SKARTIO Privacy Policy

Compiled and Published  : SKARTIO AI Cloud Private Limited.

 Date of Last Revision : January 1,2025

 

We are SKARTIO AI Cloud (“SKARTIO AI Cloud,” “SKARTIO,” “SKARTIO Cloud,” “we,” “our,” or “us”)—a leading SaaS and composable ecommerce platform that empowers businesses of all sizes to build, innovate, and grow online.

This Privacy Policy is designed to help you understand how we collect, use, share, protect, and otherwise process your Personal Data. It also outlines your privacy choices when you:

  • Visit our website
  • Access our Mobile App
  • Use our services
  • Interact with us in any other way

Please note that this policy does not apply to:

  • Websites or services that we do not control (including those linked through our platform or services)
  • The websites or services operated by SKARTIO users

This Privacy Policy is incorporated by reference into and forms an integral part of the SKARTIO Website Terms of Use. Capitalized terms not defined here have the meanings assigned in the Definitions section or our Terms of Use.

⚠️ Our services may vary by region. We encourage you to read this Privacy Policy thoroughly and familiarize yourself with our privacy practices.

If you have any questions or concerns about this Privacy Policy or how we handle your Personal Data, please contact us at privacy@skartio.com.

Definitions

Information Types

  • Account Information
    Data about how and when a SKARTIO account is accessed and the features used, including Store Information.
  • Browser Information
    Information provided by a browser, including IP address, website visited, network connection, device details, and Cookies.
  • Contact Information
    Basic personal and business details such as first and last name, company name, email address, postal address, phone number, and possibly social media account information.
  • Device Information
    Information about your device, including device ID, model, manufacturer, OS version, and geographic region, collected through access to our website, mobile app, or services.
  • Payment Information
    Data such as credit card, ACH, or other payment details. In some jurisdictions, this may be treated as Sensitive Information in accordance with applicable law.
  • Security Information
    Includes user ID, password, password hints, and other authentication credentials.
  • Store Information
    Information about your SKARTIO store, including its products, configuration, and architecture.
  • Support Information
    Details about your hardware, software, authentication data, chat content, error reports, performance data, and technical communication. May include remote access details with your express permission.
  • Transaction Information
    Data related to transactions conducted on the SKARTIO platform, including order, product, shipping, Contact Information, and Payment Information.
  • Usage Information
    Information collected during your interaction with the SKARTIO website, mobile app, or services, including features accessed, pages visited, and other interaction data.
  • Automated Decision Making
    A decision made solely by automated means, without any human involvement.

Entities and Roles

  • SKARTIO Family of Companies
    Entities operated and controlled by SKARTIO, including subsidiaries and affiliates. These entities operate under the SKARTIO brand and trademarks.
  • Controller
    An entity that determines the purposes and means of Processing Personal Data.
  • Processor
    An entity that processes Personal Data on behalf of the Controller.
  • Merchant
    Any entity that uses or has used SKARTIO’s ecommerce services.
  • Partner
    A legal entity participating in SKARTIO's Partner Programs (e.g., Agency, Technology), or offering third-party integrations, themes, referrals, or resale services.
  • Shopper
    A person or entity interacting with a Merchant’s ecommerce storefront via the SKARTIO platform.
  • Visitor
    An individual who engages with SKARTIO or visits our website.
  • Third-Party Product Provider
    A provider of third-party products that you choose to engage with or enable within the SKARTIO ecosystem.
  • Third-Party Service Provider
    A provider offering services controlled by SKARTIO or its affiliated companies, aiding in the delivery of our services.

Data Classifications

  • Personal Data
    Information that relates to an identifiable natural person or can be directly or indirectly linked to a particular consumer or household.
  • Sensitive Personal Data
    Data revealing racial/ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data (used for identification), or information concerning health, sex life, or sexual orientation.
  • Cookie
    A small file stored on your computer’s hard drive containing an anonymous unique identifier, accessible by the site that placed it.
  • Process / Processing
    Any operation performed on Personal Data—automated or manual—including collection, recording, organization, storage, retrieval, use, transmission, or alteration.

Merchants / Prospective Merchants

Information Collected

When a Merchant or prospective Merchant interacts with SKARTIO or our Website—such as signing up for a trial, subscription, newsletter, or making transactions—SKARTIO may collect and control the following information: Account Information, Browser Information, Contact Information, Payment Information, Support Information, Device Information, Security Information, Transaction Information, Usage Information, and may set a Cookie.

