Sign In
LegalEffective: March 2026

Privacy Policy

Digital PDF Online Store — Your Privacy. Our Responsibility.

DPDPA 2023IT Act 2000IT Rules 2011Consumer Protection Act 2019CGST Act 2017
Data Fiduciary:SecureIAM Guides
Governing Law:Republic of India
Privacy Contact:support@secureiam.in
Last Reviewed:March 2026

This Privacy Policy explains how we collect, use, store, share, and protect your personal data when you visit or make a purchase from our Platform. By using this Platform, you consent to the practices described in this Policy.

Section 1

Introduction

Welcome to SecureIAM Guides ("Platform"), an online store selling digital PDF guide products. We are committed to protecting your privacy and handling your personal data with the highest standards of security, transparency, and care.

This Privacy Policy ("Policy") describes how SecureIAM Guides ("We", "Us", "Our", or "Seller") — the Data Fiduciary under the Digital Personal Data Protection Act, 2023 — collects, processes, stores, shares, and protects the personal data of our customers and website visitors ("You", "Your", or "Data Principal").

This Policy is issued in compliance with the following Indian legislation and applicable international standards:

  • Digital Personal Data Protection Act, 2023 (DPDPA)
  • Information Technology Act, 2000 (IT Act)
  • IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
  • Consumer Protection Act, 2019 and Consumer Protection (E-Commerce) Rules, 2020
  • Central Goods and Services Tax Act, 2017 (for financial record requirements)

Section 2

Scope of This Policy

This Policy applies to all personal data we collect through:

  • Your visits to and use of our website at secureiam.in
  • Your registration of an account or subscription to our mailing list
  • Your purchase of any digital PDF product from our Platform
  • Your communication with us via email, contact forms, or support channels
  • Cookies, analytics tools, or tracking technologies deployed on the Platform

Third-Party Sites Not Covered

This Policy does NOT apply to third-party websites linked from our Platform. We are not responsible for the privacy practices of external sites. Please review the privacy policies of any third-party platforms you use.

Section 3

Personal Data We Collect

We collect only the minimum personal data necessary to provide our services, process your orders, and fulfill our legal obligations.

3.1 Data You Provide Directly

Full NameCollected during purchase checkout or account registration to identify you and personalize communications.
Email AddressUsed for order confirmation, product delivery, transactional notifications, and optional marketing communications (with consent).
Billing AddressCollected for invoice generation, GST compliance, and fraud prevention purposes.
Phone NumberCollected optionally for support communications. Not mandatory for purchase.
GSTIN (if provided)Collected when you request a GST-compliant business invoice for your purchase.
Payment InformationWe do NOT store card numbers, CVV, or net banking credentials. Payment data is processed directly by our payment gateway provider.
Support QueriesAny personal details voluntarily shared in emails or support tickets when you contact us.

3.2 Data Collected Automatically

IP AddressLogged automatically when you visit the Platform, used for security monitoring, fraud detection, and analytics.
Browser & Device DataType of browser, operating system, device model, and screen resolution collected for compatibility and analytics.
Pages VisitedWhich pages you accessed, time spent on each page, and navigation path, collected via analytics tools.
Referral SourceThe website, search engine, or link that directed you to our Platform.
Cookies & TrackingSession cookies, preference cookies, and analytics cookies as described in Section 9 of this Policy.
Download ActivityWhether and when you accessed or downloaded a purchased Product, for verification and anti-piracy purposes.

3.3 Data We Do NOT Collect

We Never Collect

Aadhaar numbers, PAN card numbers, passport details, biometric data, health or medical information, precise geolocation data, or any Sensitive Personal Data or Information (SPDI) beyond what is necessary to process payments, unless specifically required and disclosed.

