Privacy Policy, Terms, Conditions

We are delighted that you have shown interest in our enterprise. Data protection is a top priority for the management of Nutripoorna  The use of the Internet pages of Nutripoorna  is possible without any indication of personal data; however, if a data subject wishes to use special enterprise services via our website, processing of personal data may become necessary. If the processing of personal data is required and there is no statutory basis for such processing, we generally obtain consent from the data subject.

The processing of personal data, such as the name and email of a data subject, shall always align with the Indian IT Act and comply with the country-specific data protection regulations applicable to Nutripoorna  Through this data protection declaration, our enterprise aims to inform the general public about the nature, scope, and purpose of the personal data we collect, use, and process. Furthermore, data subjects are informed of their entitled rights through this declaration.

As the controller, Nutripoorna  has implemented numerous technical and organizational measures to ensure the most comprehensive protection of personal data processed through this website. However, Internet-based data transmissions may inherently have security gaps, so absolute protection cannot be guaranteed. For this reason, every data subject is free to transfer personal data to us via alternative means, such as by telephone.

  1. Definitions

The data protection declaration of Nutripoorna  is based on the terms used by the European legislator for the adoption of the Indian IT Act. Our declaration aims to be legible and understandable for the general public, as well as our customers and business partners. To ensure clarity, we first explain the terminology used:

  • Personal Data

Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that person.

  • Data Subject

A data subject is any identified or identifiable natural person whose personal data is processed by the controller responsible for the processing.

  • Processing

Processing is any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, combination, restriction, erasure, or destruction.

  • Restriction of Processing

Restriction of processing is the marking of stored personal data with the aim of limiting its processing in the future.

  • Profiling

Profiling means any form of automated processing of personal data to evaluate certain personal aspects relating to a natural person, particularly to analyze or predict aspects concerning that person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

  • Pseudonymisation

Pseudonymisation is the processing of personal data in a manner that prevents attribution to a specific data subject without additional information, provided such additional information is kept separately and subject to technical and organizational measures ensuring non-attribution to an identified or identifiable person.

  • Controller or Controller Responsible for the Processing

The controller is the natural or legal person, public authority, agency, or other body that, alone or jointly with others, determines the purposes and means of processing personal data. Where the purposes and means are determined by Union or Member State law, the controller or specific criteria for its nomination may be provided by such law.

  • Processor

A processor is a natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller.

  • Recipient

A recipient is a natural or legal person, public authority, agency, or other body to which personal data are disclosed, whether a third party or not. Public authorities receiving personal data in the framework of a particular inquiry per Union or Member State law are not considered recipients; their processing complies with applicable data protection rules according to the purposes of the processing.

  • Third Party

A third party is a natural or legal person, public authority, agency, or body other than the data subject, controller, processor, or persons authorized to process personal data under the direct authority of the controller or processor.

  • Consent

Consent of the data subject is any freely given, specific, informed, and unambiguous indication of the data subject’s wishes, by statement or clear affirmative action, signifying agreement to the processing of their personal data.

  1. Name and Address of the Controller

The controller for the purposes of the Indian IT Act, other data protection laws applicable in Member States of the European Union, and other provisions related to data protection is:

Nutripoorna
Balikashrm Road, Chowk, Opposite of Nayara Petrol Pump, Near Premdan, Savedi, Ahilya Nagar, Maharashtra 414003
Email: reachus@nutripoorna.com
Website: https://nutripoorna.com

  1. Cookies

The Internet pages of Nutripoorna  do not use cookies.

  1. Collection of General Data and Information

The website of Nutripoorna  collects a series of general data and information when a data subject or automated system accesses the website. This data and information are stored in server log files and may include:

(1) browser types and versions used,
(2) the operating system used by the accessing system,
(3) the website from which an accessing system reaches our website (so-called referrers),
(4) sub-websites,
(5) date and time of access to the Internet site,
(6) an Internet protocol address (IP address),
(7) the Internet service provider of the accessing system, and
(8) other similar data and information used in the event of attacks on our information technology systems.

