Skip to content

Privacy Policy

Last updated: 2026-04-30

Known Click Technologies Private Limited ("KCT", "we", "us", "our") operates the brand MiniVelvet and the website minivelvet.com (the "Site"). This Privacy Policy explains how we collect, use, share, store, and protect your personal data, in accordance with the Digital Personal Data Protection Act, 2023 ("DPDP Act"), the Information Technology Act 2000, the Consumer Protection (E-Commerce) Rules 2020, and other applicable Indian law.

By using the Site, placing an order, creating an account, or interacting with our brand on third-party platforms (such as WhatsApp, Instagram, Facebook, or Google services), you consent to this Privacy Policy. If you do not agree, please do not use the Site or our services.

1. Data Fiduciary

For the purpose of the DPDP Act, the Data Fiduciary is Known Click Technologies Private Limited (CIN: U62090GJ2025PTC164167), with registered office at SF-203, Sayam Sapphire, Opposite Madhuban Resort, Karamsad, Anand, Gujarat 388325, India.

2. What we collect

We collect the following categories of personal data:

  • Identity & contact data: name, mobile number, email, shipping and billing addresses.
  • Order & transaction data: products ordered, prices, payment status, invoice details, GSTIN if you provide one.
  • Account data: login OTPs, session identifiers, account preferences, marketing consent flags.
  • Communication data: messages exchanged with us via email, WhatsApp, Instagram direct messages, Facebook Messenger, or our contact form, and any call recordings if you reach our support line.
  • Device & technical data: IP address, device type, browser, operating system, referring URL, and timestamps — collected for security, fraud prevention, and Site reliability.
  • Behavioural & marketing data: pages viewed, products clicked, items added to cart, purchase events, ad clicks. This data is used to measure marketing performance and to show you relevant ads on Google, Meta (Facebook, Instagram), and similar platforms.
  • Marketing consent: your opt-in or opt-out preferences for promotional emails, SMS, and WhatsApp messages.

3. How we use your data

  • To process and fulfil your orders, ship products, and issue tax invoices.
  • To provide customer support and respond to your queries on email, WhatsApp, Instagram, and other channels.
  • To send transactional messages (OTPs, order confirmations, shipping and delivery updates, refund alerts) via SMS, email, and WhatsApp.
  • To send marketing communications about offers, new launches, and content — only where you have opted in, with the ability to opt out at any time.
  • To measure marketing and Site performance, run analytics, run remarketing, and personalise the experience using Google, Meta, and similar platforms.
  • To prevent fraud, abuse, and unauthorised access, and to enforce our Terms.
  • To comply with applicable Indian law, including tax, accounting, consumer protection, and lawful requests by authorities.

4. Lawful basis for processing

We process your personal data on one or more of the following legal bases recognised under the DPDP Act and Indian common law: your consent; performance of the contract between you and us (your order); compliance with a legal obligation; or our legitimate uses (security, fraud prevention, and Site improvement) where these do not override your rights.

5. Sharing with third-party processors

We share the minimum personal data necessary with the following processors and business partners, each bound by data-protection obligations:

  • Razorpay Software Pvt Ltd — payment processing for UPI, debit/credit cards, net banking, and wallets. Razorpay receives your name, contact, billing details, and transaction amount. We do not store full payment-instrument details on our servers.
  • Shiprocket and integrated couriers (Delhivery, BlueDart, and others) — shipping, last-mile delivery, and reverse pickup. They receive your name, shipping address, mobile number, and order weight.
  • MSG91 — OTP and transactional message delivery via SMS and WhatsApp.
  • Meta Platforms, Inc. (Facebook, Instagram, WhatsApp Business) — we run advertising and remarketing on Facebook and Instagram, may deploy the Meta Pixel and Conversions API to attribute and measure ad performance, and use the WhatsApp Business / Cloud API to send transactional and (with your opt-in) marketing messages. Where you contact us via Instagram or WhatsApp, message content is processed by Meta under its own terms and privacy policy.
  • Google LLC — Google Analytics for traffic measurement, Google Ads / Google Tag for advertising, conversion tracking, and remarketing, Google reCAPTCHA for fraud prevention, and (where used) Google sign-in. Google may set its own cookies and process data under its own terms.
  • Cloudflare, Inc. — content delivery, image optimisation, bot protection, and first-party analytics.
  • Email and infrastructure providers — for transactional email delivery and hosting.
  • Professional advisors and authorities — auditors, legal counsel, and tax/regulatory authorities, where required by law.

