Privacy Policy (App)

Privacy Policy for Anime Store

Effective Date: 20/07/2024

1. Introduction

Welcome to Anime Store! This Privacy Policy outlines how we collect, use, disclose, and protect your personal information when you use our mobile application and website (collectively, the "App"). Your privacy is important to us, and we are committed to protecting your information. By using the App, you consent to the practices described in this policy.

2. Information We Collect

Personal Information:

  • Account Information: When you register on our App, we collect personal details such as your name, email address, phone number, and other registration information.
  • Transaction Information: We gather details related to your purchases, including payment information, order history, delivery addresses, and any other information necessary to process your transactions.
  • Support Information: If you contact our customer support, we may collect information related to your support requests, including communication history and any other relevant details.

Non-Personal Information:

  • Usage Data: We collect information on how you interact with the App, including the pages you visit, the time spent on those pages, and other usage statistics to help us understand user behavior and improve our services.
  • Device Information: To enhance the functionality and security of the App, we collect information about your device, including its ID, IP address, operating system, and browser type.

3. How We Use Your Information

We use the collected information for various purposes:

  • To Provide and Improve Services: Process orders, manage user accounts, and enhance the functionality and performance of the App.
  • To Communicate with You: Send updates, newsletters, promotional materials, and respond to customer support inquiries.
  • For Analytics and Marketing: Analyze user behavior, track the effectiveness of our advertising campaigns, and personalize content and advertisements.
  • To Ensure Security: Monitor and analyze App usage to prevent fraudulent activities and ensure the security of our services.

4. Data Sharing and Disclosure

We may share your information with:

  • Third-Party Service Providers: We engage third-party service providers to perform services on our behalf, such as payment processing, customer support management, and analytics. These providers include Google Analytics, Zendesk, and Mailchimp.
  • Business Partners: We may share your information with business partners for marketing and promotional purposes.
  • Regulatory Authorities: We may disclose your information to comply with legal obligations, respond to legal processes, or protect our rights and safety.
  • Business Transfers: In the event of a merger, acquisition, or other business transition, your information may be transferred as part of the transaction.

5. Measures Taken to Protect User Data

Data Encryption:

  • Encryption in Transit: We use SSL/TLS protocols to encrypt data transmitted between the App and our servers.
  • Encryption at Rest: Sensitive data stored on our servers is encrypted to protect it from unauthorized access.

Access Controls:

  • Authentication: User accounts are protected by strong authentication mechanisms to prevent unauthorized access.
  • Authorization: Access to personal data is restricted to authorized personnel only.

Secure Data Storage:

  • Data Storage: Data is stored in secure, access-controlled environments.
  • Backup Procedures: We perform regular backups to ensure data integrity and recovery in case of data loss.

Regular Security Audits:

  • Vulnerability Assessments: We conduct regular security audits to identify and address potential weaknesses in our systems.
  • Penetration Testing: We perform periodic penetration tests to simulate potential attacks and assess the effectiveness of our security measures.

Data Minimization:

  • Limited Data Collection: We collect only the data necessary to provide and improve our services.
  • Retention Policies: Personal data is retained only as long as needed and is securely deleted when no longer necessary.

User Awareness:

  • Privacy Policy: We provide clear information about our data collection and protection practices in our privacy policy.
  • Security Practices: We encourage users to use strong passwords and follow best security practices to protect their accounts.

Incident Response Plan:

  • Breach Notification: We have procedures in place to address data breaches, including notifying affected users and regulatory authorities as required.

Third-Party Security:

  • Vendor Assessments: We evaluate the security practices of our third-party service providers to ensure they comply with data protection standards.

6. Procedures for Dealing with Data Breaches

Detection and Identification:

  • Monitoring Systems: We use monitoring systems to detect unusual activities and potential data breaches.
  • Incident Reporting: We encourage users and staff to report any suspected breaches immediately.

Assessment and Containment:

  • Initial Assessment: We evaluate the scope and impact of the breach to understand its severity.
  • Containment: We take measures to contain and isolate the breach to prevent further unauthorized access.

Investigation:

  • Root Cause Analysis: We investigate the cause of the breach and gather evidence to understand how it occurred.

Notification:

  • Internal Notification: Relevant teams within our organization are informed about the breach.
  • User Notification: Affected users are notified with details about the breach and steps they can take to protect themselves.
  • Regulatory Notification: We report the breach to relevant regulatory authorities as required by law.

Mitigation and Remediation:

  • Corrective Actions: We implement corrective actions to address vulnerabilities and prevent future breaches.
  • System Updates: We apply security patches and updates to address identified weaknesses.

Communication:

  • Public Communication: We prepare statements and updates to communicate with the public if necessary.
  • Customer Support: We provide guidance and support to affected users to help them manage the impact of the breach.

Documentation and Reporting:

  • Incident Report: We document details of the breach, including the response and any actions taken.
  • Post-Incident Review: We review the incident to evaluate the effectiveness of our response and identify improvements.

Ongoing Monitoring:

  • Continuous Monitoring: We enhance our security measures based on insights gained from the breach.
  • Training and Awareness: We provide ongoing training to employees on security threats and best practices.

7. Use of Cookies and Other Tracking Technologies

Cookies:

  • Session Cookies: Temporary cookies that are used to maintain your session while you use the App.
  • Persistent Cookies: Cookies that remember your preferences and settings for future visits.
  • Performance Cookies: Cookies that collect data on how you interact with the App to help us improve performance.
  • Functional Cookies: Cookies that enable additional features and personalization.

