At Biodale, we respect your privacy and are committed to protecting the personal data you share with us. This Privacy Policy explains how personal data is collected, used, stored, disclosed, transferred, and safeguarded when you interact with our websites, products, services, communications, and digital platforms (collectively, the “Services”).

By accessing or using our Services, you acknowledge that you have read, understood, and agreed to the practices described in this Privacy Policy.

1. SCOPE & APPLICABILITY

This Privacy Policy applies to:

●       Visitors to our websites and digital platforms

●       Customers purchasing Biodale products

●       Individuals engaging with our communications, campaigns, or customer support

●       Users accessing our Services from any geographic location

This Policy applies to personal data collected:

●       Online or offline

●       Directly from you or through lawful third-party sources

●       Through websites, marketplaces, social media platforms, electronic communications, and customer interactions

This Policy does not apply to third-party websites, platforms, or services that are not owned or controlled by us.

2. PERSONAL DATA WE COLLECT

2.1 Information You Provide Directly

●       Name

●       Email address

●       Phone number (including WhatsApp-enabled contact numbers)

●       Shipping and billing address

●       Account credentials

●       Communications exchanged via email, WhatsApp, or other electronic messaging channels

●       Queries, correspondence, or customer support interactions

●       Reviews, testimonials, feedback, surveys, and form submissions

2.2 Information Collected Automatically

●       IP address

●       Device identifiers and network information

●       Browser type, language, and operating system

●       Usage data, interaction logs, and timestamps

●       Cookies, pixels, SDKs, and similar technologies

●       Approximate geographic location

2.3 Information from Third Parties

●       Payment service providers (limited transactional metadata only)

●       Logistics and fulfillment partners

●       Marketing, analytics, and advertising partners

●       Marketplace platforms and social media channels

●       Publicly available or lawfully obtained sources

3. PAYMENT-RELATED PERSONAL DATA

We do not collect, store, or process sensitive financial information such as credit card numbers, debit card details, UPI credentials, or bank account information.

Payments are processed by third-party payment service providers. We may receive limited transactional information, such as transaction reference numbers, payment status, timestamps, and order identifier,s strictly for reconciliation, record-keeping, compliance, fraud prevention, and customer support purposes.

4. PURPOSES OF PROCESSING

We process personal data for the following purposes:

●       Providing and delivering our Services

●       Processing and fulfilling orders

●       Managing customer accounts

●       Responding to inquiries, requests, and communications

●       Improving products, Services, and user experience

●       Marketing, promotions, and brand communications (subject to consent)

●       Analytics, research, and performance measurement

●       Fraud detection, misuse prevention, and security monitoring

●       Compliance with legal, regulatory, and contractual obligations

●       Internal business operations, audits, and reporting

We will only send promotional messages via email, WhatsApp, SMS, or other electronic channels after you have explicitly opted in. You may withdraw consent at any time by following the unsubscribe instructions in the message or by contacting us at contact@essereal.com.

Transactional or service-related communications (such as order confirmations or account notices) will be sent irrespective of marketing preferences, as they are necessary to provide our Services.

Personal data shall not be processed in a manner incompatible with the purposes for which it was collected, except as permitted under applicable law.

5. LEGAL BASIS FOR PROCESSING

Personal data is processed based on one or more of the following lawful bases:

●       Your consent

●       Deemed consent, where permitted under applicable law

●       Performance of a contract

●       Compliance with legal obligations

●       Legitimate business interests, where permitted by law

We may maintain records of consent, withdrawal of consent, and related communications for internal business purposes consistent with this Privacy Policy and as required under applicable law. Consent may be withdrawn at any time, subject to applicable legal, regulatory, and operational requirements.

6. COOKIES & TRACKING TECHNOLOGIES

We use cookies, pixels, and similar technologies (“Cookies”) on our Services to make the website function properly, understand usage patterns, and deliver relevant content and marketing. Cookies may be placed by us or by trusted third-party service providers acting on our behalf or by us.

Types of Cookies We Use:
Essential / Functional Cookies: Required for basic website functions such as login, shopping cart, and security. These cookies are necessary for the Services to work and are set automatically.
Analytics Cookies: Help us understand how visitors interact with our Services so we can improve content, functionality, and performance. Examples include Google Analytics cookies.
Marketing / Advertising Cookies: Used to deliver personalized ads, track campaign performance, and measure engagement. Examples include Facebook Pixel or Google Ads cookies.
Preference Cookies: Remember user preferences such as language or display settings to provide a smoother experience.

Managing Cookies:
You can control, manage, or delete cookies through your browser or device settings. Disabling non-essential cookies may affect certain features of our Services.

 

Consent:
Where required by law, non-essential cookies (analytics, marketing, and preference cookies) are only placed after you provide consent. You may withdraw consent at any time by updating your cookie preferences through our website or your browser settings.

