Lunar
Legal

Privacy Policy

Last updated: July 15, 2026

1. Introduction

Lunar Jewellers Private Limited ("Lunar Jewellers", "we", "us", or "our") operates the Lunar Jewellers website (https://www.lunarjewellers.com) and the Lunar Jewellers mobile application (together, the "Service"). This Privacy Policy explains how we collect, use, disclose and safeguard your information when you use our Service. Lunar Jewellers is a B2B jewellery catalogue and order-request platform intended for use by registered jewellery businesses, and is not an ecommerce platform for individual consumers.

By creating an account or otherwise using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use the Service.

2. Information We Collect

We collect the following categories of information:

  • Account & Business Information: business name, owner/contact name, email address, phone number, business address, GST/business registration details, and role within your organisation.
  • Authentication Data: credentials and identifiers processed via Firebase Authentication, including hashed passwords (never stored by us in plaintext), phone numbers used for OTP verification, and authentication tokens.
  • Catalogue & Order Data: product listings, wishlists, order requests, and related business transaction metadata that you or your connected suppliers create within the Service.
  • Device & Usage Data: IP address, device identifiers, operating system, app version, crash logs, and usage patterns collected through analytics tools.
  • Communications: information you provide when you contact support, submit a ticket, or fill out a contact form, including any attachments.

3. How We Use Your Information

We use the information we collect to:

  • Create and manage your business account and verify your identity;
  • Provide, operate, and maintain the catalogue and order-request functionality;
  • Facilitate communication between your business and connected suppliers, including WhatsApp order handoff;
  • Send transactional notifications about orders, account activity and platform updates;
  • Monitor and analyse usage to improve performance, security and features;
  • Detect, prevent and address fraud, abuse, security incidents and technical issues;
  • Comply with legal obligations and enforce our Terms & Conditions.

4. Authentication & Firebase

We use Google Firebase Authentication to manage account creation and login. Firebase processes your email address, phone number (for OTP-based login), and authentication tokens on our behalf, in accordance with Google's Firebase privacy and security practices. We do not store your raw password on our servers. Session tokens issued by Firebase are used solely to authenticate your requests to our backend and are stored securely on your device.

5. Catalogue & Business Data

Catalogue data (product images, specifications, pricing visibility settings) uploaded by supplier accounts is stored on secure cloud infrastructure and made visible to connected buyer accounts as configured by the supplier. Order requests, wishlists and business profile data are stored to enable the core functionality of the Service and are retained per Section 9 below.

6. Notifications

We use push notification services (including Firebase Cloud Messaging) to send you order updates, new arrival alerts, and account notices. You can manage or disable notification preferences from within the app's settings or your device's system settings at any time.

7. Analytics & Cookies

We use analytics tools (including Firebase Analytics and standard web analytics on our website) to understand how the Service is used. These tools may collect device identifiers, app interactions, and aggregated usage statistics. Our website uses cookies and similar technologies as described in our Cookies Policy.

8. How We Share Information

We do not sell your personal information. We may share information with:

  • Connected Businesses: catalogue and order data is shared between your business account and the specific suppliers or buyers you transact with;
  • Service Providers: cloud hosting, authentication (Firebase/Google Cloud), analytics, customer support and messaging providers who process data on our behalf under contractual confidentiality obligations;
  • Legal Compliance: where required to comply with applicable law, regulation, legal process or governmental request;
  • Business Transfers: in connection with a merger, acquisition or sale of assets, subject to standard confidentiality protections.

9. Data Retention

We retain your account and business data for as long as your account remains active, and for a reasonable period thereafter to comply with legal obligations, resolve disputes, and enforce agreements. Upon a verified deletion request (see our Data Deletion Policy), we will delete or anonymise your personal data within the timelines specified there.

10. Data Security

We implement industry-standard technical and organisational measures to protect your information, including encryption in transit (TLS), encrypted cloud storage, role-based access controls, and regular security reviews. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

11. Your Rights

Depending on your location, you may have the right to access, correct, export, restrict, or delete your personal information, and to object to or withdraw consent for certain processing. You can exercise these rights by emailing lunarjewellers@gmail.com or through the in-app account settings.

12. GDPR (EEA/UK Users)

If you are located in the European Economic Area or United Kingdom, we process your personal data under the following legal bases: performance of a contract (providing the Service), legitimate interests (improving and securing the Service), consent (for optional communications and analytics), and legal obligation. You have the right to lodge a complaint with your local data protection authority. Our EEA/UK contact for privacy matters is lunarjewellers@gmail.com.

13. India Digital Personal Data Protection Act, 2023

As a platform operating in India, we process personal data as a Data Fiduciary under the Digital Personal Data Protection Act, 2023 ("DPDP Act"). We collect personal data only for specified, lawful purposes disclosed in this policy, obtain consent where required, and provide mechanisms for you to access, correct and withdraw consent for the processing of your personal data. You may exercise your rights under the DPDP Act, including the right to grievance redressal, by contacting our Grievance Officer at lunarjewellers@gmail.com. We will respond to verified requests within the timelines prescribed under the DPDP Act and its rules.

14. Google Play Compliance

Our Android application complies with Google Play's User Data policy and Families policies (where applicable). We only request device permissions (such as storage, camera or notifications) that are necessary for core app functionality, and we clearly disclose the purpose of each permission at the point of request. A summary of data collection and sharing practices is also available in our Google Play Data Safety section.

15. Children's Privacy

The Service is intended for use by business owners and employees aged 18 and above. We do not knowingly collect personal information from individuals under 18. If we become aware that we have collected such information, we will take steps to delete it promptly.

16. International Data Transfers

Your information may be stored and processed on servers located outside your state, province, or country, including in jurisdictions that may have data protection laws different from those in your jurisdiction. Where we transfer personal data internationally, we rely on appropriate safeguards such as standard contractual clauses or equivalent mechanisms.

17. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised "Last updated" date, and where appropriate, via in-app notice or email.

18. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at lunarjewellers@gmail.com or write to us at First Floor, Shop C-1, No. 73, Bhairav Towers, Netaji Subhash Chandra Bose Road, Sowcarpet, Chennai, Tamil Nadu 600079, India.