Privacy Policy

  • 1. ABOUT THIS POLICY

    At aerah, we believe that trust is earned and that starts with being transparent about how we handle your data. This Privacy Policy sets out the kinds of information we gather when you use our website, why we gather it, what we do with it, how we keep it safe, and the choices available to you as a user.
    aerah.co is owned and operated by Aerah Essentials Pvt. Ltd., a company duly incorporated under the Indian Companies Act, 2013 (referred to throughout this document as “Aerah”, “we”, “us”, or “our”), with its registered office at 15/221-222, Malviya Nagar, New Delhi – 110017, South Delhi, Delhi, India.
    Throughout this document, the term “Personal Information” refers to any data that can be used to identify you as an individual this includes, but is not limited to, your name, postal address, email address, and phone number. You are welcome to browse aerah.co without sharing any Personal Information with us. We will never sell, barter, or transfer your Personal Information to outside parties without your permission, except as required by applicable law.
    This Privacy Policy is an integral part of our Terms and Conditions and is legally binding on all users of aerah.co. We encourage you to read it in full. Since we may revise this Policy from time to time, we recommend checking this page periodically to stay informed.

  • 2. WHAT INFORMATION WE COLLECT

    The information we gather falls into several distinct categories, depending on how you interact with our Website:

    a. Information You Share with Us Voluntarily

    When you create an account, place an order, sign up for our newsletter, or reach out to us for any reason, you are choosing to share certain details with us. This may include
    • Your full name
    • Your residential, billing, or delivery address
    • Your email address
    • Your phone number
    • Your account login credentials, including the username and password you create when registering on aerah.co

    b. Purchase and Order Information

    When you transact with us on aerah.co, we record the details of that transaction, which include:
    • The products you have purchased, including quantities and variants
    • Your billing and shipping addresses as entered at checkout
    • A record of your order history with us
    • Confirmation of whether your payment was processed successfully (we do not, however, retain your actual payment credentials — refer to Section 2(d) for more detail)

    c. Technical and Behavioural Data

    Each time you visit aerah.co, our systems automatically log certain technical information about your device and how you use our Website. This includes:
    • Your IP address, which identifies the network from which you are accessing the internet
    • The type of device, operating system, and browser you are using
    • Which pages on our Website you visit, how long you spend on each, and which links you click
    • The website or source that referred you to aerah.co
    • An approximate geographic location based on your IP address
    • Server log files and other technical data generated during your visit
    This data is collected and analysed in aggregate, anonymised form for the purpose of understanding how our Website is being used and improving the experience for all visitors. It is not used to identify individual users.

    d. Payment Credentials

    aerah.co does not handle, store, or have access to your card numbers, net banking passwords, UPI PINs, or any other sensitive financial credentials. All payment processing on our Website is carried out exclusively by Razorpay, a third-party payment gateway. When you make a payment, your financial information goes directly to Razorpay’s encrypted servers. We receive nothing more than a notification that your payment was successful or unsuccessful, along with an order reference number. Razorpay’s handling of your financial data is governed by their own Privacy Policy, which you can review at razorpay.com/privacy.

    e. Survey and Research Responses

    From time to time, we may invite you to take part in optional surveys, questionnaires, or feedback exercises to help us understand your experience and improve our products and services. Any information you provide in these contexts is entirely voluntary and will be used solely for the purpose it was collected.

    f. Customer Support Correspondence

    If you get in touch with us via email or any other communication channel, we will retain a record of your contact details and the content of our exchange in order to resolve your query, track the status of your case, and improve the quality of our support.

  • 3. HOW WE USE YOUR INFORMATION

    The data we gather serves a range of purposes, all of which are directly tied to operating our business and serving you better:

    a. Fulfilling Your Orders

    • To confirm, process, and dispatch the products you have ordered
    • To send you updates at each stage of your order confirmation, dispatch, and delivery
    • To manage your account and ensure your login experience on aerah.co is seamless
    • To investigate and resolve any concerns or complications arising from your order
    • To enable the secure and accurate processing of your payment via Razorpay

    b. Staying in Touch with You

    • To respond to any queries, feedback, or complaints you direct to us
    • To send you important notices about your account, our Policies, or any material changes to how we operate
    • To send you a welcome communication when you first register on aerah.co

    c. Marketing and Brand Communications

    Where you have given us your consent, we will use your contact details to reach out with:
    • Email campaigns featuring new product launches, skincare guidance, seasonal promotions, and aerah updates
    • WhatsApp messages with product highlights, event information, and offers relevant to you You are free to opt out of these communications at any point. Simply click the unsubscribe link within any email we send, update your preferences in the Profile section of your account, or drop us a message at hello@aerah.co. Withdrawing from marketing communications will never affect your ability to receive transactional messages about active orders.

