At Sparkling Canvas Hospitality Pvt. Ltd, we care about your Personal Information, so we have prepared this privacy policy (“Privacy Policy/Policy”) inter alia to help you better understand (1) our practices for collecting, using, maintaining, protecting and sharing your Personal Information when you access or use the website www.rasabali.in (the ‘Website’), the corresponding mobile application called ‘rasabali’ (“App”) and/or other online services (collectively, referred as “Services“) made available by Sparkling Canvas Hospitality Pvt. Ltd, currently a Limited Liability Partnership company established under the laws of India having its registered office at Chesterfield, 1504, NH 4, Thane – 400612, Maharashtra, The Website and App shall hereinafter be collectively referred to as the (“D2C Channel”). Wherever the context so requires (“You” or “User”) shall
mean any natural or legal person who (a) visits our D2C Channel for the purpose of browsing; or (b) Customers who buy products sold on the D2C Channel; or (c) Users of any system set up on the D2C Channel to provide a better consumer experience (Assistant / Chats / Pop-ups chat boxes etc.); and (d) Anyone contacting customer-services. The terms (“rasabali”, “rasabali gourmet”, “The Mitha Sutra”, “CoddleBakes by Shivani” “We”, “Us” or “Our”) shall mean Sparkling Canvas Hospitality
LLP (Currently under name change process to Sparkling Canvas Hospitality Pvt. Ltd). The term “Services” refers to any services offered by “Rasabali” whether on the D2C Channel or otherwise.
Access to the contents available through the D2C Channel is conditional upon your approval of this Privacy Policy which should be read by You, together with the Terms of Service (“Terms”). You acknowledge that this Privacy Policy, together with our Terms, forms our agreement with You in relation to Your use of the D2C Channel. The use of our D2C Channel or Services, and any dispute over privacy, is subject to this Privacy Policy, including its applicable limitations on damages and the resolution of disputes.
A. DEFINITION
1. Capitalized terms, not defined in the Terms located at terms & condition or elsewhere in this Privacy Policy shall mean as follows:
i. “Act” shall mean the Information Technology Act, 2000 and the corresponding rules, amendments, modifications framed thereunder and as notified by the Government from time to time.
ii. “Device(s)” shall mean a desktop computer, laptop computer, tablet, mobile phone, smart watch, or such other electronic equipment.
iii. “Personal Information” refers to any information that identifies or can be used to identify, contact, or locate the person, to whom such information pertains including, but not limited to, name, address, phone number and email address disclosed by You in relation to the Services available on the Website.
iv. “Sensitive Personal Data or Information” consists of information relating to the following:
1. Passwords;
2. Financial information such as bank account or credit card or debit card or other payment instrument details;
3. Physical, physiological and mental health condition;
4. Sexual orientation;
5. Medical records and history;
6. Biometric information;
7. Any detail relating to the above clauses as provided to body corporate for providing service; and
8. Any of the information received under above clauses by body corporate for processing, stored or processed under lawful contract or otherwise.
Provided that, any information that is freely available or accessible in public domain or furnished under the Information Technology Act, 2000 and the corresponding rules made thereunder or any other law for the time being in force shall not be regarded as Sensitive Personal Data or information for the purposes of these rules.
v. “Third Party” refers to any person or entity other than You or Us.
2. Any reference to singular includes a reference to the plural and vice versa, and any reference to one gender includes a reference to other gender(s), unless explicitly provided for.
3. Headings and captions are used for convenience only and not for interpretation of the Privacy Policy.
4. Any reference to a natural person shall, include his/her heirs, executors and permitted assignees and any reference to a juristic person shall, include its affiliates, successors and permitted assignees, unless repugnant to the context.
B. YOUR CONSENT
1. By using the D2C Channel and the Services, you agree and consent to the collection, transfer, use, storage, disclosure and sharing of your information as described and collected by us in accordance with this Policy. If you do not agree with the Policy, please do not use, or access the D2C Channel.
