PRIVACY POLICY

1. Introduction

247 Cut Bend (A Rishi Laser Enterprise) (“we,” “us,” “our,” or “Company”) is committed to protecting your privacy and handling your personal information with transparency, integrity, and care. This Privacy Policy explains how we collect, use, disclose, store, and protect your personal data when you access or use our website at https://app.247cutbend.in/login (“Platform”) or engage with our services.

This Policy is published in compliance with the Information Technology Act, 2000 (“IT Act”), the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (“SPDI Rules”), and the Consumer Protection (E-Commerce) Rules, 2020. We are also mindful of India’s evolving data protection landscape under the Digital Personal Data Protection Act, 2023 (“DPDP Act”) and will update this Policy as applicable rules are notified.

By using the Platform, you consent to the collection and use of your information as described in this Privacy Policy. If you do not agree, please discontinue use of the Platform.

2. Data We Collect

 
2.1 Information You Provide Directly
  • Identity Information: Full name, company name (for B2B), job title, and designation.
  • Contact Information: Email address, phone number, and billing/delivery address.
  • Account Information: Username, password (stored in encrypted form), and account preferences.
  • Order Information: RFQ details, design files, specifications, order history, and communication records.
  • Payment Information: Transaction reference numbers, payment method type. Note: We do not store full credit/debit card numbers. Payment processing is handled by PCI-DSS compliant third-party payment gateways.
  • Communication Data: Queries, feedback, and correspondence submitted via contact forms, email, or support channels.
2.2 Information Collected Automatically
  • Device and Technical Data: IP address, browser type and version, operating system, device identifiers, and screen resolution.
  • Usage Data: Pages visited, time spent on the Platform, links clicked, file upload activity, and referring URLs.
  • Cookie Data: Session cookies, preference cookies, and analytics cookies (see Section 7).
2.3 Information from Third Parties

We may receive information about you from third-party sources such as payment gateways, logistics partners, and business verification services, which we combine with information we already hold to improve service delivery and prevent fraud.

3. How We Use Your Data

We use your personal information for the following purposes, which constitute lawful bases under applicable Indian data protection law:

  • Order Fulfilment: To process RFQs, confirm orders, manufacture and dispatch products, and communicate order status updates.
  • Account Management: To create and manage your user account, authenticate your identity, and enable access to our services.
  • Payments and Invoicing: To process payments, issue GST-compliant invoices, and manage refunds where applicable.
  • Customer Support: To respond to your queries, complaints, and refund or rework requests.
  • Service Improvement: To analyse usage patterns, improve Platform functionality, and develop new features.
  • Marketing and Communication: To send you order confirmations, service updates, promotional offers, and newsletters. You may opt out of marketing communications at any time.
  • Legal and Regulatory Compliance: To fulfil obligations under the IT Act, GST laws, and other applicable Indian regulations, including responding to lawful government or court requests.
  • Fraud Prevention and Security: To detect and prevent fraudulent transactions, unauthorised access, and other security threats.

4. Sensitive Personal Data or Information (SPDI)

Under the SPDI Rules, certain categories of data are treated as sensitive, including financial information (such as bank account or payment card details) and passwords. 247 Cut Bend collects such data only to the extent necessary for order and payment processing, obtains your explicit consent before collection, and implements reasonable security practices for its protection. We do not collect biometric data, health information, or data related to sexual orientation.

5. Sharing Your Data with Third Parties

We do not sell, rent, or trade your personal information to third parties for their own marketing purposes. We share your data only in the following circumstances:

  • Service Providers: With trusted third-party vendors who assist in operating the Platform and delivering services, including payment gateways, logistics and courier partners, cloud hosting providers, email service providers, and analytics platforms. These parties are contractually bound to handle data securely and solely for the purposes for which it was shared.
  • Legal Requirements: Where required by applicable law, court order, or government authority, including the Enforcement Directorate, Serious Fraud Investigation Office, or other regulatory bodies.
  • Business Transfers: In connection with a merger, acquisition, restructuring, or sale of assets, in which case your data may be transferred to the succeeding entity, subject to the same privacy protections.
  • Consent-Based Sharing: Where you have provided explicit consent for a specific sharing purpose.

6. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes for which it was collected, including:

  • Account Data: For the duration of your account’s active status, plus 5 years after closure, as required for legal and audit compliance.
  • Order and Financial Records: A minimum of eight (8) years, as required under the Income Tax Act, 1961, and GST laws.
  • Communication Records: Up to three (3) years from the date of last interaction.

Upon expiry of the applicable retention period, we will securely delete or anonymise your personal data.

7. Cookies and Tracking Technologies

Our Platform uses cookies and similar tracking technologies to enhance your experience. The types of cookies we use include:

  • Essential Cookies: Necessary for the Platform to function correctly (e.g., session management, login authentication). These cannot be disabled.
  • Preference Cookies: Remember your language, region, and other customisation settings.
  • Analytics Cookies: Collect aggregated, anonymised data about how visitors use the Platform (e.g., Google Analytics). This helps us improve content and navigation.
  • Marketing Cookies: Used to deliver relevant promotional content. These are only set with your consent.

You can manage or disable non-essential cookies through your browser settings or via the cookie preference centre on our Platform. Note that disabling certain cookies may affect Platform functionality.

8. Data Security

247 Cut Bend implements reasonable technical and organisational security measures to protect your personal data from unauthorised access, disclosure, alteration, or destruction. These include:

  • SSL/TLS encryption for all data transmitted between your browser and our servers.
  • Encrypted storage of passwords and sensitive credentials.
  • Access controls and role-based permissions for internal data access.
  • Regular security audits and vulnerability assessments.

Notwithstanding these measures, no data transmission over the internet or method of electronic storage is 100% secure. In the event of a personal data breach that poses a risk to your rights and interests, we will notify you and the relevant authorities in accordance with applicable law.

9. Your Rights

Subject to applicable Indian law, you have the following rights with respect to your personal data:

  • Right to Access: Request a copy of the personal data we hold about you.
  • Right to Correction: Request correction of inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your personal data, subject to legal retention obligations.
  • Right to Withdraw Consent: Withdraw consent for data processing at any time, where processing is based on consent. Withdrawal does not affect the lawfulness of prior processing.
  • Right to Grievance Redressal: Lodge a complaint about our data practices.

To exercise any of these rights, please contact our Data Grievance Officer at sales@247cutbend.in. We will acknowledge your request within 48 hours and resolve it within thirty (30) days, as required under the DPDP Act framework.

10. Cross-Border Data Transfers

Our primary data hosting is within India. Where data is transferred outside India (e.g., through cloud infrastructure or analytics tools), we ensure such transfers comply with applicable Indian data protection laws and that adequate safeguards are in place.

11. Children’s Privacy

The Platform is not directed at children under the age of 18. We do not knowingly collect personal data from minors. If we become aware that a minor has provided us personal data without verifiable parental consent, we will take steps to delete such information promptly. If you believe a child has provided us data, please contact us at sales@247cutbend.in.

12. Third-Party Websites

Our Platform may contain links to third-party websites. This Privacy Policy does not apply to those websites, and we encourage you to review the privacy policies of any third-party sites you visit. 247 Cut Bend is not responsible for the data practices of such third-party websites.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or applicable law. Material changes will be communicated to you via email or a prominent notice on the Platform. The revised Policy will become effective upon posting. Your continued use of the Platform constitutes acceptance of the updated Policy.

14. Grievance Officer (Data)

In accordance with the Information Technology Act, 2000 and SPDI Rules, 2011, the details of our Grievance Officer are:

Grievances will be addressed within one (1) month of receipt, in accordance with applicable law.