1. Scope and Application

1.1 This privacy policy is an electronic record in the form of an electronic contract drafted under the (Indian) Information Technology Act, 2000, the Information Technology (Reasonable security practices and procedures and sensitive personal data of information) Rules, 2011, as amended from time to time (“Privacy Policy”).

1.2 The terms ‘We/Us/Our/Third Wave Coffee Roasters’ shall refer to Heisetasse Beverages Private Limited, and the terms ‘You/Your/Yourself’ shall refer to the users/ members/ customers and any other persons accessing or seeking to use the Platform (as defined below).

1.3 This Privacy Policy is a legally binding document between you and us which governs the usage, collection, protection and sharing of any Information that you provide us when you register with us for access, use, purchase of any product or services (“Services”) from our website located at www.thirdwavecoffeeroasters.com and/ or our mobile applications (the “Platform”).

1.4 General visitors to our website are not required to register or provide information to us in order to experience our website.

1.5 This Privacy Policy shall be read together with the other policies published by us on the Platform, including without limitation the Terms of Use (together the “Policies”).

1.6 This Privacy Policy is an electronic document and does not require any physical, electronic or digital signature. By accessing or using the Platform, you indicate that you understand, agree and consent to the terms and conditions contained in the Privacy Policy. If you do not agree with the terms and conditions of this Privacy Policy, please do not use this Platform.

2. Commitment

2.1 We are committed to ensure that your privacy is protected to all possible, reasonable and commercial extent, as your privacy and data protection is of the utmost importance to us. We will always endeavour to protect your information.

2.2 We seek to collect data in a transparent process. We gather certain types of information about you in order to provide, maintain and improve the Services rendered to you, and hence, we strongly urge you to fully understand the terms and conditions of the Privacy Policy surrounding the capture and use of such Information.

3. Types of Information collected by the Us (“Information”)

3.1 Personally Identifiable Information (PII)

(a) PII, as used in information security and privacy laws, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context.
(b) We do not collect PII unless you provide it to us expressly. Further, we collect PII only to the extent provided by you.
(c) To register an account with us, the PII collected will include your name, telephone number, mailing address, email address, information related to Third Wave Digital Card, username and password; and in due course, we also maintain a history of your transactions with us (order details, Third Wave Digital Card transactions and payment history) and our interactions through your account or in relation to your account. These PII are essential for rendering certain Services to you. We may also use this PII to customize our Services based on such information as provided by you.
(d) We also collect the PII in the form of any information exchanged by you with us in the form of written communication, responses to emails, feedback provided, participation in discussions, etc., all of which is handled with due care and will be available for our use.
(e) You have the right to request to discontinue our use of your PII. To withdraw your consent to our collection and processing of your information in future, you may do so by closing your account with us/ specifically informing us that you are withdrawing your consent towards our use of your PII.

As you access and use our services, we collect certain information from you, including but not limited to, phone number, email address, device make-details, and IP address. By accessing and using our services, you expressly consent to the sharing and disclosure of your information so collected, with our third-party service providers, business partners, and agents. For example, your information may be shared with third-party services like GetSimpl to ensure fraud prevention and PayLater check out experience. Please refer to the third-party privacy policy for more details.

Such information will not be considered as sensitive if it is freely available and accessible in the public domain or is furnished under the Right to Information Act, 2005 or any other law for the time being in force.

3.2 Non-Personal Information (NPI)

(a) We also collect information in a form that does not permit direct association with any specific individual including without limitation the information of the browser you use, usage details and identifying technologies (“NPI”). NPI includes without limitation referring/ exit pages, anonymous usage data, and URLs, platform types, number of clicks, etc.). We request you to note that when you access the Platform or receive emails or any communication from us, we along with its affiliated companies and permitted agents, may use cookies and/or pixel tags to collect information and store your online preferences.

(b) Our web servers automatically collect limited information about your device's connection to the Internet, including your IP address, when you visit our site. (Your IP address is a number that lets computers attached to the Internet know where to send you data -- such as the web pages you view.) Your IP address does not identify you personally. We use this information to deliver our web pages to you upon request, to tailor our site to the interests of our users, to measure traffic within our site and let advertisers know the geographic locations from where our visitors come. 


(c) If we do combine NPI with PII, the combined information will be treated as PII for as long as it remains combined.

4. Information Usage and Sharing

4.1 Our primary goal in collecting the Information is for us to render the Services to you, and to ensure quality and efficiency in the Services provided to you. Additionally, we will also be using the Information for our internal operational purposes, such as providing, maintaining, evaluating, and improving the Platform and the Services, and also for providing customer support. We would also be sharing the information with others in the manner provided in this Privacy Policy.

4.2 In addition, we may occasionally contact you via email or regular mail; however, we have opt-out processes in place.

4.3 Please note that we do not and will not trade or sell or distribute your PII in any manner.

4.4 We may share your PII with third parties only in the following limited circumstances:

(a) To our service providers for the purpose of processing PII on our behalf in connection with the Services. We will require that these service providers agree to process such information based on our instructions and in compliance with this Privacy Policy and all other appropriate confidentiality and security measures;
(b) We have a good faith belief that access, use, preservation or disclosure of such PII is reasonably necessary to: (i) satisfy any applicable law, regulation, legal process or enforceable governmental request including to law enforcement and in response to a court order, (ii) detect, prevent, or otherwise address fraud, technical or security issues, (iii) enforce applicable Policies of the Platform, which may be further extended to investigation of potential violations thereof, or (iv) protect against harm to our rights, safety or property, our users or the public as required or permitted by law;
(c) To protect ourselves against third-party claims

4.5 We may share NPI with interested third parties to help them understand the usage patterns and analyses for certain Services. Any NPI and data and analyses arising therefrom may be shared by us to its existing and potential partners, advertisers, investors, and others.