2. We do not knowingly collect or solicit Personal Information from anyone under the age of 18 or knowingly allow such persons to register for the Services on the D2C Channel. If you are under 18, please do not attempt to register for the Services or send any information about yourself to Us. In the event that we learn that we have collected Personal Information from a child under age 18 without verification of parental consent, we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under 18, please contact us at help@sparklingcanvas.in or our Grievance Officer immediately.
3. When You provide Us with Personal Information to complete a transaction, verify your credit card, place an order, arrange a delivery or return a purchase, it is deemed that You have consented to the use of your Personal Information by Us to carry out the transaction as requested.
4. In the course of business, if your Personal Information is used for any secondary reason, We shall specify the reason for requiring such information. Upon such request, You shall have the option to refrain from revealing such information to Us.
5. If after You consent, either impliedly or expressly, for your personal information to be used by Us, you change your mind, You may withdraw your consent for Us to contact You, for the continued collection, use or disclosure of your information, at any time. Such withdrawal of consent shall be communicated to Us through an email at help@sparklingcanvas.in.
6. You agree and acknowledge that by using Our Services and creating an account with Us on the D2C Channel, You authorise Us, our employees, contractors, consultants, partners, associates and affiliates to contact you via email, phone, text messages, internet based instant messaging systems, or otherwise. This is to provide the Services to You and ensure that You are aware of all the features of the Services and related purposes.
C. POLICY CHANGES
We may occasionally update this Policy and such changes will be posted on this page. If we make any significant changes to this Policy, we will endeavor to provide you with reasonable notice of such changes, such as via prominent notice on the D2C Channel or to your email address on record and where required by applicable law, we will obtain your consent. To the extent permitted under the applicable law, your continued use of our Services after we publish or send a notice about our changes to this Policy shall constitute your consent to the updated Policy.
D. LINKS TO OTHER WEBSITES
The D2C Channel may contain links to other websites. Any Personal Information about you collected whilst visiting such websites is not governed by this Policy. Sparkling Canvas shall not be responsible for and has no control over the practices and content of any website accessed using the links contained on the D2C Channel. This Policy shall not apply to any information you may disclose to any of our service providers/service personnel which we do not require you to disclose to us or any of our service providers under this Policy.
E. INFORMATION WE COLLECT
1. Personal Information provided by you in relation to the use of the D2C Channel: In order for Us to enable successful delivery of your order, We collect personal data from You (when You voluntarily provide Us with such information), such as when You use the D2C Channel to place an order for Our products or to inquire about the Services We provide. We may be required to disclose such Personal Information to Third Parties solely in connection with purchase, sale and delivery of your order in accordance with the terms and conditions stipulated by such Third Party and/or where the disclosure is necessary for compliance of a legal obligation. We use the details provided by You during check out to ensure that orders are successfully delivered on time, and to keep You informed on the status of your order.
2. Device Information: In order to improve our Services to you, we may collect information or employ third party plugins that collect information about the devices you use to access our Services, including the hardware models, operating systems and versions, software, file names and versions, preferred languages, unique device identifiers, advertising identifiers, serial numbers, device motion information, mobile network information, installed applications on device and phone state. The information collected thus will be disclosed to or collected directly by these plugins and may be used to improve the content and/or functionality of the services offered to you. Analytics companies may use mobile device IDs to track your usage of the D2C Channel.
3. Personal Information Provided by You in Relation to the Registration Process: In order to provide a safe, efficient, smooth and customized experience and in order to take advantage of certain features available on the D2C Channel including, but not limited to, public forums,
accessing or uploading reviews or taking part in surveys, You may be asked to complete an online registration form which will provide us with Personal Information (Such as (a) Your name; (b) Your phone number; (c) Your e-mail address; (d) Your gender; (e) Your date of birth; and (f) bank details for payment processing. In the event You register with us, You may also be asked to choose a user identity and password in order to identify yourself during future uses of the D2C Channel.
You can register on the D2C Channel by sharing your contact details. Our D2C Channel will provide you with a unique time-bound one-time password (“OTP”). This OTP shall be shared via your network carriers SMS services, the OTP will ensure that you have completed a successful registration on the D2C Channel. We use an OTP based log-in system, which provides security and ease of access to the D2C Channel.
