Home / Privacy Policy
Policies

Data & Privacy Policy

Platform Jewell Master - Cloud ERP for the Jewellery Industry
Owned & operated by Dhruv International
Website https://jewellmaster.com/
Effective Date 1st February 2026
Contact support@jewellmaster.com

Jewell Master ("we," "our," "us") is committed to protecting the privacy of individuals who use our platform. This Privacy Policy explains what personal and business data we collect, how we use and protect it, and your rights in relation to your data. It applies to all users of jewellmaster.com and the Jewell Master cloud ERP platform.

This Policy is compliant with India's Digital Personal Data Protection Act, 2023 (DPDP Act) and applicable provisions of the Information Technology Act, 2000 and its Rules.

1. Scope of This Policy

This Privacy Policy applies to:

  • Visitors browsing jewellmaster.com and its sub-domains.
  • Registered individual users of the Jewell Master Platform
  • Business clients (proprietors, firms, companies) using billing, inventory, and ERP features
  • Karigar (artisan) records entered by business clients into the Platform
  • Customer records entered by business clients into the Platform

This Policy covers only online data interactions through our Platform. It does not apply to offline interactions or third-party platforms not under our control. Business clients ("Data Principals" under DPDP Act) are responsible for ensuring they have appropriate consent and authority to enter third-party personal data (customers, employees, karigars) into the Platform.

2. Data We Collect

A. Information You Provide Directly

When you register, subscribe, request a demo, or use Platform features, we may collect:

  • Full name, business name, and designation
  • Email address and mobile number
  • Business address and delivery/billing address
  • GST Identification Number (GSTIN) and PAN (where required for compliance)
  • Aadhaar number (only where voluntarily provided for KYC purposes, masked and handled per applicable law)

Payment details - processed via secure third-party gateways; full card data is NOT stored on our servers.

Business transaction data: invoices, stock entries, karigar records, scheme data, and customer profiles entered into the ERP.

B. Automatically Collected Technical Data

When you access our Platform, we may automatically collect:

  • IP address and approximate geographic location
  • Browser type, version, and language settings
  • Device type and operating system
  • Session duration, pages visited, and clickstream data
  • Referring URL and exit pages
  • Date, time, and frequency of access

This technical data is used for system performance monitoring, fraud detection, and improving user experience. It is not used to personally identify users unless required for security or legal purposes.

C. Log Files

Jewell Master maintains server log files that may include IP addresses, browser types, timestamps, and pages accessed. These logs are retained for security monitoring, fraud prevention, performance optimization, and analytics, and are not disclosed to unauthorized parties.

D. AI Interaction Data - ChatBot /Reports

If you use the Jiya AI chatbot, your queries and interaction history may be stored and reviewed by our team to improve AI accuracy, detect misuse, and enhance safety. We do not use Jiya interaction data for marketing profiling. You may opt out of AI data retention by contacting support@jewellmaster.com.

3. How We Use Your Data

We process your data for the following purposes:

  • To create and manage your account and subscription
  • To deliver and operate the Jewell Master ERP Platform and its modules
  • To process payments and issue invoices and receipts
  • To provide customer support and respond to queries
  • To send transactional notifications (subscription renewals, downtime alerts, feature updates)
  • To send marketing communications - only where you have provided explicit consent, with a clear opt-out mechanism
  • To detect, investigate, and prevent fraud, abuse, and security incidents
  • To improve Platform features, AI models, and user experience through anonymized analytics
  • To comply with legal obligations under Indian law (GST Act, IT Act, PMLA, DPDP Act, etc.)

We operate on lawful bases of contractual necessity, legitimate interest, legal compliance, and your consent where applicable under the DPDP Act, 2023.

4. Data Security

We implement the following technical and organisational security measures:

  • HTTPS/TLS encryption for all data in transit
  • Role-based access control (RBAC) to limit internal data access
  • Secure, audited cloud hosting infrastructure
  • Regular vulnerability assessments and penetration testing
  • Automated data backup with secure, geographically redundant storage
  • Access audit trails for administrative actions

Despite these measures, no system is unconditionally secure. By using the Platform, you acknowledge the inherent security risks of internet-based services. We strongly encourage users to maintain independent backups of critical business data and to use strong credentials.

5. Payment Data

Jewell Master does not store complete debit/credit card numbers, CVV codes, or banking credentials on its servers. All payment transactions are processed through PCI-DSS compliant third-party payment gateways. We are not responsible for the privacy or security practices of payment processors beyond our contractual agreements.

