top of page

Privacy Policy

CafféDerma Privacy Policy

Last Updated: April 24, 2025

 

1. Introduction

 

CafféDerma ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our mobile application, or engage with our services (collectively, the "Services") in India.

This policy is designed in accordance with Indian data protection regulations, including the Information Technology Act, 2000 (IT Act), the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (SPDI Rules), and is prepared with consideration to the proposed Digital Personal Data Protection Act framework.

 

Please read this Privacy Policy carefully. By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by all the terms of this Privacy Policy. If you do not agree with our policies and practices, please do not use our Services.

 

2. Information We Collect

 

We collect several types of information from and about users of our Services:

 

2.1 Personal Information

 

Personal information is data that can be used to identify you individually. This may include:

  • Contact information (such as name, email address, mailing address, and phone number)

  • Billing information (such as credit/debit card details and billing address)

  • Account credentials (such as username and password)

  • Date of birth

  • Skin type, concerns, and preferences

  • Purchase history and product preferences

  • Social media handles when you connect your social media accounts

 

2.2 Sensitive Personal Data or Information (SPDI)

 

Under Indian law, certain personal information is classified as Sensitive Personal Data or Information, which includes:

  • Passwords

  • Financial information such as bank account details, credit card information, or other payment instrument details

  • Physical, physiological, and mental health condition (if collected through skin assessments or consultations)

  • Any other detail relating to the above clauses as provided to us for providing our services

 

2.3 Non-Personal Information

 

Non-personal information is data that cannot be used to identify you individually. This may include:

  • Browser type and version

  • Operating system

  • Device information (such as device type, screen resolution)

  • IP address

  • Geographic location (country and city level)

  • Time zone

  • Referring website

  • Pages viewed on our website

  • Time spent on our website

  • Products viewed or searched for

  • Links clicked

  • Interaction with advertisements

 

2.4 Information Collection Methods

 

We collect information through:

  • Direct interactions when you provide information to us

  • Automated technologies, including cookies, web beacons, and similar technologies

  • Third-party sources, such as social media platforms and payment processors

  • Customer surveys and feedback forms

 

3. How We Use Your Information

 

We use your information for various purposes, including to:

 

3.1 Provide Our Services

  • Process transactions and fulfill orders

  • Create and manage your account

  • Provide customer support

  • Personalize your shopping experience

  • Process returns and exchanges

  • Send transactional emails (order confirmations, shipping notifications)

 

3.2 Improve Our Services

  • Analyze usage patterns and trends

  • Conduct research and development

  • Improve our website functionality and user experience

  • Develop new products and services

  • Test and troubleshoot new features

 

3.3 Marketing and Communications

  • Send promotional emails about new products, special offers, or other information

  • Deliver content and product recommendations

  • Administer sweepstakes, contests, and promotions

  • Display targeted advertisements

  • Measure the effectiveness of our marketing campaigns

 

3.4 Security and Fraud Prevention

  • Detect, prevent, and address fraud, security breaches, and technical issues

  • Verify identity for account access

  • Monitor for suspicious activity

  • Ensure compliance with our Terms and Conditions

 

4. Cookies and Similar Technologies

 

4.1 Cookies

 

We use cookies and similar tracking technologies to collect information about your browsing activities. Cookies are small text files that are stored on your device when you visit our website.

 

4.2 Types of Cookies We Use

  • Essential Cookies: Necessary for the operation of our website and Services

  • Functional Cookies: Enable us to remember your preferences and provide enhanced features

  • Analytical/Performance Cookies: Allow us to recognize and count visitors and analyze how visitors interact with our website

  • Targeting Cookies: Record your visit to our website, the pages you visit, and the links you follow to deliver relevant advertisements

 

4.3 Cookie Management

 

You can set your browser to refuse all or some browser cookies or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of our website may become inaccessible or not function properly.

 

5. Information Sharing and Disclosure

 

We may share your information with:

 

5.1 Service Providers

 

We share information with third-party vendors, consultants, and other service providers who perform services on our behalf, such as:

  • Payment processors

  • Shipping and fulfillment companies

  • Customer service providers

  • Marketing and advertising partners

  • Analytics providers

  • IT and cloud service providers

 

When we share information with third parties, we ensure they provide a level of protection comparable to that provided under Indian data protection laws.

