Privacy Policy

For privacy-related questions or complaints:

Email: privacy@youngforeverhair.in

Address: Young Forever Hair Replacement, Lajpat Nagar, Delhi, India

Account & Order Information:

• Full name, email address, mobile number, password (bcrypt-encrypted — never stored as plain text)
• Billing address and shipping address
• Payment reference ID, order ID, payment status, and amount paid

Booking Information:

• Home address (line 1, line 2, city, pincode)
• Selected service or product, date and time slot, booking number, booking status history

Device Information (collected automatically):

• Browser version, IP address, time zone, cookie information, pages viewed, and how you interact with the site

Visit Photos: Before and after photos of the treatment area taken by our technician during your home visit.

Notifications: Device push notification token to deliver booking alerts — only if you grant permission.

Google Sign-In: Name and email from your Google account — only if you choose to sign in via Google.

We do NOT collect: Aadhaar/PAN numbers, biometric data, real-time GPS location, medical records, or financial documents beyond payment references.

• Through the website/app: When you create an account, place an order, make a booking, or contact us.
• Automatically: Via cookies, log files, and web beacons when you access our site.
• From payment providers: Payment status and reference details from Razorpay after a transaction.
• From Google: Name and email if you use Google Sign-In.

• Booking fulfilment — confirm booking, assign technician, communicate slot details
• Order processing — process payment, arrange dispatch, send invoices and confirmations
• Communication — booking confirmations, reminders, technician en-route alerts via WhatsApp, SMS, and email
• Push notifications — booking status updates on your device (only if permission granted)
• Quality & safety — visit photos for audit, quality assurance, and dispute resolution
• Marketing communications — product offers and updates (you may opt out at any time)
• Fraud monitoring and prevention
• Analytics — understanding how customers use our site (no individual profiling)
• Legal compliance — maintaining records as required by Indian law

We do not sell or share your personal data with advertisers or data brokers for their own marketing use.

We use Google Analytics and Meta Business to understand how customers use our site and to show relevant advertisements. You may opt out:

• Facebook/Instagram: facebook.com/settings/?tab=ads
• Google: google.com/settings/ads/anonymous

Before-and-after photos taken by our technician during your home trial are:

• Stored in secure, private cloud storage — not publicly accessible
• Visible only to authorised internal staff
• Never published publicly, used in advertisements, or shared with third parties without your separate written consent
• Used solely for quality assurance, staff review, and dispute resolution
• Retained for 12 months from your visit date, then permanently deleted

By completing a booking, you provide informed consent for this photography.

All payments are handled by Razorpay (PCI-DSS Level 1 certified). We only receive a payment reference ID, order ID, payment status, and transaction amount. We never see or store your card number, CVV, UPI PIN, or net banking password.

We use cookies to maintain your cart, remember your preferences, and provide a personalised experience. We also use third-party cookies for analytics (Google Analytics) and advertising (Meta). You can control cookie settings via your browser. Removing cookies may impact your user experience.

• Passwords are bcrypt-encrypted — never stored or logged as plain text
• All data is transmitted over TLS/HTTPS — plain HTTP is not used
• Customer data is accessible only to authorised staff with role-specific permissions
• All login and API endpoints are rate-limited against brute-force attacks
• Visit photos are stored in private, access-controlled storage with no public URL access

In the event of a data breach affecting your personal data, we will notify you within 72 hours.

As a Data Principal, you have the right to:

• Access — request a summary of all personal data we hold about you
• Correction — fix inaccurate or outdated personal information
• Erasure — request deletion of your data (subject to legal retention periods)
• Withdraw Consent — opt out of marketing or non-essential data uses at any time
• Grievance Redressal — raise a complaint; we respond within 7 business days
• Nominate — authorise a trusted person to exercise your rights on your behalf

To exercise any right, email privacy@youngforeverhair.in from your registered email address.

Our website and services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from minors. Contact privacy@youngforeverhair.in immediately if you believe a minor has created an account.

Push notifications are sent only if you grant permission. Withdraw permission at any time via:

• Phone: Settings → Notifications → Young Forever → Off
• Email: support@youngforeverhair.in

Disabling notifications does not affect your ability to shop or book.

Because there is no consistent industry standard for responding to "Do Not Track" browser signals, we do not alter our data practices when such a signal is detected.

We may update this Privacy Policy at any time. Material changes will be notified via your registered email and in-app notice. Continued use of our services after updates take effect constitutes your acceptance.

As required under IT (Intermediary Guidelines) Rules, 2021 — Rule 5

Email: grievance@youngforeverhair.in

Privacy: privacy@youngforeverhair.in

Response: Within 24 hours acknowledgement, resolved within 15 business days

Address: Young Forever Hair Replacement, Lajpat Nagar, Delhi, India