We do not sell or rent your personal data to anyone.

6. Cross-border transfers

Some of our processors (such as Google, Meta, and Cloudflare) operate servers outside India. When personal data is transferred to such processors, we rely on the protections available under Indian law, including any restrictions or notifications issued by the Central Government under the DPDP Act, and the contractual safeguards imposed on those processors.

7. Marketing communications and WhatsApp

Transactional messages (OTPs, order, delivery, and refund updates) are sent via SMS, email, and WhatsApp because they are necessary to fulfil your order and you cannot opt out of these without losing the related service.

Marketing messages (offers, launches, abandoned-cart reminders) are sent only with your opt-in consent. You may withdraw consent at any time by replying STOP on WhatsApp or SMS, clicking the unsubscribe link in any email, or writing to [email protected]. Withdrawal of consent will not affect the lawfulness of processing carried out before the withdrawal.

When you message us on WhatsApp, Instagram, or Facebook, your messages are delivered through Meta's infrastructure and are subject to Meta's own terms and privacy policy in addition to ours.

8. Cookies and tracking

We use cookies, pixels, SDKs, and similar technologies for Site functionality, security, analytics, and advertising. See our Cookie Policy for the full list and how to manage them.

9. Data retention

Order, invoice, and tax records are retained for the period required by Indian tax, accounting, and consumer-protection law (typically eight years from the end of the relevant financial year). Account data is retained while your account is active and for a reasonable period thereafter, unless you request deletion. Marketing data is retained until you withdraw consent or after a period of inactivity, whichever is earlier.

Loyalty data: point balances, award/debit history, and refund records are retained for 8 years per Indian tax law. On account deletion, your customer ID is anonymized on these records but the rows themselves are retained.

10. Your rights under the DPDP Act 2023

You have the right to:

  • Obtain a summary of personal data we process about you;
  • Correct or update inaccurate or incomplete data;
  • Erase data that is no longer necessary for the purpose it was collected, subject to legal-retention obligations;
  • Withdraw consent for processing that is based on your consent;
  • Nominate another person to exercise your rights in case of your death or incapacity;
  • Have your grievance redressed (see Grievance Officer below).

Submit any such request via our data request page or by writing to our Grievance Officer. We will respond within the timelines prescribed under the DPDP Act.

11. Children's data

The Site is not directed at children under the age of 18. We do not knowingly collect or process personal data of children. If you believe we have inadvertently collected such data, please contact us and we will delete it promptly.

12. Security

We implement reasonable technical and organisational safeguards — including encryption in transit (HTTPS), access controls, OTP-based authentication, and regular security monitoring — to protect your personal data. No system is completely secure, and we cannot guarantee absolute security against every threat.

13. Grievance Officer

In compliance with the DPDP Act 2023, the Information Technology Act 2000, and the Consumer Protection (E-Commerce) Rules 2020, the contact details of our Grievance Officer are:

  • Name: Amit Goyal
  • Designation: Director, Known Click Technologies Pvt Ltd
  • Email: [email protected]
  • Address: SF-203, Sayam Sapphire, Opposite Madhuban Resort, Karamsad, Anand, Gujarat 388325, India
  • Hours: Mon–Sat, 10AM–7PM IST (excluding public holidays)

We will acknowledge your grievance within 48 hours and resolve it within 30 days, as required by law.

14. Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top will reflect the latest revision. Continued use of the Site after any change constitutes acceptance of the revised policy.

15. Contact

For privacy questions, write to [email protected]. For formal grievances under the DPDP Act, contact the Grievance Officer above.

We use first-party cookies for essential site function. Learn more