CafeAura · Legal

Privacy Policy

Effective Date: April 1, 2026

Last Updated: April 1, 2026

Viruzverse Solutions Private Limited

Viruzverse Solutions Private Limited ("Company", "we", "our", or "us") operates the Cafeaura mobile application and related services (collectively, the "App"). This Privacy Policy explains how we collect, use, store, share, and protect your personal data when you use our App. By downloading or using the App, you agree to this Privacy Policy. If you do not agree, please do not use the App.

1. Who We Are

App NameCafeaura

CompanyViruzverse Solutions Private Limited

CountryIndia

Contact Emailhelpdesk@viruzverse.in

Cafeaura is a closed-network food ordering platform available exclusively to verified users of participating institutional communities (such as campuses, organisations, or similar institutions).

2. Data We Collect

We collect only the data necessary to operate and improve the App.

a. Account & Identity Data

Linked to your identity

Full name
Email address
Institution or campus details
Account credentials (managed securely via authentication provider)

b. Order & Wallet Data

Linked to your identity

Order details and history
Wallet balance and credit/debit records
Refund and adjustment records
Payment status and transaction reference IDs
Cancellation records

c. Device & Technical Data

May be linked to your identity

Device type, operating system, and app version
App interaction and usage data
Log and diagnostic data (for debugging, security, and service reliability)
IP address (retained in server logs)

d. Notification Data

Linked to your identity

Device push notification token (used solely to deliver transactional notifications to your device)

e. User-Submitted Content

Linked to your identity

Reviews, ratings, or feedback submitted within the App

f. Analytics Data

Not linked to your identity

Aggregated, anonymised app usage and performance data used to improve the App

Cross-App Tracking: We do not track you across third-party apps or websites for advertising purposes. All data collected is used solely to operate and improve Cafeaura.

3. How We Use Your Data

We use your data to:

Create, verify, and manage your account
Authenticate and authorise institutional access
Process orders, wallet transactions, refunds, and cancellations
Display your order history and wallet balance within the App
Send transactional notifications (order confirmations, wallet updates, account alerts)
Detect and prevent fraud, abuse, or unauthorised access
Diagnose crashes, fix bugs, and improve App performance
Conduct internal analytics to improve the service
Provide customer support and respond to your requests
Comply with legal, regulatory, and contractual obligations
Maintain audit records for financial and security purposes

We do not use your data for advertising, profiling, or sale to third parties.

4. Payments & Wallet

Cafeaura uses authorised third-party payment gateways to process payments. We do not store sensitive financial data such as card numbers, CVVs, or bank credentials on our own servers. We store only:

Transaction reference IDs
Payment status (success / failed / pending)
Wallet balance and credit/debit records

Wallet Terms

Wallet credits are issued as in-app balance for use within Cafeaura only
Wallet credits are non-transferable and non-withdrawable except where required by applicable law
Refunds for cancelled orders are credited to your in-app wallet balance
Refunds to the original payment method are not provided unless required by law

5. Third-Party Services & SDKs

We integrate the following third-party providers. Each provider processes data only as necessary to deliver their service and does not use your data for their own marketing purposes:

ProviderPurposePrivacy Policy

SupabaseAuthentication, database, and real-time datasupabase.com/privacy

Firebase (Google)Push notifications and crash reportingfirebase.google.com

SentryCrash reporting and diagnosticssentry.io/privacy

PostHogProduct analytics (anonymised)posthog.com/privacy

Payment GatewayPayment processingrazorpay.com/privacy

6. Data Sharing

We do not sell, rent, or trade your personal data. We share limited data only in the following circumstances:

Canteen or institution administrators — name and order details shared for order fulfilment within your institution
Payment gateway providers — transaction data processed solely for payment execution
Service providers listed in Section 5 — data shared only as necessary to operate the App
Legal obligations — when required by applicable law, court order, or lawful government authority
Safety and security — to protect the rights, property, or safety of users, the Company, or the public

All sharing is limited to what is strictly necessary for the stated purpose.

7. Data Security

We implement appropriate technical and organisational safeguards, including:

Encryption in transit (HTTPS / TLS) for all data communications
Secure, token-based authentication systems
Role-based access controls limiting who can access user data
Regular security monitoring and audit logging

No system is completely secure. While we take reasonable precautions, we cannot guarantee absolute security. In the event of a data breach that affects your rights and freedoms, we will notify you and relevant authorities as required by applicable law.