When using the SKARTIO Mobile App, we may collect and control: Account Information, Contact Information, Device Information, Usage Information, and Security Information.

Information Usage

We use this information as a Controller to:

  • Provide, support, and improve our services
  • Confirm identities
  • Detect and resolve fraud, compliance, or security issues
  • Conduct advertising and marketing
  • Manage invoicing
  • Handle incidents related to Website or service usage
  • Deliver personalized experiences (e.g., push notifications for store activities)
  • Comply with legal or contractual obligations
  • Perform Automated Decision Making (e.g., fraud detection during account creation)

Information Sharing

Subject to confidentiality obligations, we may disclose relevant information—including Account Information, Contact Information, Support Information, and Transaction Information—to:

  • Partners who refer Merchants or assist in providing services, products, or apps for Merchant stores
  • Third-Party Service Providers engaged by SKARTIO for business operations
  • Third-Party Product Providers when enabling integrated features outside of SKARTIO’s control
  • The SKARTIO Family of Companies
  • As further outlined in Section 8

Partners / Prospective Partners

Information Collected

When a Partner or prospective Partner signs up for a Partner account, refers a Merchant, or otherwise interacts with SKARTIO, we may collect and control the following: Account Information, Browser Information, Contact Information, Payment Information, Support Information, Security Information, and Usage Information.

Information Usage

As a Controller, SKARTIO uses this information to:

  • Provide support and enhance services
  • Confirm identities
  • Prevent fraud and ensure compliance and security
  • Conduct marketing and advertising
  • Manage invoicing
  • Improve services and resolve incidents
  • Comply with legal or contractual obligations
  • Facilitate fraud detection through Automated Decision Making

Information Sharing

We may share Account Information, Contact Information, Support Information, and Transaction Information with:

  • Third-Party Service Providers supporting our business operations
  • Third-Party Product Providers for services/features you enable
  • The SKARTIO Family of Companies
  • As described in Section 8

Visitors

Information Collected

When Visitors browse the SKARTIO Website or communicate with us (online or offline), we may collect and control Browser Information, Support Information, Contact Information, and Usage Information.

Information Usage

As a Controller, SKARTIO uses this data to:

  • Provide services
  • Personalize communication and user experiences
  • Offer support
  • Use the data in other instances where you’ve given consent

Information Sharing

We may share Account Information, Contact Information, Support Information, and Transaction Information with:

  • Third-Party Service Providers contracted to assist SKARTIO
  • Third-Party Product Providers enabled by you
  • The SKARTIO Family of Companies
  • As outlined in Section 8

Shoppers

Information Collected

When Shoppers interact with a Merchant’s store powered by SKARTIO, we may collect and process on behalf of the Merchant: Contact Information, Browser Information, Security Information, and Transaction Information.

Information Usage

SKARTIO uses this information as a Processor to:

  • Deliver services to Merchants
  • Process orders and provide customer support
  • Detect and manage fraud and risks

In limited cases, SKARTIO may act as a Controller to improve services and manage risk and fraud.

Merchant Privacy Responsibilities

Merchants are responsible for:

  • Providing Shoppers with clear and compliant privacy notices
  • Posting an accurate and legally compliant privacy policy on their storefront
  • Processing Shopper data in line with applicable laws and obtaining consent where required
  • Collecting Sensitive Personal Data only with explicit, informed consent and allowing users to revoke that consent at any time

 

Communications

Promotional Communications

SKARTIO and the SKARTIO Family of Companies may send promotional communications to existing and prospective Merchants, Partners, and Visitors via email, phone, social media (e.g., LinkedIn), and other channels. These communications may include:

  • Special offers
  • Product updates
  • Invitations to events or surveys

You may opt out of promotional communications at any time. To manage your preferences, please visit our email preferences page.

Account Communications

We also send essential communications related to your account and our services (e.g., billing, service changes, security notices). These communications are mandatory for users with an active SKARTIO account and cannot be opted out of.

Information Sharing

Third-Party Services

Our services are supported by various Third-Party Service Providers and Third-Party Product Providers. We may share your Personal Data to:

  • Enable core SKARTIO services
  • Facilitate functionality you choose to engage with
  • Fulfill obligations by contract or consent

Legal Compliance

We may access, disclose, or retain Personal Data when necessary to:

  • Comply with applicable laws or valid legal processes
  • Respond to law enforcement or regulatory authorities
  • Enforce our terms of service and protect SKARTIO's rights and property

Protection and Security

We may share data if needed to:

  • Protect our users from spam, fraud, or harm
  • Maintain the security of SKARTIO products and services
  • Prevent or stop cyberattacks on our systems

Affiliates

We share Personal Data within the SKARTIO Family of Companies for the purposes described in this Privacy Policy.