4. Collection of Sensitive Personal data or Information: We do not collect, store or process Sensitive Personal Data or Information as part of our Services on our D2C Channel which is not in accordance with the Information Technology (Reasonable security practices and procedures and Sensitive Personal Data or Information) Rules, 2011.
5. URLs: In general, You can browse the D2C Channel without telling Us who You are or revealing any Personal Information about yourself. Once You give us your Personal Information, You are not anonymous to Us. Wherever possible, We indicate which fields are required and which fields are optional. You always have the option to not provide information for the fields that are optional. We may automatically track certain information about You based upon your behaviour on Our Website. We use this information to do internal research on Our users’ demographics, interests, and behavior to better understand, protect and serve Our users. This information is compiled and analysed on an aggregated basis. This information may include the URLs that you just came from (whether this URL is on our Website or not), which URL You next go to (whether this URL is on Our Website or not), your browser information, and your IP address.
6. Cookies: We use data collection devices such as “cookies” on certain pages of the D2C Channel to help analyze Our web page flow, measure promotional effectiveness, and promote trust and safety. “Cookies” are small files placed on your hard drive that assist Us in providing Our Services. We offer certain features that are only available through the use of a “cookie”. Most cookies are “session cookies,” meaning that they are automatically deleted from your hard drive at the end of a session. You are always free to decline our cookies if your browser permits. Additionally, you may encounter “cookies” or other similar devices on certain pages of the Website that are placed by Third Parties. We do not control the use of cookies by Third Parties.
The cookies used by Us are listed as follows for your information to opt-out of cookies or not:
Wherever We collect personal data we make an effort to provide a link to this Privacy Policy. If You send us personal correspondence, such as emails or letters, we may collect such information into a file specific to You.
7. Payment Information: If You transact with Us, We collect some additional information, such as a billing address, bank details, credit / debit card number, credit / debit card expiration date and / or other payment instrument details and tracking information from cheques or money orders as the case may be. You will also provide Us with Your payment transaction information if You choose to pay for the Services available on Our D2C Channel. We will not use Your financial information for any purpose other than to complete a payment transaction with You. To the extent possible, We provide You the option of not divulging any specific information that You wish for Us not to collect, store or use.
We use Razorpay (Occasionally Paypal) for processing payments. We do not store your card data on their servers. Your data is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS) when processing any payment. Your purchase transaction data is only used as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is not saved.
Our payment gateway adheres to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit and debit card information by our store and its service providers.
For more insight, you may also want to read terms and conditions of razorpay on https://razorpay.com or https://www.paypal.com
We are committed to keeping all such sensitive data/information safe at all times and ensure that such data/information is only transacted over secure site of approved payment gateways which are digitally encrypted and provide the highest possible degree of care available under the technology presently in Us. Further, transacting over the internet has inherent risks which can only be avoided by You following security practices Yourself, such as not revealing account/login related information to any other person and informing Our customer care team about any suspicious activity or where Your account has/may have been compromised.
8. Push Notifications: We may send push notification to Users (for example: letting a User know when an order is out for delivery or details of a new campaign / discounts). If you are a User who no longer want these communications to be sent please turn off the push notifications on Your Device.
9. Others: In addition to cookies, we may also collect information to enable Us to understand You better so that We can improve (i) your user experience; (ii) to assist Our customer service and technical support personnel; (iii) put processes in place to prevent fraud and unlawful use; and (iv) providing and improving Our products and Services; (v) Providing reporting and analytics; (vi) Testing out features or additional services; and (vii) assisting with marketing, advertising or other communications. In an effort to make the D2C Channel effective, certain information may be collected each time You access the D2C Channel. Such information may be saved in Our server logs in an encrypted form which may not identify You personally. Such information or data may include, but shall not be limited to, your IP address, your server details, duration of your visit, date, time or purpose of your visit. In addition to cookies, we use web beacons, ad tags, pixels to advertise as part of the D2C Channel. The above mentioned data may be used by Us and may be shared with Our sponsors, investors, advertisers, developers, strategic business partners or other associates to enhance and grow the user experience in relation to the D2C Channel.