8. Data Retention

ScenarioRetention Period

Active accountDuration of account activity

After deletion requestUp to 45 days for full deletion

Financial / transaction recordsAs required by applicable accounting and tax law

Legal, fraud prevention, or dispute recordsAs required by law or until resolution

Anonymised analytics dataIndefinitely (no personal identifiers retained)

After the applicable retention period, personal data is deleted or irreversibly anonymised.

9. Account Deletion

You can permanently delete your Cafeaura account and associated personal data in either of the following ways:

1In-App: Navigate to Settings → Account → Delete Account within the App

2By Email: Contact us at helpdesk@viruzverse.in with subject line "Account Deletion Request" from your registered email address

Deletion requests are processed within 45 days. We may retain limited data where necessary for legal compliance, fraud prevention, financial recordkeeping, or active dispute resolution, as described in Section 8.

⚠Deleting your account is permanent and irreversible. Your order history, wallet balance, and profile data will be permanently removed subject to the retention exceptions above.

10. Your Rights & Choices

Subject to applicable law, you have the right to:

Access — request a copy of the personal data we hold about you
Correction — request correction of inaccurate or outdated data
Deletion — request deletion of your account and personal data (see Section 9)
Restriction — request that we limit processing of your data in certain circumstances
Portability — request your data in a structured, machine-readable format where applicable
Withdraw consent — where processing is based on consent, you may withdraw it at any time
Notifications — control or disable push notifications via your device's system settings at any time

To exercise any of these rights, contact us at helpdesk@viruzverse.in. We will respond within 30 days.

11. Children's Privacy

Cafeaura is intended for users aged 13 years and above. Users between the ages of 13 and 17 should use the App only with the consent and oversight of a parent, guardian, or their institution.

We do not knowingly collect personal data from children under the age of 13. If you are a parent, guardian, or institution and believe a child under 13 has provided personal information without appropriate authorisation, please contact us immediately at helpdesk@viruzverse.in. We will promptly review and delete the relevant information.

12. International Data Processing

Your data may be processed and stored on servers located outside your country of residence, operated by our trusted third-party providers (see Section 5). These transfers are made subject to appropriate contractual and technical safeguards in compliance with applicable data protection law. By using the App, you acknowledge and consent to such transfers.

13. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or the App. When material changes are made:

The Effective Date at the top of this policy will be updated
Where appropriate, we will notify you via the App or by email

Your continued use of the App following the updated policy's effective date constitutes your acceptance of the revised terms. We encourage you to review this policy periodically.

14. Contact Us

For any questions, requests, or concerns about this Privacy Policy or your personal data:

Viruzverse Solutions Private Limited

helpdesk@viruzverse.in

We aim to respond to all enquiries within 5 business days.

Loading…

Back to CafeAura

CafeAura · Legal

Privacy Policy

Effective Date: April 1, 2026

Last Updated: April 1, 2026

Viruzverse Solutions Private Limited

1. Who We Are

App NameCafeaura

CompanyViruzverse Solutions Private Limited

CountryIndia

Contact Emailhelpdesk@viruzverse.in

Cafeaura is a closed-network food ordering platform available exclusively to verified users of participating institutional communities (such as campuses, organisations, or similar institutions).

2. Data We Collect

We collect only the data necessary to operate and improve the App.

a. Account & Identity Data

Linked to your identity

Full name
Email address
Institution or campus details
Account credentials (managed securely via authentication provider)

b. Order & Wallet Data

Linked to your identity

Order details and history
Wallet balance and credit/debit records
Refund and adjustment records
Payment status and transaction reference IDs
Cancellation records

c. Device & Technical Data

May be linked to your identity

Device type, operating system, and app version
App interaction and usage data
Log and diagnostic data (for debugging, security, and service reliability)
IP address (retained in server logs)

d. Notification Data

Linked to your identity

Device push notification token (used solely to deliver transactional notifications to your device)

e. User-Submitted Content

Linked to your identity

Reviews, ratings, or feedback submitted within the App

f. Analytics Data

Not linked to your identity

Aggregated, anonymised app usage and performance data used to improve the App

Cross-App Tracking: We do not track you across third-party apps or websites for advertising purposes. All data collected is used solely to operate and improve Cafeaura.

