Privacy policy

YOUR DATA, YOUR RIGHTS

Privacy Policy

We respect your privacy and protect every bit of your personal data—here's how.
Last Updated: October 27, 2025
Introduction & Who We Are
Agorge ("we," "us," or "our") operates the website agorge.com and all related services. This Privacy Policy explains how we collect, use, share, and protect your personal information when you visit or purchase from our online store.

By using our website, you consent to the practices described in this policy. If you do not agree, please do not use our services.
What Personal Information We Collect
When you visit or make a purchase on our site, we may collect the following:
  • Contact Information: Name, email address, phone number, billing/shipping address.
  • Payment Information: Credit/debit card details, UPI ID (processed securely via third-party payment gateways—we do NOT store card data).
  • Order Details: Products purchased, order history, shipping preferences.
  • Account Information: Username, password (encrypted), profile preferences if you create an account.
  • Device & Usage Data: IP address, browser type, device type, pages visited, time spent on site, cookies, and similar technologies.
  • Communications: Emails, chat messages, reviews, or feedback you submit to us.
We only collect data necessary to serve you better and improve your shopping experience.
How We Use Your Personal Information
We use your information for the following purposes:
  • Process Orders: To complete transactions, send confirmations, and deliver products.
  • Customer Support: To respond to inquiries, troubleshoot issues, and assist with returns/refunds.
  • Shipping & Logistics: To arrange delivery and communicate tracking updates.
  • Personalization: To recommend products, improve site experience, and tailor our communications.
  • Marketing: To send promotional emails, offers, and updates (only if you opt-in).
  • Analytics & Improvement: To understand user behavior, improve site functionality, and optimize performance.
  • Legal Compliance: To comply with laws, prevent fraud, enforce terms, and respond to legal requests.
  • Security: To detect, investigate, and prevent fraud, abuse, or unauthorized access.
Legal Basis for Processing (GDPR, CCPA, & India Compliance)
  • Contractual Obligation: We process your data to fulfill orders and deliver services you've requested.
  • Legitimate Interest: We use analytics and marketing data to improve our business and customer experience.
  • Consent: For marketing emails and tracking (via cookies/pixels), we use your explicit consent.
  • Legal Requirement: We process data as required by laws (tax, anti-fraud, consumer protection).
  • GDPR (EU Customers): If you're in the EU, you have the right to access, correct, delete, or object to your data processing.
  • CCPA (US Customers): If you're in California, you have the right to know, delete, and opt-out of data sales.
  • India (Pursuant to IT Act, 2000): We comply with Indian data protection laws and do not share sensitive personal data without consent.
Your rights: Access, correct, delete, or port your data. Contact us to exercise any of these rights.
Data Sharing & Third-Party Service Providers
We do NOT sell, trade, or rent your personal information to third parties for marketing purposes. However, we share data with:
  • Payment Processors: Razorpay, PayU, Stripe (for secure payment processing). They never store your full card data.
  • Shipping Partners: Bluedart, Delhivery, Xpressbees, DTDC (for delivery and tracking).
  • Email/SMS Providers: Shopify Email, Klaviyo, or similar (for order confirmations and marketing).
  • Analytics Tools: Google Analytics, Mixpanel (to understand site usage—anonymized where possible).
  • Customer Support: Zendesk, Shopify (for managing customer inquiries).
  • Hosting & CDN: Shopify, Cloudflare (to host and secure our site).
  • Legal Obligations: We may disclose data if required by law, court order, or government request.
All third-party partners are bound by confidentiality agreements and comply with data protection laws.
Cookies & Tracking Technologies
Our site uses cookies and similar tracking technologies:
  • Essential Cookies: Required for site functionality (authentication, security, session management).
  • Performance Cookies: Help us understand how users interact with our site (anonymized analytics).
  • Marketing Cookies: Track you across sites for personalized ads (set only with your consent).
  • Pixels & Retargeting: Google Ads, Facebook Pixel, and similar tools to show relevant ads and measure campaign effectiveness.
Your Cookie Choices:
  • Essential cookies cannot be disabled (required for checkout).
  • You can opt out of marketing and analytics cookies in your browser settings or our cookie banner.
  • Disabling cookies may reduce site functionality but won't prevent purchases.
  • For GDPR users: You can withdraw consent at any time via our cookie settings.
We honor your privacy preferences—manage your choices anytime on any page.
Data Security & Protection
We implement industry-standard security measures to protect your data:
  • SSL/TLS Encryption: All data transmitted to/from our site is encrypted (HTTPS).
  • PCI DSS Compliance: We comply with Payment Card Industry standards for secure payment processing.
  • Secure Passwords: Passwords are hashed and salted; we never store plaintext passwords.
  • Firewalls & Intrusion Detection: We use firewalls and security monitoring to prevent unauthorized access.
  • Regular Security Audits: We perform periodic security assessments and penetration testing.
  • Access Controls: Only authorized employees can access customer data, and access is logged.
  • Data Minimization: We collect only essential data and never share sensitive information unnecessarily.
Breach Notification: If a security breach occurs, we will notify affected customers within 72 hours (per GDPR & Indian law).
How Long We Keep Your Data
  • Order Data: Retained for 7 years (for tax, warranty, and legal compliance in India).
  • Account Information: Retained as long as your account is active, plus 1 year after deletion.
  • Email Marketing: Retained until you unsubscribe; then deleted within 30 days.
  • Analytics/Cookies: Retained for up to 2 years unless you clear cookies sooner.
  • Support Tickets: Retained for 2 years for reference and dispute resolution.
  • Fraud/Security Logs: Retained for 1 year for fraud prevention and investigation.