Section 4

How We Use Your Personal Data

We process your personal data only for specific, clear, and lawful purposes:

Process purchase & deliver product

Data: Name, Email, Billing Address, Payment confirmationBasis: Contract performance (Indian Contract Act, 1872; IT Act, 2000 §10A)

Send order confirmation & download link

Data: Name, Email AddressBasis: Contract performance; necessary for service delivery

Generate & issue GST tax invoices

Data: Name, Billing Address, GSTINBasis: Legal obligation (CGST Act, 2017 §31)

Provide customer support

Data: Name, Email, Support query contentBasis: Legitimate interest; Consumer Protection Act, 2019

Fraud detection & platform security

Data: IP Address, Device data, Payment dataBasis: Legitimate interest; IT Act, 2000; RBI guidelines

Send marketing emails (with consent)

Data: Name, Email AddressBasis: Consent (DPDPA 2023; withdrawable at any time)

Analyze traffic & improve Platform

Data: IP Address, Cookies, Page visit dataBasis: Legitimate interest; anonymized where possible

Anti-piracy & license enforcement

Data: Email, Download logs, IP AddressBasis: Legitimate interest; Copyright Act, 1957

We Never Sell Your Data

We do not use your personal data for any purpose not listed above without your prior consent. We never sell, rent, or trade your personal data to any third party for their marketing purposes.

Section 5

How We Share Your Personal Data

5.1 Third-Party Service Providers

Payment Gateway Providers

Razorpay, PhonePe, or similar RBI-regulated processors — to process your payment transaction securely.

Email Delivery Services

Resend or similar ESPs — to deliver transactional and marketing emails with appropriate data processing agreements.

Analytics Providers

Google Analytics or similar — receives anonymized/pseudonymized browsing data for website performance analysis. No PII is shared for analytics.

Cloud Storage / Hosting

Web hosting and file delivery providers — store encrypted Platform data and facilitate product downloads.

5.2 Legal Disclosures

We may disclose your personal data to government authorities, law enforcement agencies, or courts if required by a court order, subpoena, lawful government request, obligations under PMLA 2002 or FEMA, or any other applicable Indian statute. We will, where permissible, notify you before complying.

5.3 Business Transfers

In the event of a merger, acquisition, or sale of our business, your personal data may be transferred to the acquiring entity subject to the same privacy protections. We will notify you via email before your data is transferred.

Section 6

Data Storage, Retention & Security

6.1 Where Your Data Is Stored

Your personal data is primarily stored on servers located in India or on platforms compliant with applicable Indian data localisation requirements. Where data is stored outside India, such transfers occur in compliance with applicable provisions of the DPDPA, 2023 and IT Rules, 2011.

6.2 Data Retention Schedule

Data CategoryRetention Period
Purchase & Transaction Records7 yearsCGST Act, 2017 §36
Customer Support Communications3 yearsFrom date of last correspondence
Marketing Email SubscriptionUntil unsubscribed + 3 yearsSuppression list purposes
Website Analytics Data26 monthsAnonymized/aggregated form
Download Logs (Anti-Piracy)2 yearsFrom purchase date
Account DataUntil deletion + 1 yearLegal/dispute resolution

6.3 Security Measures

🔒 SSL/TLS encryption for all data transmitted
🛡️ Encrypted storage of sensitive data at rest
👤 Restricted access on a need-to-know basis
💳 PCI-DSS certified payment processors — we never store card data
🔍 Regular security assessments and vulnerability monitoring
🗑️ Secure deletion of data upon retention expiry

Data Breach Notification

In the unlikely event of a data breach that poses risk to your rights, we will notify you and appropriate authorities as required under the DPDPA, 2023 and IT Rules, 2011, within the prescribed timelines.

Section 7

Your Rights as a Data Principal

Under the DPDPA, 2023 and other applicable Indian law, you have the following rights. Contact support@secureiam.in to exercise them:

Right to Access

Request a summary of the personal data we hold about you and the purposes for which it is being processed.

Right to Correction

Request correction of any inaccurate, incomplete, or outdated personal data we hold.

Right to Erasure

Request deletion of your personal data where it is no longer necessary, subject to legal retention requirements.

Right to Withdraw Consent

Withdraw consent for marketing communications or any consent-based processing at any time.

Right to Grievance Redressal

Raise a complaint about how we handle your personal data, to be addressed within 30 days.

Right to Nominate

Nominate another individual to exercise your data rights on your behalf in the event of your death or incapacity (DPDPA 2023 right).

Right to Data Portability

Request your personal data in a structured, commonly used, machine-readable format, to the extent technically feasible.

We will respond to all data rights requests within 30 days. Complex requests may require up to 60 days. If not satisfied, you may escalate to the Data Protection Board of India or appropriate Consumer Disputes Redressal Commission.

