Privacy Policy

1. Introduction

Brantigo Technology Private Limited ("Brantigo", "we", "us", "our") operates brantigo.com. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and make purchases. This policy complies with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, and the Digital Personal Data Protection Act, 2023 (DPDP Act).

2. Information We Collect

Personal Information You Provide

When you place an order, register, or contact us, we collect: your name, email address, phone number, billing and shipping address, payment-related references (such as UPI transaction IDs), and any information you choose to share in support enquiries.

Information Collected Automatically

We collect technical data such as IP address, browser type, device information, referring URLs, and pages viewed. We use Google Analytics (GA4) cookies to understand site usage in aggregate.

Information We Do Not Collect

We do not store any card numbers, CVVs, UPI PINs, or full bank account numbers on our servers, in compliance with RBI Tokenisation Guidelines. All payments are processed by our PCI-DSS-compliant payment gateway partner.

3. How We Use Your Information

• To process, fulfil and deliver your orders
• To send order confirmations, shipping updates and delivery notifications
• To respond to your enquiries and provide customer support
• To improve our website, products and shopping experience
• To detect and prevent fraud, abuse and security incidents
• To comply with legal obligations (tax, audit, regulatory reporting)

We do not sell, rent or trade your personal information to third parties for marketing purposes.

4. Data Storage & Security

Your data is stored on secure servers with industry-standard encryption. Our website uses HTTPS/SSL throughout. We implement reasonable security practices and procedures as required under the IT Act, 2000 and the SPDI Rules, 2011. Access to personal data is restricted to authorised personnel on a need-to-know basis.

5. Cookies & Browser Storage

We use cookies and similar tracking technologies (Google Analytics GA4) to analyse site traffic and improve user experience. We also use browser localStorage to maintain your shopping bag — this data never leaves your device until you place an order. You can disable cookies in your browser settings, though some features of the site may not function correctly.

6. Your Rights Under the DPDP Act 2023

Under the Digital Personal Data Protection Act, 2023, you have the right to:

• Access your personal data held by us
• Request correction of inaccurate or incomplete data
• Request erasure of your personal data (subject to legal retention obligations)
• Withdraw consent for data processing at any time
• Nominate another individual to exercise rights in case of your incapacity
• File a grievance with our Grievance Officer or the Data Protection Board of India

To exercise these rights, email grievance@brantigo.com.

7. Third-Party Services

We share minimal necessary information with the following service providers:

• Payment Gateway: MMADPay (UPI payments) — receives order amount and customer contact for transaction processing
• Email Delivery: Hostinger SMTP — used for transactional emails only
• Analytics: Google Analytics (GA4) — anonymised aggregate usage data
• Shipping Partners: Indian logistics providers — receive name, address and phone number for delivery

Each provider operates under its own privacy policy and applicable data protection laws.

8. Data Retention

We retain personal data only as long as necessary for the purposes set out in this policy or as required by law. Order, invoice and tax data is retained for a minimum of eight (8) years as required by Indian tax and commercial laws (Income Tax Act, GST Act, Companies Act).

9. Children's Privacy

Brantigo's services are intended for adults. We do not knowingly collect personal data from children under 18 without verifiable parental consent. If you believe we have collected such data, please contact our Grievance Officer immediately and we will delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be posted on this page with an updated revision date. Continued use of our website after such changes constitutes acceptance of the revised policy.

11. Governing Law

This Privacy Policy is governed by the laws of India. Any disputes arising from this policy shall be subject to the exclusive jurisdiction of the courts in New Delhi, India.

12. Grievance Officer & Contact