🌿 Premium Quality 🚚 Free Delivery above ₹599 🔒 Secure Payments ⭐ 5000+ Happy Customers 📦 Dispatch in 24hrs ✅ FSSAI Certified ↩️ 7-Day Returns 🇮🇳 Made for India 🌿 Premium Quality 🚚 Free Delivery above ₹599 🔒 Secure Payments ⭐ 5000+ Happy Customers 📦 Dispatch in 24hrs ✅ FSSAI Certified ↩️ 7-Day Returns 🇮🇳 Made for India
Privacy Policy Terms & Conditions Refund & Cancellation Policy Shipping Policy

Privacy Policy

Last updated: 12 April 2026
Privacy Policy - MidAura

Privacy Policy

Effective Date: 05 March 2026

This Privacy Policy (“Policy”) sets out the manner in which Midaspire Solutions Private Limited, a company incorporated under the provisions of the Companies Act, 2013, having its registered office at Kengeri, Bangalore – 560060, Karnataka, India (hereinafter referred to as the “Company”, “MidAura”, “we”, “us”, or “our”), collects, receives, possesses, stores, handles, processes, shares, transfers and protects personal data of users (“User”, “you”, “your”).

This Policy applies to all users accessing or using the website www.midaura.shop (“Website”), including users who browse, register, purchase products, or interact with the Company in any manner whatsoever.

This Policy has been drafted in accordance with the provisions of the Digital Personal Data Protection Act, 2023, the Information Technology Act, 2000, and applicable rules and regulations.

1. DEFINITIONS

For the purpose of this Policy, the following terms shall have the meanings assigned below:

“Personal Data” means any data about an individual who is identifiable by or in relation to such data.

“Processing” in relation to personal data means a wholly or partly automated operation or set of operations performed on digital personal data, including collection, recording, organisation, storage, use, disclosure, dissemination, erasure or destruction.

“Data Principal” refers to the individual to whom the personal data relates.

“Consent” means any freely given, specific, informed and unambiguous indication of the Data Principal’s wishes.

2. APPLICABILITY AND SCOPE

This Policy applies to all personal data collected by the Company through:

(a) the Website;
(b) mobile or web-based applications;
(c) customer support interactions;
(d) marketing campaigns and promotional activities;
(e) third-party integrations or service providers.

This Policy shall apply irrespective of the device used to access the Website, including desktops, mobile devices, tablets, or any other digital medium.

3. CATEGORIES OF PERSONAL DATA COLLECTED

3.1 Information Provided Directly by the User

When you create an account, place an order, or otherwise interact with us, we may collect personal information including but not limited to your full name, contact number, email address, billing address, shipping address, and login credentials.

This information is necessary to identify you as a user, process your orders, and provide services requested by you.

3.2 Transactional and Order Information

We collect and maintain records of transactions carried out through the Website, including order details, invoice data, payment references, delivery status, and communication records related to such transactions.

This data is required for contractual performance, dispute resolution, and statutory compliance, including GST requirements.

3.3 Automatically Collected Information

When you access the Website, certain technical information is automatically collected, including your IP address, browser type, device information, operating system, referring URLs, session duration, and pages viewed.

This information is used for system administration, security monitoring, analytics, and improving user experience.

3.4 Payment Information

All payments are processed through third-party payment gateways such as Razorpay. The Company does not collect, store, or process sensitive financial information such as credit card numbers, debit card details, CVV numbers, UPI PINs, or banking credentials.

Such information is handled directly by the payment gateway in accordance with applicable PCI-DSS standards.

4. PURPOSE OF PROCESSING PERSONAL DATA

The Company processes personal data strictly for lawful purposes, including but not limited to the following:

To process and fulfill orders placed by you, including packaging, shipping, and delivery of products.

To generate tax invoices and comply with applicable laws, including Goods and Services Tax (GST) regulations.

To provide customer support, respond to queries, complaints, and grievances, and ensure efficient resolution of issues.

To send transactional communications such as order confirmations, shipping updates, delivery notifications, and service-related messages.

To prevent fraudulent transactions, unauthorized access, or misuse of the Website.

To improve our products, services, website functionality, and user experience through analytics and research.

To send promotional or marketing communications, where consent has been provided.

5. LEGAL BASIS FOR PROCESSING

The Company processes personal data on one or more of the following legal grounds:

On the basis of consent provided by the user at the time of data submission.

For the performance of a contract, including order processing and delivery obligations.

For compliance with legal obligations under applicable laws.

For legitimate business interests, including fraud prevention, service improvement, and operational efficiency.

6. DATA SHARING AND DISCLOSURE

The Company may share personal data with third parties strictly on a need-to-know basis and for lawful purposes.

Such third parties may include logistics service providers, payment gateway providers, technology service providers, cloud hosting partners, analytics providers, and government authorities where required by law.

The Company ensures that such third parties are bound by appropriate confidentiality and data protection obligations.

Under no circumstances does the Company sell or rent personal data to third parties.

7. DATA RETENTION

The Company retains personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law.

Financial and transaction records are retained for a minimum period of seven (7) years in accordance with applicable GST laws.

Account-related data is retained until the user requests deletion or the account becomes inactive for a prolonged period.

8. DATA SECURITY

The Company adopts reasonable security practices and procedures to protect personal data against unauthorized access, disclosure, alteration, or destruction.

These measures include encryption technologies, secure servers, restricted access controls, and periodic security reviews.

However, the user acknowledges that no method of transmission over the internet or method of electronic storage is completely secure, and the Company cannot guarantee absolute security.

9. USER RIGHTS

In accordance with applicable laws, users have the right to access their personal data, request correction of inaccuracies, withdraw consent, request deletion of personal data, and seek grievance redressal.

Users may exercise these rights by contacting the Company at: privacy@midaura.in

10. CHILDREN’S PRIVACY

The Website is not intended for individuals below the age of 18 years. The Company does not knowingly collect personal data from minors.

11. UPDATES TO POLICY

The Company reserves the right to modify or update this Policy at any time. Any changes shall be effective immediately upon posting on the Website.

12. GRIEVANCE REDRESSAL

In accordance with applicable laws, users may raise grievances relating to data processing. The Company shall endeavor to resolve such grievances within a reasonable time, not exceeding thirty (30) days.

Contact: privacy@midaura.in