Privacy Policy

Platform: karnage.in Effective: 01st March 2026 Last Updated: 01st March 2026

This Privacy Policy (“Policy”) explains how Hundia Infosolutions Private Limited collects, uses, stores, shares, protects, and otherwise processes personal data through the website karnage.in and any related webpages, features, content, customer support channels, and services made available through it (collectively, the “Platform”).

KARNAGE is a brand operated by Hundia Infosolutions Private Limited.

This Policy is intended to help you understand:

  • what information we collect,
  • why we collect it,
  • how we use it,
  • when we may share it,
  • how long we retain it,
  • what choices and rights you may have, and
  • how you may contact us regarding your personal data.

By accessing or using the Platform, or by submitting your information to us, you acknowledge that you have read and understood this Policy.

1. Scope of This Policy

This Policy applies to personal data collected by us through:

  • a. your use of the Platform;
  • b. account registration and login;
  • c. purchase transactions and checkout;
  • d. customer support interactions;
  • e. warranty, return, refund, replacement, or grievance requests;
  • f. participation in promotions, surveys, campaigns, or marketing communications; and
  • g. any other lawful interaction with us in connection with the Platform.

This Policy applies to users, to products offered for sale in India through the Platform.

2. Personal Data We Collect

Depending on how you interact with us, we may collect the following categories of personal data:

2.1 Information you provide directly

We may collect information that you voluntarily provide, including:

  • a. full name;
  • b. mobile number;
  • c. email address;
  • d. billing address;
  • e. shipping address;
  • f. PIN code, city, and state;
  • g. account login details, GST details, where applicable;
  • h. order details and purchase history;
  • i. customer support requests, complaint details, and correspondence;
  • j. warranty claim details, including invoice information, serial number, and issue descriptions; and
  • k. information submitted in reviews, feedback, forms, surveys, or promotional participation; and
  • l. any other information you choose to provide to us.

2.2 Transaction and order information

When you place an order, we may collect:

  • a. product details purchased;
  • b. order value;
  • c. payment status;
  • d. transaction reference numbers;
  • e. shipping and fulfillment details; and
  • f. return, refund, replacement, or cancellation records.

2.3 Payment-related information

Payments on the Platform may be processed by third-party payment service providers. We generally do not store complete card details, CVV, UPI PIN, or net banking credentials on our own systems unless specifically stated and lawfully required.

However, we may receive limited payment-related information such as:

  • a. payment status;
  • b. masked payment instrument details;
  • c. transaction ID or token;
  • d. payment mode; and
  • e. fraud-risk or payment-verification indicators.

2.4 Device and technical information

When you use the Platform, we may automatically collect certain technical information, such as:

  • a. IP address;
  • b. browser type and version;
  • c. device type and operating system;
  • d. language preference;
  • e. date and time of access;
  • f. website pages visited;
  • g. referring website or source;
  • h. clickstream and browsing behavior on the Platform; and
  • i. cookie identifiers and similar technical data.

2.5 Marketing and communication preferences

We may collect your preferences regarding:

  • a. promotional emails;
  • b. SMS or WhatsApp communications;
  • c. product updates;
  • d. launch alerts;
  • e. coupon or campaign participation; and
  • f. customer feedback requests.

3. Information We Do Not Intend to Collect

We do not intentionally seek to collect personal data that is unnecessary for the operation of the Platform or the fulfillment of legitimate business purposes.

Please do not provide:

  • a. unrelated sensitive personal information;
  • b. financial credentials not requested through authorized payment channels;
  • c. another person’s information without authorization; or
  • d. any unlawful, false, or misleading information.

Where certain categories of sensitive information are submitted as part of a support or verification process, such information shall be handled with appropriate safeguards and only to the extent necessary and lawful.

4. How We Collect Personal Data

We may collect personal data through:

  • a. account creation and login;
  • b. checkout and purchase flow;
  • c. customer support email, calls, chat, or contact forms;
  • d. warranty registration or service requests;
  • e. newsletters, campaigns, and promotional forms;
  • f. cookies, pixels, analytics tools, and similar technologies; and
  • g. third parties such as payment partners, logistics providers, fraud-prevention tools, or service vendors assisting us in operating the Platform.

5. Lawful Basis and Purposes of Processing

India’s current digital personal data framework is centered on lawful processing for specified purposes, including consent-based and certain legitimate uses recognized by law.

We may process your personal data for the following purposes:

5.1 To provide products and services

Including to:

  • a. create and manage your account;
  • b. process your orders;
  • c. arrange shipping and delivery;
  • d. provide invoices and order confirmations;
  • e. manage returns, replacements, refunds, and warranty claims; and
  • f. offer after-sales support.

5.2 To communicate with you

Including to:

  • a. respond to your inquiries;
  • b. provide order and delivery updates;
  • c. resolve complaints or service issues;
  • d. share policy, security, or account-related notices; and
  • e. send important transactional communications.

5.3 To improve the Platform

Including to:

  • a. understand user behavior;
  • b. improve website functionality and user experience;
  • c. troubleshoot bugs and technical issues;
  • d. test and optimize performance; and
  • e. enhance product assortment and support processes.

5.4 For security and fraud prevention

Including to:

  • a. detect suspicious transactions or misuse;
  • b. prevent unauthorized access;
  • c. investigate fraudulent returns, chargebacks, or fake claims;
  • d. maintain platform integrity; and
  • e. comply with cybersecurity and incident-response obligations.

