Privacy Policy

How we collect, use, and protect your personal information

1. Introduction and Scope

RABY-Ingredients Private Limited ("we," "us," "our," or "Company") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, store, and protect your personal information in compliance with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), Personal Data Protection Bill (PDPB), Information Technology Act 2000, and other applicable data protection laws.

2. Information We Collect

Information You Provide Directly:

  • Contact information (name, email address, phone number, postal address)
  • Company information (company name, industry, location, designation)
  • Product inquiries and product preferences
  • Communications and feedback through contact forms or email
  • Payment information (processed securely through third-party providers)
  • Documents required for business transactions

Information Collected Automatically:

  • IP address and device identifiers
  • Browser type, version, and operating system
  • Pages visited, time spent on pages, and click patterns
  • Referrer information and exit pages
  • Device identifiers and unique advertising identifiers
  • Geolocation data (with appropriate consent)
  • Cookies and similar tracking technologies

3. How We Use Your Information

We use your personal information for the following lawful purposes:

  • Providing and improving our products and services
  • Responding to inquiries, requests, and customer service
  • Sending transactional communications (order confirmations, delivery updates)
  • Sending marketing communications (with explicit consent)
  • Analyzing website usage patterns and optimizing user experience
  • Conducting market research and surveys
  • Detecting, preventing, and addressing fraud and security issues
  • Complying with legal obligations and regulations
  • Enforcing terms of service and other legal rights
  • Creating aggregated, anonymized data for analytics

4. Legal Basis for Processing

We process personal information based on the following legal bases:

  • Consent: When you explicitly consent to processing
  • Contract: To fulfill our contractual obligations
  • Legal Obligation: To comply with applicable laws and regulations
  • Legitimate Interests: To pursue our legitimate business interests where not overridden by your rights
  • Vital Interests: To protect your vital interests or those of others

5. Data Sharing and Disclosure

We may share your personal information with:

  • Service providers and business partners (with appropriate data protection agreements)
  • Payment processors and financial institutions
  • Analytics and marketing partners
  • Government authorities and law enforcement (when required by law)
  • Professional advisors (legal, accounting, consulting)

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. Data processors are bound by strict confidentiality obligations and data processing agreements.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required by law. Retention periods vary based on the type of information and the purpose:

  • Transactional data: For the duration of the business relationship plus 7 years (for compliance)
  • Marketing data: Until you unsubscribe
  • Website analytics: Aggregated and anonymized after 24 months

7. International Data Transfers

If we transfer personal information internationally (particularly outside India or the EEA), we implement appropriate safeguards such as Standard Contractual Clauses, Binding Corporate Rules, or obtaining your explicit consent. We ensure that international transfers comply with GDPR, CCPA, PDPB, and other applicable data protection laws.

8. Data Security and Protection Measures

We implement comprehensive technical and organizational security measures to protect your personal information, including:

  • End-to-end encryption (TLS/SSL) for data in transit
  • AES-256 encryption for data at rest
  • Secure authentication mechanisms and access controls
  • Regular security audits and penetration testing
  • Data minimization and privacy by design principles
  • Employee training on data protection and privacy
  • Incident response and breach notification procedures

However, no security system is completely impenetrable. We cannot guarantee absolute security of data transmitted over the internet.

9. Your Rights and Control Over Your Data

You have the following rights regarding your personal information (where applicable under GDPR, CCPA, PDPB, and Indian law):

  • Right to Access: Request access to your personal information
  • Right to Rectification: Request correction of inaccurate information
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Data Portability: Request your data in a structured, machine-readable format
  • Right to Object: Object to processing of your personal information
  • Right to Restrict Processing: Request restriction of data processing
  • Right to Withdraw Consent: Withdraw consent at any time
  • Right to Lodge a Complaint: File complaints with relevant data protection authorities
  • Right to Opt-Out: Opt-out of marketing communications at any time

10. Cookies and Tracking Technologies

We use cookies and similar technologies for essential functionality, performance analytics, and marketing. Please refer to our Cookies Policy for detailed information about cookie types, purposes, and your control options. You can manage cookie preferences through your browser settings or our cookie consent tool.

11. Third-Party Links and Services

Our website may contain links to third-party websites and services. We are not responsible for the privacy practices of external sites. We encourage you to review their privacy policies before providing personal information. Third-party services operate independently of RABY-Ingredients.

12. Children's Privacy

Our website is not intentionally directed to children under 13 years of age. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected information from a child, we will take steps to delete such information promptly and deactivate the child's account.

13. Data Breaches and Incident Response

In the event of a personal data breach, we will notify affected individuals and relevant authorities within 72 hours (or as required by applicable law) unless the breach poses no risk to personal rights and freedoms. Our incident response procedures include investigation, mitigation, and remediation of the breach.

14. Privacy Updates and Modifications

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. We will post updates on this page with an updated "Last Updated" date. Significant changes will be communicated via email or prominent website notice. Your continued use constitutes acceptance of updated terms.

15. Data Protection Officer and Contact Information

For questions about this Privacy Policy, to exercise your data rights, or to report privacy concerns, contact us at:

RABY-Ingredients Private Limited
Data Protection Officer
F-210, Transport Nagar, Near Parking No-5
LUCKNOW, UP -226012
India
Email: kamlesh..singh@raby.co.in
Phone: +91-9450853242

16. Regulatory Compliance

This Privacy Policy complies with GDPR (EU), CCPA (California), Personal Data Protection Bill (India), Information Technology Act 2000, and other applicable data protection and privacy regulations. We maintain records of processing activities and conduct Data Protection Impact Assessments as required.

Last updated: March 2026