Privacy Policy

Last Updated: 01/04/2026
Effective For: https://hislon.in/
Entity: HETICLEX IMPEX (Proprietorship)

1. Introduction

HETICLEX IMPEX (“we”, “us”, “our”) operates the Naviforce Watches e-commerce store at https://hislon.in/. This Privacy Policy complies with the Digital Personal Data Protection Act, 2023 (DPDP Act), Information Technology Act, 2000, and RBI payment gateway guidelines

By accessing our website or placing an order, you consent to the collection and processing of your personal data as described herein.

2. Data Controller Details

Legal Name: HETICLEX IMPEX
Constitution: Proprietorship
GSTIN: 24ESPPK1293E2ZL
Principal Address: SF, Plot No.73, Jay Bhavani Industrial Estate, Kadodra Road, Near Bharat Cancer Hospital, Magob, Surat, Gujarat – 395010
Contact:

3. Information We Collect

3.1 Personal Data (Mandatory for Order Fulfillment)

  • Full name, shipping/billing address, phone number, email address
  • Payment information (processed securely via PhonePe; we do not store card/UPI credentials)
  • GSTIN (if business purchase for invoice generation)

3.2 Automated Data

  • IP address, device information, browser type, cookies (for session management & analytics)
  • Order history, product views, cart activity (via WooCommerce)

3.3 Warranty Claims Data

  • Unboxing video files, product defect images, courier tracking details (retained for 24 months for warranty verification)

4. Purpose of Processing

We process your data solely for:

  • Order processing, payment verification, and delivery coordination via Shiprocket
  • GST-compliant invoice generation and tax filing
  • Warranty claim validation and service coordination
  • Fraud prevention, transaction security, and RBI-mandated audit trails
  • Customer support communications (order updates, delivery alerts)

5. Legal Basis for Processing (DPDP Act Compliance)

  • Consent: For order placement, account creation, and optional communications
  • Contractual Necessity: To fulfill purchase agreements and warranty obligations
  • Legal Obligation: For GST invoicing, RBI reporting, and fraud prevention

6. Data Sharing & Third Parties

We share data ONLY with:

Party

Purpose

Safeguards

PhonePe Payment Gateway

Payment processing, PCI-DSS compliant transactions

End-to-end encryption; no card data stored on our servers

www.phonepe.com

Shiprocket Logistics

Order dispatch, COD verification, tracking

Data Processing Agreement; limited to shipping essentials

GSTN Portal

Invoice reporting, tax compliance

Statutory requirement; encrypted transmission

Legal Authorities

Court orders, RBI directives

Only upon valid legal demand

Party

Purpose

Safeguards

PhonePe Payment Gateway

 

Payment processing, PCI-DSS compliant transactions

 

End-to-end encryption; no card data stored on our servers
www.phonepe.com

Shiprocket Logistics

Order dispatch, COD verification, tracking

 

Data Processing Agreement; limited to shipping essentials

 

GSTN Portal

Invoice reporting, tax compliance

Statutory requirement; encrypted transmission

Legal Authorities

Court orders, RBI directives

Only upon valid legal demand

We do NOT sell, rent, or trade personal data to third parties.

7. Data Retention

  • Order records: 8 years (GST Act requirement)
  • Payment transaction logs: 5 years (RBI guidelines)
  • Warranty claim data: 24 months from claim closure
  • Account data: Until deletion request + 30-day grace period

8. Your Rights (DPDP Act)

You may:

  • Access, correct, or erase your personal data via heticleximpax@gmail.com
  • Withdraw consent for marketing (does not affect order processing)
  • Request data portability in structured format
  • Lodge grievances with our Grievance Officer (response within 15 days)

9. Security Measures

  • PCI-DSS Level 1 compliance via PhonePe for payment data
  • SSL/TLS encryption for all data transmissions
  • Regular security audits; WooCommerce hardening protocols
  • Staff training on data protection; access controls

10. International Transfers

All data is stored and processed within India. No cross-border transfers occur without explicit consent and DPDP Act safeguards.

11. Policy Updates

Material changes will be notified via email/website banner 15 days prior to effect. Continued use constitutes acceptance.

12. Contact

For privacy queries: