Privacy Policy

This Privacy Policy outlines Cafe Vishala’s approach to Data Protection and Privacy to fulfill its obligations under the applicable laws and regulations. This Privacy Policy applies to your Personal Data which is processed by us, whether in physical or electronic mode.

In this Privacy Policy, the expressions ‘Personal Data’, ‘Data Subject’, ‘Controller’, ‘Processor’ and ‘Processing’ shall have the meanings given to them in the applicable privacy laws.

We are committed to treating data privacy seriously. It is important that you know exactly what we do with your Personal Data.

Throughout this document, “we”, “us”, “our”, “ours” refer to Cafe Vishala. Wherever we have said ‘you’ or ‘your’, this means YOU (as a Data Subject)

Who We Are

Cafe Vishala Private Limited is a Private incorporated on 18 March 2021. It is classified as a Non-govt company and is registered at Registrar of Companies, Bengaluru. Cafe Vishala is engaged in the business of facilitating the selling, marketing, and retailing of Bakery Products (“Business”) through the e-commerce websites and mobile applications (“App”) both developed and owned by Cafe Vishala and its affiliates (Website and App collectively referred to as “Platform”) or offline stores/events to conduct its Business.

Roles We Play

We play the role of a Data Controller when we collect and process Personal Data about you.

We play the role of a Data Processor when we collect and process Personal Data on behalf of another Data Controller

Our Commitment

We commit to protecting your privacy and hence our Personal Data handling practices are continually reviewed to ensure compliance with the applicable Privacy laws and regulations

Categories of Personal Data

Categories of Personal Data collected and processed by us are as follows;

Demographic & Identity data

  • Contact details such as Name, email address, contact number, shipping address, country, date of birth
  • Open data and public records such as information about YOU that is openly available on the internet

Contact details such as Name, email address, contact number, shipping address, country, date of birth

  • Details such as Transaction amount, Bank Name, Card Type, and Card number.

Online Identifiers and Other Technical Data

  • Location details such as data we get about your location, IP address, logs, or from where you connect a computer to the internet
  • Technical details such as device information, location, and network carrier when you use our mobile applications
  • Communications details such as the Metadata and other Personal Data we get from communications done through e-mails, SMS, instant messages and calls
  • Usage data details such as data about how you use our website or web-based properties, pages viewed, etc.

Lawful bases for Processing your Personal Data

We are permitted to process your Personal Data in compliance with applicable laws and regulations by relying on one or more of the following lawful bases:

  • You have explicitly agreed to us processing your Personal Data for a specific reason
  • The processing is necessary to perform the agreement we have with you or to take steps to enter into an agreement with you
  • The processing is necessary to be in compliance with our Legal Obligations
  • The processing is necessary for the purposes of a legitimate interest (“Legitimate Interest”) pursued by us, such as
  • to provide services to you,
  • to evaluate, develop or improve our products and services

Where the processing is based on your consent, you have a right to withdraw your consent at any time. You may withdraw consent by contacting us. Upon receipt of your written request to withdraw your consent, the consequences of withdrawal will be communicated to you, and, upon your agreement, your request for withdrawal will be processed.

Cookies and Other Trackers Used by our Digital Properties

Cookies are small text files that are placed on your computer by websites that you visit. Similarly, there are other types of trackers used. Likewise, Mobile Apps use requisite permissions and SDKs. These are used to make Websites & Apps work or work more efficiently, as well as to provide information to the owners of the website/ App.

We use cookies, permissions, and other trackers in our website, web-based properties, and mobile applications that are used to collect and process data about you so we can provide you with a better online experience as well as improve our services

Below are the categories of cookies used on our website along with a description of what they are used for

Strictly Necessary

These cookies are needed to run our website, to keep it secure if you are logged on, and to obey regulations that apply to us.

If you are a customer, they help us know who you are so that you can log on and manage your accounts. They also help us keep your details safe and private.

Functional

These cookies are used for remembering things like:

  • Your user ID on the log-on page
  • Your region or country
  • Your preferred language
  • Accessibility options like large font or high-contrast pages

Performance

These cookies tell us how you and our other customers use our website. We combine all this data together and study it. This helps us to:

  • Improve the performance of our services
  • Improve the products we provide

Most web browsers allow some control of most cookies through the browser settings. Please note disabling the ‘Strictly Necessary’ cookies may cause certain parts of our website to remain inaccessible to you.