At every stage prior to, during or after information collection, You have the right to access all personally identifiable information provided, rectify or alter all personally identifiable information provided, restrict the level of information to be retained as per Your sole discretion and object to the retention, use and potential disclosure of the personally identifiable information.
10. All Users: This Privacy Policy also applies to data We collect from users who are not registered as members of this App, including, but not limited to, browsing behaviour, pages viewed etc.
11. Contact Data: Contact data including but not limited to Your mailing or home address, location, email addresses, mobile phone numbers, and accounts on internet based instant messaging system such as WhatsApp, Telegram, Signal.
F. USE OF INFORMATION
1. We use Personal Information to provide the delivery of Our products to You. To the extent We use your Personal Information to market to You, We will provide You the ability to opt-out of such uses. We use your Personal Information to resolve disputes; troubleshoot problems; help promote a safe transaction; collect money; measure consumer interest in Our products, inform You about online and offline offers, products and updates; customize your experience; detect and protect Us against error, fraud and other criminal activity; enforce Our Terms; and as otherwise described to You at the time of collection.
2. In Our efforts to continually improve Our product offerings, We collect and analyse demographic and profile data about Our Users’ activity on Our D2C Channel. We identify and use your IP address to help diagnose problems with Our server or Our D2C Channel. Your IP address is also used to help identify You and to gather broad demographic information.
3. We do not sell or rent your Personal Information to any Third Party for any purpose – including for advertising or marketing purposes. We use the information We collect from Users to provide them with the best User experience.
4. More specifically, this information is used for:
i. Provision of the Services on the D2C Channel including optimizing, or further developing/improving operation of the D2C Channel or providing better user experience;
ii. To contact you in relation to Products and Service offerings on the D2C Channel, including pursuant to current or future collaborations with third party service providers;
iii. General business and operating purposes, such as the administration, management and operation of the business, including client/user interaction, responding to requests, customizing and improving our Services;
iv. For payment, billing and invoicing related purposes;
v. To help Us make decisions on what We should work on next. For example (i) Details of how the User has used Our service, such as their activity on the Service, and the frequency and duration of their visits to the App (ii) IP address, (iii) Device event information such as crashes, system activity, hardware settings, browser type, browser language, the date and time of their request and referral URL;
vi. To enable the provision of Services opted for by You;
vii. To communicate necessary account and service-related information from time to time. To allow You to receive quality customer care services;
viii. To tailor the content and information that We may send or display to Users, to offer personalized help and instructions, and to otherwise personalize student experiences while using the D2C Channel or Services;
ix. To better understand how Users access and use Our D2C Channel and Services, on an aggregated or de-identified basis, in order to improve Our Site, App, and Services and respond to user desires and preferences, and for other research and analytical purposes. To prepare insights to enable us to understand patterns and trends with a view to learn more about your preferences or other characteristics;
x. To provide You with advertising that better suits Your interests and profile and is age- /gender-appropriate and targeted to your general location. To serve and measure the effectiveness of advertising;
xi. Compliance with our obligations under applicable laws and other regulations, including to protect against and prevent fraud and other legal or information security risks; and
xii. To serve other purposes for which we provide specific notice at the time of collection, and as otherwise authorized or for any other lawful purpose.
5. We may occasionally send You service related and product change announcements through the general operation of the D2C Channel. We may also use your contact information to send You notifications regarding new services, offers and promotions offered by Us if You affirmatively consent to receive such communications.
6. To provide You with information about services We consider similar to those that You are already using, or have enquired about, or may interest You. If You are a registered user, We will contact You by electronic means (e-mail or SMS or telephone or other internet based instant messaging systems) with information about these services. With Advertisers and Advertising Networks: We may work with third parties such as network advertisers to serve advertisements on the D2C Channel and on third-party websites or other media (e.g., social networking platforms). These third parties may use cookies, JavaScript, web beacons (including clear GIFs), Flash LSOs and other tracking technologies to measure the effectiveness of their ads and to personalize advertising content to you. While you cannot opt out of advertising on the D2C Channel, you may opt out of much interest-based advertising on third party sites and through third party ad networks (including DoubleClick Ad Exchange, Facebook Audience Network and Google AdSense). For more information, visit www.aboutads.info/choices. Opting out means that you will no longer receive personalized ads by third parties ad networks from which you have opted out, which is based on your browsing information across multiple sites and online services. If you delete cookies or change devices, your opt out may no longer be effective.
