Privacy guide

Is online shopping safe in India? What we found.

What Indian online shopping sites may collect through checkout, ads, analytics, identity tools and delivery workflows.

The simple answer

Online shopping is convenient, but it is also a dense data flow. A store can see what you browse, what you add to cart, your phone number, address, payment flow, discounts used, delivery details and support messages.

The risk is not just the shop. The risk is the crowd around the shop: ad pixels, analytics tools, checkout tools, recommendation engines, customer support tools and delivery integrations.

What to check

1
Look for trackers before checkout, not only after payment.

If this is unclear, treat it as a signal to ask the company for a plain-English explanation.

2
Check whether the privacy policy names advertising and analytics tools.

If this is unclear, treat it as a signal to ask the company for a plain-English explanation.

3
Watch for phone-number prefills across different stores.

If this is unclear, treat it as a signal to ask the company for a plain-English explanation.

4
Keep order updates separate from promotional consent.

If this is unclear, treat it as a signal to ask the company for a plain-English explanation.

From our investigation

The shop is not alone.

Our investigation found e-commerce pages with multiple outside tools loading around shopping journeys. The important question is not only whether the store is safe, but who else gets a signal from the store.

What to do next

1
Use guest checkout when possible.

Keep it practical: take one action, save proof, and avoid giving more data than the task needs.

2
Avoid saving cards and addresses unless you trust the store.

Keep it practical: take one action, save proof, and avoid giving more data than the task needs.

3
Ask brands to explain their vendor and tracker list in plain English.

Keep it practical: take one action, save proof, and avoid giving more data than the task needs.

People also ask

Is online shopping unsafe?

Not automatically. The safety question is whether the store limits data collection, secures payment flows and explains who receives your data.

Why do shopping ads follow me?

Ad pixels and remarketing tools can connect your browsing or cart behavior to ad platforms.

What should stores disclose?

They should explain what data they collect, why, who receives it, and how long it is kept.

If you are a company
Check your own website.

How many trackers run on your pages? Does your privacy policy name them? Can you answer a data-rights email? If you don't know, we can help you find out.

Talk to Meridian Bridge Strategy →
Your right under Indian law
Mera data mera hai.

Your personal data belongs to you. Under DPDP, every company must tell you what they have and delete it if you ask. One email is all it takes.

Get the template email →
Read the full investigation.

We investigated 107 Indian company websites. The public report shows what we found.

Read the reportTry the experience