homeHomegrid_viewShoppersonProfile

LEGAL // PRIVACY

PRIVACY
POLICY

Last updated: April 2026. This policy covers how we collect and use your data when you shop with GOAT SZN.

01 — WHO WE ARE

GOAT SZN is an Indian sports-culture apparel brand operating at goatszn.in. We are the data controller for any personal information you provide to us. For questions about this policy, contact us via WhatsApp or at the email on file.

02 — DATA WE COLLECT

We collect only what is necessary to process and deliver your orders:

  • Account data: Name, email address, username, and password (hashed — we never store plain text).
  • Order data: Shipping address, phone number, items purchased, and purchase price at time of order.
  • Payment data: We do not store card details. All payment processing is handled by Razorpay. We only retain your payment ID and gateway reference for order tracking.
  • Google Sign-In: If you sign in with Google, we receive your name, email, and profile picture from Google. We do not receive your Google password.
  • Analytics: Anonymised session data (pages visited, device type, referral source) to improve the site. No personally identifiable data is tied to analytics.

03 — HOW WE USE IT

  • Process, dispatch, and track your orders
  • Send order confirmation and shipping updates
  • Manage your account and saved addresses
  • Respond to exchange requests and support queries
  • Prevent fraud and protect site security
  • Improve the site experience through anonymised analytics

We do not sell your data. We do not use your data for third-party advertising.

04 — THIRD-PARTY SERVICES

We share minimal data with trusted third-party processors:

Razorpay

Payment processing

Order amount, email, phone. Razorpay processes card and UPI transactions. We never see your full card details.

Shiprocket

Order fulfilment & shipping

Your name, phone, and delivery address are shared with our logistics partner to generate shipping labels and AWB numbers.

Google

Optional Sign-In (OAuth)

If you choose "Continue with Google", Google authenticates you and shares your basic profile. This is optional — email/password sign-in is also available.

05 — COOKIES

We use a session token stored in your browser's local storage to keep you logged in. We do not use tracking cookies or third-party ad cookies. Anonymised analytics may use a session identifier that does not identify you personally.

06 — DATA RETENTION

Your account data is retained for as long as your account exists. Order records are retained for 3 years for tax and legal compliance. You may request deletion of your account at any time — order history required for legal compliance will be anonymised rather than deleted.

07 — YOUR RIGHTS

Under the Digital Personal Data Protection Act (DPDP) 2023 and applicable Indian law, you have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data via your account settings
  • Request deletion of your account and personal data
  • Withdraw consent for non-essential data use

To exercise any of these rights, contact us via WhatsApp or email. We will respond within 7 business days.

08 — SECURITY

Passwords are hashed using bcrypt. All API communication runs over HTTPS. Payment data never touches our servers — it is processed directly by Razorpay's PCI-DSS compliant infrastructure. We review access controls and security practices regularly.

09 — CHANGES TO THIS POLICY

We may update this policy as the product evolves. Material changes will be communicated via email to registered users. The "Last updated" date at the top of this page reflects the most recent revision.