G. DISCLOSURE OF PERSONAL INFORMATION
1. As a matter of policy, We do not sell or rent any personally identifiable information about You to any Third Party. Furthermore, we do not share Personal Information with any Third Parties except in the limited circumstances described in this Privacy Policy.
2. Service Providers: Targeted advertising is not permitted on Our D2C Channel. We do work with vendors, service providers, and other partners to help Us provide the Services by performing tasks on Our behalf. We may need to share or provide information (including personal information) to them to help them perform these business functions, for example sending emails on our behalf, database management services, database hosting, providing customer support software, and security. Generally, these service providers do not have the right to use Users’ Personal Information we share with them beyond what is necessary to assist Us. Additionally, these service providers must adhere to confidentiality and security obligations in a way that is consistent with this Privacy Policy.
3. With Partner Restaurants/Merchant: While you place a request to order food through the D2C Channel, your information is provided to us and to the restaurants/merchants with whom you may choose to order. In order to facilitate your online food order processing, we provide your information to that restaurant/merchant in a similar manner as if you had made a food order directly with the restaurant. If you provide a mobile phone number, “Rasabali” may send you text messages regarding the order’s delivery status.
4. External Service Providers: There may be a number of Services offered by external service providers that help You use Our D2C Channel. If You choose to use these optional services, and in the course of doing so, disclose information to the external service providers, and/or grant them permission to collect information about You, then their use of Your information is governed by their privacy policy.
5. Law and Order: We cooperate with law enforcement inquiries, as well as other third parties to enforce laws, such as: intellectual property rights, fraud and other rights. We can (and You authorize us to) disclose any information about You to law enforcement and other government officials as We, in Our sole discretion, believe necessary or appropriate, in connection with an investigation of fraud, intellectual property infringements, or other activity that is illegal or may expose us or You to legal liability.
6. Analytics: We use analytics services, including mobile analytics software, to help Us understand and improve how the Service is being used. These services may collect, store and use Personal Information in order to help us understand things like how often people/ customers use the Service, the events that occur within the application, usage, performance data, and from where the application was downloaded.
7. Public: We may share aggregated, non-personally identifiable information publicly, including with Users, partners or the press in order to, for example, demonstrate how the D2C Channel is used, spot industry trends, or to provide marketing materials for the D2C Channel. Any aggregated information shared this way will not contain any Personal Information.
8. Affiliates: Over time, our D2C Channel may grow and reorganize. We may share User’s Personal Information with affiliates such as a parent company, subsidiaries, joint venture partners or other companies that we control or that are under common control with us, in which case we will require those companies to agree to use User’s Personal Information in a way that is consistent with this Privacy Policy.
9. Re-organization: In the event all or a portion of Sparkling Canvas or its assets are acquired by or merged with a third party, Personal Information that we have collected from Users would be one of the assets transferred to or acquired by that third party. This Privacy Policy will continue to apply to Users’ information, and any acquirer would only be able to handle Users’ Personal Information as per this Privacy Policy.
10. In the unlikely event that Sparkling Canvas goes out of business, or files for bankruptcy, we will protect User’s Personal Information, and will not sell it to any third party.
11. Due to the existing regulatory environment, We cannot ensure that all of Your private communications and other personally identifiable information will never be disclosed in ways not otherwise described in this Privacy Policy. By way of example (without limiting and foregoing), We may be forced to disclose information to the government, law enforcement agencies or third parties. Therefore, although We use industry standard practices to protect Your privacy, We do not promise, and You should not expect, that Your personally identifiable information or private communications would always remain private. We do, however assure You that any and all disclosure of Your personally identifiable information shall be personally intimated to You through an email sent to Your provided email address.