We use other tracking mechanisms in addition to the above

  • Pixel Tags
  • Log Files
  • Clickstream analytics

Personal Data Disclosure

We use third parties who provide elements of our products & services on behalf of us. We have appropriate contracts in place with our third-party partners. This means that they cannot do anything with your Personal Data that is outside of the scope permitted by us. They hold it securely and retain it only for the period specified in our contracts with them.

We might also disclose your Personal Data to appropriate authorities if we believe that it is reasonably necessary to comply with a law, regulation, or legal process, to protect the safety of any person, to address fraud, security, or technical issues, or to protect our rights or the rights of those who use our products & services.

Reasons for disclosing your Personal Data to other parties:

We may disclose your Personal Data to others where it is lawful to do so including where we or they:

  • need to provide you with products or services
  • where you have initiated a payment
  • have a legal obligation to do so, e.g. to assist with detecting and preventing fraud,
  • have requirements in connection with regulatory reporting, litigation, or asserting or defending legal rights and interests
  • have a legitimate business reason for doing so
  • want to send you information and promotional material regarding our products and services,
  • have asked you for your consent to share it, and you’ve agreed
  • Improve your online experience using our product.

To whom your Personal Data may be disclosed:

We may disclose your Personal Data for the above purposes to other parties including:

  • Other group companies and any subcontractors, agents, or service providers who work for us or provide services to us or group companies (including their employees, sub-contractors, service providers, directors, and officers)
  • Law Enforcement Authorities, Government Authorities, courts, dispute resolution bodies, our regulators, auditors, and any party appointed or requested by our regulators to carry out investigations or audits of our activities
  • Statutory and regulatory bodies and authorities (including the government) investigating agencies and entities or persons, to whom or before whom it is mandatory to disclose the Personal Data as per the applicable law, courts, judicial and quasi-judicial authorities and tribunals, arbitrators, and arbitration tribunals
  • Overseas regulators
  • anybody else that we’ve been instructed to share your Personal Data with by you

Cross-border Data Transfer

Personal Data we hold about you may be transferred to other countries outside your residential country for any of the purposes described in this Privacy Policy.

You understand and accept that these countries may have differing (and potentially less stringent) laws relating to the degree of confidentiality afforded to the information it holds and that such information can become subject to the laws and disclosure requirements of such countries, including disclosure to governmental bodies, regulatory agencies, and private persons, as a result of applicable governmental or regulatory inquiry, court order or other similar processes. In addition, a number of countries have agreements with other countries providing for the exchange of information for law enforcement, tax, and other purposes.

If we transfer your Personal Data to third parties for purposes stated in this Privacy Policy, we will use our best endeavors to put in place appropriate controls and safeguards to ensure that your Personal Data is kept accurate, adequately protected, and processed only for specified and reasonable purposes in a manner that is fair, transparent and has a lawful basis, and is stored for no longer than is absolutely necessary.

Data Security

We are committed to protecting your Personal Data in our custody. We take reasonable steps to ensure appropriate physical, technical, and managerial safeguards are in place to protect your Personal Data from unauthorized access, alteration, transmission, and deletion. We ensure that the third parties who provide services to us under appropriate contracts, take appropriate security measures to protect your Personal Data in line with our policies

Retention and Disposal of Data

We keep the Personal Data we collect about you on our systems or with third parties for as long as it is required for the purposes set out in this Privacy Policy and for legal or regulatory reasons. We will only use your Personal Data for those purposes and will make sure that your privacy is protected. We shall take reasonable steps to delete or permanently de-identify Personal Data that is no longer needed.

Links to Other Websites

Our website may contain links to the websites of other organizations. This privacy policy does not cover how that organization processes Personal Data. We encourage you to read the privacy policies on the other websites you visit.

Children’s Privacy

Our website is directed to be used by adults only. If you are not an adult, while you may look at our site, you should not make a purchase, register, or submit Personal Data to us. We or our associates /affiliates do not knowingly collect information from minors.

Contact Us

For any further queries and complaints related to privacy under applicable laws and regulations, you could reach us at:

Contact Email Address:info@cafevishala.com.

Notification of Changes

We keep our Privacy Policy under regular review to make sure it is up-to-date and accurate. Any changes we may make to this Privacy Policy in the future will be posted on this page. We recommend that you revisit this page regularly to check for any updates.