Global Privacy Policy

Effective Date: July 6, 2026

At Drofix Hub (operated under GSTIN 07AAZFD3634L1ZT via drofixhub.com), protecting the privacy and security of your personal data is a foundational pillar of our corporate philosophy. We recognize the profound responsibility of safeguarding the sensitive information of our retail consumers, B2B wholesale clients, and dropshipping partners.

This Privacy Policy provides comprehensive transparency into our data governance framework. It dictates the stringent protocols by which we collect, utilize, transfer, and secure your personal data in accordance with premier international privacy frameworks, including alignment with principles outlined in the GDPR and applicable global data protection statutes.

1. Data Collection Framework

To engineer a highly tailored and frictionless e-commerce ecosystem, we aggregate specific datasets. We do not engage in the indiscriminate collection of data. Data is strictly grouped as follows:

  • Identity Data: Legal first and last name, username, title, date of birth, and gender.
  • Contact Data: Billing address, delivery address, corporate addresses (for B2B clients), email address, and telephone/mobile numbers.
  • Financial & Transaction Data: Bank account details and partial payment card details. (Note: Complete card architectures are processed strictly off-site via PCI-DSS compliant financial gateways. Drofix Hub servers never store raw credit card strings). Details regarding payments to and from you, and granular histories of products and services procured.
  • Technical & Telemetry Data: IP addresses, login credentials, browser morphology, time-zone mapping, device operating systems, and platform interaction metrics.
  • Marketing & Communications Data: Your explicit preferences for receiving direct marketing communications from us or verified third parties.

2. Purpose & Legal Basis for Processing

Your data is weaponized strictly for operational efficacy and customer satisfaction. We process data under the following legal foundations:

A. Contractual Necessity

  • To register you as a new entity (retail, wholesale, or dropshipping node).
  • To execute logistical fulfillment, dispatch routing, and coordinate last-mile delivery.
  • To manage financial reconciliations, invoicing, and refund processing.

B. Legitimate Business Interests

  • To deploy fraud detection algorithms and mitigate network security threats.
  • To deploy anonymized data analytics intended to optimize UX/UI experiences on our platforms.
  • To conduct corporate audits, troubleshooting, and backend architectural maintenance.

3. Data Sharing & Third-Party Disclosures

We absolutely do not sell your personal data to external brokers. We may, however, share your information within a tightly controlled network of vetted third-party infrastructure partners necessary to operate our global supply chain:

  • Logistics Partners: Courier and freight entities requiring Contact Data for physical delivery.
  • Financial Gateways: Institutions requiring Financial Data to process encrypted transactions.
  • IT & Cloud Providers: AWS or equivalent enterprise cloud hosts utilizing AES-256 encryption at rest to host our databases securely.
  • Legal & Regulatory Authorities: Government bodies or law enforcement agencies when mandated by valid legal subpoenas or tax compliance (e.g., GST reporting).

4. Enterprise Security Protocols

Zero-Trust Architecture: Drofix Hub employs a rigorous, defense-in-depth security paradigm to isolate your data from unauthorized access, alteration, or accidental loss.

Our digital perimeters are fortified with industry-leading SSL/TLS encryption. Access to your personal data is restricted via strict Role-Based Access Control (RBAC) protocols. Employees, agents, and contractors are granted access strictly on a “need-to-know” basis and are bound by severe confidentiality NDAs. Any suspected data breach will trigger our immediate Incident Response Plan, notifying you and the relevant regulatory bodies as required by law.

5. Cookies & Tracking Technologies

Our platforms deploy cookies, web beacons, and advanced tracking pixels to distinguish you from other users. This allows us to track items in your cart, persist your session, and deliver localized content. You reserve the right to configure your browser to reject these trackers, though this may fundamentally degrade the functionality of the Drofix Hub portal.

6. Data Retention Policies

We retain your personal data exclusively for as long as reasonably necessary to fulfill the purposes for which it was collected. For taxation, accounting, and legal compliance, we may be mandated to retain basic Identity, Contact, and Financial Data for up to seven (7) years post-transaction. Upon expiration of this period, your data is cryptographically shredded and rendered irrecoverable.

7. Your Legal Rights & Data Sovereignty

Depending on your jurisdiction, you possess specific sovereign rights over your digital footprint:

  • Right to Access: You may request an exported dossier of the personal data we hold about you.
  • Right to Rectification: You may request immediate correction of inaccurate or incomplete data.
  • Right to Erasure (Right to be Forgotten): You may request the deletion of your data where there is no compelling legal reason for its continued retention.
  • Right to Object/Restrict: You may contest our processing of your data under specific conditions.

To exercise any of these rights, please submit a formal request via our administrative contact channels. We strive to fulfill all legitimate requests within 30 standard business days.

8. Corporate Contact Information

Our dedicated Data Protection Officer (DPO) oversees all inquiries regarding this policy. For privacy-related escalations, please utilize the following coordinates:

Data Protection Officer (DPO): privacy@drofixhub.com
General Support: info@drofixhub.com
Telephone: +91 85888 54647
Headquarters: A-128, Thokar No. 6, Shaheen Bagh, Jamia Nagar, Okhla, New Delhi – 110025, India