Privacy Policy

UNPLANNED ("we", "us", "our") operates the website unplanned.co.in and is committed to protecting the personal data of our customers and visitors.

This Privacy Policy describes what personal data we collect, why we collect it, how we use and share it, and what rights you have over your data. It applies to all interactions with our website and services.

We comply with the Digital Personal Data Protection (DPDP) Act, 2023 of India, and other applicable data protection laws.

By using our website and placing orders, you consent to the practices described in this policy.

Information you provide directly

Information collected automatically

Information from third parties

We may receive limited information from payment processors (Razorpay) for fraud prevention and from analytics providers (Google Analytics via GTM). We do not purchase data from third-party data brokers.

We process your personal data on the following legal bases:

• Contract performance: Processing and fulfilling orders, handling returns and refunds, providing customer support
• Legitimate interest: Fraud detection, security monitoring, improving our website and services, internal analytics
• Consent: Sending marketing emails and newsletters (only when you opt in); loading analytics cookies after cookie consent
• Legal obligation: Complying with applicable Indian laws, tax regulations, and law enforcement requests

We never use your personal data for automated decision-making that produces legal or similarly significant effects.

We share your data only as necessary to operate our business. We do not sell your personal data.

We require all third parties to maintain appropriate security measures and to use your data only for the stated purpose. We do not allow them to use your data for their own marketing purposes.

We may disclose data if required by law, court order, or to protect the rights and safety of UNPLANNED and its customers.

We use cookies and similar tracking technologies. These fall into two categories:

Essential cookies (always active)

Required for the website to function. These include your shopping cart session (managed by Shopify), security tokens, and user preference storage. No consent is required for these.

Analytics and marketing cookies (consent required)

We use Google Analytics 4 via Google Tag Manager to understand how visitors use our site. These cookies are loaded only after you explicitly accept via our cookie consent banner, in compliance with the DPDP Act 2023.

If you decline, no analytics cookies are set and GTM does not fire. You can change your preference at any time by clearing your browser's local storage for unplanned.co.in.

Managing cookies

You can control or delete cookies in your browser settings. Note that disabling essential cookies may affect site functionality (e.g., your cart may not persist).

Under the Digital Personal Data Protection Act, 2023 (India), you have the following rights regarding your personal data:

• Right to access: Request a summary of the personal data we hold about you
• Right to correction: Request correction of inaccurate or incomplete data
• Right to erasure: Request deletion of your data (subject to legal retention obligations)
• Right to grievance redressal: Lodge a complaint about how we process your data
• Right to withdraw consent: Withdraw marketing consent at any time via the unsubscribe link in emails or by contacting us
• Right to nominate: Nominate another person to exercise your rights in the event of death or incapacity

To exercise any of these rights, email us at hello@unplanned.co.in with subject line "Data Rights Request". We will respond within 30 days.

You may also lodge a complaint with the Data Protection Board of India once it is constituted under the DPDP Act 2023.

After the retention period, data is securely deleted or anonymised.

We take appropriate technical and organisational measures to protect your personal data:

• All data transmission is encrypted using TLS (HTTPS)
• Payment data is processed directly by Razorpay over PCI-DSS compliant infrastructure — we never see or store your card numbers or UPI PINs
• Our website is hosted on Shopify Oxygen (global edge network) with built-in DDoS protection
• Admin access to order data is restricted to authorised personnel only
• We use Cloudflare for additional web application firewall protection

Despite these measures, no method of transmission over the internet is 100% secure. In the event of a data breach that affects your rights, we will notify affected users as required by applicable law.

Our website and services are not directed to individuals under the age of 18. We do not knowingly collect personal data from minors.

If you are a parent or guardian and believe your child has provided us with personal data, please contact us at hello@unplanned.co.in and we will promptly delete such data.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. Material changes will be communicated via:

• A prominent notice on our website for at least 30 days
• An email notification to registered customers (where we have consent)

The "Last Updated" date at the top of this page reflects the most recent revision. Continued use of our services after changes constitutes acceptance of the updated policy.

For any privacy-related queries, requests, or complaints:

See also: Terms of Service · Shipping & Returns