This privacy policy (the “Privacy Policy”), describes Petal & Mist’s policies and procedures on the collection, use and disclosure of the information provided by Users and Visitors (as defined herein below) of the Platforms. Petal & Mist shall not use the User’s information in any manner except as provided under this Privacy Policy. Every User who accesses or uses the Platforms shall be bound by this Privacy Policy. Our website uses encryption technology, like Secure Sockets Layer (SSL), to protect your personal information during data transport. SSL encrypts ordering information such as your name, address, and credit card number. Our Customer Care centre and stores also operate over a private, secure network. Please note that email is not encrypted and is not considered to be a secure means of transmitting credit card information.
2.1. This Privacy Policy is published pursuant to:
2.1.1. Section 43A of the Information Technology Act, 2000;
3.1.2. Regulation 4 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011 (“SPI Rules”); and
3.1.3. Regulation 3(1) of the Information Technology (Intermediaries Guidelines) Rules, 2011.
3.2. This Privacy Policy sets out the type of information collected from the Users, including the nature of the sensitive personal data
or information, the purpose, means and modes of usage of such information and how and to whom Petal & Mist shall disclose such information.
As we continue to develop the website and take advantage of advances in technology to improve the services we offer,
this privacy policy likely will change. We therefore encourage you to refer to this policy on an ongoing basis
so that you understand our current privacy policy.
3.1. In accordance with the SPI Rules, any sensitive personal data or information of a person means and includes such personal information about that person relating to:
3.1.1. Passwords;
3.1.2. Financial information such as bank accounts, credit and debit card details or other payment instrument details;
3.1.3. Physical, physiological and mental health condition;
3.1.4. Sexual orientation;
3.1.5. Medical records and history;
3.1.6. Biometric information; and
3.1.7. Information received by body corporates under lawful contract or otherwise.
3.2. Certain information provided by Users may allow for personal identification of the Users, including email addresses, telephone numbers and other contact information.
3.3. It may be noted that any information that is freely available in the public domain or accessible under the Right to Information Act, 2005, or any other law will not be regarded as sensitive personal data or information, or as personally identifiable information.