hariko.in — online store builder for Indian businesses
Menu
Merchant LoginCreate My Online Shop

Privacy Policy

Last updated: May 24, 2026. How hariko.in processes merchant and customer data, including India (DPDP Act) disclosures.

Last updated: May 24, 2026. "Hariko," "we," and "us" mean hariko.in and its operators unless stated otherwise.

1. Scope and Roles

This Privacy Policy applies to hariko.in platform services used by merchants and store customers. hariko.in may act as a data fiduciary/controller for account and platform operations, and as a data processor for certain merchant storefront operations, depending on the workflow. Merchants who run storefronts may independently determine how they process customer data under their own policies.

2. Information We Collect

We collect only what is needed to operate the platform, secure accounts, and meet legal obligations. Categories include:

  • Account and identity: name, email, phone number, business name, address, GST or tax identifiers you provide, password hashes (we do not store plain-text passwords), and verification codes for registration or login.
  • Storefront and commerce: product catalog, pricing, order details, customer shipping or billing addresses submitted at checkout, and merchant configuration settings.
  • Payments (via processors): transaction IDs, payment status, amounts, and currency. Card numbers, full UPI VPA, and bank account details are handled by payment processors (e.g. Razorpay), not stored on hariko.in servers. We may receive limited payment metadata (such as last four digits or method type) from processors for reconciliation and support.
  • What we do not collect: we do not require or store Aadhaar numbers, and we do not intentionally collect government ID documents unless you voluntarily send them in support correspondence.
  • Technical and security: IP address, browser type, device type, operating system, session identifiers, authentication tokens, audit logs, and similar metadata used for security, fraud prevention, and reliability. We do not use invasive device fingerprinting for advertising; basic technical signals may be used for session security and abuse detection.
  • Support and communications: messages you send to us, feedback, and records of support interactions.
  • Merchant-enabled integrations:if a merchant connects analytics or other third-party tools, those providers may collect additional data under the merchant's configuration; see Section 5.

3. How We Use Information

We use data to provide storefront and merchant features, authenticate users, prevent fraud, process subscriptions and checkout payments, facilitate settlements through processors, provide customer support, maintain uptime and security, comply with legal obligations, and improve platform quality.

4. Legal Bases for Processing

Depending on jurisdiction, we process data based on contract performance, legitimate interests (such as security and product improvement), legal compliance, and consent where required (for example, optional marketing or non-essential cookies where applicable).

5. Data Sharing and Processors

We do not sell personal data. We share data with infrastructure hosts, email providers, and payment processors only as needed to deliver services, including Razorpay for payment and settlement operations. Merchants may enable third-party integrations; those integrations may process customer data under the merchant's instructions and their own privacy terms.

6. Cross-Border Transfers

If you use hariko.in outside your home country, data may be processed in India or other jurisdictions where our providers operate. We use contractual and operational safeguards appropriate to the nature of data and risk.

7. Retention

We retain personal data only as long as needed for the purposes below, unless a longer period is required by law:

  • Active accounts: for the duration of your subscription or use of the platform.
  • After account closure: core account and profile data is retained for up to 3 years for legal, tax, and dispute purposes, then deleted or anonymized where feasible.
  • Transaction and payment records: retained for up to 7 years as aligned with Indian financial, tax, and audit record-keeping expectations.
  • Security and audit logs: typically retained for 12–24 months unless needed longer for an investigation.

8. Cookies and Similar Technologies

hariko.in uses cookies and similar technologies for essential operation of the platform:

  • Strictly necessary: session and authentication cookies (for example, to keep you signed in and protect your account).
  • Preferences: settings you choose, such as role or UI preferences where stored in the browser.
  • Analytics (if enabled): we or merchants may use analytics tools to understand usage; where non-essential analytics are used on the marketing site, we will aim to disclose them and obtain consent where required by law.

You can control cookies through your browser settings. Disabling essential cookies may prevent parts of the platform from working.

9. Security

We use layered technical and organizational safeguards designed to protect confidentiality, integrity, and availability of merchant and customer data. No method is fully risk-free, but we continuously monitor and improve controls.

10. Rights and Choices

Subject to applicable law, you may request access, correction, deletion, portability, or restriction of your personal data, and may object to certain processing. Merchants are responsible for handling customer requests they control on their storefronts. To exercise rights with hariko.in, contact us using the details in Section 12.

11. India-Specific Notice (DPDP Act, 2023)

For users in India, hariko.in processes personal data in line with the Digital Personal Data Protection Act, 2023 and rules thereunder, as applicable to our role as a platform operator.

Grievance / Data Protection contact. For privacy complaints, data principal requests, or grievances under Indian law, contact our designated Grievance Officer:

  • Role: Grievance Officer, hariko.in
  • Email: privacy@hariko.in
  • Alternate: support@hariko.in
  • Response timeframe: we aim to acknowledge requests within 7 business days and resolve or respond substantively within 30 days, unless law requires a different period or an extension is permitted for complex requests.

You may also reach us via the contact page. If you are not satisfied with our response, you may have rights to escalate under applicable Indian law as it comes into force.

12. Merchant and Customer Notes

For merchants: you must provide lawful privacy notices and obtain required consents for your storefront operations and integrations. For customers: when you buy from a merchant storefront, that merchant may independently process your data under its own policies.

13. Policy Changes

We may update this policy as our services and legal requirements evolve. For material changes, we will notify registered merchants by email at least 7 days before the revised policy takes effect and update the date at the top of this page.

hariko.in

India's commerce platform for kirana stores, D2C brands, and social sellers. Launch your online shop with payments, shipping, and GST billing built in.

© 2026 hariko.in. Empowering Bharat's micro-merchants.

Built for Indian businesses · INR pricing · GST-ready