H. THIRD-PARTY SERVICES
1. We may engage the services of third parties to help us serve Our customers better. In general, the third-party service providers engaged by Us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to Us.
2. However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information. We are required to provide to them for your purchase-related transactions and We recommend that You read their privacy policies so You can understand the manner in which your Personal Information will be handled by these third-party service providers.
3. In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
4. Once you leave Our Website or are redirected to a third-party website or application, You are no longer governed by this Privacy Policy or our Terms.
5. When you click on third party links on Our Website, We are not responsible for the privacy practices of other sites and for the loss or consequential damage that may be caused to you and encourage You to read their privacy statements.
I. ACCOUNT DELETION
Website User Account Deletion:
“Rasabali App” Account Deletion:
We understand that there may be various reason why you might choose to delete your account. We value your experience with us & would like to offer any assistance or resolve any issues you might be facing with our services. If there is something specific that’s prompting your decision to delete your account, please consider reaching out to us. We are committed to helping you with solution that meets your needs.
However, if you decide to proceed with account deletion, the following steps will guide you through the process. Please note that deleting your account is a permanent action & will result in the loss of all your account data, including your order history & preferences. We recommend reviewing these steps carefully to ensure that you are fully informed about the process & its consequences.
J. DATA SECURITY PRECAUTIONS
1. We have in place appropriate technical and security measures to secure the information collected by us. To protect your Personal Information, We take reasonable precautions and follow industry best practices to make sure your personal information is not inappropriately lost, misused, accessed, disclosed, altered, or destroyed.
2. We use vault and tokenization services from third party service providers to protect the sensitive Personal Information provided by you. The third-party service providers with respect to our vault and tokenization services and our payment gateway and payment processing are compliant with the payment card industry standard (generally referred to as PCI compliant service providers). You are advised not to send your full credit/debit card details through unencrypted electronic D2C Channels. Where we have given you (or where you have chosen) a username and password which enables you to access certain parts of the Website, you are responsible for keeping these details confidential. We ask you not to share your password with anyone.
3. Please be aware that the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted through the Website. Once we have received your information, we will use strict physical, electronic, and procedural safeguards to try to prevent unauthorized access.
K. OPT-OUT
1. You can manage Your account settings by emailing us at help@sparklingcanvas.in, to update, amend, and correct your Personal Information.
2. Unless subject to an exemption, You also have the following rights in relation to the Personal Data We hold about You, unless provided otherwise by local law:
3. Please note that some of these rights are not absolute. In some cases, We may refuse a request to exercise particular rights if complying with it meant that We are no longer able to meet Our contractual obligation to provide You with particular services. We will keep You informed as to the actions that We can take when You make Your request.
4. If you wish to withdraw your consent for the use and disclosure of your Personal Information in the manner provided in this Policy, please write to us at help@sparklingcanvas.in . Please note that we may take time to process such requests, and your request shall take effect no later than 60 (Sixty) business days from the receipt of such request, after which we will not use your personal data for any processing unless required by us to comply with our legal obligations. We may not be able offer you any or all Services upon such withdrawal of your consent.
L. GRIEVANCE REDRESSAL MECHANISM
1. If you have any queries relating to the processing or usage of information provided by you in connection with this Privacy Policy, please email us at help@sparklingcanvas.in or write to our Grievance cell at the following address:
If you come across any abuse or violation of the Privacy Policy, please report to help@sparklingcanvas.in
M. SEVERABILITY
Each paragraph of this Privacy Policy shall be and remain separate from and independent of and severable from all and any other paragraphs herein except where otherwise expressly indicated or indicated by the context of the agreement. The decision or declaration that one or more of the paragraphs are null and void shall have no effect on the remaining paragraphs of this Privacy Policy.
N. DO NOT TRACK
The Service or D2C Channel is not designed to respond to “do not track” signals sent by some browsers.
Advisory Note: This Privacy Policy is published in compliance with inter alia:
Sensitive Personal Information) Rules, 2011 (“SPDI Rules”).
Last Updated On: 15-September-2023
—-[End]—-
Copyright © Sparklingcanvas Hospitality Pvt Ltd 2024 || All rights reserved