Section 8

Children's Privacy

Our Platform is intended for use by individuals who are 18 years of age or older. We do not knowingly collect, process, or store personal data from children under the age of 18.

In accordance with Section 9 of the DPDPA, 2023, we will implement age-verification mechanisms and obtain verifiable parental consent before processing any data belonging to a child, if our Platform becomes accessible to minors.

Parent or Guardian?

If you believe your child has provided personal data to our Platform without your consent, please contact us immediately at support@secureiam.in. We will promptly investigate and delete the data if confirmed.

Section 9

Cookies & Tracking Technologies

9.1 What Are Cookies

Cookies are small text files placed on your device by a website when you visit it. They help the Platform remember your preferences and improve your experience.

9.2 Types of Cookies We Use

Essential Cookies

Strictly necessary for the Platform to function. Cannot be disabled. Examples: session cookies, shopping cart cookies, security tokens.

Preference Cookies

Remember your settings and preferences to enhance your experience.

Analytics Cookies

Collect anonymized data about how visitors interact with our Platform via tools like Google Analytics.

Marketing Cookies

Track browsing behavior to show relevant advertisements. Currently: Not used without your explicit consent.

9.3 Managing Cookies

You can control and manage cookies through your browser settings. Disabling essential cookies may impair the functionality of the Platform. Analytics data is collected in aggregated and anonymized form wherever technically feasible.

Section 10

Marketing & Email Communications

Transactional Emails

Cannot Opt Out

Order confirmations, product delivery, invoices, support responses. These are necessary for service delivery and cannot be opted out of.

Marketing Emails

Consent Required

Promotional offers, new product launches, free resources, newsletters. Sent only with your explicit consent.

How to Unsubscribe

Click the 'Unsubscribe' link at the bottom of any marketing email. Opt-out requests are processed within 10 business days. We never share your email address with third parties for their marketing purposes.

Section 11

Third-Party Platforms & External Links

When you use payment gateways or other third-party services on our Platform, your data is also processed by those platforms under their own privacy policies:

RazorpayView Policy →
PhonePeView Policy →
Supabase (Auth)View Policy →
Google AnalyticsView Policy →
Resend (Email)View Policy →

Section 12

International Visitors & Cross-Border Data Transfers

Our Platform is primarily directed at users in India. If you access our Platform from outside India, your personal data may be transferred to, stored, and processed in India. By using our Platform from outside India, you consent to such transfer and processing.

For EU/UK users, we ensure compliance with applicable data protection frameworks to the extent required.

Section 13

Privacy Grievance Officer

In accordance with Rule 5(9) of the IT (Reasonable Security Practices) Rules, 2011 and the DPDPA, 2023:

Designated Grievance Officer

Officer NameJagannath Gummaluri
DesignationOwner / Privacy Officer
Emailsupport@secureiam.in
Contact HoursMonday to Friday | 10:00 AM – 6:00 PM IST
AcknowledgmentWithin 48 hours of receipt
ResolutionWithin 30 days of acknowledgment

Unresolved complaints may be escalated to:

Data Protection Board of India

For DPDPA 2023 violations

Consumer Disputes Redressal Commission

DCDRC / SCDRC / NCDRC

Cyber Appellate Tribunal

Under the IT Act, 2000

Section 14

Changes to This Privacy Policy

We reserve the right to update this Privacy Policy at any time to reflect changes in our data practices, applicable law, or our business operations.

Material Change Notification

Where changes are material, we will notify registered users by email and/or display a prominent notice on the Platform at least 15 days before the changes take effect, wherever practicable. Your continued use of the Platform following the posting of changes constitutes acceptance of those changes.

Section 15

Contact Us

For any queries, clarifications, or concerns related to this Privacy Policy or your personal data:

Business NameSecureIAM Guides
Privacy Emailsupport@secureiam.in
Websitehttps://secureiam.in
Working HoursMonday to Friday | 10:00 AM – 6:00 PM IST
GST RegistrationAs applicable

Your Trust Is Our Priority

We are committed to being transparent about how we use your data. We will never sell your personal information. If you ever have concerns about your privacy, we encourage you to reach out — we are here to help.

Terms & Conditions →·Refund Policy →

Governed by the Laws of the Republic of India | DPDPA 2023 Compliant. This document is provided for informational purposes only. For binding legal advice, please consult a qualified legal professional in India.