Privacy Policy

Last Updated: January 29, 2026

Introduction

Plant-o-Art is committed to protecting your privacy and handling your personal information responsibly. This Privacy Policy details how we collect, use, disclose, and safeguard your data when you visit plantoart.com, place orders, create accounts, or engage with our services. By accessing or using our platform, you consent to these practices. We adhere to all applicable data protection laws, including India's Digital Personal Data Protection Act, 2023, and the Information Technology Act, 2000.

Scope of Policy

This policy governs all interactions with our website and services, including browsing, purchasing, account management, and customer support communications.

Information Collection Practices

We collect information through three primary channels. First, you provide personal details directly when registering an account, placing orders, or contacting support. This includes your full name, email address, phone number, shipping and billing addresses, payment information (processed securely by third-party gateways without storage of full card details), username, password, and any correspondence such as inquiries or feedback.

Second, we automatically gather certain technical and usage data as you navigate our site. Using cookies, server logs, and analytics tools, we record pages visited, products viewed, session duration, referral sources, IP address, browser type and version, device specifications, operating system, and approximate location derived from your IP.

Third, we receive supplementary data from trusted third parties integral to our operations, such as transaction confirmations from payment processors, delivery status from shipping partners, and aggregated trends from marketing or analytics providers where you have consented.

Purposes of Data Processing

Your information serves specific, legitimate business needs. For order fulfillment and customer service, we use it to process purchases, coordinate shipping and returns, send tracking updates and confirmations, and manage accounts. In business operations, it helps analyze preferences to refine product selections, optimize website navigation, enhance support, and detect fraud.

Marketing uses are strictly opt-in: we send emails on new arrivals, offers, and personalized recommendations, alongside interest-based advertising. For security, we monitor for threats and ensure platform stability. Legally, we comply with regulations, tax obligations, and authorized requests while protecting our rights and user safety.

Cookies and Similar Technologies

Cookies—small files stored on your device—enable core functions like cart persistence, login recall, product tracking, performance analysis, and relevant ads. Essential cookies are required for site operation; analytics and marketing ones improve experiences but can be managed via browser settings. Disabling them may limit functionality. Refer to our Cookie Policy for specifics.

Information Sharing Practices

We disclose data only as essential, under stringent confidentiality agreements with vetted partners. Service providers include payment gateways like Razorpay or PayU, logistics firms such as Blue Dart or Delhivery, cloud storage hosts, and support tools—all contractually bound to protect data equivalently.

Legal disclosures occur for compliance with laws, court orders, government requests, or to enforce terms, combat fraud, or ensure safety. In mergers, acquisitions, or asset sales, data transfers maintain identical safeguards. Importantly, Plant-o-Art does not sell personal information to third parties; any marketing partner sharing is consent-based and opt-out available.

Data Retention Periods

Information is retained only as required: order records for 7 years per tax laws; active accounts during use plus 30 days post-deletion; marketing data until opt-out or 2 years inactivity. Upon fulfillment of purposes, data is securely deleted or anonymized, barring legal holds.

Security Safeguards

We employ robust, industry-standard measures: SSL/TLS encryption for transmissions, regular audits and vulnerability scans, role-based employee access, PCI-DSS compliant payments, and monitored backups with disaster recovery. While these minimize risks, absolute security online cannot be guaranteed; we advise secure practices like strong passwords and avoiding public WiFi for sensitive actions.

Your Legal Rights

Applicable laws grant rights including access to your data and its usage, rectification of inaccuracies, erasure (subject to retention rules), processing restrictions, portability in usable formats, objection to marketing or certain processing, and consent withdrawal. Account settings or direct contact facilitate opt-outs; full requests to

hello@plantoart.com

Receive responses within 3-5 business days, with identity verification.

Transactional emails persist despite marketing opt-outs.

Children's Data Protection

Services target users 18+. We knowingly avoid child data collection; any discovered instances are deleted immediately upon parental notification.

International Transfers and Third-Party Links

Data resides on Indian servers. International access implies consent to transfers under governing laws, with EU users protected via Standard Contractual Clauses. Linked third-party sites fall outside our control—review their policies independently.

Policy Amendments

Updates reflect operational or legal changes, noted by the "Last Updated" date. Material revisions appear prominently on our site; continued use signifies acceptance.