What we collect, why we collect it, and the care we take with it. Written in plain language — because your data belongs to you, and you deserve to know exactly how it is treated.
Raven Creed is a brand operated by LVJoi (GSTIN 09AWKPC9278L1ZR). This Privacy Policy explains how we collect, use, store, and protect the personal information of anyone who visits our website or places an order with us.
This policy is written in accordance with the Information Technology Act, 2000, the SPDI Rules, 2011, the Digital Personal Data Protection Act, 2023, and the Consumer Protection (E-Commerce) Rules, 2020. Where applicable provisions of international privacy law apply (such as GDPR for EU residents), we honour those as well.
If anything in this policy is unclear, or if you wish to exercise any of the rights described below, please contact our Grievance Officer — details at the end of this document.
We collect only the information we need to operate our store, fulfil your orders, and keep in touch with you. This falls into three categories:
Information you give us directly — your name, email address, phone number, delivery and billing addresses, and any notes you leave with an order. When you sign in to your account, we receive and verify your email address through a one-time password (OTP). When you subscribe to our newsletter, we collect your email address and your preference to receive communication.
Information about your orders — the pieces you buy, the sizes you select, the amount paid, the payment method used, and the delivery address linked to each order. We do not see or store your full card or UPI details; these are handled directly by Razorpay.
Information collected automatically — when you visit our site, we receive technical information such as your IP address, device type, browser, operating system, pages viewed, time spent on pages, and how you arrived at our website (for example, through search, social media, or an advertisement).
We collect personal information only for specific, stated purposes:
To fulfil your order — processing payment, dispatching your piece, sharing tracking updates, and handling any return or exchange.
To communicate with you — order confirmations, shipping notifications, support responses to your queries, and occasional newsletters if you have subscribed. Marketing communication is always opt-in. You can unsubscribe from any newsletter at any time via the link in every email.
To secure and improve our service — detecting fraudulent orders, preventing misuse of accounts, understanding which pieces our wearers respond to, and refining the experience of browsing and shopping.
To comply with the law — retaining invoices, tax records, and order history as required under the Central Goods and Services Tax Act, 2017 and related financial regulations.
We collect personal information only in three ways:
When you provide it to us — by placing an order, creating an account, subscribing to our newsletter, writing to our support team, or leaving a review.
Through our technology partners — our e-commerce platform (Shopify), our payment gateway (Razorpay), our email service (Shopify Email), and our review platform (Judge.me). Each of these partners has its own privacy practices, listed in the next section.
Through cookies and analytics tools — described in Section 05 below.
We never sell your personal information. We share it only with trusted partners who help us run our business — and only the minimum required for each to perform its function. These partners include:
Shopify Inc. — hosts our e-commerce platform and processes your browsing, account, and order data. Shopify is a Canadian-headquartered company operating globally and complies with GDPR and other international privacy standards.
Razorpay — processes your payments. We do not see or store your card, UPI, or net banking credentials; these remain entirely within Razorpay's PCI-DSS compliant infrastructure.
Shopify Email — delivers our newsletter and transactional emails (order confirmations, shipping updates).
Judge.me — manages product reviews submitted by verified wearers. Only the name and email you provide when leaving a review are shared with them.
Meta Platforms — through the Meta Pixel on our site, Meta may receive anonymised information about your interaction with Raven Creed to help us measure the performance of our advertising. You can review and control this under your Facebook / Instagram ad preferences.
Courier and logistics partners — to deliver your order, we share your name, phone number, and address with the courier handling your parcel. They use this information solely to complete delivery.
Legal and regulatory authorities — where we are required by Indian law, a court order, or a lawful government request, we will disclose information to the extent required by that request.
Our website uses cookies and similar technologies to recognise you across pages, remember your preferences, understand how our site is used, and measure the performance of our marketing.
Essential cookies — necessary for the site to function: remembering your cart, enabling checkout, authenticating your session. These cannot be disabled without breaking the shopping experience.
Analytics cookies — Shopify's built-in analytics tracks how our site is being used so we can improve it.
Marketing cookies — Meta Pixel helps us understand whether our advertising reaches the right audience, and whether people who click an ad complete a purchase. This data is anonymised and aggregated.
You can manage cookies through your browser settings, or adjust your consent preferences at any time using the cookie banner on our site. Disabling cookies may limit certain features of our website.
We take reasonable and appropriate security measures to protect your personal information from unauthorised access, disclosure, alteration, or destruction — as required under Section 43A of the Information Technology Act, 2000.
Our website runs on Shopify's secure infrastructure with end-to-end SSL encryption. Payment data is handled exclusively through PCI-DSS compliant gateways (Razorpay). Account access is protected by email-based OTP authentication, meaning no one can log in to your account without first verifying the one-time password sent to your registered email.
Despite our best efforts, no system connected to the internet can be guaranteed fully secure. In the unlikely event of a data breach affecting your information, we will notify you and the appropriate authorities as required under the Digital Personal Data Protection Act, 2023.
We keep personal information only for as long as it serves a legitimate purpose or as required by law.
Order and invoice records are retained for a minimum of eight years, in accordance with tax and financial reporting requirements under Indian law.
Account information is retained for as long as your account remains active. If you ask us to delete your account, we will do so within a reasonable period, retaining only the minimum information legally required (such as past invoices).
Newsletter subscriptions are kept until you unsubscribe. Once unsubscribed, your email is removed from future marketing communication.
Analytics and cookie data are typically retained for up to 26 months, after which they are aggregated or deleted.
Under the Digital Personal Data Protection Act, 2023 and related Indian privacy law, you have the following rights over your personal information:
The right to access — you may request a copy of the personal information we hold about you.
The right to correct — if any of your information is inaccurate or incomplete, you may ask us to update it.
The right to erase — you may ask us to delete your personal information, subject to any legal obligation to retain it (for example, tax records).
The right to withdraw consent — you may withdraw your consent to marketing communication at any time, by unsubscribing from emails or writing to us.
The right to grievance redressal — if you believe we have mishandled your personal information, you may raise a grievance with our Grievance Officer (details in Section 12). We aim to resolve every complaint within 30 days, in line with Rule 5(9) of the IT Rules, 2011.
To exercise any of these rights, write to us at support@ravencreed.com with your request. We will verify your identity and respond within one working day.
Raven Creed is intended for adult wearers. We do not knowingly collect personal information from anyone under the age of 18. If you believe a minor has submitted personal information to us, please contact our Grievance Officer and we will delete it promptly.
Some of our technology partners (Shopify, Meta, Judge.me) store and process data outside India. In each case, those partners maintain privacy safeguards that match or exceed the standards required under Indian law and, where applicable, international standards such as the EU's General Data Protection Regulation (GDPR).
We currently ship to the United States. International orders are processed within the same data-handling framework described in this policy.
We may update this Privacy Policy from time to time — to reflect a change in our practices, our tools, or the law. When we make a material change, we will update the "Last Updated" date at the top of this page. Significant changes may also be communicated by email to registered users.
Your continued use of our website after an update constitutes acceptance of the revised policy.
In accordance with Rule 5(9) of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Consumer Protection (E-Commerce) Rules, 2020, we have designated a Grievance Officer who may be contacted for any concerns related to this Privacy Policy or the handling of your personal data.
To exercise any right described in this policy, or to raise a grievance, write to our Grievance Officer — we respond within a working day.
support@ravencreed.com