Privacy Policy

Last updated: June 1, 2025

Compliance and Data Protection

At RusticHiveDecor, we are committed to ensuring full compliance with all applicable laws and regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We prioritize the protection of your data and privacy, implementing industry-standard security measures to safeguard your personal information.

Our compliance framework is regularly reviewed and updated to reflect evolving legal requirements and industry best practices. We maintain documentation of our data processing activities and have implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risk.

We conduct regular privacy impact assessments for high-risk processing activities and maintain records of processing activities as required by applicable law. All employees and contractors receive data protection training appropriate to their role and responsibilities.

Data Collection and Usage

We collect, store, and process personal information strictly in accordance with legal requirements and ethical standards. Our data-handling practices are regularly reviewed to maintain compliance with evolving regulations and industry best practices.

Types of Data Collected

We may collect the following types of personal information:

  • Contact Information: Name, email address, phone number, shipping/billing address
  • Account Information: Username, password (hashed), preferences
  • Payment Information: Credit card details (processed securely via PCI-compliant processors)
  • Technical Data: IP address, browser type, device information
  • Usage Data: Website interaction data, purchase history
  • Communications: Records of correspondence, survey responses

Purposes of Processing

We process personal data for the following lawful purposes:

  • To fulfill contracts and process orders
  • To provide customer support and service
  • To improve our products and services
  • To send marketing communications (with consent)
  • To prevent fraud and ensure security
  • To comply with legal obligations

We never sell personal data to third parties. Data is only shared with service providers under strict contractual obligations that ensure equivalent protection of your information.

Data Retention and Security

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. Our retention periods are based on business needs and legal requirements.

We implement appropriate technical and organizational security measures designed to protect the security of any personal information we process. These measures include:

  • Encryption of data in transit and at rest
  • Regular security testing and vulnerability assessments
  • Access controls and least privilege principles
  • Secure development practices
  • Incident response plans

While we strive to use commercially acceptable means to protect your personal information, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security but commit to promptly notifying you and applicable regulators of any data breach as required by law.

Transparency and Accountability

Transparency is at the core of our operations. We clearly outline how your data is collected, used, and stored. Our policies reflect our ongoing efforts to maintain compliance and accountability.

We maintain records of processing activities and conduct regular audits to ensure compliance with our stated policies. Our Data Protection Officer oversees our privacy program and serves as a point of contact for data protection authorities.

We implement privacy by design and by default in all new systems and processes. Before implementing new technologies or processing activities that may impact privacy, we conduct thorough assessments to identify and mitigate risks.

User Rights and Choices

As part of our commitment to compliance, we respect your rights to access, update, and delete your personal information. Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right to Access: Request copies of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion under certain circumstances
  • Right to Restriction: Request limitation of processing
  • Right to Data Portability: Request transfer of your data
  • Right to Object: Object to certain processing activities
  • Right to Withdraw Consent: Where processing is based on consent

To exercise these rights or for any privacy-related inquiries, please contact us at . We will respond to all legitimate requests within one month, though this period may be extended for complex requests.

You may also lodge a complaint with a supervisory authority if you believe our processing of your personal data infringes applicable data protection laws.

International Data Transfers

As an India-based company, most of our data processing occurs within India. However, we may transfer personal data to countries outside your jurisdiction when necessary for our service providers. In such cases, we ensure appropriate safeguards are in place, such as:

  • Processing in countries with adequacy decisions
  • Standard contractual clauses
  • Binding corporate rules
  • Other legally accepted mechanisms

You may request information about the specific safeguards applied to your data by contacting us at the email address above.

Policy Updates

We may update this Privacy Policy from time to time in response to changing legal, technical, or business developments. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make.

We will obtain your consent to any material Privacy Policy changes if and where this is required by applicable data protection laws. You can see when this Privacy Policy was last updated by checking the "last updated" date displayed at the top of this policy.

We encourage you to review this Privacy Policy periodically to stay informed about our information practices and the choices available to you.