    d. Improving Your Experience on aerah.co

    • To understand your preferences and purchasing patterns so we can tailor what you see on our Website
    • To personalise product recommendations and content based on your browsing and purchase history

    e. Research, Analytics, and Platform Development

    • To study how visitors navigate and engage with our Website, and to identify where we can make improvements
    • To assess the reach and effectiveness of our marketing initiatives
    • To inform internal decisions about product development and business strategy

    f. Meeting Our Legal Obligations

    • To comply with all applicable laws, regulations, and directives issued by government or regulatory authorities in India
    • To identify and act on suspected fraud, misuse, or any activity that may threaten the integrity of our platform or the safety of our users
    • To uphold our Terms and Conditions and other published Policies
    • To take action to protect the interests, property, or safety of Aerah Essentials Pvt. Ltd., our customers, or the general public where necessary

  • 4. IP ADDRESS AND COOKIES

    a. Your IP Address

    An IP address is a numerical label assigned to every device connected to the internet, which enables information to be directed to the correct destination much like a postal address for your device. When you access aerah.co, our servers log your IP address. We use this, along with data about your device and browser, for system administration, security monitoring, and to build an anonymised picture of where our visitors are located and how they engage with our Website. Your IP address on its own does not identify you as a specific person.

    b. How We Use Cookies

    Cookies are small data files that a website deposits on your device when you visit. They allow the site to remember information about your visit such as the contents of your shopping cart, your login status, and your browsing preferences so that your next visit or the next page you load feels seamless. Cookies on aerah.co cannot access other files on your device, cannot spread viruses, and cannot execute any software on your behalf.
    We use the following categories of cookies:
    • Functional Cookies: These are essential to the core operation of our Website. Without them, features like the shopping cart, account login, and the checkout process would not work. These cookies cannot be disabled without significantly degrading your experience on the Website.
    • Analytics Cookies: These allow us to measure how visitors interact with our Website — including which pages attract the most traffic, how users move through the site, and where they tend to exit. We use tools such as Google Analytics for this purpose. The data is aggregated and anonymised.
    • Advertising and Retargeting Cookies: These are placed by third-party advertising platforms such as Meta (Facebook and Instagram) to track your activity across websites and serve you advertisements that are relevant to your interests. These cookies connect your visit to aerah.co with advertising systems operated by those third parties.
    A cookie file is activated the moment you begin using our Website. You can choose to disable cookies at any time through your browser’s settings. Keep in mind, however, that switching off cookies particularly functional ones may mean that some parts of aerah.co, including the cart and account features, do not work as expected.

  • 5. YOUR CONSENT

    By visiting aerah.co, creating an account, or completing a purchase, you are agreeing to this Privacy Policy and to the use of your Personal Information in the ways we have described. We do not use your data for any purpose beyond what is stated here without first seeking your consent.
    For marketing communications specifically whether by email or WhatsApp we rely on your explicit consent, which you give when you opt in to receive such messages. You can revoke this consent whenever you choose. For emails, use the unsubscribe link in any communication we send. For WhatsApp, reach out to us directly or email hello@aerah.co and we will ensure you are removed from our messaging list without delay.
    Withdrawing your consent for marketing will not invalidate anything we processed before that point, and it will have no bearing on the transactional messages we send as a necessary part of completing or managing your orders.

  • 6. HOW WE REACH OUT TO YOU

    a. Email

    If you have subscribed to our email list, you will receive messages from aerah covering topics such as new product introductions, ongoing promotions, skincare tips, and brand updates. To stop receiving these, click the unsubscribe option in any email footer, head to the Profile section of your aerah account, or send us a request at hello@aerah.co. We aim to process opt-out requests within seven business days. Unsubscribing from marketing emails does not affect confirmations and notifications about your orders.

    b. WhatsApp

    Where you have shared your phone number and indicated that you’d like to hear from us on WhatsApp, we may send you messages about products, offers, and events. We will only ever send messages you have actively opted in to receive no unsolicited messages will be sent. There is no charge from our side for receiving these messages, although your network provider may apply standard data or messaging rates.
    To stop WhatsApp communications from us, simply message us directly or send an email to hello@aerah.co requesting removal. We will act on this promptly.

    c. Order and Account Notifications

    Some of our communications are not optional they exist because you have placed an order or hold an account with us. These include order confirmations, payment receipts, dispatch alerts, and delivery notifications. These messages will continue to be sent regardless of your marketing preferences, as they are a fundamental part of us fulfilling our obligations to you as a customer.

