Your cart is currently empty!.
You may check out all the available products and buy some in the shop.
Continue ShoppingPrivacy Policy
Privacy Policy
At Airnest, we believe that honest relationships extend beyond the products we make. This Privacy Policy explains what personal data we collect when you visit airnesthomes.com or purchase from us, why we collect it, how we use it, who we share it with, and what rights you have over it.
We have written this policy in plain language — not legal boilerplate. If something is unclear, email us at [email protected] and we will explain it directly.
Last updated: 31 March 2026
Effective date: 31 March 2026
1. Who We Are
Airnest Technologies Private Limited (“Airnest,” “we,” “us,” or “our”) is the Data Fiduciary responsible for your personal data under the Digital Personal Data Protection Act, 2023 (DPDP Act) and the Information Technology Act, 2000.
- Registered Name: Airnest Technologies Private Limited
- CIN: [INSERT CIN]
- Registered Address: [INSERT FULL ADDRESS], India
- Website: https://airnesthomes.com
- Privacy Contact: [email protected]
- Data Protection Officer: [INSERT NAME], [email protected]
2. Who This Policy Applies To
This Privacy Policy applies to anyone who:
- Visits airnesthomes.com or our mobile site
- Creates an account or makes a purchase on our Website
- Contacts us for customer support, warranty claims, or product queries
- Signs up for our email newsletters or promotional communications
- Interacts with our advertisements on third-party platforms
- Participates in surveys, reviews, or competitions we run
This policy does not apply to third-party websites or services that may be linked from our Website. Those are governed by their own privacy policies, which we encourage you to read separately.
3. What Personal Data We Collect
We collect only the data that is necessary to provide our products and services to you. We do not collect data speculatively or for purposes we have not disclosed.
Data you give us directly
- Identity data: Your name, as provided during account creation or checkout
- Contact data: Email address, mobile number, and delivery address
- Payment data: Transaction reference numbers and payment method type (card type, UPI handle, wallet name). We do not store your full card number, CVV, or banking credentials — these are processed entirely by our PCI-DSS-compliant payment gateway
- Order data: Products purchased, order value, delivery details, and order history
- Account data: Login credentials (password stored in encrypted form), saved addresses, and wishlist items
- Communications data: Messages, queries, and attachments you send us through support email, contact forms, or chat
- Review data: Product reviews and ratings you submit on our Website
- Warranty data: Product serial numbers and purchase proof submitted for warranty registration or claims
Data we collect automatically
- Device and browser data: IP address, browser type, operating system, device type, and screen resolution
- Usage data: Pages visited, time spent on pages, products viewed, search queries on our Website, links clicked, and cart activity
- Cookie data: Data collected through cookies and similar tracking technologies — see Section 8 (Cookies) for full details
- Transaction data: Purchase timestamps, session data at checkout, and payment gateway responses
Data we receive from third parties
- Payment gateway providers: Transaction status, payment confirmation, and fraud signals
- Delivery partners: Delivery status updates and attempted delivery records
- Analytics providers: Aggregated and anonymised website behaviour data (Google Analytics)
- Advertising platforms: Ad interaction data when you click an Airnest advertisement on platforms such as Meta, Google, or similar
4. Why We Collect Your Data & the Legal Basis for Processing
Under the DPDP Act, 2023, we process your personal data either with your explicit consent or for a legitimate use as defined under the Act. The table below explains what we collect, why, and on what basis:
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Processing and fulfilling your order | Identity, contact, payment, order data | Contractual necessity / consent |
| Creating and managing your account | Identity, contact, account data | Consent |
| Sending order confirmations, shipping updates, and invoices | Contact, order data | Contractual necessity |
| Processing returns, refunds, and warranty claims | Identity, order, warranty data | Contractual necessity / legal obligation |
| Customer support and grievance redressal | Identity, contact, communications data | Contractual necessity / consent |
| Sending marketing emails and promotional offers | Contact, order data | Consent (opt-in only; unsubscribe available at any time) |
| Improving the Website and product experience | Usage data, cookie data | Consent (via cookie preferences) |
| Fraud prevention and security | Device, payment, transaction data | Legitimate use / legal obligation |
| Complying with legal and tax obligations (GST, etc.) | Identity, order, payment data | Legal obligation |
| Running retargeted advertisements on third-party platforms | Cookie data, usage data | Consent (opt-in via cookie preferences) |
We will never use your personal data for a purpose that is not listed above without first obtaining your separate, specific consent.