3. How We Use Your Data

We use your data to:

Create, verify, and manage your account
Authenticate and authorise institutional access
Process orders, wallet transactions, refunds, and cancellations
Display your order history and wallet balance within the App
Send transactional notifications (order confirmations, wallet updates, account alerts)
Detect and prevent fraud, abuse, or unauthorised access
Diagnose crashes, fix bugs, and improve App performance
Conduct internal analytics to improve the service
Provide customer support and respond to your requests
Comply with legal, regulatory, and contractual obligations
Maintain audit records for financial and security purposes

We do not use your data for advertising, profiling, or sale to third parties.

4. Payments & Wallet

Transaction reference IDs
Payment status (success / failed / pending)
Wallet balance and credit/debit records

Wallet Terms

Wallet credits are issued as in-app balance for use within Cafeaura only
Wallet credits are non-transferable and non-withdrawable except where required by applicable law
Refunds for cancelled orders are credited to your in-app wallet balance
Refunds to the original payment method are not provided unless required by law

5. Third-Party Services & SDKs

We integrate the following third-party providers. Each provider processes data only as necessary to deliver their service and does not use your data for their own marketing purposes:

ProviderPurposePrivacy Policy

SupabaseAuthentication, database, and real-time datasupabase.com/privacy

Firebase (Google)Push notifications and crash reportingfirebase.google.com

SentryCrash reporting and diagnosticssentry.io/privacy

PostHogProduct analytics (anonymised)posthog.com/privacy

Payment GatewayPayment processingrazorpay.com/privacy

6. Data Sharing

We do not sell, rent, or trade your personal data. We share limited data only in the following circumstances:

Canteen or institution administrators — name and order details shared for order fulfilment within your institution
Payment gateway providers — transaction data processed solely for payment execution
Service providers listed in Section 5 — data shared only as necessary to operate the App
Legal obligations — when required by applicable law, court order, or lawful government authority
Safety and security — to protect the rights, property, or safety of users, the Company, or the public

All sharing is limited to what is strictly necessary for the stated purpose.

7. Data Security

We implement appropriate technical and organisational safeguards, including:

Encryption in transit (HTTPS / TLS) for all data communications
Secure, token-based authentication systems
Role-based access controls limiting who can access user data
Regular security monitoring and audit logging

8. Data Retention

ScenarioRetention Period

Active accountDuration of account activity

After deletion requestUp to 45 days for full deletion

Financial / transaction recordsAs required by applicable accounting and tax law

Legal, fraud prevention, or dispute recordsAs required by law or until resolution

Anonymised analytics dataIndefinitely (no personal identifiers retained)

After the applicable retention period, personal data is deleted or irreversibly anonymised.

9. Account Deletion

You can permanently delete your Cafeaura account and associated personal data in either of the following ways:

1In-App: Navigate to Settings → Account → Delete Account within the App

2By Email: Contact us at helpdesk@viruzverse.in with subject line "Account Deletion Request" from your registered email address

⚠Deleting your account is permanent and irreversible. Your order history, wallet balance, and profile data will be permanently removed subject to the retention exceptions above.

10. Your Rights & Choices

Subject to applicable law, you have the right to:

Access — request a copy of the personal data we hold about you
Correction — request correction of inaccurate or outdated data
Deletion — request deletion of your account and personal data (see Section 9)
Restriction — request that we limit processing of your data in certain circumstances
Portability — request your data in a structured, machine-readable format where applicable
Withdraw consent — where processing is based on consent, you may withdraw it at any time
Notifications — control or disable push notifications via your device's system settings at any time

To exercise any of these rights, contact us at helpdesk@viruzverse.in. We will respond within 30 days.

11. Children's Privacy

Cafeaura is intended for users aged 13 years and above. Users between the ages of 13 and 17 should use the App only with the consent and oversight of a parent, guardian, or their institution.

12. International Data Processing

13. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or the App. When material changes are made:

The Effective Date at the top of this policy will be updated
Where appropriate, we will notify you via the App or by email

Your continued use of the App following the updated policy's effective date constitutes your acceptance of the revised terms. We encourage you to review this policy periodically.

14. Contact Us

For any questions, requests, or concerns about this Privacy Policy or your personal data:

Viruzverse Solutions Private Limited

helpdesk@viruzverse.in

We aim to respond to all enquiries within 5 business days.