Privacy Policy

• Cafe owner accounts: name, email, phone number, password hash, cafe details (name, address, GST/FSSAI numbers, logo), payment configuration (UPI ID, bank credentials encrypted at rest).
• Customer orders: name, WhatsApp/phone number, delivery address (only for delivery orders), order items, payment status. Customers do not need to create an account to place an order.
• Customer logins: when a customer chooses to log in via WhatsApp OTP, we set a signed cookie keyed to their phone number. We do not store passwords for customer accounts.
• Loyalty programme: for cafes that have loyalty enabled, we store points balance and earn/redeem ledger keyed to (cafe, customer phone).
• Usage logs: standard server access logs (IP address, user agent, timestamp) used for security and abuse prevention. Retained for up to 30 days.
• Cookies: session cookies for authentication, a customer-login cookie when logged in, and the cqr_brand cache header for branding. We do not use third-party advertising cookies.

• To deliver the Service — show the menu, place & track orders, send WhatsApp notifications, process payments, award loyalty points.
• To send transactional emails (password resets, billing notices) and WhatsApp messages (order confirmations, payment receipts) — the cafe is the sender; Cafe QR provides the relay.
• To improve and secure the Service — debugging, abuse monitoring, fraud prevention.
• To comply with legal obligations (tax invoices, government data requests).

We do not sell your personal information. We share data with:

• The cafe you ordered from — they need your name, phone and items to fulfil the order.
• Payment / messaging providers we use under contract — UPI gateways, WhatsApp Cloud API, transactional-email providers — for the limited purpose of completing the requested action.
• Cloud infrastructure (Railway, the database host) where the Service is deployed.
• Authorities if required by valid legal process.

• Order history is retained for the lifetime of the cafe account so customers can look up past orders.
• Customer login cookies expire after 30 days.
• OTP codes are stored in memory for 10 minutes then deleted.
• Server access logs are retained for up to 30 days.

We use HTTPS in transit, hash passwords with bcrypt, encrypt payment-provider secrets at rest, and store session cookies as httpOnly with SameSite=Lax. No system is perfectly secure — please use a strong, unique password for your account.

You can access, correct or delete your account data at any time:

• Cafe owners: via Settings in the dashboard, or by emailing us.
• Customers: log in on your cafe page, view your order history and loyalty balance under My Account, or sign out to clear the session cookie. Email us to request deletion of your phone-number-keyed records.

The Service is not directed to children under 13 and we do not knowingly collect personal information from them.

We may update this policy from time to time. Material changes will be announced on the dashboard or via email.

Questions about your privacy? Email [email protected].