Privacy Policy – Rivashaa Eco Design Solutions Pvt. Ltd.

Last Updated: August 26, 2025

Who we are

This website https://www.rivashaaeco.com is operated by Rivashaa Eco Design Solutions Pvt. Ltd. (“Rivashaa,” “we,” “us,” or “our”).

  • Company Name: Rivashaa Eco Design Solutions Pvt. Ltd.
  • Registered Address: 3rd Floor, Royale Manor, Dhulia Kot Road, Law Garden, Ellis Bridge, Ahmedabad, Pin Code : 380006 Gujarat, India
  • Contact  Email: solutions@rivashaaeco.com
  • Phone: +91 70162 6179
  • Company Registration: [Insert CIN / registration number as per MCA India, if required]

We are a global supplier and exporter of ECA® (Expanded Clay Aggregate) and related eco-construction materials.

What personal data we collect and why we collect it

We collect and process personal data when you interact with our website, submit inquiries, place orders, or use our services.

Types of data collected:

  • Identity Information – Name, company name, designation
  • Contact Information – Email address, phone number, postal address
  • Business Information – RFQs, purchase orders, shipping details
  • Transactional Data – Payment details (processed via secure payment gateways, not stored on our servers)
  • Technical Data – IP address, browser type, device identifiers, geolocation, cookies, analytics logs
  • Communications – Emails, support queries, customer feedback

Sensitive data: Rivashaa does not intentionally collect or process sensitive categories of data (e.g., health, religion, biometric).

Why we collect data:

  • To respond to inquiries, RFQs, and customer requests
  • To process orders, logistics, and shipping
  • To provide product datasheets, safety documentation, and compliance material
  • To improve site performance, analytics, and marketing outreach (with opt-out options)
  • To comply with legal, tax, and regulatory requirements

Comments

Our website currently does not allow blog/article comments. If enabled in future, the following may be collected:

  • Visitor IP address and browser user agent string (to detect spam).
  • Gravatar service anonymized hash (if used).

Media

If users upload media (e.g., technical documents, images), note that files may be publicly accessible. Users should avoid uploading files with embedded location data (EXIF GPS).

Contact forms

If you submit a query via our website contact form:

  • Data collected: name, email, company, message.
  • Retention: 6 months for customer service purposes.
  • Use: strictly for responding to inquiries; not for marketing without explicit consent.

Cookies

We use cookies to:

  • Enable website navigation and security (essential cookies)
  • Analyze site traffic and performance (analytics cookies)
  • Remember preferences (functional cookies)
  • Support marketing and remarketing campaigns (if opted-in)

See our full Cookie Policy for details.

Analytics

We use Google Analytics and similar tools to measure website usage.

Who we share your data with

We do not sell personal data. Data may be shared only with trusted service providers:

  • Logistics Partners – for order fulfillment & delivery
  • Cloud Hosting & IT Services – for secure website operation
  • Analytics & Marketing Tools – e.g., Google Analytics, email marketing (opt-in only)
  • Legal / Tax Authorities – if required by law

How long we retain your data

  • Contact form entries: 6 months
  • Analytics data: 12 months
  • Order records & invoices: Up to 10 years (for legal/tax purposes)
  • Customer accounts (if created): Until deletion request

What rights you have over your data

Depending on your jurisdiction, you may have the following rights:

Under GDPR (EU): Access, correction, erasure, restriction, objection, portability, withdraw consent, complain with data authority.
Under CCPA (California, USA): Know, delete, opt out of sale (we do not sell), non-discrimination.
Under DPDP Act (India): Access, correction, erasure, consent withdrawal, nominate a representative.

 To exercise rights, email: compliance@rivashaaeco.com

Where your data is sent

Data may be stored/processed in:

  • India (primary servers)
  • EU/US cloud hosting providers (with GDPR Standard Contractual Clauses)
  • Other regions (Middle East, Africa, Asia) as per logistics/operations

Safeguards include encryption, contractual clauses, and compliance with applicable data protection laws.

Additional information

How we protect your data

  • Encrypted transmission (HTTPS, TLS)
  • Secure cloud hosting with access controls
  • Staff training in GDPR/DPDP compliance
  • Internal privacy and data handling policies

What data breach procedures we have in place

  • Internal reporting & incident response system
  • Notification to regulators and affected users (within legal timelines)
  • Regular penetration testing and security audits

What third parties we receive data from

  • Logistics providers (shipment tracking)
  • Analytics tools (user engagement)
  • Marketing platforms (campaign performance, if opted-in)

What automated decision-making and profiling we do

  • None currently. If implemented (e.g., marketing personalization), it will be subject to consent and opt-out options.