Indian Spice Shop
Privacy Policy
Last updated: July 16, 2026
Indian Spice Shop respects the privacy of buyers, suppliers, staff users and website visitors. This policy explains what information we collect, why we collect it, and how it is used for export sourcing, enquiry handling and communication follow-up.
Information we collect
- Contact and quote request details such as name, company, email address, phone number, country, product requirement, quantity, packing preference, destination port and message.
- Business communication records, including messages, quote requests, supplier RFQs, sent/received emails, notes, task history and related CRM activity.
- Technical data such as IP address, browser type, device type, language preference, app/PWA notification subscription status and basic security logs.
- Files voluntarily uploaded or attached by staff users, such as product proposal attachments or contact import sheets.
How we use information
- To verify and store buyer enquiries and quote requests.
- To respond by email, WhatsApp, phone or other business communication channels.
- To manage staff mailbox, marketing, CRM, supplier RFQ and task follow-up workflows.
- To send app/browser notifications for new emails, messages, quote requests and assigned tasks where notifications are enabled.
- To improve website reliability, prevent spam, protect accounts and maintain audit records.
Email verification and anti-spam
- Contact and quote forms may require a one-time verification code before the enquiry is accepted.
- We may use honeypot fields, rate limits, logs and manual review to reduce fake or spam submissions.
Cookies, sessions and app notifications
- Admin, cadmin and mail portals use secure session cookies and trusted-device cookies where enabled.
- Installed app/PWA and Appilix notifications may use browser Push API, Firebase/Appilix identity, or device notification tokens. These are used only for operational notifications connected with the account.
Data sharing
- We do not sell visitor or buyer data.
- Information may be shared with internal staff, authorized cadmin users, mail users, service providers, hosting/email providers and relevant suppliers only where needed to handle a business enquiry or operational workflow.
- Legal or security disclosures may be made if required by law or to protect the website, users or business records.
Data storage and retention
- Website messages, quote requests, contacts, emails, CRM activity, task notes and notification logs may be stored in MySQL or server storage.
- Attachments and generated files may be stored on the server or configured archive provider and may be cleaned automatically as per admin settings.
- Records may be retained for business follow-up, audit, dispute handling and security review unless deletion is requested and legally/operationally possible.
Your choices
- You may request correction or deletion of your contact details by contacting us through the website.
- Staff users should ask the main admin to update, disable or remove their account access.
- You can disable browser/app notifications from your device or browser settings.
Security
- We use login controls, role-based access, 2FA options, CSRF protection, protected folders and database-backed permissions to reduce unauthorized access.
- No online system is completely risk-free, so users should avoid sending highly sensitive personal information unless necessary for the transaction.
Contact
- For privacy questions, use the contact form on this website or the business email/WhatsApp channels shown on the contact page.