4.6 In case you have a device that runs Android OS and has been rooted, Third Wave can not guarantee the security or privacy of any user PII on the app.

4.7 In case you have a device that runs Android OS we combine both the Advertisement ID & Device ID to for analytics and advertising purposes only.


5. Links to/ from Third-Party Websites

5.1 The Platform may contain links to third-party websites, products, and services. Information collected by third parties, which may include without limitation information such as location data or contact details, is governed by the privacy practices undertaken by such third parties. We encourage you to learn about the privacy practices of those third parties. We expressly assert that we cannot be responsible for these practices.

5.2 We may have a presence on social networking websites including but not limited to LinkedIn, Facebook, Twitter, Instagram, YouTube and blogs which are promotional and business initiatives to attract, engage and connect to a larger group of people. The domain links contained therein may either direct you to our Platform or request your participation by way of feedback, suggestions, etc. We, in this regard, fully disclaims any liability(ies) or claim(s), which may arise by use/misuse of your feedback, suggestions, views, etc. on any of the aforementioned networking websites or blogs, by any third party whether or not known to us.

6. Information Security & Retention

6.1 We take precautions including without limitation administrative, technical and physical measures to safeguard your personal information against loss, misuse or theft, as well as against destruction, alteration, disclosure and unauthorized access.

6.2 For this purpose, we adopt internal reviews of the data collection, storage and processing practices and security measures to guard against unauthorized access to systems where we store your PII.

6.3 We may share your Information with third parties for the purposes mentioned in Section 4 under confidentiality arrangements in connection with our Services, which inter alia provides for that such third parties to maintain confidentiality and not further disclose the Information.

6.4 Notwithstanding anything contained in this Policy or elsewhere, we shall not be held responsible for any loss, damage or misuse of your PII, if such loss, damage or misuse is attributable to a Force Majeure Event (as defined below):

A "Force Majeure Event" shall mean any event that is beyond Our reasonable control and shall include, without limitation, sabotage, fire, flood, explosion, acts of God, civil commotion, strikes or industrial action of any kind, riots, insurrection, war, acts of government, computer hacking, unauthorised access to a computer, computer system or computer network, computer crashes, breach of security and encryption (provided beyond our reasonable commercial control), power or electricity failure or unavailability of adequate power or electricity.

6.5 While we will endeavour to take all reasonable and appropriate steps to keep secure any PII which we hold about you and prevent unauthorized access, you acknowledge that the internet or computer networks are not fully secure and that we cannot provide any absolute assurance regarding the security of your PII. Please exercise reasonable caution when determining what information you disclose via the Platform.

6.6 Our Platform may provide links to any other website or locations for your convenience, but the provision of such links does not signify our endorsement of such other website or location or its contents. We have no control over, does not review, and cannot be responsible for these outside websites or their content. Please be aware that the terms of this Privacy Policy do not apply to these outside websites or location or its contents.

7. Payment Related Details

7.1 We use secure networks for processing online payments. We do not store your credit card details or debit card details or your internet banking details on our servers. The payment data is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS) when processing your payments.

7.2 Payment gateways and other payment transaction processors will have their own privacy policies in respect to the information you are required to provide to them and we are required to provide to them for your payment-related transactions, and as such, those details will be governed by their privacy policies.

8. Grievances/ issues

8.1 In case of breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed, we have the mechanisms and policies in place in order to identify it and assess it promptly. Depending on the outcome of our assessment, we will make the requisite notifications to the supervisory authorities and communications to the affected data subjects, which might include you.

8.2 In accordance with the legal requirements, the name and contact details of the Grievance Officer who can be contacted with respect to any complaints or concerns including those pertaining to breach of this Privacy Policy and other Policies are published as under:

Grievance Officer Name: Sushant Goel
Email address: care@thirdwavecoffee.in
Phone number: 080-47108

8.3 The Grievance Officer can be contacted between 10am to 5pm from Monday to Friday except on public holidays.

8.4 Further, if you would like to access, correct, amend or delete any of your Information shared with us, please contact us at care@thirdwavecoffee.in. We shall respond to and address all reasonable concerns or inquiries in a reasonable amount of time.

8.5 If you would rather not receive marketing emails from us, please opt out in the email or please let us know by contacting us as indicated above.

9. Governing Law

9.1 We are incorporated in, and based out of the Republic of India, and we are duty bound to abide by Indian laws.

9.2 Further, any disputes regarding this Privacy Policy shall be subject to the exclusive jurisdiction of the courts of Bengaluru, India.

10. Updates to the Privacy Policy

10.1 We reserve the right to modify, amend, suspend, terminate or replace this Privacy Policy from time to time within our sole discretion. We will post any changes made to the Privacy Policy on the Platform without prior notice to you. Such changes will take effect immediately upon their posting on the Platform. If we make material changes to this Privacy Policy, we may notify you that it has been updated to enable you to review the materially-changed Privacy Policy.

10.2 We encourage you to review the Privacy Policy frequently. By your continued use of the Platform, you consent to the terms of the revised/ updated Privacy Policy.

 

11. Queries/ feedback/ grievances 

11.1 In accordance with the legal requirements, the name and contact details of the Grievance Officer who can be contacted with respect to any complaints or concerns including those pertaining to breach of this APP Privacy Policies are published as under:

Grievance Officer Name: Sushant Goel
Email address: care@thirdwavecoffee.in
Phone number: 080-47108111‬

11.2 The Grievance Officer can be contacted between 10am to 5pm from Monday to Friday except on public holidays.

11.3 Further, if you have any queries or wish to provide any feedback or otherwise reach out to us, please contact us at care@thirdwavecoffee.in. We shall respond to and address all reasonable concerns or queries in a reasonable amount of time.