Third-Party Service Providers

We work with trusted processors, contractors, and service partners who support our infrastructure and service delivery.

SDKs and APIs

Our applications (including the Mobile App) may include third-party libraries, such as SDKs or APIs, for:

  • Functionality Enhancements: e.g., in-app messaging or graphic rendering
  • Analytics: monitoring application performance and usage

These third parties may collect device and usage data as outlined in this policy.

Payment Processing

We share Payment Information with financial institutions and services involved in processing transactions and detecting fraud.

Third-Party Interactions

When engaging with our services, you may choose to enable Third-Party Products—including websites, scripts, social networks, and applications. Doing so may allow Third-Party Product Providers to:

  • Access or process your Personal Data
  • Share data back to SKARTIO

⚠️ Note: SKARTIO does not control or endorse Third-Party Products. We are not responsible for their privacy or security practices. Always review the privacy policies and terms of Third-Party Product Providers before engaging.

Change of Control

We may share Personal Data with actual or prospective acquirers and their advisors during corporate transactions such as:

  • Mergers
  • Acquisitions
  • Restructuring
  • Bankruptcy
  • Change in control involving SKARTIO or affiliates

Automated Decision-Making

Some Personal Data may be used in Automated Decision-Making, including:

  • Screening for fraud, abuse, or security risks
  • Marketing and personalization purposes

You have the right to object to profiling or automated decisions. You may also request an explanation or correction of any such decisions by contacting us.

Cookies and Tracking Technologies

Usage

SKARTIO and its partners use Cookies, web beacons, and similar technologies to:

  • Recognize returning visitors
  • Remember preferences
  • Personalize user experience
  • Track usage across sessions and sites

Persistence

We use both:

  • Session Cookies (expire when browser closes)
  • Persistent Cookies (remain until manually removed or expire)

Types of Cookies

TypePurpose
EssentialRequired for basic site functionality
FunctionalEnable features like video, live chat, and UI enhancements
AnalyticsHelp us understand how users interact with our site
Targeting & AdvertisingUsed to personalize marketing and build user profiles

Your Control Over Cookies

SKARTIO supports Global Privacy Controls. You can also:

  • Adjust your cookie preferences via the link at the bottom of our website
  • Disable Cookies via your browser or device settings (note: some features may stop working)

Browser-Specific Instructions:

Other Resources

For more information on Cookies and how to manage them:

 

Third-Party Application Stores

Third-party application stores—such as Apple’s App Store or Google Play—may collect additional information and share it with us. Please refer to the respective app store’s privacy policy to understand how your Personal Data is processed and shared with app publishers like SKARTIO.

Information Protection and Retention

Security of Personal Data
We implement administrative, technical, and physical security measures designed to protect your Personal Data against unauthorized access, disclosure, alteration, or misuse. These include encryption, access controls, and firewalls. SKARTIO is a PCI DSS Level 1 certified service provider and undergoes annual audits by independent third-party assessors to maintain compliance with ISO 27001 security standards. However, no method of data transmission or storage is 100% secure, and we cannot guarantee absolute security.

Your Responsibilities
While we work to secure your information, you are responsible for safeguarding your password and account details. We are not responsible for the misuse of your Personal Data resulting from authorized connections to third-party services.

Data Retention
We retain your Personal Data only for as long as necessary to fulfill the purposes described in this Privacy Policy, including service delivery, support, communications, marketing, legal obligations, and legitimate business interests. Retention periods may also reflect regulatory, contractual, or consent-based requirements.

Accountability and Onward Data Transfers

International Data Transfers and Standard Contractual Safeguards

In accordance with the Digital Personal Data Protection Act (DPDPA), 2023 of India and applicable international privacy laws, SKARTIO ensures that cross-border transfers of Personal Data are conducted with appropriate safeguards in place.

When Personal Data is transferred outside India — or outside jurisdictions such as the European Economic Area (EEA) or the United Kingdom (UK) — we rely on legally approved transfer mechanisms. These include:

  • Standard Contractual Clauses (SCCs) adopted by the European Commission,
  • The UK’s International Data Transfer Addendum, and
  • Any additional contractual, technical, or organizational safeguards as may be required under Indian law and global best practices.

