Privacy Policy
1.1 Scope
This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit or make a purchase from dropleo.shop. It complies with Indian data-protection laws (including the forthcoming Digital Personal Data Protection Act 2023), the EU GDPR (for EU visitors), the UK DPA 2018, and Google Ads requirements for data collection and personalised advertising.
1.2 Information We Collect
| Category | Examples | Legal Basis (GDPR) |
|---|---|---|
| Identity Data | Name, billing/delivery address, email, mobile no. | Contractual necessity |
| Transaction Data | Products ordered, order value, payment mode (Cash-on-Delivery only), returns | Contractual necessity |
| Marketing Data | Opt-in preferences, survey responses | Consent |
| Ad Interaction Data | Google Ads click identifiers, remarketing cookies (e.g., gcl, ga, ads/ga-audiences) | Consent, legitimate interests |
We do not knowingly collect sensitive personal data (medical, biometric, financial account numbers) nor data from children under 13 years of age.
1.3 How We Use Your Information
We use your personal data to:
-
Process and deliver your orders and returns.
-
Communicate order updates, account-related notices, and marketing offers (with opt-out option).
-
Detect and prevent fraud or misuse.
-
Improve the Site, products, and customer experience via analytics.
-
Serve personalised or non-personalised Google Ads (see § 1.6).
-
Share your delivery details (such as name, address, and phone number) with our trusted fulfillment and shipping partners, including Roposo Clout, solely for the purpose of processing and delivering your orders.
1.4 Cookies & Similar Technologies
We use first-party and third-party cookies, pixels, and local-storage objects. On your first visit, you will see a cookie banner where you can consent or manage settings. Essential cookies are always active for security and core functionality.
We also use Google Ads tracking technologies (such as Google click IDs, remarketing pixels, and conversion tags) to measure campaign performance and improve ad relevance. You can control cookie preferences at any time via the cookie banner.
1.5 Data Retention & Security
We retain personal data only as long as needed for the purposes above or as required by law (e.g., Indian tax laws mandate 8 years).
Data are encrypted in transit using HTTPS (TLS 1.2+) and also at rest.
Access is role-based and logged. We employ regular penetration tests, firewall protections, and malware monitoring.
1.6 Google Ads & Remarketing
We use Google Ads to serve relevant advertisements. This may involve using cookies or pixel tags to track user interactions and show remarketing ads based on prior visits to our site. You can control this via your Google Ads Settings or by using third-party opt-out tools like NAI Opt-Out.
1.7 Your Rights
Depending on your jurisdiction, you may have the right to access, correct, delete, port, or restrict processing of your personal data, and to withdraw consent at any time.
To exercise these rights, please email privacy@dropleo.shop.
We respond within 15 days (India) or as required by local law.
This policy is reviewed regularly to remain compliant with Google Ads and global privacy laws.