Privacy Policy

Privacy Policy

Effective Date: May 2026

Website: www.ekitara.com

Parent Entity: Shri Hari Supplies, Ahmedabad, Gujarat, India

At ekitara.com, owned and operated entirely by Shri Hari Supplies ("we", "us", "our"), we respect the privacy of our business clients, institutional administrative procurement teams, and platform visitors ("you", "your"). This Privacy Policy outlines comprehensively how we collect, receive, store, process, use, and safeguard personal and organizational data in absolute accordance with the Digital Personal Data Protection (DPDP) Act, 2023, the Information Technology Act, 2000, and associated Indian IT rules.

By creating a corporate account, utilizing our platform, or procuring stationery, housekeeping, and pantry supplies from us, you explicitly consent to the data collection and processing methods outlined herein.

1. Data We Collect and Receive

Because we handle direct B2B corporate provisioning and logistics rather than acting as a marketplace intermediary, we collect data strictly required to authorize, invoice, and fulfill physical supply shipments.

  • Corporate Account & Contact Information: Legal name of the business entity, authorized procurement manager/admin name, official company email address, primary and secondary telephone numbers, and corporate physical shipping addresses.

  • Statutory Taxation Data: Your organization’s verified Goods and Services Tax Identification Number (GSTIN), PAN details, and corporate billing coordinates required for issuing legal tax-deductible invoices.

  • Transactional Information: Records of historical purchases, paper volume selections, custom corporate gifting specifications, automated replenishment schedules, and customer service communication interactions.

  • Non-Stored Secure Payment Data: Payment details (Netbanking, Corporate Credit Cards, UPI credentials) are captured securely by our PCI-DSS compliant third-party payment gateways. Shri Hari Supplies does not store your credit card numbers, bank passwords, or UPI PINs on our local servers.

  • Automated System Analytics: Technical data including your device’s IP address, browser type, regional time-zone parameters, network service logs, and interaction trails within ekitara.com to continuously optimize platform loading speeds.

2. Legal Grounds and Methods of Data Processing

We process personal and organizational data only under valid, lawful frameworks permitted under the DPDP Act, 2023:

  1. Consent: Where you explicitly provide data during corporate registration or communication.

  2. Performance of Contract: To seamlessly finalize bulk orders, coordinate physical fleet logistics, map out delivery PIN codes, and execute delivery hand-offs.

  3. Legal Obligation: Maintaining mandatory accounting ledgers, transaction records, and tax documentation as mandated by the Central Goods and Services Tax (CGST) Act, 2017 and the Ministry of Corporate Affairs (MCA).

3. How We Use Your Information

We use the gathered information strictly for direct, operational business purposes. We do not sell, rent, or lease your corporate or personal data to third-party data brokers or external marketing aggregators. * Processing, fulfilling, and directly shipping your bulk orders.

  • Generating GST-compliant business invoices allowing your finance wing to claim Input Tax Credits (ITC).

  • Conducting backend PIN code database verification checks to confirm logistical serviceability before order confirmation.

  • Automating your custom office replenishment cycles so your workplace operations run uninterrupted.

  • Sending important transactional updates, delivery alerts, tracking metrics, or system-wide service announcements via email, WhatsApp, or SMS.

4. Data Sharing and Third-Party Disclosures

Data is shared exclusively on a secure, restricted, need-to-know basis with trusted partners essential to our operational chain:

  • Logistics & Fleet Partners: Providing shipping addresses and site contact information to delivery drivers to enable gate access at your office, factory, hospital, or housing society.

  • Payment Infrastructure Providers: Sharing order financial values with encrypted payment gateways to process transactions.

  • Legal & Statutory Entities: Disclosing transaction logs to tax authorities or judicial bodies exclusively when required by a governing court order or statutory Indian audit process.

5. Data Retention Safeguards

We retain your personal data and corporate logs only for as long as necessary to provide seamless recurring supply services or to satisfy binding legal and fiscal audit requirements. For instance, invoice tracking data and transaction histories containing GSTIN entries must be preserved for minimum statutory periods required under Indian tax laws, even if a user requests early profile closure.

6. Your Rights Under the DPDP Act, 2023

As a data principal in India, you hold clear administrative controls over your personal information. You can exercise these rights by sending a verified request to our dedicated Grievance Officer:

  • Right to Access and Review: Request an itemized overview of the specific personal or corporate data fields we hold about your profile.

  • Right to Correction/Erasure: Direct us to correct inaccurate, obsolete, or incomplete contact information, or request data erasure (subject to legal/tax record retention limitations).

  • Right to Withdraw Consent: Revoke your consent for optional processing streams (such as newsletter updates). Note that withdrawing core operational consent may prevent us from accepting or delivering subsequent supply orders.

7. Security Architecture

Shri Hari Supplies adopts robust technical, physical, and administrative cybersecurity safeguards—including Secure Sockets Layer (SSL) encryption protocols, firewalls, and strict role-based data access controls—to insulate your information from accidental data leakage, unauthorized modifications, or external access breaches. However, since no web-based system is entirely risk-free, users acknowledge that they utilize the portal at their own calculated discretion.

8. Statutory Grievance Redressal Mechanism

In compliance with the Information Technology Act, 2000 and the DPDP Act, 2023, we have appointed a dedicated Grievance Officer to address data compliance queries, data correction requests, or structural privacy issues.

  • Designated Grievance Authority: Privacy Compliance Desk

  • Parent Identity: Shri Hari Supplies, Ahmedabad, Gujarat

  • Official Communication Email: sales@ekitara.com

9. Updates to this Privacy Policy

Shri Hari Supplies reserves the right to refresh, amend, or modify this Privacy Policy dynamically to accommodate new logistical formats, platform functionalities, or changing national legal frameworks. Every updated iteration will feature a revised "Last Updated" timestamp at the top of this layout. Continued engagement with our services indicates systematic acceptance of the newly updated clauses.