top of page

Privacy Policy

A legal disclaimer

KAOHM (currently operated by BLEUGOLD and may in future be operated by successor entities, affiliates, or authorized operators) makes commercially reasonable efforts to safeguard personal data through industry-standard administrative, technical, and physical controls. However, no method of electronic transmission or storage is fully secure, and absolute data security cannot be guaranteed.

KAOHM is not responsible for the privacy practices, security controls, content, or policies of third-party service providers, payment gateways, logistics partners, hosting providers, or external websites linked through our platform. Users are advised to review respective privacy policies before submitting personal information.

Personal data may be transferred, stored, or processed outside the user’s jurisdiction. Where required, KAOHM uses legal safeguards, including Standard Contractual Clauses and equivalent mechanisms, to ensure adequate data protection in cross-border transfers.

By accessing or using our services, users consent to the collection, processing, and use of information as described in this Privacy Policy. KAOHM does not knowingly collect data from children under the age of 18 without verifiable parental consent. If such information is inadvertently collected, it will be deleted upon verified request.

KAOHM reserves the right to update or amend this Privacy Policy to reflect legal, regulatory, or operational changes without prior individual notice. Continued use of our services after such modifications constitutes acceptance of the updated policy.

This Privacy Policy shall be governed by the applicable data protection laws including, where relevant, the Digital Personal Data Protection Act (India), GDPR (European Union), and CCPA (California), without prejudice to mandatory consumer or privacy rights that may apply.

​Last Updated: DateDateDate
Brand: KAOHM
Operator: BLEUGOLD (current Operator of the KAOHM brand)
Operating Jurisdictions: India + Global Customers

1. SCOPE & APPLICABILITY

This Privacy Policy explains how KAOHM (operated by BleuGold and/or its successor Operators) collects, uses, shares, stores, protects, and deletes personal data across:

  • Website(s)

  • Mobile app(s)

  • Digital platforms

  • Customer support channels

  • Physical retail or events

  • Third-party marketplaces

  • IoT or connected devices (if applicable)

This Policy complies with the DPDP Act (India), GDPR (EU), CCPA (US California) and equivalent global data protection standards.

2. DEFINITIONS

  • “Operator” refers to BleuGold and/or future entities operating KAOHM.

  • “Brand” refers to KAOHM.

  • “Personal Data / Personal Information” means any data relating to an identifiable individual.

  • “Data Fiduciary” (DPDP Act India) & “Data Controller” (GDPR) both refer here to the Operator.

  • “Data Principal / Data Subject” means the individual to whom data relates.

  • “Processor / Service Provider” means entities processing data on behalf of Operator (e.g., payment gateways).

  • “Sensitive Personal Data” refers to special categories of data defined by GDPR and other laws (e.g. health data).

3. DATA WE COLLECT

We may collect the following categories of data:

3.1 Information You Provide

  • Name, email, phone number

  • Billing & shipping address

  • Account details

  • Age (for compliance checks)

  • Communication records

  • Survey/form responses

3.2 Transaction & Commerce Data

  • Product orders

  • Payment status

  • Billing & invoice data

  • Refund/return records

3.3 Device & Usage Data

  • IP address

  • Browser and device identifiers

  • Operating system

  • Session analytics

  • Traffic patterns

  • Cookies and tracking technologies

3.4 Optional Sensitive/Regulated Data

We do not request health/allergy data, but if voluntarily shared by User (e.g., dietary concerns), it is processed only for support purposes.

3.5 Children’s Data Protection

  • We do not knowingly collect personal data of individuals under 16 (GDPR) or under 18 (India) without parental consent.

  • If collected unintentionally, such data will be erased upon request.

4. HOW WE USE PERSONAL DATA

We use personal data for:

✔ Order processing & delivery
✔ Account management & authentication
✔ Customer support & communication
✔ Payment processing & refunds
✔ Compliance with legal obligations
✔ Fraud prevention & security
✔ Service analytics and improvement
✔ Marketing (only with valid consent or opt-out rights)

5. LEGAL BASIS FOR DATA PROCESSING

Under GDPR (EU Users) we rely on:

  • Contract Performance (order processing)

  • Legitimate Interest (fraud prevention, analytics)

  • Consent (marketing, cookies)

  • Legal Obligation (tax, compliance)

Under DPDP Act (India)

We act as a Data Fiduciary and process data based on:

  • Express Consent or

  • Legitimate Purpose as defined by law

Under CCPA (California)

We act as a Business, and provide:

  • Right to Know

  • Right to Delete

  • Right to Opt-Out

  • Right to Non-Discrimination

6. SHARING & DISCLOSURE OF PERSONAL DATA

We do not sell personal data.

