Privacy policy

Effective Date: (Date of Publication: Dec 2025) (Last Updated: 3-Dec-2025)

1. Introduction and Applicability

This Privacy Policy describes how Roro Publications LLP ("Company," "we," "us," or "our"), a company registered in India, collects, uses, protects, and discloses your personal data when you visit and use our online store, www.rorobooks.in (the "Site").

This policy is compliant with applicable Indian laws, including the Digital Personal Data Protection (DPDP) Act, 2023.

Jurisdiction Limitation: This store is intended solely for customers residing within the territory of India, and all personal data collected is processed and stored within the Republic of India, or in jurisdictions approved by the Government of India.

2. Data Principal and Consent

Under the DPDP Act, the user to whom the personal data relates is the Data Principal.

  • Consent: By accessing the Site, placing an order, or registering an account, you provide your free, specific, informed, and unambiguous consent for us to process your personal data for the specified purposes outlined in this policy.
  • Withdrawal of Consent: You have the right to withdraw your consent at any time. The process for withdrawal is outlined in Section 7.

3. Special Provisions for Children's Data (Crucial)

Our online store sells children's books. However, our services are intended for use and purchase by adults (parents, guardians, or teachers) who are 18 years of age or older.

We treat all personal data collected through transactions as data provided by a Parent or Lawful Guardian on behalf of or for the benefit of a child.

We adhere strictly to the following obligations under the DPDP Act:

  1. No Direct Collection from Children: We do not knowingly collect personal data directly from individuals under the age of 18 without the verifiable consent of the parent or lawful guardian. If you are under 18, you must use the Site only under the supervision of a parent or guardian.
  2. Verifiable Parental Consent: By completing a purchase or creating an account, you warrant that you are the child's parent or lawful guardian and provide verifiable consent for us to process the personal data necessary for the transaction.
  3. Prohibition on Targeted Activities: We do not engage in any tracking, behavioural monitoring, or targeted advertising directed at children.

4. Personal Data We Collect

We only collect Personal Data that is necessary for the specified purposes of selling and delivering books. This may include:

Category of Data

Examples of Data Collected

Purpose of Collection (The 'Specified Purpose')

Identity Data

Name, Gender (optional), Date of Birth (optional).

To manage your account and personalize communication.

Contact Data

Shipping Address, Billing Address, Email Address, Phone Number.

To fulfill and deliver your book orders.

Transaction Data

Order details (books purchased), payment history (excluding full card details).

To process payments, manage returns, and maintain commercial records.

Technical Data

IP address, browser type, operating system, time zone, referral source.

To maintain the security and functionality of the Site.

Usage Data

Browsing history, pages viewed, time spent on site, and purchase preferences.

To analyze store traffic, troubleshoot issues, and improve the shopping experience.

Note on Payment Data: We do not store or process your full credit card or banking details. All sensitive payment information is handled directly by secure, authorized payment gateways (e.g., Razorpay, PayU, or banks) that are themselves DPDP-compliant.

5. How We Use (Process) Your Information

Your personal data is processed exclusively for the following specified purposes:

  • Order Fulfilment: To process your payment, confirm your order, and dispatch the books to the provided shipping address.
  • Customer Service: To respond to your queries, resolve transaction issues, and manage refunds/returns.
  • Communication: To send you transactional updates (order confirmation, shipment tracking) via email and SMS.
  • Marketing (Optional): If you have provided explicit consent, to send non-targeted updates about new books, offers, or events.
  • Legal Compliance: To comply with legal obligations, enforce our Terms of Use, or respond to lawful requests from Indian government and law enforcement authorities.

6. Disclosure and Sharing of Personal Data

We only share your data with third parties (known as Data Processors) when strictly necessary to fulfil our services, and under contractual obligations to protect your data.

  1. Delivery Partners (Logistics): We share your Name, Shipping Address, and Phone Number with courier and postal services (e.g., India Post, Delhivery, etc.) to ensure your order reaches you.
  2. Payment Gateways: We share Transaction Data with payment processing service providers to complete secure payments.
  3. Legal Requirements: We may disclose data if required by Indian law, judicial decree, or to protect the rights, property, or safety of the Company or the public.
  4. Data Processors: We use Indian-based service providers for website hosting and email services, who process data only on our instructions.

7. Data Principal Rights and Grievance Redressal

As a Data Principal under the DPDP Act, you have the following rights, which you can exercise by contacting our Grievance Officer (details below):

Your Right

Description

Right to Access

The right to request a summary of your personal data we are processing and the activities involved.

Right to Correction & Completion

The right to request the correction, update, or completion of inaccurate or incomplete personal data.

Right to Erasure

The right to request the deletion of your personal data, subject to any necessary data retention required by Indian law (e.g., financial records).

Right to Withdraw Consent

The right to withdraw your consent to the processing of your personal data, including opting out of marketing communications. Withdrawal of consent may affect our ability to provide certain services.

8. Data Security and Retention

  • Security: We implement reasonable security safeguards, including encryption, access controls, and firewall protections, to prevent unauthorized access, disclosure, alteration, or destruction of your personal data.
  • Retention: We will retain your personal data only for as long as necessary to fulfil the specified purpose for which it was collected, or as required by Indian regulatory and financial laws. Once the data is no longer necessary, it will be securely deleted or anonymized.

9. Grievance Redressal Mechanism

In case of any complaints or queries you may have regarding the processing of your personal data, please write in to contact@rorobooks.in.

We commit to acknowledging and responding to your request or complaint within the time frame stipulated by Indian law.