Privacy Policy

📋 1. Introduction

Welcome to CNBA OnlineBooks ("we," "our," "us"). We are a registered online book retailer operating from Shop 7, Coastal Business Arcade, Besant Nagar Main Road, Chennai, Tamil Nadu 600090, India. Our email is info@cnbaonlinebooks.in and our contact number is +91 96178 70273.

This Privacy Policy describes how CNBA OnlineBooks collects, uses, stores, processes, and protects your personal information when you visit our website, place an order, create an account, or interact with us in any way. By using our services, you consent to the practices described in this policy.

This policy applies to all information collected through our website (cnbaonlinebooks.in), mobile applications, customer service interactions, marketing communications, and any other services we offer.

📥 2. Information We Collect

2.1 Information You Provide Directly

When you interact with our platform, you may provide us with the following categories of personal information:

• Account Information: Full name, email address, phone number, date of birth, and password when you create an account.
• Order & Billing Information: Shipping address, billing address, payment method details (we do not store full card numbers), order history, and purchase preferences.
• Communication Data: Messages, emails, reviews, feedback, ratings, and support requests you send us.
• Identity Verification: Documents required for returns, high-value orders, or account verification as needed.
• Contact Form Data: Your name, email, phone number, subject, and message submitted through our contact form.
• Newsletter Subscriptions: Email address and communication preferences when you subscribe to our newsletters.

2.2 Information Collected Automatically

When you use our website, we automatically collect certain technical and usage information, including:

• IP address, browser type, browser version, and operating system
• Pages viewed, time spent on each page, clickstream data, and navigation paths
• Device identifiers, screen resolution, and language settings
• Referring URLs and search queries that led you to our website
• Purchase behaviour, wishlist data, and product interactions
• Session identifiers and authentication tokens

2.3 Information from Third Parties

We may receive information about you from third-party sources including:

• Payment processors and banking partners (transaction confirmation data)
• Logistics and delivery partners (delivery status and address verification)
• Social media platforms if you connect your account or log in via social login
• Marketing and analytics partners who help us understand audience behaviour
• Fraud detection and security services

⚙️ 3. How We Use Your Information

We use the information collected for the following legitimate purposes:

• Order Processing: To process, fulfil, and deliver your book orders and provide order status updates.
• Account Management: To create and manage your customer account, maintain your order history, and manage your preferences.
• Customer Support: To respond to your queries, complaints, return requests, and feedback in a timely manner.
• Personalisation: To recommend books, curate content, and personalise your shopping experience based on your browsing and purchase history.
• Marketing & Promotions: To send you newsletters, promotional offers, new arrivals, and deals based on your preferences and consent (see Section 4).
• Legal Compliance: To comply with applicable laws, regulations, legal processes, or enforceable governmental requests.
• Fraud Prevention: To detect, prevent, and address fraudulent transactions, abuse, and other harmful activities.
• Analytics & Improvement: To analyse user behaviour, identify trends, and continuously improve our platform, products, and services.
• Payment Processing: To facilitate secure payment transactions through our third-party payment gateway partners.

📢 4. Notification & Communication Consent

These communications may include order confirmations, shipping updates, delivery alerts, promotional offers, new book arrivals, exclusive discounts, reading recommendations, loyalty program updates, and other service-related information.

4.1 Purpose of Communication

We use these communication channels to keep you informed about:

• Your orders, returns, and refunds (transactional messages)
• Exclusive offers, seasonal sales, and discount campaigns
• New book launches, bestsellers, and curated reading lists
• Account security alerts and password reset notifications
• Program updates and changes to our terms or services

4.2 Opting Out of Marketing Communications

While transactional messages are necessary for fulfilling your orders, you have full control over marketing communications. If you prefer not to receive promotional updates or marketing communications, you may opt out by:

• Clicking the "Unsubscribe" link in any marketing email we send you
• Updating your communication preferences in your account settings
• Sending an opt-out request to info@cnbaonlinebooks.in
• Replying "STOP" to any SMS message to opt out of SMS marketing
• Contacting us at +91 96178 70273 during business hours