  • 7. HOW WE PROTECT YOUR INFORMATION

    Keeping your Personal Information secure is something we take seriously. We have put in place a combination of technical and operational safeguards designed to prevent your data from being accessed, used, modified, or disclosed in ways you have not authorised.
    These measures include:
    • Limiting access to your Personal Information strictly to those members of our team, and those third-party providers, who require it to carry out their specific responsibilities and who are bound by confidentiality obligations
    • Encrypting data transmitted between your browser and our Website using SSL (Secure Socket Layer) technology
    • Storing all Personal Information within secure, access-controlled database environments based in India, subject to applicable Indian data protection laws
    • Working only with payment processors (Razorpay) that maintain PCI-DSS certification and apply industry-standard encryption to all financial data
    We want to be honest with you: no digital system is immune to risk. While we do everything within our means to protect your data, we cannot give you an absolute guarantee that a breach will never occur. By using aerah.co and submitting your Personal Information, you acknowledge this inherent limitation and agree that, in the event of a breach, your recourse against us will be limited to situations where the breach occurred directly as a result of our gross negligence or an intentional violation of this Policy.
    As a precaution, we recommend signing out of your aerah account whenever you finish browsing, especially if you are on a device that is shared with others.

  • 8. KEEPING YOUR DETAILS UP TO DATE

    The accuracy of the information we hold about you matters both for the quality of service we provide and for your own security. You can update your name, address, email, or any other saved details at any time by logging into your account on aerah.co and navigating to your Profile.
    If you would prefer to request changes or deletions directly, or if you want to withdraw your consent for how we use your data, please write to us at hello@aerah.co. We will do our best to accommodate your request as quickly as possible. Note that certain records particularly those related to financial transactions, tax compliance, or ongoing legal obligations may need to be retained by us for a prescribed period even if you ask us to delete your account.

  • 9. WHEN WE SHARE YOUR INFORMATION

    We treat your Personal Information with discretion. We will never sell it, rent it out, or hand it over to third parties who want to market their own products or services to you without your knowledge and consent. That said, running a business requires working with partners, and there are circumstances under which your data will be shared:

    a. Partners Who Help Us Operate

    To fulfil your orders and run our platform effectively, we rely on a set of trusted third-party providers. Depending on how you interact with us, your information may be shared with:
    • Our logistics and shipping partners Nimbus Post and BlueDart who need your name and delivery address to get your order to you
    • Razorpay, to process your payment and confirm your transaction
    • Email marketing platforms (such as Klaviyo or Mailchimp) that we use to send you newsletters and promotional messages
    • WhatsApp Business API service providers who facilitate our messaging to you
    • Website analytics tools (including Google Analytics and Meta Pixel) that help us understand traffic patterns and user behaviour on aerah.co
    All of these providers are engaged under terms that restrict them from using your information for any purpose other than the one for which it was shared, and they are required to maintain appropriate security standards.

    b. Legal Requirements

    There may be situations in which we are legally required to disclose your information. This includes responding to valid court orders, regulatory demands, government directives, or other lawful requests. We may also share your data when we genuinely believe it is necessary to:
    • Fulfil our obligations under Indian law or any other applicable jurisdiction
    • Defend our legal rights or protect our business and assets from harm
    • Investigate or report suspected illegal activity involving our platform
    • Prevent a credible threat to the safety or wellbeing of an individual or group

    c. Credit and Legal Recovery

    In cases where we need to assess creditworthiness, pursue recovery of amounts owed to us, or take legal action to protect our interests, we may need to share relevant Personal Information with the appropriate parties, including legal representatives or financial institutions.

    d. Structural Changes to Our Business

    Should Aerah Essentials Pvt. Ltd. enter into a merger, be acquired by or merge with another organisation, or sell a material portion of its assets, your Personal Information may form part of the assets transferred in that transaction. In such circumstances, we will provide you with advance notice — either by email or through a prominent notice on aerah.co — so that you are aware of any change in how your data will be handled going forward.

  • 10. DATA SECURITY STANDARDS

    Our approach to data security is grounded in the principle that your Personal Information deserves the same level of care that goes into formulating our products. We apply commercially reasonable security standards across every layer of our operations from who on our team can access your records to how data is encrypted during transmission. All traffic between your device and aerah.co is encrypted via SSL. Access to customer data is role-restricted, meaning only individuals with a legitimate operational need are permitted to view or process it. Our systems are designed to detect and flag unusual access patterns.
    Despite all of this, the internet is an open environment, and we cannot make unconditional promises about security. If you ever have reason to believe your aerah account has been compromised, please notify us at hello@aerah.co immediately so we can take appropriate action.
    In terms of your own security responsibilities:
    • Never share your password with anyone, including aerah staff we will never ask you for your password
    • Always log out of your account when using a public or shared device
    • Keep your device software and antivirus tools updated to minimise the risk of malware or phishing

