Privacy Policy

Last Updated: December 2025

At Gayatri Steel Furniture, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your data when you use our website and services.

1. Information We Collect

Personal Information

We may collect the following personal information when you interact with our website:

  • Contact Information: Name, email address, phone number, and mailing address provided through contact forms, newsletter subscriptions, or purchase orders.
  • Order Information: Details about your furniture orders, including product specifications, delivery address, and payment information (processed securely through third-party payment gateways).
  • Communication Data: Messages, inquiries, and feedback you provide through our contact forms or email.
  • File Uploads: Optional files you may attach to contact forms (e.g., design inspiration images, floor plans).

Automatically Collected Information

  • Usage Data: Information about how you use our website, including pages visited, time spent on pages, and navigation patterns.
  • Device Information: IP address, browser type, operating system, device type, and screen resolution.
  • Cookies: We use cookies and similar tracking technologies to enhance your browsing experience. See our Cookie Policy section below for more details.

2. How We Use Your Information

We use the collected information for the following purposes:

  • Order Processing: To process and fulfill your furniture orders, arrange delivery, and provide customer support.
  • Communication: To respond to your inquiries, provide product information, and send order updates.
  • Marketing: To send newsletters, promotional offers, and product updates (only if you have opted in).
  • Website Improvement: To analyze website usage and improve user experience, functionality, and content.
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes.
  • Fraud Prevention: To detect and prevent fraudulent activities and protect the security of our website and customers.

3. Client-Side Encryption

Important: For enhanced security, all data submitted through our contact forms is encrypted in your browser using AES-256-GCM encryption before being transmitted to our servers. This means:

  • Your personal information is encrypted on your device before leaving your browser.
  • Data is transmitted in encrypted form, adding an extra layer of security beyond standard HTTPS.
  • Only authorized personnel with the proper decryption keys can access the submitted information.
  • This encryption protects your data even in the unlikely event of a transmission interception.

The encryption process uses industry-standard AES-256-GCM algorithm with a randomly generated initialization vector (IV) for each submission, ensuring maximum security.

4. Data Storage and Retention

Your personal information is stored securely on our servers and those of our trusted third-party service providers. We retain your data for as long as necessary to fulfill the purposes outlined in this policy, comply with legal obligations, resolve disputes, and enforce our agreements.

Typical retention periods:

  • Order Data: Retained for 1 years for accounting and warranty purposes.
  • Contact Inquiries: Retained for 1 years unless you request earlier deletion.
  • Newsletter Subscriptions: Retained until you unsubscribe.
  • Analytics Data: Anonymized and aggregated after 6 months.

5. Third-Party Services

We may use third-party services that collect, monitor, and analyze data to improve our website and services:

  • Email Services: We may use email service providers (e.g., EmailJS, SendGrid) to send communications. These services process your email address and message content.
  • Analytics: We use analytics tools (e.g., Google Analytics) to understand website traffic and user behavior. These tools may use cookies and collect anonymized data.
  • Payment Processors: Payment information is processed by secure third-party payment gateways (e.g., Razorpay, PayPal). We do not store credit card information on our servers.
  • Hosting Services: Our website is hosted on secure servers provided by reputable hosting companies.

Each third-party service has its own privacy policy governing the use of your data. We encourage you to review these policies.

6. Cookies and Tracking Technologies

We use cookies to enhance your browsing experience. Types of cookies we use:

  • Essential Cookies: Necessary for website functionality (e.g., remembering your dark mode preference).
  • Analytics Cookies: Help us understand how visitors use our website.
  • Preference Cookies: Remember your settings and preferences (e.g., language, theme).

You can control cookies through your browser settings. Disabling cookies may affect website functionality.

7. Your Rights

You have the following rights regarding your personal data:

  • Access: Request access to the personal information we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data (subject to legal obligations).
  • Opt-Out: Unsubscribe from marketing communications at any time.
  • Data Portability: Request a copy of your data in a structured, machine-readable format.
  • Objection: Object to processing of your data for certain purposes.

To exercise these rights, contact us at paresh460@gmail.com.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Client-side encryption for form submissions (AES-256-GCM)
  • HTTPS/SSL encryption for data transmission
  • Secure server infrastructure with regular security updates
  • Access controls and authentication mechanisms
  • Regular security audits and vulnerability assessments
  • Employee training on data protection and privacy

9. Children's Privacy

Our website and services are not directed to children under the age of 13. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately.

10. International Data Transfers

If you are accessing our website from outside India, please note that your information may be transferred to, stored, and processed in India where our servers are located. By using our website, you consent to the transfer of your information to India.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting a notice on our website or sending an email notification. Your continued use of our website after changes constitutes acceptance of the updated policy.

12. GDPR Compliance (European Users)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR), including the right to lodge a complaint with a supervisory authority.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Note: This Privacy Policy is provided as a template. Gayatri Steel Furniture recommends consulting with a legal professional to ensure compliance with applicable privacy laws and regulations in your jurisdiction, including GDPR, CCPA, and local data protection laws.