🔗 5. Data Sharing & Disclosure

We do not sell, trade, or rent your personal information to any third party. We may share your data only in the following limited and specific circumstances:

• Delivery & Logistics Partners: Shipping address and contact number shared with courier and logistics partners solely for the purpose of order delivery.
• Payment Processors: Payment information is shared with certified payment gateway partners (such as Razorpay, PayU, or similar) to process transactions securely. We do not store full card details.
• Legal Authorities: We may disclose information to law enforcement or government agencies when required by law, court order, or to protect the rights and safety of our customers and the company.
• Service Providers: We engage third-party vendors for email marketing, analytics, cloud hosting, and customer support. These partners have access to data only as needed to perform their services and are bound by strict confidentiality agreements.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction, subject to the same privacy protections.

🍪 6. Cookies & Tracking Technologies

We use cookies and similar tracking technologies to enhance your browsing experience, understand user behaviour, and personalise content.

Types of Cookies We Use

• Essential Cookies: Necessary for the website to function properly (e.g., maintaining your shopping cart and login session). These cannot be disabled.
• Performance Cookies: Help us understand how visitors interact with our website by collecting anonymous analytics data (e.g., Google Analytics).
• Preference Cookies: Remember your settings and preferences such as language, currency, and browsing history for a personalised experience.
• Marketing Cookies: Used to track browsing activity across websites and deliver targeted advertisements relevant to your interests.

You can control and manage cookies through your browser settings. Disabling cookies may affect the functionality of our website. For more information on how to manage cookies, visit your browser's help page.

🛡️ 7. Data Security

We implement industry-standard security measures to protect your personal information from unauthorised access, alteration, disclosure, or destruction. Our security measures include:

• SSL/TLS encryption for all data transmitted between your browser and our servers
• PCI-DSS compliant payment processing through certified gateway partners
• Regular security audits and vulnerability assessments of our systems
• Access controls ensuring only authorised personnel can access sensitive data
• Encrypted storage of sensitive information such as passwords (using bcrypt hashing)
• Regular backups and disaster recovery protocols

While we take every reasonable precaution to secure your data, no method of transmission over the internet is 100% secure. We encourage you to use a strong, unique password for your account and to never share your login credentials with anyone.

📅 8. Data Retention

We retain your personal information for as long as necessary to fulfil the purposes outlined in this policy, comply with legal obligations, resolve disputes, and enforce our agreements. Specifically:

• Account Data: Retained for as long as your account is active. You may request account deletion at any time.
• Order Data: Retained for 7 years to comply with Indian tax and accounting laws (GST records).
• Communication Records: Customer support communications retained for 3 years.
• Marketing Data: Retained until you withdraw consent or request deletion.
• Analytics Data: Aggregated and anonymised data may be retained indefinitely for business analysis.

✋ 9. Your Rights

As a user of our services, you have the following rights regarding your personal information:

• Right to Access: You may request a copy of the personal data we hold about you at any time.
• Right to Correction: You may request correction of inaccurate or incomplete personal data.
• Right to Deletion: You may request the deletion of your personal data, subject to legal and regulatory requirements.
• Right to Withdraw Consent: You may withdraw consent to marketing communications at any time without affecting the lawfulness of processing prior to withdrawal.
• Right to Data Portability: You may request your data in a structured, machine-readable format.
• Right to Lodge a Complaint: You have the right to complain to the appropriate data protection authority if you believe your rights have been violated.

To exercise any of these rights, please contact us at info@cnbaonlinebooks.in or call us at +91 96178 70273. We will respond to all valid requests within 30 days.

👧 10. Children's Privacy

Our services are not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information without your consent, please contact us immediately at info@cnbaonlinebooks.in and we will take immediate steps to delete such information.

🔄 11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last Updated" date at the top of this page
• Notify registered users via email at least 14 days before the changes take effect
• Display a prominent notice on our website homepage

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our services after the effective date of any changes constitutes your acceptance of the updated policy.

📞 12. Contact Us

If you have any questions, concerns, or requests related to this Privacy Policy or our data practices, please do not hesitate to contact us:

We are committed to resolving any privacy concerns promptly and transparently. All privacy-related queries will be handled with the utmost care and confidentiality.