Privacy Policy
Effective Date:
Last Updated:
Xemex Wellness (“Xemex Wellness,” “we,” “our,” or “us”) is the owner and operator of the website [www.xemexwellness.com] and related mobile or digital platforms. We are committed to safeguarding the privacy, confidentiality, and security of personal information entrusted to us by users, customers, and visitors (“you,” “your”).
This Privacy Policy describes how we collect, store, use, process, disclose, and protect personal data when you access or use our website, purchase products, communicate with us, or otherwise interact with Xemex Wellness.
By accessing or using our website, you expressly consent to the practices described in this Privacy Policy.
1. SCOPE AND APPLICABILITY
This Privacy Policy applies to:
• Visitors browsing the Website
• Customers purchasing products online
• Individuals creating an account
• Users engaging with customer support
• Marketing subscribers and promotional participants
This policy does not apply to offline data collection or third-party websites not controlled by Xemex Wellness.
2. TYPES OF INFORMATION WE COLLECT
2.1 Personal Information
Personal Information refers to data that identifies or can reasonably be linked to an individual, including but not limited to:
• Full name
• Email address
• Mobile number
• Billing and shipping address
• Gender and age (if voluntarily provided)
• Account login credentials
• Order history and transaction details
• Customer support communication
2.2 Sensitive Personal Data (as applicable)
In accordance with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, we may collect limited sensitive data such as:
• Payment instrument details (processed securely via third-party gateways)
• Bank or wallet information (tokenized / masked)
Note: Xemex Wellness does not store full card details on its servers.
2.3 Automatically Collected Information
When you use our Website, we may automatically collect:
• IP address
• Browser type and version
• Device identifiers
• Operating system
• Date and time of access
• Pages viewed and navigation paths
• Referral URLs
This data is collected for analytics, security, and optimization purposes.
2.4 Cookies and Tracking Technologies
We use cookies, pixels, SDKs, and similar technologies to:
• Enable core website functionality
• Remember user preferences
• Analyse traffic and usage patterns
• Deliver personalized advertisements
• Measure campaign performance
You may disable cookies through your browser settings; however, certain Website features may not function properly.
3. PURPOSE OF DATA COLLECTION AND PROCESSING
We collect and process your information for the following lawful purposes:
3.1 Transactional Purposes
3.2 Account Management
• Creating and maintaining user accounts
• Authentication and security verification
• Managing preferences and order history
3.3 Customer Engagement
• Responding to inquiries and complaints
• Providing post-purchase support
• Conducting customer satisfaction surveys
3.4 Marketing and Communication
• Promotional emails, SMS, or WhatsApp notifications
• Product launches and offers (subject to consent)
• Abandoned cart reminders
You may opt out of marketing communications at any time.
3.5 Legal and Regulatory Compliance
• Fraud detection and prevention
• Compliance with applicable laws
• Enforcement of contractual rights
• Audit and record-keeping obligations
4. LEGAL BASIS FOR PROCESSING
We process personal data based on one or more of the following legal grounds:
• Your explicit consent
• Performance of a contract
• Compliance with legal obligations
• Legitimate business interests
• Protection of vital interests
5. DISCLOSURE OF INFORMATION
We do not sell or rent personal information. We may share your data only with:
5.1 Service Providers
• Payment gateways
• Courier and logistics partners
• Email, SMS, and CRM platforms
• IT infrastructure and cloud service providers
• Analytics and marketing partners
All service providers are bound by confidentiality and data protection agreements.
5.2 Legal Authorities
Where disclosure is required by:
• Law enforcement agencies
• Court orders or government regulations
• Statutory or regulatory obligations
5.3 Business Transfers
In the event of a merger, acquisition, restructuring, or sale of assets, user information may be transferred subject to confidentiality safeguards.
6. DATA STORAGE AND RETENTION
• Personal data is stored on secure servers located in India and/or other jurisdictions.
• Data is retained only for as long as necessary to fulfill the purposes outlined or to comply with legal requirements.
• Upon expiry, data is securely deleted or anonymized.
7. DATA SECURITY MEASURES
Xemex Wellness implements reasonable security practices including:
• SSL encryption
• Secure hosting environments
• Role-based access controls
• Regular vulnerability assessments
• Internal data protection protocols
Despite best efforts, no system is entirely secure. Users acknowledge and accept this inherent risk.
8. USER RIGHTS AND CHOICES
Subject to applicable law, you have the right to:
• Access your personal data
• Request correction or updates
• Withdraw consent
• Request deletion of data
• Opt out of marketing communications
Requests can be submitted via the contact details provided below.
9. INTERNATIONAL DATA TRANSFERS
Your information may be transferred to and processed in countries outside India where our service providers operate. Such transfers are carried out with appropriate safeguards.
10. CHILDREN’S PRIVACY
Our Website is not intended for individuals under 18 years of age. We do not knowingly collect personal data from minors. If such data is identified, it will be deleted promptly.
11. THIRD-PARTY LINKS
The Website may contain links to external websites. Xemex Wellness is not responsible for the privacy practices or content of such third parties.
12. POLICY UPDATES
We reserve the right to modify this Privacy Policy at any time. Updates will be posted on this page with a revised “Last Updated” date.
Continued use of the Website constitutes acceptance of the revised policy.
13. GRIEVANCE OFFICER & CONTACT DETAILS
In compliance with the Information Technology Act, 2000, the details of the Grievance Officer are as follows:
Grievance Officer:
Email:
Address:
Response Time:
DISCLAIMER
This Privacy Policy is intended to provide transparency and general compliance. For full legal enforceability, consultation with a qualified legal professional is recommended.