 

5.2 Business Transfers

 

If CafféDerma is involved in a merger, acquisition, or sale of all or a portion of its assets, your information may be transferred as part of that transaction. We will notify you via email or prominent notice on our website before your information becomes subject to a different privacy policy.

 

5.3 Legal Requirements

 

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency) in India or other jurisdictions where we operate.

 

5.4 Protection of Rights

 

We may disclose your information to:

  • Enforce our Terms and Conditions

  • Protect our rights, privacy, safety, or property

  • Protect against legal liability

  • Prevent fraud or illegal activities

 

5.5 With Your Consent

 

We may share your information with third parties when you have given us your express consent to do so.

 

6. Data Security

 

We implement appropriate technical and organizational measures to protect the security of your personal information in accordance with the reasonable security practices and procedures as prescribed under the SPDI Rules.

 

Our security measures include:

  • Encryption of sensitive information

  • Regular security assessments

  • Access controls and authentication procedures

  • Security incident response plans

  • Regular staff training on data protection

  • Implementation of internationally recognized information security standards

 

However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

7. Your Privacy Rights

Under Indian data protection laws, you have certain rights regarding your personal information:

 

7.1 Access and Information

 

You have the right to request access to the personal information we hold about you and to receive information about how we use it.

 

7.2 Correction

 

You have the right to request that we correct any inaccurate or incomplete personal information we hold about you.

 

7.3 Withdrawal of Consent

 

You have the right to withdraw your consent for the collection, use, and disclosure of your personal information at any time. However, withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.

 

7.4 Grievance Redressal

 

You have the right to address grievances regarding the processing of your personal information.

 

7.5 Exercising Your Rights

 

To exercise any of these rights, please contact our Grievance Officer using the information provided in the "Grievance Redressal" section below. We may need to verify your identity before responding to your request.

 

8. Children's Privacy

 

Our Services are not directed to individuals under the age of 18, and we do not knowingly collect personal information from children under 18. If we learn that we have collected personal information from a child under 18, we will take steps to delete that information as soon as possible. If you believe that we might have any information from or about a child under 18, please contact our Grievance Officer.

 

9. Data Retention

 

We retain your personal information for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal information, we consider:

  • The amount, nature, and sensitivity of the personal information

  • The potential risk of harm from unauthorized use or disclosure

  • The purposes for which we process the information

  • Whether we can achieve those purposes through other means

  • Applicable legal requirements

 

10. Cross-Border Data Transfers

 

CafféDerma may transfer your personal information to countries outside India for processing. When we transfer your personal information outside India, we ensure that appropriate safeguards are in place to protect your information and that the transfer complies with applicable Indian laws.

 

11. Marketing Communications

 

11.1 Email Marketing

 

If you have opted in to receive marketing communications from us, we may send you emails about our products, services, promotions, and events. You can opt-out of receiving marketing emails at any time by:

  • Clicking the "unsubscribe" link at the bottom of our marketing emails

  • Adjusting your communication preferences in your account settings

  • Contacting our Grievance Officer

 

11.2 SMS Marketing

 

If you have opted in to receive SMS marketing messages, you can opt-out at any time by replying "STOP" to any message or by contacting our Grievance Officer.

 

12. Third-Party Links and Services

 

Our Services may contain links to third-party websites, products, or services. These third parties have their own privacy policies, and we have no responsibility or liability for their content or activities. We encourage you to read the privacy policies of any third-party websites you visit.

 

13. Changes to This Privacy Policy

 

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. The updated policy will be posted on this page with a revised "Last Updated" date. We encourage you to review this Privacy Policy periodically.

If we make material changes to this Privacy Policy, we will notify you by email or through a notice on our website prior to the changes becoming effective.

 

15. Contact Us

 

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

 

CafféDerma India
 

Email: info@caffederma.com

CafféDerma

© CafféDerma

Privacy Policy

Terms and Conditions

Cancellation and Refund

Shipping and Delivery

About Us

Blog

Contact Us

All CafféDerma products are vegan, and we do not test our formulations or ingredients on animals.

cruely free.png
FDA Approved SVG.png

Powered by caffeine & Cliqby

bottom of page