  • 11. WHERE YOUR DATA LIVES

    All Personal Information collected via aerah.co is stored on secure servers located within India. These servers operate under the legal framework established by Indian data protection legislation, and all entities involved in processing your data on our behalf are contractually obligated to uphold the standards described in this Privacy Policy.
    While we do everything we can to protect your information, we want to be straightforward: there is no such thing as a completely impenetrable system. We cannot offer a blanket guarantee against all conceivable security incidents. Any information you share in publicfacing areas of our Website — such as product reviews or comments will, by its nature, be visible to other users. Please keep this in mind and avoid sharing sensitive personal details in such spaces.

  • 12. WHAT YOU CAN DO TO PROTECT YOUR PRIVACY

    While we work hard to keep your data safe on our end, there are steps you can take to protect yourself:
    • Keep your aerah account password private do not share it with friends, family, or anyone else
    • Disruptions to courier or logistics networks at a national or regional level
    • Make it a habit to log out of aerah.co after each session, particularly when using someone else’s device
    • Protect your devices with up-to-date antivirus and anti-malware software, and be cautious about clicking unfamiliar links or downloading files from unknown sources
    • If you suspect your account has been accessed without your authorisation, contact us at hello@aerah.co without delay

  • 13. ACCESSING AND MANAGING YOUR PERSONAL INFORMATION

    You are in control of the information we hold about you. If you want to view, amend, or erase your Personal Information, you can do this in two ways: by logging into your aerah account and editing your Profile directly, or by writing to us at hello@aerah.co with a specific request.
    We will endeavour to act on any such request within a reasonable period. However, be aware that some data — particularly records that are needed for financial reporting, tax filings, or legal compliance — may be required to be retained by us for a defined period under Indian law, even after an account is closed or a deletion request is submitted.

  • 14. MARKETING COMMUNICATIONS: YOUR CHOICES

    When you register on aerah.co or make a purchase, and you have opted in to marketing communications, you will hear from us via email and/or WhatsApp about products, promotions, and all things aerah. These are not unwanted messages they are something you have actively chosen to receive.
    If you change your mind and want to stop receiving them:
    • For emails: use the unsubscribe link in any marketing email, or update your preferences under Profile in your account
    • For WhatsApp messages: contact us directly or send a request to hello@aerah.co Please allow up to seven business days for your request to be processed fully across our systems. Order-related and account-related messages will continue independently of your marketing preferences, as these are necessary for us to fulfil our commitments to you.

  • 15. THE SCOPE OF THIS POLICY

    This Privacy Policy represents the complete and authorised account of how Aerah Essentials Pvt. Ltd. collects, uses, and manages Personal Information gathered through aerah.co. No other document, statement, or summary whether issued by a third party or appearing on a separate platform carries any legal weight in relation to our privacy practices. This Policy, as published on aerah.co, is the definitive reference.

  • 16. UPDATES TO THIS POLICY

    As our business grows and evolves and as the regulatory landscape around data privacy continues to develop we may need to revise this Privacy Policy. Any updates will be published on this page with a revised date at the top. We encourage you to return to this page periodically so you are always working with the most current version.
    Aerah Essentials Pvt. Ltd. accepts no liability for losses arising from inadvertent disclosure of account-related information, or from errors or omissions in how that information was used, whether or not such disclosure occurred in the context of a legal process. Similarly, we are not responsible for the privacy practices of third-party platforms whose links may appear on our Website.
    Your feedback on this Policy is welcome. If you believe we have fallen short of our commitments here, please tell us and we will make every reasonable effort to address your concern. Please also note that by continuing to use aerah.co after an update to this Policy is published, you are accepting the revised terms.

  • 17. GET IN TOUCH

    If anything in this Privacy Policy is unclear, if you have a question about how your data is being used, or if you wish to make a request in relation to your Personal Information, please reach out to us. We are committed to responding thoughtfully and promptly.
    Company: Aerah Essentials Pvt. Ltd.
    Website: www.aerah.co
    Email: hello@aerah.co
    Registered Address: 15/221-222, Malviya Nagar, New Delhi – 110017, South Delhi, Delhi, India
    We aim to respond to all privacy-related queries within seven business days of receiving them.

Disclaimer: This Privacy Policy has been independently drafted for Aerah Essentials Pvt. Ltd. and reflects standard best practices for Indian D2C e-commerce businesses. We strongly recommend that this document be reviewed by a qualified legal advisor before it is published, particularly in light of the Digital Personal Data Protection Act, 2023 (DPDPA) and any other applicable regulations that may have come into effect since this version was prepared.