When using this general data and information, Nutripoorna  does not draw conclusions about the data subject. This information is needed to:

(1) deliver the content of our website correctly,
(2) optimize the content and advertisement of our website,
(3) ensure the long-term viability of our information technology systems and website technology, and
(4) provide law enforcement authorities with necessary information for criminal prosecution in case of a cyber-attack. Therefore, Nutripoorna  analyzes this anonymously collected data and information statistically to enhance our enterprise’s data protection and security, ensuring an optimal level of protection for the personal data we process. The anonymous data in server log files are stored separately from all personal data provided by a data subject.

  1. Registration on Our Website

The data subject may register on the website of the controller by providing personal data. The specific personal data transmitted to the controller is determined by the input mask used for registration. The personal data entered by the data subject (name and email) are collected and stored exclusively for internal use by the controller and for its own purposes. The controller may transfer this data to one or more processors (e.g., a parcel service) that also uses it for an internal purpose attributable to the controller.

Upon registration, the IP address—assigned by the Internet service provider (ISP) to the data subject—along with the date and time of registration, is stored. This storage prevents misuse of our services and, if necessary, enables investigation of committed offenses, making it essential for the controller’s security. This data is not passed to third parties unless required by law or for criminal prosecution purposes.

Registration with voluntary personal data enables the controller to offer content or services exclusive to registered users. Registered persons may modify or delete their specified personal data at any time. The data controller will, upon request, provide information about the personal data stored about the data subject and correct or erase it at the data subject’s request, unless statutory storage obligations apply. The controller’s employees are available as contact persons in this regard.

  1. Subscription to Our Newsletters

On the website of Nutripoorna , users can subscribe to our enterprise’s newsletter. The input mask determines the personal data transmitted when ordering the newsletter.

Nutripoorna  informs customers and business partners about enterprise offers via a newsletter. Subscription requires:

(1) a valid email address and
(2) registration for newsletter shipping. A confirmation email is sent to the registered email address using the double opt-in procedure for legal verification of authorization.

During newsletter registration, we store the IP address assigned by the ISP, along with the date and time of registration, to prevent misuse of the email address and ensure the controller’s legal protection. The collected personal data (name and email) is used solely to send the newsletter. Subscribers may also receive operational emails if necessary for the newsletter service or registration modifications. This data is not transferred to third parties.

Data subjects may terminate their subscription at any time, revoking consent to personal data storage for newsletter purposes via a link in each newsletter, the website, or by contacting the controller directly.

  1. Newsletter-Tracking

The newsletter of Nutripoorna  includes tracking pixels—miniature graphics embedded in HTML emails to enable log file recording and analysis. This allows statistical analysis of online marketing campaign success or failure. Using embedded tracking pixels, Nutripoorna  can determine if and when an email was opened and which links were accessed by data subjects.

Personal data collected via tracking pixels is stored and analyzed by the controller to optimize newsletter delivery and tailor future content to data subjects’ interests. This data is not passed to third parties. Data subjects may revoke their consent, issued via the double opt-in procedure, at any time. After revocation, this data is deleted by the controller, and withdrawal from the newsletter is automatically regarded as revocation.

  1. Contact Possibility via the Website

The website of Nutripoorna  provides information enabling quick electronic contact, including a general email address (reachus@nutripoorna.com). If a data subject contacts the controller via email or a contact form, the transmitted personal data is automatically stored for processing or contacting purposes. This data is not transferred to third parties.

  1. Comments Function in the Blog on the Website

Nutripoorna  offers users the ability to leave comments on blog posts. Comments, along with the date and chosen user pseudonym, are stored and published. The IP address assigned by the ISP is logged for security reasons and in case of rights violations or illegal content. This storage is in the controller’s interest to address infringements. This data is not passed to third parties unless required by law or for the controller’s defense.

  1. Subscription to Comments in the Blog on the Website

Third parties may subscribe to comments following their own on Nutripoorna ’s blog. A confirmation email verifies authorization via the double opt-in procedure. This option may be terminated at any time.

  1. Routine Erasure and Blocking of Personal Data

The data controller processes and stores personal data only for the period necessary to achieve the storage purpose or as permitted by applicable laws. Personal data is routinely blocked or erased after the purpose expires or the statutory retention period lapses. The data retention period for personal data collected by Nutripoorna  is 6 months.

