Privacy Policy

• Identity: name, email, phone, government IDs (GSTIN / PAN / FSSAI / etc.) provided during KYC.
• Bank account details for payouts (account number stored encrypted; only last-4 visible).
• Operational data: orders, payments, inventory movements, fulfillment events.
• Device + access logs: IP, user-agent, login timestamps, audit events.

To run the marketplace: identity verification, order routing, fulfillment, settlement, fraud signal monitoring, support, and product improvement. We do not sell your personal data.

We share data with vetted processors (payment gateways, logistics providers, SMS/email vendors, cloud infra) under data-processing agreements. We share with regulators when legally required.

KYC + financial records: retained per Indian regulatory minimums (typically 8 years). Operational logs: retained 24 months unless under audit. Account closure: PII anonymized within 30 days; the audit trail itself remains in append-only form for traceability.

You may request access to, correction of, or deletion of your personal data by writing to privacy@strongnation.in. We respond within statutory timelines. Account closure is subject to clearing open financial obligations.

Data in transit: TLS 1.2+. Data at rest: AES-256 with a managed KMS. Access scoped by RBAC v2 role assignments; sensitive operations require step-up OTP. Bank account numbers are envelope-encrypted.

The Platform is not intended for users under 18.

Material changes will be notified in-app and via email at least 14 days before they take effect, where practicable.

Privacy questions: privacy@strongnation.in. Grievance officer details will be published with the binding version.