Data Deletion Policy

PURPOSE:

To ensure timely and secure deletion of personal data collected from customers, in compliance with data protection regulations, while respecting customer preferences and operational requirements.

SCOPE:

Applies to:
  • All personal data collected via the OvinO website and mobile application
  • Customer account, subscription, and order-related data
  • Loyalty, wallet, and promotional communication data
  • Customer support queries and grievance records

TYPES OF DATA COLLECTED:

OvinO may collect the following categories of data:
  • Personal Identifiable Information (PII): Name, email, phone number, address, location
  • Transactional Data: Orders, invoices, delivery details
  • Account Data: Login credentials, membership details, preferences
  • Usage Data: App/website interactions, device and log information
  • Marketing Data: Email/WhatsApp/SMS preferences and consent status

DATA RETENTION PERIODS:

Data TypeRetention Period
PIIUntil deletion request or 1 year after inactivity
Transactional DataAs required under applicable tax and financial laws
Support QueriesUp to 1 year from last interaction
Marketing PreferencesUntil opt-out or account deletion
Inactive AccountsReviewed after 1 year of no interaction

USER INITIATED DELETION REQUESTS:

Users can request deletion of their personal data by contacting:
  • Request deletion via e-mail id : privacy@dsgroup.com
  • Get confirmation within a defined SLA (e.g., 7 working days)
  • Understand which data can’t be deleted due to legal requirements

PROCESSING OF MINOR DATA OR DATA OF PERSONS WITH DISABILITIES:

Automate deletion or anonymization of:
  • Accounts inactive for more than 1 year (after prior notice)
  • Loyalty data after expiry
  • Unsubscribing from marketing communications

EXEMPTIONS:

Some data may be retained even after deletion due to:
  • Regulatory and statutory requirements (financial/tax records)
  • Fraud prevention or dispute resolution
  • Security and audit obligations

LOGGING AND AUDITING:

  • OvinO maintains logs of deletion requests and actions taken.
  • Regular audits are conducted to ensure DPDP compliance.

POLICY REVIEW:

This Policy will be reviewed every 12 months or earlier in case of major platform or legal updates.

Last Updated January, 2026