6. Cookies and Tracking Technologies

We use cookies and similar technologies (local storage, session storage, pixels) to:

  • Maintain authenticated login sessions
  • Remember user interface preferences
  • Analyse website traffic and usage patterns
  • Support Platform performance and security

You may configure your browser to refuse cookies or alert you when cookies are set. However, disabling cookies may impair certain Platform features including session management. We do not use third-party advertising cookies.

7. Third-Party Services and Data Sharing

We may share limited data with trusted third-party service providers who assist in operating the Platform, strictly for those operational purposes. These include:

  • Cloud hosting providers (e.g., AWS, Azure, Hostinger) - for infrastructure and data storage
  • Payment gateway providers - for transaction processing
  • SMS, WhatsApp and email service providers - for transactional communications
  • Analytics tools - for anonymized usage analysis
  • AI/LLM API providers - for chatbot functionality

We do not sell, rent, or broker your personal data to advertisers, data brokers, or unrelated third parties. All service providers are bound by data processing agreements requiring confidentiality and data protection obligations.

8. Business Client Data Responsibility

Business clients using Jewell Master to manage their customers, karigars, employees, and vendors acknowledge:

  • You are the Data Fiduciary (as defined under DPDP Act, 2023) for all third-party personal data you enter into the Platform
  • You must have obtained valid consent or have a lawful basis for processing any personal data of your customers, employees, or karigars before entering it into the Platform
  • You are responsible for ensuring your data collection and use complies with applicable laws
  • Jewell Master acts as your Data Processor for such third-party data and will not use it beyond the scope of providing services to you

9. Data Retention

We retain personal and business data:

  • For the duration your account remains active
  • For a minimum of 5 years post-account closure where required by Indian tax and financial laws (GST, IT Act)
  • As required for dispute resolution, fraud prevention, or legal proceedings

Upon account closure, you may request a data export within 30 days. Thereafter, we may permanently delete Your Data subject to applicable legal retention obligations.

10. Your Rights Under DPDP Act, 2023

Under the Digital Personal Data Protection Act, 2023, you have the following rights regarding your personal data:

  • Right of Access - to obtain information about what personal data we hold about you
  • Right to Correction - to request correction of inaccurate or incomplete personal data
  • Right to Erasure - to request deletion of personal data, subject to legal retention obligations
  • Right to Grievance Redressal - to raise a complaint regarding our data processing
  • Right to Nominate - to nominate a representative to exercise your rights in case of incapacity or death

To exercise any of these rights, contact our Data Protection Point of Contact at support@jewellmaster.com. We will acknowledge requests within 7 business days and respond within 30 days. We may require identity verification before processing sensitive requests.

11. GDPR - Note for EU/EEA Users

Jewell Master is primarily a platform for Indian businesses. If, however, you access the Platform from the European Economic Area (EEA), we process your personal data on the basis of contractual necessity, legitimate interest, and/or your consent. You may exercise GDPR rights by contacting support@jewellmaster.com. We will respond within the timeframes required under applicable law.

12. Children's Privacy

Jewell Master is a B2B software platform intended exclusively for adult business users. We do not knowingly collect personal data from individuals under 18 years of age. If we become aware that personal data of a minor has been submitted, we will take steps to delete it promptly.

13. Data Localisation

To the extent required under applicable Indian law (including DPDP Act provisions and sector-specific regulations), personal and financial data of Indian users will be stored on servers located within the territory of India or in jurisdictions with adequate data protection standards as prescribed.

14. Limitation of Liability

While we implement reasonable security measures, Jewell Master shall not be liable for:

  • Unauthorized access caused by user negligence (e.g., compromised passwords, shared credentials)
  • Cyber-attacks, data breaches, or force majeure events beyond our reasonable control
  • Data loss resulting from third-party service provider failures
  • Consequences arising from data inaccuracies entered by users themselves

15. Policy Updates

We reserve the right to update this Privacy Policy at any time to reflect changes in law, technology, or our data practices. Material changes will be communicated via registered email and posted on this page with an updated effective date. Continued use of the Platform after the effective date constitutes acceptance of the revised Policy.

16. Grievance Officer

In accordance with the Information Technology Act, 2000 and DPDP Act, 2023, any grievances regarding this Privacy Policy may be directed to:

Email support@jewellmaster.com
Website https://jewellmaster.com/
Operated by Dhruv International | Pune, Maharashtra, India

We will acknowledge grievances within 14 business days and resolve them within 30 days of receipt.