  1. Rights of the Data Subject
  • Right of Confirmation

Each data subject may obtain confirmation from the controller on whether their personal data is being processed. Contact any employee of the controller to exercise this right.

  • Right of Access

Data subjects may obtain free information about their stored personal data and a copy thereof, including processing purposes, data categories, recipients, retention period, and rights to rectification, erasure, restriction, or objection. Contact any employee to exercise this right.

  • Right to Rectification

Data subjects may request immediate correction of inaccurate personal data or completion of incomplete data. Contact any employee to exercise this right.

  • Right to Erasure (Right to be Forgotten)

Data subjects may request erasure of personal data if it is no longer necessary, consent is withdrawn, or processing is unlawful, among other grounds. Nutripoorna  will comply promptly unless statutory obligations prevent erasure. Contact any employee to exercise this right.

  • Right of Restriction of Processing

Data subjects may request restriction if accuracy is contested, processing is unlawful, or data is needed for legal claims. Contact any employee to exercise this right.

  • Right to Data Portability

Data subjects may receive their provided data in a structured, commonly used, machine-readable format and transmit it to another controller where technically feasible. Contact any employee to exercise this right.

  • Right to Object

Data subjects may object to processing based on legitimate interests or direct marketing. Nutripoorna  will cease processing unless compelling legitimate grounds exist. Contact any employee to exercise this right.

  • Automated Individual Decision-Making, Including Profiling

Nutripoorna  does not use automated decision-making or profiling.

  • Right to Withdraw Consent

Data subjects may withdraw consent to data processing at any time by contacting any employee.

  1. Data Protection Provisions About Third-Party Services

Google Analytics

This website uses Google Analytics, a web analytics service by Google Inc. It analyzes traffic without cookies, as Nutripoorna  does not use them. Data subjects may object to data collection by installing a browser add-on at https://tools.google.com/dlpage/gaoptout. More information is available at https://www.google.com/intl/en/policies/privacy/.

Facebook

This website integrates Facebook components. If logged in, Facebook detects visited sub-pages and associates them with the user’s account. Log out before visiting to prevent this. More details are at https://facebook.com/about/privacy/.

Instagram

This website uses Instagram components. If logged in, Instagram detects visited sub-pages. Log out to prevent data transmission. More information is at https://www.instagram.com/about/legal/privacy/.

Twitter

This website integrates Twitter components. If logged in, Twitter detects visited sub-pages. Log out to prevent transmission. More details are at https://twitter.com/privacy?lang=en.

YouTube

This website uses YouTube components. If logged in, YouTube and Google detect visited sub-pages. Log out to prevent transmission. More information is at https://www.google.com/intl/en/policies/privacy/.

  1. Payment Method: Razorpay

This website uses Razorpay for payments. Selecting this option transmits necessary personal data (name, email) for processing and fraud prevention. Consent may be revoked at any time, though this does not affect contractual processing. Nutripoorna  has no refund policy. More details are at https://razorpay.com/privacy/.

  1. Advertising Integrations

Google AdSense

This website uses Google AdSense for advertising without cookies. Data subjects may adjust browser settings to prevent tracking. More information is at https://www.google.com/intl/en/policies/privacy/.

Facebook Ads

This website uses Facebook Ads. If logged in, Facebook tracks interactions. Log out to prevent this. More details are at https://facebook.com/about/privacy/.

  1. Legal Basis for Processing

Processing is based on consent (Art. 6(1)(a) GDPR), contract performance (Art. 6(1)(b) GDPR), legal obligations (Art. 6(1)(c) GDPR), vital interests (Art. 6(1)(d) GDPR), or legitimate interests (Art. 6(1)(f) GDPR) unless overridden by data subject rights.

  1. Legitimate Interests

Our legitimate interest under Art. 6(1)(f) GDPR is to conduct business for the well-being of employees and shareholders.

  1. Data Retention Period

Personal data is stored for 6 months, after which it is deleted unless required for contract fulfillment or legal obligations.

  1. Third-Party Data Sharing

Nutripoorna  may share personal data with third parties as allowed by law or with consent.

  1. Miscellaneous

Nutripoorna  does not use automated decision-making or AI processing.