These measures ensure that your Personal Data receives a comparable level of protection even when transferred outside your country of residence. For data subjects in India, this means your data is only transferred to countries or entities that provide an equivalent level of data protection or have been approved by the Government of India.

If you would like more information on our international data transfer safeguards or to request a copy of the relevant agreements, please refer to Section 16 of this Privacy Policy or contact us at privacy@skartio.com.

Remedial Measures
If we become aware of non-compliant data handling practices or risks to Personal Data under our control, we will take appropriate action to protect the data and stop unauthorized processing.

Your Privacy Rights

Depending on your location and applicable laws, you may have the following rights regarding your Personal Data:

  • Access or request information about the data we hold
  • Correct inaccurate Personal Data
  • Delete your information
  • Opt-out of the sale or sharing of Personal Data
  • Opt-out of targeted advertising or profiling
  • Control how Sensitive Personal Information is used
  • Receive notice about our data practices
  • Restrict or object to data processing
  • File a complaint with a supervisory authority
  • Exercise rights without discrimination

Global Privacy Control & Universal Opt-Out
SKARTIO honors Global Privacy Control (GPC) signals where supported. However, traditional "Do Not Track" signals are not honored unless they meet GPC specifications due to lack of standardization.

Sales, Profiling & Targeted Advertising

Sale of Data
SKARTIO does not sell Personal Data as defined under applicable laws.

Profiling
SKARTIO does not conduct profiling that falls under the legal definition requiring disclosure or consent.

Targeted Advertising
SKARTIO may engage in targeted advertising to promote our services to users who may be interested, including Merchants, Partners, and Visitors. Where required by law, we provide opt-in/opt-out options. We do not use Sensitive Personal Data for advertising purposes.

Exercising Your Rights

Merchants, Partners, and Visitors
You can update or manage your Personal Data through your account settings. If you are unable to do so, please contact us directly.

Shoppers
SKARTIO processes Shopper data on behalf of our Merchants. If you are a Shopper, please contact the Merchant directly regarding your data. We can forward requests to Merchants but cannot act independently without their authorization.

Submitting a Request
To exercise any of your data rights or to request deletion of your Personal Data, contact us at privacy@skartio.com.

Verification
For your protection, we may need to verify your identity before processing requests. If you are using an authorized agent, we may require documentation to confirm authorization.

Children

Our Services and Website are not intended for use by children or individuals under the age of majority as defined under applicable laws, including the Digital Personal Data Protection Act (DPDPA), 2023 in India. We do not knowingly collect or Process Personal Data of children, nor do we use such data in any way that violates Indian laws or international child data protection standards such as the U.S. Children’s Online Privacy Protection Act (COPPA).

If you are a parent or legal guardian and believe that we may have inadvertently collected Personal Data from your child in a manner not permitted by law, please contact us immediately by submitting a data subject request under Section 16 or via email at privacy@skartio.com. We will take all reasonable steps to delete such data in accordance with applicable legal obligations.

Updates

We may revise this Privacy Policy periodically to reflect changes in our practices, technology, regulatory requirements, or other legal and operational considerations. When we make updates, we will take appropriate steps to notify you of significant changes, in line with their legal or material impact.

In cases where the update constitutes a material change under Indian law or other applicable data protection laws, we will notify you directly and seek your explicit consent where required.

The “Date of Last Revision” noted at the top of this Privacy Policy indicates when it was most recently updated. We encourage you to review this Privacy Policy periodically to stay informed about how SKARTIO protects your Personal Data.

 

Contact Us

If you have any questions about Privacy Policy , You can contact us:

● By visiting this page on our website: https://skartio.com/contact

● By sending us an email: privacy@skartio.com

● By connecting us through phone/WhatsApp[Monday to Friday 10AM to 6PM IST] : +91(India) 7012 141500 / +91977845 1855 /  +91977845 1833

● Registered Address : SKARTIO AI CLOUD PRIVATE LIMITED ,A J TOWER ,FIRST FLOOR,NH66-VADAKKUMBAGAM,KAZHAKKUTTOM,THIRUVANANTHAPURAM,KERALA -INDIA 695582

 Registered Under Ministry of Corporate Affairs (MCA) ,India. Company CIN : U62099KL2024PTC091011 - SKARTIO AI CLOUD PRIVATE LIMITED, INDIA.