Privacy Policy

Last Updated: 4/16/2026

1. Information We Collect

We collect information that you manually provide to us during the checkout process and account creation. This includes:

  • Contact data (Name, Email Address)
  • Billing data (processed securely via our payment providers like Razorpay; we do not store raw credit card numbers)
  • Usage data (IP address, browser type, pages visited) via analytics providers like Meta Pixel.

2. How We Use Your Data

The Embernote Vault uses your collected data strictly for the following purposes:

  • To seamlessly deliver your purchased digital assets via email and authenticated tracking links.
  • To provide customer support and respond to your inquiries.
  • To deliver personalized, high-value promotional emails regarding product updates (you may opt out at any time).
  • To monitor and analyze site trends to improve the user experience.

3. Data Sharing and Third Parties

We absolutely do not sell, trade, or otherwise transfer your personally identifiable information to outside parties for marketing purposes. However, we do share your data with trusted third-party service providers who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information strictly confidential.

3.1 Payment Processing - Razorpay

When you make a purchase on The Embernote Vault, your payment information is processed by Razorpay, a third-party payment aggregator licensed by the Reserve Bank of India. Razorpay acts as a data processor on our behalf for payment processing purposes.

The following types of data are shared with Razorpay:

  • Personal Information: Your name, email address, and phone number (if provided)
  • Payment Information: Card details, UPI ID, net banking credentials, or other payment method information you provide
  • Transaction Information: Order amount, currency, product details, and transaction timestamp
  • Device Information: IP address, browser type, device type, and operating system

Razorpay uses this information solely for payment processing, fraud prevention, and compliance with applicable laws and regulations. Razorpay maintains PCI DSS Level 1 compliance and employs industry-standard security measures to protect your payment data.

3.2 Facility Providers (Banks and Card Networks)

To complete your payment transaction, Razorpay shares your payment information with Facility Providers, including:

  • Banks and financial institutions that issue your payment cards or process your transactions
  • Card networks (Visa, Mastercard, RuPay, etc.) that facilitate card-based payments
  • Payment gateways and processors that handle UPI, net banking, and wallet transactions

This data sharing is necessary to authorize, process, and settle your payment. Facility Providers are bound by their own privacy policies and regulatory obligations to protect your payment information.

3.3 Governmental Authorities

Your payment and transaction data may be shared with governmental authorities, regulatory bodies, and law enforcement agencies as required by law or upon lawful request. This includes but is not limited to:

  • Compliance with court orders, subpoenas, or legal processes
  • Fraud prevention and investigation of suspected illegal activities
  • Transaction monitoring and reporting as required by the Reserve Bank of India, Income Tax Department, or other regulatory authorities
  • Anti-money laundering (AML) and Know Your Customer (KYC) compliance

Both The Embernote Vault and Razorpay are legally obligated to cooperate with such requests and may disclose your information without prior notice to you when required by law.

3.4 Other Third-Party Service Providers

In addition to payment processing, we share limited data with other trusted service providers:

  • Email delivery services (for order confirmations and product delivery)
  • Analytics providers like Meta Pixel (for website usage analysis and marketing optimization)
  • Cloud hosting providers (for secure data storage and website infrastructure)

4. Data Breach Notification

In the unlikely event of a data breach that compromises your personal or payment information, The Embernote Vault is committed to transparency and prompt notification.

4.1 Notification to Razorpay

If a data breach involves payment information processed through Razorpay, we will notify Razorpay within 24 hours of detecting the breach. This notification will include details about the nature of the breach, the types of data affected, and the number of affected users.

4.2 Notification to Affected Customers

We will notify affected customers via email within 72 hours of confirming a data breach. The notification will include:

  • A description of the breach and the types of data compromised
  • The date and time the breach was detected
  • Steps we are taking to investigate and remediate the breach
  • Recommended actions you should take to protect yourself (e.g., changing passwords, monitoring account statements)
  • Contact information for further inquiries

4.3 Regulatory Reporting

We will comply with all applicable data breach notification laws and regulations, including reporting to relevant governmental authorities as required by Indian data protection laws and the Reserve Bank of India's guidelines.

5. Your Data Rights

Under applicable data protection laws, you have the following rights regarding your personal data:

5.1 Right to Access

You have the right to request a copy of the personal data we hold about you. We will provide this information in a structured, commonly used, and machine-readable format within 30 days of your request.

5.2 Right to Correction

If you believe any personal data we hold about you is inaccurate or incomplete, you have the right to request correction. We will update your information within 15 days of receiving your request.

5.3 Right to Deletion

You have the right to request deletion of your personal data, subject to certain legal exceptions. We may retain certain data as required by law (e.g., tax records, transaction history for regulatory compliance) or to resolve disputes and enforce our agreements.

Please note that deletion of your account and personal data will result in loss of access to purchased digital products and download links. We recommend downloading all purchased assets before requesting account deletion.

5.4 Right to Data Portability

You have the right to receive your personal data in a portable format and to request that we transfer this data to another service provider where technically feasible.

5.5 Right to Withdraw Consent

Where we process your data based on your consent (e.g., marketing emails), you have the right to withdraw that consent at any time. You can unsubscribe from marketing emails using the link provided in each email or by contacting us directly.

5.6 Exercising Your Rights

To exercise any of these rights, please contact us through our support channels. We will respond to your request within 30 days and may require verification of your identity before processing your request.

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies (like Meta Pixel) to track the activity on our Service and hold certain information. Cookies are files with a small amount of data which may include an anonymous unique identifier. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent, but you may not be able to use some portions of our Service.

7. Contact Us

If you have any questions about this Privacy Policy, the data we hold on you, or you would like to exercise one of your data protection rights, please contact us:

Email: support@embernotevault.com

Phone: +91 9054929750

We will respond to your inquiry within 30 days and may require verification of your identity before processing your request.