Who We Are

Nagovss Digital Products ("we", "us", "our") is the operator of the digital products store accessible at https://digitalproducts.nagovss.com. We are a GST-registered entity (GSTIN: 29CLNPG9703Q1Z6) operating under Indian law.

We are committed to protecting your personal information. This Policy applies to all users who visit our website, browse products, or make a purchase.

Information We Collect

We collect the following categories of information:

• Identity & Contact Data: Full name, email address, mobile number, and city/state provided during checkout.
• Tax Data: GSTIN (optional), provided if you require a business GST invoice.
• Transaction Data: Order number, products purchased, pricing, payment status, Razorpay order ID, and payment ID. We do not store your card number, CVV, UPI PIN, or net banking credentials — these are handled entirely by Razorpay.
• Technical Data: IP address, browser type, device information, referring URL, and pages visited, collected automatically via server logs and cookies.
• Communications: Any queries you send us via email or WhatsApp.

How We Use Your Information

We use your information for the following purposes:

• To process and fulfil your purchase, including delivering your digital product download link.
• To generate and deliver a GST-compliant tax invoice to your email.
• To send your WhatsApp download link (where you provide your number).
• To communicate regarding your order, including confirmations and support responses.
• To verify payment with Razorpay and detect fraudulent transactions.
• To maintain our accounting and GST compliance records as required by Indian tax law.
• To improve our website and product offerings based on aggregated, anonymised usage data.
• To respond to legal obligations, regulatory requests, or court orders.

We do not use your personal data for unsolicited marketing, sell it to advertisers, or share it with data brokers.

Legal Basis for Processing

Under applicable Indian law (IT Act, 2000 and SPDI Rules, 2011), we collect and process your personal data on the following bases:

• Contractual necessity: Processing required to complete your purchase and deliver the product.
• Legal obligation: Maintaining GST records, issuing compliant invoices, and responding to legal/regulatory requests under the Goods and Services Tax Act, 2017 and Income Tax Act, 1961.
• Legitimate interest: Fraud prevention, site security, and improving our services.
• Consent: For any optional communications such as product updates (where separately obtained).

Sharing of Information

We share your personal data only in the following circumstances and only to the extent necessary:

• Razorpay Software Pvt. Ltd.: To process payments. They act as an independent data controller for payment data. Razorpay's Privacy Policy ↗
• WhatsApp / Meta: Your mobile number is used to send your download link via WhatsApp Business API.
• Email Service Provider: Your email address is shared with our transactional email provider solely for sending invoices and order confirmations.
• Government & Legal Authorities: Where required by Indian law, court order, or a lawful government directive (e.g., GST authorities, cybercrime investigation).

We do not sell, rent, or trade your personal information to any third party for marketing or commercial purposes.

Data Retention

We retain your personal data for the following periods:

• Order & transaction records: Minimum 8 years from the date of transaction, as required under the GST Act, 2017 and Income Tax Act, 1961.
• Invoice data (including GSTIN): Minimum 8 years as per GST compliance requirements.
• Download logs: 12 months from the purchase date.
• Technical / server logs: 90 days.
• Support communications: 2 years from last interaction.

After the applicable retention period, data is securely deleted or anonymised.

Cookies & Tracking

Our website uses cookies and similar technologies to ensure the website functions correctly and to improve your experience. The types of cookies we use include:

• Essential cookies: Required for session management, the checkout flow, and security (e.g., CSRF nonce for Razorpay). You cannot opt out of these without affecting core functionality.
• Analytics cookies: Used to understand how visitors interact with our site (page views, session duration). We may use anonymised analytics. No personally identifiable information is stored in analytics cookies.

You can disable non-essential cookies via your browser settings. Disabling essential cookies may prevent you from completing a purchase.

Your Rights

Under the SPDI Rules and applicable Indian law, you have the following rights regarding your personal data:

• Right to access: Request a copy of the personal data we hold about you.
• Right to correction: Request correction of inaccurate or incomplete data.
• Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time (this does not affect the lawfulness of prior processing).
• Right to grievance redressal: Lodge a complaint with our Grievance Officer (see Section 13).

To exercise your rights, contact our Grievance Officer (details in Section 13) with your request. We will respond within 30 days as required under the SPDI Rules.

Security

We implement reasonable security practices and procedures as mandated by the IT (SPDI) Rules, 2011, including:

• TLS/SSL encryption for all data transmitted between your browser and our server.
• Razorpay's PCI DSS Level 1 compliant payment processing — we never handle raw card data.
• Nonce-based Razorpay key exposure protection (per-session security token).
• Access controls limiting internal access to personal data on a need-to-know basis.
• Regular review of our data handling practices.

While we take all reasonable measures, no system is 100% secure. In the event of a data breach that is likely to harm you, we will notify you and relevant authorities as required by law.

Third-Party Services

Our website may contain links to third-party websites or integrate with third-party services. We are not responsible for the privacy practices of those third parties. We recommend reviewing their privacy policies independently. Key third parties include:

• Razorpay Software Pvt. Ltd. — Payment processing (PCI DSS Level 1)
• Google Fonts — Served from Google's CDN; subject to Google's privacy policy
• Font Awesome (Cloudflare CDN) — Icon fonts served via Cloudflare
• WhatsApp Business API — For sending download links

Children's Privacy

Our website and services are intended for users who are 18 years of age or older. We do not knowingly collect personal information from persons under 18. If you believe a minor has provided us with their personal data, please contact our Grievance Officer immediately and we will delete such data.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or applicable law. When we make material changes, we will update the "Last Updated" date at the top of this page.

Continued use of our website after a change to this Policy constitutes your acceptance of the updated terms. We encourage you to review this page periodically.

Contact & Grievance Officer

In accordance with the Information Technology Act, 2000 and the SPDI Rules, 2011, we have designated a Grievance Officer to address any concerns or complaints regarding this Privacy Policy or the processing of your personal data.

You may contact us for any privacy-related requests, complaints, or questions: