Brand AssetsMedia CenterContact UsGSTIN: 20AAPCR0279N1Z0
Rokad's LogoRokad's Logo
Let's talk
Legal

Data Handling

Last updated on Dec 17, 2025

This Data Handling & Data Protection Policy (“Policy”) describes how Rokad Retail Ventures Pvt. Ltd. (“Rokad”, “Company”, “we”, “our”, or “us”) collects, processes, stores, protects, and uses personal and business-related data in compliance with applicable laws of India.

Rokad is committed to ensuring transparency, security, and lawful processing of data entrusted to us.

1. Company & Data Fiduciary Details

  • Legal Entity Name: Rokad Retail Ventures Pvt. Ltd.
  • Role under Indian Law: Data Fiduciary
  • Registered / Communication Address: 808, Mahabir Tower, Main Road, Ranchi, Jharkhand – 834001, India
  • Data Protection & Privacy Contact: 📧 data-handing@rokad.co

2. Legal Framework Governing This Policy

This Policy is framed in accordance with, and governed by, the following Indian laws and regulations:

  1. Information Technology Act, 2000
  2. Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
  3. Digital Personal Data Protection Act, 2023 (“DPDP Act”)
  4. Applicable rules, notifications, circulars, and amendments issued thereunder

In case of any conflict, statutory provisions shall prevail.

3. Scope & Applicability

This Policy applies to all individuals and entities (“Data Principals”) who:

  • Visit or use Rokad’s website or digital platforms
  • Submit information via forms, emails, or other communication channels
  • Subscribe to newsletters or marketing communications
  • Engage with Rokad as customers, suppliers, partners, or prospects

This Policy does not apply to third-party websites or platforms linked from Rokad’s website.

4. Categories of Data Collected

4.1 Personal Data

  • Name
  • Email address
  • Phone number (if voluntarily provided)
  • Professional designation
  • Communication preferences

4.2 Business & Commercial Data

  • Business name and details
  • Industry information
  • Enquiry-related information
  • Messages, documents, or information voluntarily submitted

4.3 Communication Data

  • Emails, messages, and form submissions
  • Newsletter subscriptions and preferences
  • Feedback or responses

4.4 Technical & Usage Data

  • IP address
  • Browser type and device information
  • Access logs
  • Pages visited and interaction data (analytics)

Rokad does not intentionally collect Sensitive Personal Data such as financial details, biometric data, health data, passwords, or government-issued identifiers unless explicitly required under a lawful obligation.

5. Modes of Data Collection

Data is collected through:

  • Website forms (powered by Tally.so)
  • Direct email communications
  • Newsletter sign-ups
  • Business communications
  • Automated technical logs and analytics

All data is collected lawfully, fairly, and with user consent where required.

6. Technology Stack & Infrastructure

Rokad uses the following platforms strictly for internal operations:

  • Strapi – Content Management System (CMS)
  • Vercel – Website hosting and deployment infrastructure
  • GitHub – Source code repository and access-controlled version management
  • Tally.so – Secure form data collection

These services act as data processors and do not have independent rights over the data.

7. Purpose Limitation & Lawful Use

Collected data is used strictly for the following purposes:

  • Responding to enquiries and communications
  • Providing requested information, services, or support
  • Sending newsletters, updates, and business communications
  • Personalising email communications
  • Internal analytics, reporting, and platform improvement
  • Compliance with legal, regulatory, or contractual obligations
  • Preventing fraud, misuse, or security incidents

Data is not used for purposes beyond those stated without additional consent.

8. Consent & Lawful Basis

Under the DPDP Act, 2023:

  • Consent is obtained explicitly or implicitly through user actions (e.g., form submission, newsletter opt-in)
  • Consent is free, informed, specific, and unambiguous
  • Users may withdraw consent at any time by contacting us

Withdrawal of consent may limit certain services.

9. Data Sharing & Disclosure

  • We do not sell, lease, or trade personal or business data.

  • Data remains strictly for Rokad’s internal use.

  • Data is not shared with third parties for their independent marketing or commercial use.

  • Disclosure may occur only if:

    • Required by law, court order, or government authority
    • Necessary for enforcing legal rights or preventing fraud
    • Required for internal processors under strict confidentiality obligations

10. Data Retention Policy

Data is retained only for as long as necessary to:

  • Fulfil the purpose for which it was collected
  • Meet statutory, legal, or contractual obligations
  • Resolve disputes or enforce agreements

Upon completion of retention requirements, data is securely deleted or anonymised.

11. Data Security & Safeguards

Rokad implements reasonable security practices as mandated under Indian law, including:

  • Secure hosting environments
  • Access control and role-based permissions
  • Authentication mechanisms
  • Encryption where applicable
  • Restricted internal access
  • Periodic security reviews

Despite best efforts, no digital system is completely immune to security risks.

12. Rights of Data Principals

Subject to applicable law, you have the right to:

  • Access your personal data
  • Request correction or updating of inaccurate data
  • Request erasure of personal data (where legally permissible)
  • Withdraw consent for communications
  • Grievance redressal

Requests can be made via data-handing@rokad.co.

13. Grievance Redressal

In accordance with Indian law, grievances related to data handling may be addressed to:

📧 data-handing@rokad.co ⏳ Response timeline: Within a reasonable period, as required by law

14. Cookies & Tracking Technologies

Rokad may use cookies or similar technologies to:

  • Ensure website functionality
  • Analyse website usage and performance

Users may manage cookie preferences through browser settings.

15. Children’s Data

Rokad does not knowingly collect data from individuals under 18 years of age. If such data is identified, it will be deleted without undue delay.

16. Cross-Border Data Transfer

If data is processed or accessed outside India due to infrastructure providers, such processing is done in compliance with applicable Indian laws and with adequate safeguards in place.

17. Policy Updates & Amendments

Rokad reserves the right to update this Policy to reflect:

  • Legal or regulatory changes
  • Technological advancements
  • Business or operational changes

The updated Policy will be published on the website and will be effective from the date mentioned.

18. Governing Law & Jurisdiction

This Policy shall be governed by and construed in accordance with the laws of India. Courts at Ranchi, Jharkhand shall have exclusive jurisdiction.