any of these rights, email hello@vestraofficial.com. We'll respond within 30 days.
07Security
The site runs over HTTPS. Our payment gateway is PCI-DSS compliant. We don't store sensitive payment data on our servers. That said, no system is completely secure — if you suspect your account or order has been compromised, contact us immediately.
08International users
If you're ordering from outside India, your data will be transferred to and processed in India. By using the site, you consent to this transfer. We apply the same protections regardless of where you're located.
09Children's privacy
Vestra is not intended for users under 18. We don't knowingly collect data from minors. If you believe a minor has shared data with us, contact us and we'll delete it.
10Changes to this policy
If we make a material change, we'll update the "Last updated" date and, where reasonable, notify subscribers via email. Your continued use of the site after a change means you've accepted the revised policy.
11Contact
For privacy questions, data requests, or concerns: hello@vestraofficial.com
Vestra · Delhi, India