Privacy Policy

1. Introduction

Vaidham Wellness Services ("Vaidham", "we", "us", or "our") operates the website https://www.vaidham.com/ and associated mobile/web applications. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform. By using our services, you agree to the practices described herein.

2. Information We Collect

2.1 Information You Provide

• Name, email address, and mobile phone number during account creation
• Delivery addresses and billing information for orders
• Payment information (processed securely via Cashfree; we do not store card details)
• Health assessment responses submitted voluntarily via our AI wellness tools
• Communications you send us (support requests, reviews, feedback)

2.2 Information Collected Automatically

• Device information (IP address, browser type, operating system)
• Usage data (pages visited, products viewed, search queries, time spent)
• Location data if you use the Store Locator feature and grant permission
• Cookies and similar tracking technologies (see Section 7)

3. How We Use Your Information

• To process and fulfil your orders, including delivery and invoicing
• To verify your identity via OTP-based authentication
• To provide personalised product recommendations and wellness guidance
• To send order updates, shipping notifications, OTPs, and other transactional messages via WhatsApp and email
• To respond to customer support queries
• To comply with legal and regulatory obligations including GST and Consumer Protection requirements
• To detect and prevent fraudulent transactions
• To improve our platform through analytics and A/B testing

4. Sharing Your Information

We do not sell your personal data. We share information only with:

• Payment processors (Cashfree) for secure payment handling
• Logistics partners (NimbusPost and affiliated couriers) for order delivery
• Communication service providers (WhatsApp Business API and email delivery providers) for transactional messages
• Cloud infrastructure providers (Neon, Vercel) that store or process data on our behalf
• Law enforcement or regulatory bodies when required by applicable Indian law

All third-party processors are bound by data processing agreements consistent with applicable privacy laws.

5. Data Retention

We retain your account data for as long as your account remains active. Order records are retained for 7 years as required by Indian tax and financial regulations. Health assessment data is retained for 2 years unless you request deletion. You may request deletion of your account and associated data by emailing us (see Section 10).

6. Data Security

We implement industry-standard security measures including TLS encryption in transit, AES-256 encryption at rest on our database, bcrypt hashing for passwords, and two-factor authentication (2FA) for administrative accounts. However, no transmission over the internet is completely secure; we cannot guarantee absolute security.

7. Cookies

We use the following types of cookies:

• Essential cookies: Required for authentication and cart functionality
• Analytics cookies: To understand how users interact with our platform
• Marketing cookies: To measure campaign effectiveness (with your consent)

You may disable non-essential cookies through your browser settings, though this may affect some features.

8. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal data from minors. If you believe a minor has provided us data, please contact us immediately for deletion.

9. Your Rights

Under applicable Indian data protection laws, you have the right to:

• Access the personal data we hold about you
• Correct inaccurate or incomplete data
• Request deletion of your data (subject to legal retention obligations)
• Withdraw consent for marketing communications at any time
• Port your data in a machine-readable format

10. Data Deletion Requests

If you want us to delete your personal data, please email us at care@vaidham.com.

To help us process your request safely and quickly, please include:

• Your full name
• Your registered mobile number or email address
• Your order number, if your request relates to a purchase
• A short note confirming that you want your personal data deleted

Before processing a deletion request, we may ask for reasonable identity verification to protect your account and prevent unauthorized deletion requests.

Once your identity is verified, we will delete or anonymize your personal data where legally permitted. Some information may be retained where required for tax, invoicing, fraud prevention, dispute resolution, regulatory compliance, or other lawful business obligations.

We aim to review and respond to deletion requests within a reasonable time. If we cannot fully delete certain records for legal reasons, we will explain that in our response.

11. Contact Us

For privacy-related queries or to exercise your rights, contact our Data Protection Officer:

12. Changes to This Policy

We may update this Privacy Policy periodically. Significant changes will be notified via email or a prominent notice on our website. Continued use of our services after updates constitutes acceptance of the revised policy.