Tracking Technologies:

  • Web Beacons: Small transparent images used to track user behavior and interactions with emails and web pages.
  • Local Storage: Data stored on your device to save user preferences and settings.
  • Tracking Pixels: Tiny images used for tracking and collecting data for analytics and marketing purposes.

Third-Party Technologies:

  • Analytics Tools: We use tools like Google Analytics to track user behavior and App performance.
  • Advertising Networks: We use networks like Google Ads and Facebook Ads to deliver and optimize targeted advertisements.

User Control:

  • Cookie Preferences: You can manage cookie settings through your browser preferences to accept or reject cookies.
  • Opt-Out Options: You can opt out of certain tracking technologies and targeted advertising through available tools.

8. Information on Third-Party Services Used

Analytics Services:

  • Google Analytics: Tracks and analyzes user behavior on our App to help us improve services. Data is typically retained for 26 months.
  • Other Analytics Providers: We may use additional analytics services with their own data retention policies.

Advertising Services:

  • Google Ads: Delivers and optimizes targeted ads based on user behavior. Data is generally retained for up to 90 days.
  • Facebook Ads: Tracks ad performance and delivers targeted ads. Data is typically retained for up to 180 days.

Payment Processors:

  • UPI, PhonePe: Facilitate secure payment processing. Transaction data is retained for up to 7 years.
  • Cash on Delivery (COD): Retained for up to 1 year.

Customer Support Services:

  • Zendesk: Manages customer support requests and communication. Data is typically retained for up to 1 year.

Marketing and Email Services:

  • Mailchimp: Handles email campaigns and subscriber lists. Data is retained as long as the user remains subscribed.

Social Media Integration:

  • Facebook and Twitter Plugins: Enable social media features and engagement. Retention policies depend on the respective platforms.

9. Data Retention Durations

  • Google Analytics: Data retained for 26 months.
  • Google Ads: Up to 90 days.
  • Facebook Ads: Typically up to 180 days.
  • UPI and PhonePe: Transaction data retained for up to 7 years.
  • Cash on Delivery (COD): Retained for up to 1 year.
  • Zendesk: Up to 1 year.
  • Mailchimp: As long as the user remains subscribed.
  • Social Media Plugins: Retention policies of respective platforms.

10. Data Transfer to Other Countries

Scope of Data Transfer:

  • Third-Party Services: Data may be transferred to other countries where our third-party service providers are located.

Legal and Regulatory Compliance:

  • Data Protection Laws: We ensure compliance with international data protection laws and regulations.
  • Data Transfer Mechanisms: We use mechanisms such as Standard Contractual Clauses (SCCs) to facilitate international data transfers.

Third-Party Agreements:

  • Data Processing Agreements: We have agreements in place with third-party service providers to ensure they adhere to data protection standards.

Data Protection Measures:

  • Encryption and Access Controls: We implement encryption and access controls to protect data during international transfers.

User Notification:

  • Transparency: We inform users about international data transfers and the safeguards in place to protect their information.

Safeguards for International Data Transfers:

  • Legal Mechanisms: Use of SCCs, Binding Corporate Rules (BCRs), and other legal frameworks to protect data.
  • Third-Party Agreements: Ensuring third parties adhere to data protection standards.
  • Data Protection Standards: Implementing encryption, access controls, and other security measures.
  • Data Minimization: Limiting data collection to what is necessary and anonymizing data where possible.
  • Regular Audits: Conducting compliance checks and Data Protection Impact Assessments (DPIAs).
  • User Rights: Ensuring users can exercise their rights under applicable data protection laws.

11. Informing Users About Updates to the Privacy Policy

Notification via App or Website:

  • In-App/Website Banner and Pop-Up Notification: We display notifications about updates to the privacy policy on the App and website.

Email Communication:

  • Email Alert: We send email notifications to users about significant changes to the privacy policy.

Account Dashboard Notification:

  • Account Notification: Updates are also communicated through user dashboards on the App.

Update Logs and Version History:

  • Version History and Change Log: We maintain a version history and change log to document updates to the privacy policy.

Terms of Service Update:

  • Service Terms Notification: We update the terms of service and notify users of any changes.

User Agreement:

  • Re-Consent: We may request users to review and accept updates if there are significant changes to the policy.

Contact Information:

  • Support Contact: We provide contact details for users to reach out with questions or concerns about the privacy policy.

12. Effective Date of the Privacy Policy

Display on Privacy Policy Document:

  • Prominent Placement: The effective date of the privacy policy is clearly stated at the top of the document.

Notification Timing:

  • Advance Notice: We provide advance notice of any changes to the privacy policy.

Policy Review and Acceptance:

  • Acceptance Requirement: Users are required to review and accept updates to the privacy policy if significant changes are made.

Historical Records:

  • Previous Versions: We keep archived versions of the privacy policy available for reference.

Legal and Compliance Considerations:

  • Regulatory Requirements: We ensure compliance with legal requirements for privacy policy updates and notifications.

User Access:

  • Accessibility: The privacy policy and its effective date are easily accessible to users.

13. Contact Information for Privacy Policy Inquiries

If you have any questions or concerns about our privacy policy, please contact us using the following details:

Company Name: CLAZZ LUXURY PRIVATE LIMITED

Email: contact@daanimestore.com

Address: MALLAH KA NAGLA PATLI
WALI GALI IMAM BARGAH
ALIGARH,
ALIGARH
ALIGARH-202001
UTTAR PRADESH

Telephone Number: +91 85350 22619

For any inquiries or further information regarding our privacy practices, please feel free to reach out to us at the above contact details. We are committed to addressing your questions and concerns promptly.