ReverseStore — Certified Refurbished Apple Products

Privacy Policy

Last updated: 1 April 2025

1. Who We Are

ReverseStore.in ("ReverseStore", "we", "our", or "us") operates an online marketplace for certified refurbished Apple devices in India. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our website, mobile apps, or related services (collectively, the "Platform").

2. Information We Collect

We collect information in the following ways:

  • Account data: Name, email address, mobile number, and password hash when you register.
  • Order & payment data: Shipping address, payment method type (not full card numbers), order history, and invoice details.
  • KYC & seller data: PAN, Aadhaar, GSTIN, and bank account details — only for users who register as sellers.
  • Device identifiers: IMEI numbers associated with devices you sell or purchase through the Platform.
  • Usage data: IP address, browser type, pages visited, and click patterns collected via cookies and server logs.
  • Communication data: Support tickets, chat messages, and emails sent to us.

3. How We Use Your Information

  • To process orders, payments, and returns.
  • To verify seller identity and comply with KYC requirements under applicable Indian law.
  • To send transactional communications — order confirmations, shipping updates, OTPs.
  • To provide customer support and resolve disputes.
  • To improve the Platform through aggregate analytics (no individual profiling for advertising).
  • To detect and prevent fraud, abuse, and policy violations.
  • To comply with legal obligations, including GST invoicing requirements.

4. Sharing of Information

We do not sell your personal data. We share information only in these circumstances:

  • Logistics partners: Name, phone, and address shared for order delivery.
  • Payment processors: Razorpay processes card and UPI transactions; they are PCI-DSS compliant.
  • Cloud infrastructure: We use AWS (S3, SES) and Supabase for storage and database hosting. Data is stored in AWS regions covered by standard DPAs.
  • Legal requirements: We may disclose data if required by court order, law enforcement, or regulatory authority in India.

5. Data Retention

We retain account and transaction data for 7 years as required under Indian tax law (GST records). Inactive accounts with no orders may be deleted after 2 years of inactivity with prior notice. You may request deletion of non-statutory data by contacting us.

6. Cookies

We use strictly necessary cookies (session authentication, cart state) and optional analytics cookies (aggregated traffic data). We do not use third-party advertising cookies. You can disable optional cookies in your browser settings without affecting core Platform functionality.

7. Your Rights

Under the Digital Personal Data Protection Act 2023 (DPDPA), you have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate personal data.
  • Request erasure of personal data not required for legal compliance.
  • Withdraw consent for non-statutory processing.
  • Nominate a person to exercise these rights on your behalf.

To exercise any right, email help@reversestore.in with the subject "Privacy Request". We will respond within 30 days.

8. Security

Passwords are stored as bcrypt hashes. Payment data is handled entirely by Razorpay and never stored on our servers. All data in transit is encrypted via TLS 1.2+. We conduct periodic security reviews of our infrastructure and access controls.

9. Children

ReverseStore is not directed at individuals under 18. We do not knowingly collect personal data from minors. If you believe a minor has provided us data, contact us and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email at least 15 days before they take effect. Continued use of the Platform after the effective date constitutes acceptance of the updated policy.

11. Contact

For privacy-related queries:
Email: help@reversestore.in
Address: ReverseStore, Aurangabad, Maharashtra, India 431001
Grievance Officer:Available via the above email with subject "Grievance — Privacy"