5. How We Share Your Data
We do not sell your personal data. We do not share it with advertisers to build profiles on you. We share data only in the following specific and necessary circumstances:
Service providers who process data on our behalf
We work with trusted third-party vendors who help us operate the Website and fulfil orders. These providers are contractually bound to process your data only for the purposes we specify and to maintain appropriate security standards:
- Payment gateways (e.g., Razorpay, PayU) — to process transactions securely
- Delivery and logistics partners (e.g., Shiprocket, Delhivery, Blue Dart) — to dispatch and track your orders
- Email service providers — to send order confirmations, shipping notifications, and marketing emails you have opted into
- Cloud hosting and storage providers — to store website data securely on servers located in India
- Analytics providers (e.g., Google Analytics) — to understand aggregate website behaviour; data shared is anonymised and aggregated
- Customer support tools — to manage support tickets and communications
Legal and regulatory disclosure
We may disclose your personal data to government authorities, law enforcement, or regulators where we are legally required to do so — for example, in response to a court order, a demand from a tax authority, or a requirement under the Information Technology Act, 2000. We will disclose only the minimum data required and will inform you unless we are legally prohibited from doing so.
Business transfers
In the event of a merger, acquisition, or sale of Airnest or its assets, your personal data may transfer to the acquiring entity. If this happens, we will notify you by email and update this Privacy Policy before your data is transferred, giving you the opportunity to delete your account if you wish.
6. Your Rights as a Data Principal
Under the Digital Personal Data Protection Act, 2023 and the IT (Reasonable Security Practices and Sensitive Personal Data) Rules, 2011, you have the following rights over your personal data:
Right to access
You can request a summary of the personal data Airnest holds about you, the purposes for which it is being processed, and the names of any third parties with whom it has been shared.
Right to correction
If your personal data is inaccurate or incomplete — for example, a wrong delivery address or a misspelled name — you can request that we correct or update it. You can also update most information directly from your account dashboard.
Right to erasure
You can request that we delete your personal data. We will honour this request unless we are legally required to retain certain data — for example, GST invoices and transaction records which must be kept for a minimum period under Indian tax law. If we cannot erase data, we will tell you which data we must retain and why.
Right to withdraw consent
Where we process your data based on consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal. You can withdraw consent by:
- Clicking “Unsubscribe” in any marketing email
- Adjusting your cookie preferences via the cookie settings link in our Website footer
- Emailing us at [email protected]
Right to grievance redressal
If you believe your personal data has been mishandled, you have the right to raise a complaint with our Data Protection Officer (see Section 12). If your complaint is not resolved to your satisfaction, you have the right to escalate it to the Data Protection Board of India once it becomes fully operational under the DPDP Act.
Right to nominate
Under the DPDP Act, you have the right to nominate an individual who may exercise your data rights on your behalf in the event of your incapacitation or death. To register a nominee, email us at [email protected].
To exercise any of these rights, email [email protected] with the subject line “Data Rights Request.” We will acknowledge your request within 48 hours and fulfil it within 30 days. We may ask you to verify your identity before processing the request.
7. How Long We Retain Your Data
We retain personal data only for as long as it is necessary for the purpose for which it was collected, or as required by law.
| Data Type | Retention Period | Reason |
|---|---|---|
| Order and transaction records | 7 years from date of transaction | GST and income tax obligations under Indian law |
| Account data (active accounts) | Duration of account + 1 year after deletion request | Service delivery; fraud prevention window |
| Customer support communications | 2 years from last interaction | Grievance resolution and quality assurance |
| Warranty and claims data | Duration of warranty period + 1 year | Warranty service obligations |
| Marketing consent records | Until consent is withdrawn + 1 year | Proof of lawful marketing basis |
| Website usage and analytics data | 26 months (Google Analytics default) | Website improvement and performance analysis |
When the retention period expires, we securely delete or anonymise your data so that it can no longer be associated with you.
