OpenXmart Privacy Policy

Last updated: August 14, 2025

This Privacy Policy ("Policy") explains how OpenXmart Technologies ("Company", "we", "our", "us") collects, uses, shares, and protects personal and business information of users ("you", "your", "Buyer", or "Supplier") when you access or use our platform, services, and related features. By registering, browsing, or transacting on OpenXmart, you agree to the practices described in this Policy.

1. Information We Collect

We may collect the following categories of information:

(a) Personal Information

  • Name, contact number, email address.
  • Government-issued identification (GSTIN, Udyam, PAN, etc.).
  • Business registration details.

(b) Transaction Information

  • Payment details (UPI, bank transfers, card payments – processed securely via RBI-compliant payment gateways).
  • Order history, invoices, and refund records.

(c) Technical Information

  • Cookies and tracking data for analytics and advertising.
  • Location data (when enabled).

(d) Communication Data

  • Messages exchanged between Buyers and Suppliers on the platform.
  • WhatsApp OTP verification logs (retained only for verification and deleted within 30 days).

2. How We Use Your Information

  1. Verify identity and register accounts.
  2. Process payments, refunds, and transactions securely.
  3. Enable Buyer–Supplier communication.
  4. Provide logistics, delivery, and shipment tracking.
  5. Improve website performance, SEO ranking, and user experience.
  6. Comply with legal, tax, and regulatory requirements.
  7. Send service updates, security alerts, and promotional offers (with user consent).

3. Legal Basis & Consent

We comply with the Digital Personal Data Protection Act, 2023 (DPDPA). Users may withdraw consent for marketing or data processing at any time by writing to support@openxmart.com. Certain information may be retained as required by law.

4. Information Sharing

We do not sell or rent user data. Limited sharing may occur:

  • With Suppliers: Buyer contact details only after a confirmed order/lead.
  • With Buyers: Supplier contact details after order or lead confirmation.
  • With Payment Gateways: To process transactions via RBI-regulated partners.
  • With Logistics Partners: To facilitate shipping.
  • With Legal Authorities: If required under applicable law.

5. Data Protection & Security

  • All payments processed via PCI-DSS compliant gateways.
  • Encryption, firewalls, and access controls safeguard data.
  • Users are responsible for protecting their login credentials.

6. Data Retention

  • Personal data retained only as long as required for business operations, compliance, or dispute resolution.
  • OTP logs deleted within 30 days.
  • Users may request account deletion, subject to legal retention requirements.

7. User Rights

  • Access, review, and correct personal data.
  • Request deletion of your account (subject to law).
  • Opt-out of marketing communications.
  • Withdraw consent for data processing.

8. Third-Party Links

We are not responsible for the privacy practices of external websites linked from OpenXmart.

9. Policy Updates

We may update this Policy periodically. Continued use of the platform signifies acceptance.

10. Contact Us