We may share data with trusted third parties for lawful purposes:

6.1 Operational Processors

  • Payment Gateways (Razorpay/Stripe/PayPal etc.)

  • Logistics & delivery partners

  • Cloud hosting & storage providers

  • Customer support tools

  • CRM systems

6.2 Legal & Compliance

We may disclose data to:

  • Government authorities

  • Tax authorities

  • Law enforcement

  • Regulatory bodies

Only when legally required.

6.3 Corporate Transitions

In case of:

  • Merger

  • Acquisition

  • Investment due diligence

  • Brand spin-off

data may transfer to successor entities under the Operator Clause.

7. INTERNATIONAL DATA TRANSFERS

If data moves across borders, we ensure safeguards compliant with:

✔ GDPR Standard Contractual Clauses (SCC)
✔ DPDP Act cross-border rules
✔ ISO/IEC 27001 aligned data handling

Users acknowledge that data may be processed globally via cloud infrastructure.

8. DATA RETENTION & DELETION

We retain data only as long as necessary for lawful purposes:

  • Transaction records: 7–10 years (tax & accounting law)

  • Account data: until deletion request

  • Support chats: up to 3 years

  • Analytics logs: 6–24 months

When no longer needed, data is deleted using:

  • Secure erasure

  • Pseudonymization

  • Anonymization (for aggregated analytics)

9. COOKIES & TRACKING TECHNOLOGIES

We use cookies for:

  • Login/session maintenance

  • Analytics & performance

  • Personalization

  • Cart & checkout features

  • Advertising (only with consent where required)

Users can modify cookie preferences via browser settings or consent banners.

10. USER RIGHTS

Under GDPR (EU Users)

Users have rights to:

✔ Access
✔ Rectification
✔ Erasure (“Right to be Forgotten”)
✔ Objection
✔ Restriction
✔ Portability
✔ Withdraw Consent

Under DPDP Act (India)

Data Principals may:

✔ Access personal data
✔ Correct data
✔ Request erasure
✔ Nominate another individual for rights exercise

Under CCPA (California)

Consumers may:

✔ Request data disclosure
✔ Request deletion
✔ Opt-Out of data sale/sharing
✔ Exercise rights without discrimination

11. SECURITY PRACTICES

We follow reasonable security practices, including:

✔ Encryption in transit (HTTPS/TLS)
✔ Access controls & authentication
✔ Audit logging
✔ Least-privilege access to processors
✔ Periodic reviews of processors
✔ Alignment with ISO 27001 controls (if not certified, indicate as “aligned to good practices”)

12. MARKETING & COMMUNICATION CONSENT

Marketing is sent only when:

  • User opts-in

  • It is permitted under applicable laws

Users may unsubscribe via link or support request.

13. DATA OF MINORS

KAOHM is not directed at children under 16 (GDPR) or 18 (India) unless parental consent is provided.

14. CHANGES TO THIS POLICY

This Privacy Policy may be updated periodically to reflect:

  • Regulatory changes

  • Operational changes

  • Data processor changes

Latest version will always be posted on Platform.

15. CONTACT, GRIEVANCE & DPO DETAILS

For requests related to data rights, privacy, or complaints:

Data Controller / Data Fiduciary: BleuGold (Operator of KAOHM)
Email: InsertEmailInsert EmailInsertEmail
Phone: InsertPhoneInsert PhoneInsertPhone
Registered Address: InsertAddressInsert AddressInsertAddress
Grievance Officer (India DPDP): NameNameName
EU GDPR Contact (if applicable): InsertifappointingEUrepresentativeInsert if appointing EU representativeInsertifappointingEUrepresentative

Response times:

  • EU GDPR: 30 days

  • India DPDP: 30 days

  • CCPA: 45 days

bottom of page