Welcome to Aura Spectacles ("Company", "We", "Us"). Your privacy is our priority. This document explains how we collect, use, and protect your data in accordance with the Digital Personal Data Protection Act (DPDPA), 2023 and the Information Technology Act, 2000.
1. Categories of Personal Data Collected
We collect information necessary to provide high-quality optical products and a seamless shopping experience:
| Category | Data Points Collected |
|---|---|
| Identity & Contact | Full name, email address, mobile number, shipping and billing address. |
| Optical Data | Eye prescription (SPH, CYL, Axis, PD), and uploaded photos of prescriptions. |
| Transaction Data | Payment identifiers via payment gateways like Razorpay (We do not store raw card/bank details). |
| Technical Data | IP address, browser type, device identifiers, and session usage via cookies. |
2. Medical Accuracy & User Responsibility
3. Purpose of Data Processing
We process your data based on your consent and contractual necessity to:
- Accept and fulfill orders for frames and customized lenses.
- Perform "Human Verification" calls to confirm power details before lab processing.
- Send order tracking notifications via Email, SMS, and WhatsApp.
- Comply with tax (GST) and legal auditing requirements.
4. Cookies & Targeted Advertising
Our website uses cookies to improve functionality. Additionally:
- We use Analytical Tools (such as Google Analytics) to monitor website traffic.
- We use Marketing Pixels (such as Facebook/Meta Pixel) to show you relevant advertisements based on your interests. You can manage these preferences through your browser's "Do Not Track" settings.
5. Virtual Try-On & Facial Data
If you use our Virtual Try-On feature to test frames digitally, our system maps your facial features to render the glasses accurately. We do not store, share, or sell your facial scans or biometric data. All rendering is done locally on your browser/device, and the data is immediately discarded after your session ends. Only anonymized mapping data may be used temporarily to measure Pupillary Distance (PD) and face width for better frame recommendations.
6. Data Security & Sharing
We implement Reasonable Security Practices as per Rule 8 of the IT Rules 2011. Your data is encrypted via SSL (Secure Sockets Layer) during transmission.
We only share data with trusted third parties strictly for order completion:
- Payment Processors: To facilitate secure, encrypted payment processing.
- Logistics Partners: To ensure the delivery of your spectacles to your doorstep.
7. Data Retention & Erasure
We retain your contact and optical data for a period of 5 years. This allows us to handle warranty claims and assist you in re-ordering lenses without a fresh upload. You may request the permanent deletion of your data at any time by contacting our Grievance Officer.
8. Your Rights & Duties (DPDPA 2023)
Under the Digital Personal Data Protection Act, 2023, you are entitled to specific rights and bound by certain duties:
- Right to Access & Correction: You may request a summary of your data and ask us to correct or update inaccuracies in your prescription or shipping details.
- Right to Erasure & Consent Withdrawal: You may withdraw your consent at any time and request data deletion, subject to our legal retention requirements (e.g., tax audits).
- Right to Nominate: You may nominate another individual to exercise your privacy rights in the event of your death or incapacity.
- User Duties: You agree not to impersonate others, provide fabricated optical data, or register false/frivolous grievances with us or the Data Protection Board.
9. Communication & NDNC (DND) Override
By registering on our platform or providing your contact number for an order, you explicitly authorize us to contact you via phone call, SMS, WhatsApp, or email for order verification, support, and promotional offers. This consent overrides any registration on the National Do Not Call (NDNC), Do Not Disturb (DND), or NCPR registry.
10. Children's Privacy
We do not knowingly collect personal data from individuals under the age of 18 without verifiable parental or guardian consent. If a minor wishes to purchase spectacles, they must do so under the supervision and with the consent of a lawful guardian. If we become aware that we have collected data from a minor unlawfully, we will promptly delete it.
11. Business Transfers & Governing Law
In the event of a merger, acquisition, or sale of Aura Spectacles, your personal data may be transferred as a business asset under the same privacy protections. This policy is governed by the laws of India, and any disputes shall be subject to the exclusive jurisdiction of the competent courts located in Hyderabad, Telangana.
12. Grievance Redressal & Contact Information
Legal Entity: Aura Spectacles
Office Address: Sultan Bazar, Hyderabad, Telangana.
Contact Email: support@webcodeco.com
Timeline: Grievances are acknowledged within 48 hours and resolved within 15 working days.