Third-Party Cookies:
Some Cookies may be set by third-party providers for analytics, marketing, or social media features. We recommend reviewing the privacy policies of these third parties to understand their data collection and usage practices, including but not limited to: Google Analytics and Facebook Pixel

Do Not Track (DNT):
Some browsers may send a “Do Not Track” signal. As industry standards are evolving, our Services may not fully respond to DNT signals.

7. SHARING & DISCLOSURE OF PERSONAL DATA

We may share personal data with:

●       Service providers and vendors acting on our behalf

●       Payment processors (limited to necessary transactional metadata)

●       Logistics, IT, hosting, analytics, and marketing partners

●       Professional advisors such as legal, financial, and compliance consultants

●       Government, regulatory, or law-enforcement authorities, where required by law

●       Successor entities in the event of a merger, acquisition, restructuring, or asset transfer

We do not sell personal data.

All third-party processors are required to process personal data only in accordance with our instructions and applicable law. We are not responsible for the privacy practices of third parties acting outside our contractual scope or independent platforms accessed through our Services.

8. INTERNATIONAL DATA TRANSFERS

Personal data may be transferred to, stored, or processed in India or other countries outside your country of residence. We ensure that appropriate technical, contractual, and organizational safeguards are in place in accordance with applicable law to protect your personal data during such transfers.

9. DATA RETENTION

We retain personal data only for as long as necessary to:

●       Fulfil the purposes outlined in this Policy

●       Comply with legal, regulatory, accounting, or reporting requirements

●       Protect legitimate business interests

When no longer required, personal data is securely deleted, anonymized, or irreversibly de-identified.

10. DATA SECURITY

We implement reasonable technical and organizational measures to protect personal data, including:

●       Access controls and role-based permissions

●       Secure systems and infrastructure

●       Network monitoring and safeguards

●       Confidentiality obligations for employees and partners

While we strive to protect personal data, no system is completely secure. You acknowledge and accept the inherent risks associated with electronic transmission and storage.

11. DATA ACCURACY & USER RESPONSIBILITY

You are responsible for ensuring that the personal data you provide is accurate, complete, and up to date. We shall not be responsible for inaccuracies arising from information provided by you.

12. AUTOMATED PROCESSING

We may use automated systems for certain processing activities such as analytics, fraud prevention, or service optimization. Such processing does not produce legal or similarly significant effects on individuals, unless permitted by applicable law.

13. CHILDREN’S PRIVACY

Our Services are not intended for individuals under 18. We do not knowingly collect personal data from minors. If any personal data of a minor is identified, it will be deleted promptly. Parents or legal guardians may request deletion of any personal data provided by their child by contacting us at contact@essereal.com

14. YOUR RIGHTS

Subject to applicable laws, you may have the right to:

●       Access personal data

●       Correct or update inaccurate data

●       Withdraw consent

●       Request deletion or restriction of processing

●       Nominate another individual, where legally permitted

●       Opt out of marketing communications

●       Lodge a grievance or complaint

The availability of these rights may vary based on applicable law and the nature of the data processed. Requests may be submitted to contact@essereal.com. We will respond to such requests within reasonable timeframes as prescribed under applicable law.

15. GRIEVANCE REDRESSAL

If you have concerns regarding the processing of your personal data, you may contact:

Grievance Officer
Essereal Consumer Products LLP
Email: contact@essereal.com

You may also approach the Data Protection Board of India or other competent authorities, as applicable.

16. THIRD-PARTY LINKS

Our Services may contain links to third-party websites or platforms. We are not responsible for their privacy practices, content, or policies.

17. SEVERABILITY

If any provision of this Privacy Policy is held to be invalid or unenforceable, the remaining provisions shall remain in full force and effect.

18. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in law, technology, or business practices. The updated version will be indicated by a revised “Last Updated” date. Continued use of the Services constitutes acceptance of the revised Policy.

19. LEGAL ENTITY & DATA CONTROLLER

Biodale is a brand operated under exclusive license by:
Essereal Consumer Products LLP
C-802, The First, Vastrapur
Ahmedabad – 380015, Gujarat, India
Email: contact@essereal.com

Essereal Consumer Products LLP acts as the Data Fiduciary / Data Controller under applicable data protection laws.

20. GOVERNING LAW & JURISDICTION

This Privacy Policy, and any disputes arising out of or in connection with it, shall be governed by and construed in accordance with the laws of India, without regard to its conflict of laws principles. Before initiating any legal proceedings, the parties agree to first attempt to resolve disputes, claims, or controversies through good-faith negotiation.

All disputes shall be subject to the exclusive jurisdiction of the courts in Ahmedabad, Gujarat, India, and you hereby submit to the personal jurisdiction of such courts.

Use of our Services from outside India shall also be subject to the laws of India, to the extent permitted by applicable local laws.