We also accept orders over the phone – Call us at 9080022593 or 7603831952

Duchess Pastries
Duchess Pastries

Privacy Policy for Duchess Pastry

Last updated: August 2025

At Duchess Pastries, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, and safeguard your data when you visit our website or use our services.

1. Data Controller

Legal Entity: Gopalakrishnan Chithrakala, doing business as Duchess Pastry

Address: 7/68 62-B Vijayalakshmi Nagar, Sivasakthi Gardens, Keeranatham, Saravanampatti, Coimbatore, Tamil Nadu, 641035

Contact for privacy inquiries: hello@duchesspastry.com

2. Personal Data We Collect

Account & Profile Data

  • Name, email address, phone number, date of birth, profile image

Order & Delivery Data

  • Delivery address, alternate phone, payment information (tokenized), order history

Technical & Usage Data

  • IP address, device/browser information, geolocation (for mapping & tracking), cookies and similar technologies

3. Why We Collect It & Legal Basis

Data CategoryPurposeLegal Basis
Account & Profile DataCreate and manage your accountPerformance of contract; Consent
Order & Delivery DataProcess & fulfill orders, payment, deliveryPerformance of contract
Technical & Usage DataOptimize Service, security, fraud preventionLegitimate interests; Consent (cookies)

4. How We Share Your Data

We may share your personal data with:

Service providers

  • Authentication & Hosting: Vercel, Auth.js (Google OAuth)
  • Maps & Tracking: Google Maps API
  • Database & Storage: Supabase (PostgreSQL), Prisma
  • Payments: Secure Payment Gateway (PCI-compliant)
  • Analytics & Error Reporting: Google Analytics, Sentry

Legal & Compliance: Authorities if required by law or to protect rights

Business Transfers: In connection with merger, sale, or reorganization

All third parties act as "processors" under the DPDP Act and are contractually bound to safeguard your data.

5. Data Retention

  • Order & Transaction Records: 5 years (tax, audit, legal)
  • Account/Profile Data: Until account deletion or consent withdrawal
  • Analytics & Logs: Raw logs up to 1 year; aggregated/anonymized after 13 months

6. Your Rights & Choices

Under the DPDP Act, you can:

  • Access your data
  • Rectify inaccuracies
  • Erase data when no longer needed or if consent is withdrawn
  • Port data you've provided
  • Withdraw consent at any time

To exercise any right, email us at hello@duchesspastry.com. We aim to respond within 30 days.

7. Cookies & Tracking Technologies

We use:

  • Essential cookies for login, cart, and order processing
  • Performance cookies (e.g. Google Analytics) to understand usage
  • Functional cookies for map integration and real-time order status

You can manage or block cookies via your browser settings. Blocking may affect functionality.

8. Security of Your Data

We employ reasonable technical and organizational safeguards, including:

  • TLS encryption in transit and encryption at rest
  • Access controls and role-based permissions
  • Regular security assessments and patching

9. International Data Transfers

If we transfer data outside India (e.g. to U.S. servers), we use Standard Contractual Clauses approved under Indian law to ensure adequate protection.

10. Changes to This Policy

We may update this Privacy Policy over time. We'll post the revised date at the top and, if changes are material, notify you via email or in-app notice.

Questions or Complaints?

Email: hello@duchesspastry.com

Address: Duchess Pastry, 7/68 62-B Vijayalakshmi Nagar, Sivasakthi Gardens, Keeranatham, Saravanampatti, Coimbatore – 641035.

Legal Policies