  • Legal Hold: Data may be retained longer if required by law or ongoing legal proceedings.
Right to Deletion: You can request deletion of your data anytime, subject to legal obligations.
Your Privacy Rights & Data Subject Requests
Depending on where you're located, you have the following rights:
  • Right to Access: Request a copy of all personal data we hold about you.
  • Right to Correct: Request correction of inaccurate or incomplete data.
  • Right to Delete: Request deletion of your data ("Right to be Forgotten"), except where legally required to retain.
  • Right to Restrict Processing: Limit how we use your data in certain situations.
  • Right to Data Portability: Request your data in a machine-readable format and transfer it elsewhere.
  • Right to Object: Object to marketing emails, profiling, or automated decision-making.
  • Right to Withdraw Consent: Withdraw consent for marketing emails or cookies anytime.
  • Right Not to Be Discriminated: We will not discriminate based on privacy choices.
How to Exercise Your Rights: Email support@agorge.com or visit your account settings to manage preferences.
Regional Privacy Laws & Specific Rights
  • 🇪🇺 GDPR (EU Residents):
    You have all rights above under the General Data Protection Regulation. Requests must be answered within 30 days. You also have the right to lodge a complaint with your local data protection authority.
  • 🇺🇸 CCPA (California Residents):
    You have rights to know, delete, and opt-out of data sales. No discrimination for exercising rights. We do not currently sell data, but you can opt-out anytime.
  • 🇮🇳 India (IT Act, 2000 & Upcoming Digital Personal Data Protection Act):
    We comply with Indian privacy standards. You have the right to access, correct, and request deletion of sensitive personal data. Requests are processed within 45 days.
Children's Privacy
Agorge's website is not intended for children under 13 years of age (or the applicable age of digital consent in your country). We do not knowingly collect personal information from children.
  • No Direct Collection: We do not knowingly collect personal data from anyone under 13 without parental consent.
  • Parent/Guardian Responsibility: If a child has created an account or provided data, we require parental/guardian consent for continued use.
  • Immediate Removal: If we discover that a child under 13 has provided information without consent, we will delete it promptly.
  • COPPA Compliance (US): For US users, we comply with the Children's Online Privacy Protection Act (COPPA).
  • Parental Access: Parents/guardians can request access to, correction of, or deletion of their child's data.
If you believe a child has provided information, contact support@agorge.com immediately.
International Data Transfers
  • Where Data is Stored: Agorge's servers are located primarily in India. However, our third-party service providers (payment processors, analytics, CDN) may process data in other countries, including the US and EU.
  • Data Transfers from EU/EEA: When EU/EEA users' data is transferred outside the EU/EEA, we ensure appropriate safeguards via Standard Contractual Clauses (SCCs) or Binding Corporate Rules (BCRs) to maintain GDPR compliance.
  • Data Transfers from India: We do not transfer sensitive personal data internationally without explicit consent, per Indian law. Non-sensitive data may be transferred to trusted service providers with data protection agreements in place.
  • Your Consent: By using our site and providing data, you consent to transfers necessary to provide services, subject to the protections outlined above.
We maintain data protection standards equivalent to your home jurisdiction even during international transfers.
Marketing Communications & Email
We may send you marketing emails, promotions, and product updates. Your preferences are always in your control:
  • Opt-In at Signup: Marketing emails are sent only if you consented during registration or purchased.
  • Order Confirmation Emails: Always sent (not marketing)—contain transactional info you need.
  • Promotional Emails: Sent periodically with offers, new products, and skincare tips.
  • SMS/WhatsApp: Only sent if you explicitly opted in; frequency varies by campaign.
  • Frequency: We aim for 2-4 emails per month; you can adjust frequency in your preferences.
  • Personalization: Emails may be personalized based on purchase history and browsing behavior.
Unsubscribe anytime via the link in every email or your account settings—no questions asked!
How to Opt-Out or Manage Preferences
  • Email Unsubscribe: Click "Unsubscribe" at the footer of any marketing email.
  • Account Settings: Log in and navigate to PreferencesEmail Settings to manage subscription types.
  • Contact Support: Email support@agorge.com with your request to unsubscribe from all marketing.
  • SMS Opt-Out: Reply STOP to any SMS from Agorge to unsubscribe.
  • Cookie/Tracking Opt-Out: Use our cookie banner on every page to opt out of analytics and marketing cookies.
  • Do Not Track (DNT): If your browser sends a DNT signal, we respect it for non-essential tracking.
  • Third-Party Ad Opt-Out: Use Google's Ads Preferences or Facebook's Ad Preferences to control targeted ads.
Note: Even if you unsubscribe from marketing, we'll still send transactional emails (orders, support responses, security alerts).
Changes to This Privacy Policy
We reserve the right to update, revise, or amend this Privacy Policy at any time to reflect legal, operational, or business changes.

Notices: Material changes will be posted on this page and, where appropriate, notified by email or site banner.

Effective Date: Please review this policy regularly. Continued use of the site after changes constitutes acceptance.
Contact Details & Questions
  • Email: support@agorge.com
  • Customer Helpline & WhatsApp: +91 76782 00356 (10AM–6PM, Mon–Sat)
  • Data Protection Officer (DPO): Data Privacy Dept, Agorge, New Delhi, India
  • Mail: Attn: Privacy Policy, Agorge, XYZ Complex, New Delhi, 110001, India
For data access, correction, deletion, or complaints, please contact the DPO above.
Terms of Acceptance
By using agorge.com, you agree to the collection, use, and sharing of your data as described in this policy.

If you do not agree with any aspect, please discontinue use or contact us with your concerns.

Thank you for trusting Agorge! Your privacy and safety always come first.