8. Cookies & Tracking Technologies
We use cookies and similar technologies on the Airnest website. Cookies are small text files stored on your device that help us make the Website work properly, understand how you use it, and show you relevant content.
Types of cookies we use
- Strictly necessary cookies — required for the Website to function. These include session cookies that keep you logged in during a visit and shopping cart cookies that retain your selected items. These cannot be disabled.
- Functional cookies — remember your preferences, such as your language, currency, or saved address. Disabled by default; enabled only if you consent.
- Analytics cookies — collect anonymised data about how visitors use the Website (pages visited, time spent, bounce rates). We use Google Analytics for this purpose. Disabled by default; enabled only if you consent.
- Marketing and retargeting cookies — used to show you Airnest advertisements on third-party platforms such as Google, Meta (Instagram and Facebook), and similar. Disabled by default; enabled only if you consent.
Managing your cookie preferences
When you first visit our Website, you will see a cookie consent banner. You can accept all cookies, accept only necessary cookies, or customise your preferences by category. You can update your preferences at any time by clicking “Cookie Settings” in the footer of any page on our Website.
You can also manage cookies directly through your browser settings. Note that disabling certain cookies may affect how the Website functions.
9. Data Security
We take the security of your personal data seriously. The following safeguards are in place across our systems:
- Encryption in transit: All data transmitted between your browser and our Website is encrypted using TLS (Transport Layer Security) — indicated by the padlock in your browser address bar
- Encryption at rest: Sensitive data including passwords and payment references are stored in encrypted form
- Access controls: Personal data is accessible only to Airnest employees and contractors who need it to perform their specific role. All access is logged and monitored
- Payment security: We do not store card numbers, CVV codes, or banking credentials. All payment processing is handled by PCI-DSS-compliant third-party gateways
- Vendor security: All third-party service providers are required to maintain equivalent security standards under their contracts with us
- Regular reviews: We periodically review our security practices and update them in response to new threats or regulatory guidance
Data breach notification
In the event of a personal data breach that is likely to result in harm to you, we will notify you and the Data Protection Board of India promptly, in accordance with our obligations under the DPDP Act, 2023 and the DPDP Rules, 2025. The notification will describe the nature of the breach, the data involved, the likely consequences, and the steps we have taken to address it.
Despite our best efforts, no online system is entirely immune to security risks. If you suspect that your Airnest account has been compromised, please contact us immediately at [email protected].
10. Children’s Privacy
Our Website and products are intended for adults. We do not knowingly collect personal data from children under the age of 18.
Under the DPDP Act, 2023, processing of children’s data requires verifiable parental consent, and we are prohibited from conducting behavioural monitoring or targeted advertising directed at children. If you believe a child has submitted personal data to us without appropriate parental consent, please contact us at [email protected] and we will delete it promptly.
11. International Data Transfers
We primarily store and process your personal data on servers located in India. In some cases, data may be processed by third-party service providers whose systems are located outside India — for example, cloud infrastructure or analytics tools.
Where such transfers occur, we ensure that the recipient country has not been restricted by the Government of India under the DPDP Act, and that appropriate contractual safeguards are in place to protect your data to an equivalent standard. We will update this section if the Government of India issues notifications restricting transfers to specific countries.
12. Data Protection Officer & Contact
Airnest has appointed a Data Protection Officer (DPO) responsible for overseeing compliance with this Privacy Policy and the DPDP Act, 2023.
- Name: [INSERT NAME]
- Designation: Data Protection Officer
- Email: [email protected]
- Postal Address: [INSERT REGISTERED ADDRESS], I