Privacy Policy
Introduction and Our Commitment
Vaibhav Studios (‘we’, ‘our’, ‘us’, ‘the Studio’), are committed to protecting the privacy and personal data of every visitor and customer on this website (‘Store’). This Privacy Policy explains, in plain language, how we collect, use, store, share, and protect your personal information when you access or make a purchase from our Store.
This policy is drafted in compliance with the Digital Personal Data Protection Act, 2023 (‘DPDP Act’), the Information Technology Act, 2000 (‘IT Act’), the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (‘SPDI Rules’), and the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (‘IT Rules 2021’). By continuing to use this Store, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy.
Who We Are
| Attribute | Information |
|---|---|
| Legal Name | Vaibhav Studios |
| Studio Location | 103-104, Birchwood, Raheja Willows, Akurli Road, Kandivali (E), Mumbai |
| Store Website | www.vaibhavstudios.com |
What Personal Data We Collect
When you visit or transact on our Store, we may collect the following categories of personal data:
Information You Provide Directly
- Full name and billing/shipping address
- Email address and mobile phone number
- Payment information (processed exclusively by PCI-DSS compliant payment gateways we do not store raw card data)
- Account credentials if you register for an account (username, password hash)
- Order details, preferences, and customer support communications
- Feedback, reviews, and survey responses you voluntarily submit
Information Collected Automatically
- IP address, device type, browser type and version
- Pages visited, time spent, and click path on our Store
- Referring website or source (how you arrived at our Store)
- Cookies and similar tracking technologies
Information from Third Parties
- Payment gateway confirmation data (order success/failure status only)
- Logistics partner updates (shipping and delivery status)
- Fraud detection data from our payment processing partners
How We Use Your Personal Data
We collect and process your personal data only for the purposes for which you have given consent or for purposes that are strictly necessary for the fulfilment of your order. These include:
- Processing and fulfilling your merchandise orders
- Sending order confirmations, shipping updates, and delivery notifications
- Providing customer support and resolving grievances
- Processing returns, refunds, and exchanges per our Return Policy
- Sending marketing communications only with your express opt-in consent
- Improving our Store experience through analytics
- Complying with legal obligations, including tax records and government orders
- Detecting, preventing, and investigating fraud and security breaches
Sensitive Personal Data
We do not intentionally collect sensitive personal data such as passwords in plain text, financial account numbers, health data, biometric data, caste, religion, or political opinions. Any financial information shared during checkout is processed directly by our payment gateway partners who maintain independent compliance with applicable data protection standards. We do not receive or store raw payment card details.
Children’s Data
Return of the Jungle is a family film. Our Store may be visited by children or parents purchasing on behalf of children. We take child data protection extremely seriously.
- We do NOT knowingly collect personal data of children (individuals under the age of 18 years) without verifiable parental or guardian consent, as mandated by Section 9 of the Digital Personal Data Protection Act, 2023.
- We do NOT engage in behavioural tracking, profiling, or targeted advertising directed at children.
- If you are a parent or guardian and believe your child has provided us with personal data without your consent, please contact our Grievance Officer immediately (contact details in Section 1.12). We will delete such data without undue delay.
- Our Store does not have any features specifically designed to attract children to submit personal data.
Data Sharing – Who We Share Your Data With
We do not sell, trade, or rent your personal data to any third party for commercial purposes. We may share your data with the following categories of service providers only to the extent necessary:
| Recipient Category | Purpose of Sharing |
|---|---|
| Payment Gateway Providers (e.g., Razorpay, PayU) | Secure processing of your payments |
| Logistics & Courier Partners | Order dispatch, tracking, and delivery |
| IT Infrastructure / Cloud Hosting Providers | Secure hosting of Store data |
| Email / SMS Service Providers | Order confirmations and notifications |
| Analytics Providers | Aggregate, anonymised Store usage analysis |
| Legal / Regulatory Authorities | Compliance with court orders and statutory obligations |
All third-party service providers we engage are contractually bound to process your data only for the specified purpose and to maintain appropriate data security standards. We do not permit them to use your data for their own marketing or commercial purposes.
Cross-Border Data Transfers
Where your personal data is transferred outside the territory of India for instance, to cloud infrastructure providers with servers located abroad such transfers shall be conducted only to countries, territories, or sectors notified by the Central Government as providing an adequate level of data protection, or subject to appropriate contractual safeguards, as required by the DPDP Act 2023 and applicable RBI guidelines for cross-border payment data.
Data Retention
We retain your personal data only for as long as is necessary for the purposes it was collected, or as required by applicable law. Our general retention guidelines are:
| Data Category | Retention Period |
|---|---|
| Order and Transaction Records | 7 years (GST & Income Tax compliance) |
| Customer Account Data | Duration of account + 2 years after closure |
| Customer Support Records | 3 years from last interaction |
| Marketing Consent Records | Until consent is withdrawn + 1 year |
| Server Logs / IP Data | 90 days rolling |
| Payment Transaction Data | As mandated by RBI guidelines |
Data Security
Vaibhav Studios implements reasonable security practices and procedures as required under the IT (SPDI) Rules 2011 and DPDP Act 2023, including:
- SSL/TLS encryption for all data transmitted to and from our Store
- Encrypted storage of passwords — we never store passwords in plain text
- Restricted access to personal data on a need-to-know basis within our team
- Regular security assessments and vulnerability monitoring
- Incident response procedures for data breach situations
Updates to this Policy
We reserve the right to update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by posting a notice on our Store or by email. Your continued use of the Store after any changes constitutes your acceptance of the revised Privacy Policy. We encourage you to review this Policy periodically.