5.5 For marketing and promotions

Where permitted by law, we may use your information to:

  • a. send promotional messages;
  • b. share launch announcements, offers, or product updates;
  • c. run contests, campaigns, and feedback programs; and
  • d. personalize promotional content.

You may opt out of non-essential marketing communications at any time.

5.6 To comply with legal and regulatory obligations

Including to:

  • a. maintain records required by tax, accounting, consumer, or commercial laws;
  • b. respond to lawful requests from regulators, authorities, or courts;
  • c. enforce our legal rights, policies, and contracts; and
  • d. comply with applicable cybersecurity and incident-reporting obligations. CERT-In’s directions require covered entities to report certain cyber incidents within specified timelines.

6. Cookies and Similar Technologies

We may use cookies, pixels, tags, SDKs, and similar technologies for the following purposes:

  • a. essential website functionality;
  • b. cart and session management;
  • c. login recognition;
  • d. performance analytics;
  • e. security and fraud detection;
  • f. remembering preferences; and
  • g. improving marketing effectiveness.

You may control or disable cookies through your browser settings. However, disabling certain cookies may impact website functionality, login persistence, cart behavior, or user experience.

A separate Cookie Notice may be published by us from time to time for more granular disclosures.

7. When We Share Personal Data

We do not sell your personal data for money. We may, however, share personal data on a need-to-know basis with the following categories of recipients:

7.1 Service providers and vendors

We may share data with third parties that assist us in operating the Platform, including:

  • a. website hosting and cloud service providers;
  • b. payment processors;
  • c. logistics and courier partners;
  • d. CRM, ERP, analytics, and customer support tools;
  • e. fraud detection and risk management partners;
  • f. marketing automation vendors; and
  • g. warranty, repair, or service support vendors where applicable.

Such parties are expected to process data only for authorized purposes and subject to appropriate contractual and security controls.

7.2 Legal, regulatory, and law enforcement authorities

We may disclose personal data where required:

  • a. under applicable law;
  • b. pursuant to court orders or legal process;
  • c. in response to lawful governmental or regulatory requests;
  • d. to protect our legal rights, users, systems, or business; or
  • e. to investigate fraud, abuse, cyber incidents, or unlawful conduct.

7.3 Group entities and internal teams

We may share personal data internally with authorized employees, departments, and affiliated entities strictly on a need-to-know basis for operational, service, compliance, and management purposes.

8. Data Retention

We retain personal data only for as long as reasonably necessary for the purpose for which it was collected, or as required by applicable law, record-keeping obligations, dispute resolution needs, fraud prevention, tax compliance, warranty administration, or enforcement of our legal rights.

Retention periods may vary depending on the nature of the data, the purpose of processing, legal requirements, and business necessity.

We may retain certain data for longer where:

  • a. required by law;
  • b. necessary for defending legal claims;
  • c. needed for fraud prevention or investigation;
  • d. relevant to ongoing disputes, audits, or litigation; or
  • e. required for tax, accounting, warranty, or consumer complaint handling.

Where data is no longer required, we will delete, anonymize, or securely de-identify it, subject to technical and legal feasibility.

9. Data Security

We use reasonable technical, organizational, and administrative safeguards to protect personal data against unauthorized access, misuse, alteration, loss, disclosure, or destruction.

These measures may include:

  • a. access controls and authentication measures;
  • b. role-based restrictions;
  • c. secured hosting environments;
  • d. encryption or pseudonymization where appropriate;
  • e. monitoring, logging, and incident response processes; and
  • f. vendor risk and access management controls.

No digital platform, however, can guarantee absolute security. You are also responsible for safeguarding your account credentials, devices, and one-time passwords.

Indian cybersecurity compliance expectations continue to include prompt cyber-incident reporting and related security practices under CERT-In’s framework.

10. Withdrawal of Consent

Where processing is based on your consent, you may withdraw such consent by contacting us using the details set out below, or by using available unsubscribe or preference-management options.

Withdrawal of consent shall not affect the lawfulness of processing carried out before such withdrawal. Please note that withdrawal of consent may affect our ability to provide certain services, features, support, promotions, or transaction-related functionality.

11. Correction and Updating of Information

You are responsible for ensuring that the personal data you provide to us is accurate and up to date. If you need to correct, update, or change your information, you may:

  • a. update your account profile, where such option is available; or
  • b. contact us at the support email provided below.

We may take reasonable steps to verify the authenticity of the request before making corrections.

12. Children’s Privacy

The Platform is intended for adults capable of entering into lawful transactions. We do not knowingly collect personal data from children in a manner prohibited by law.

If you believe that a child has provided personal data to us in violation of applicable law, please contact us immediately so that appropriate action may be taken.

13. Third-Party Links and Services

The Platform may contain links to third-party websites, payment pages, social media services, embedded tools, or external applications. We do not control these third-party platforms and are not responsible for their privacy practices, policies, or content.

You are encouraged to review the privacy notices of such third-party services before sharing personal information with them.

14. International Transfer Position

The Platform is intended for sale and operation in India. However, some of our service providers, technology infrastructure, analytics vendors, or cloud systems may store or process data using systems located outside your immediate location, subject to applicable law and contractual safeguards.

Where any cross-border processing occurs, we will seek to ensure that such processing is undertaken in accordance with applicable law and with appropriate protections.

15. Grievances and Complaints

If you have any questions, complaints, requests, or concerns regarding this Policy or our handling of your personal data, you may contact us at:

Email: support@karnage.in

We will make reasonable efforts to review and address privacy-related grievances within a period of one month or as otherwise specified by applicable law.