GDPR Compliance

Keratine respects the privacy rights of visitors from the European Union and European Economic Area. This page explains how we handle personal data in line with the General Data Protection Regulation (GDPR).

Our Role

For personal data collected through https://keratine.in, Keratine acts as the data controller. We process personal data lawfully, fairly, and transparently.

Lawful Bases for Processing

We process personal data only where we have a lawful basis, including:

• Contract: to process and deliver your orders.
• Consent: where you opt in, such as for marketing emails.
• Legitimate interests: to improve our services and prevent fraud.
• Legal obligation: to meet accounting and regulatory requirements.

Your Rights Under GDPR

If you are in the EU/EEA, you have the right to:

• Access the personal data we hold about you.
• Request correction of inaccurate or incomplete data.
• Request erasure of your data ("right to be forgotten").
• Restrict or object to certain processing.
• Request portability of your data to another provider.
• Withdraw consent at any time, without affecting prior processing.

International Data Transfers

As we operate from India, your data may be transferred and processed outside the EU/EEA. Where this happens, we take appropriate safeguards to protect your information in line with applicable law.

Data Security & Retention

We apply appropriate technical and organisational measures to protect personal data, and we retain it only as long as necessary for the purposes for which it was collected.

How to Exercise Your Rights

To exercise any of your rights, email us at support@keratine.in. We will respond within the timeframe required by law. You also have the right to lodge a complaint with your local data protection authority.