1. Introduction to Privacy at CodeCafe

At CodeCafe, your privacy is a foundational pillar of our service. As an IT service provider, we understand that we handle sensitive business logic and personal identifiers. This Privacy Policy outlines our practices regarding the collection, use, and safeguarding of your data. We comply with the Information Technology Act, 2000 (India) and align our practices with global standards such as the GDPR and CCPA to ensure your data is handled with the highest level of integrity.

2. Information We Collect

We collect data through various touchpoints to provide a seamless development experience.

A. Personal Data

This is information that identifies you as an individual or business representative:

• Identity Data: Name, job title, and company name.
• Contact Data: Email address, phone number (WhatsApp), and billing address.
• Financial Data: Billing details and GST/Tax identification numbers.

B. Non-Personal and Technical Data

This data is collected automatically when you interact with our website:

• Usage Data: Pages viewed, time spent on site, and navigation paths.
• Technical Data: IP address, browser type, operating system, and device identifiers.

C. Project-Specific Data

As your development partner, we may process:

• Server Credentials: SSH keys, FTP details, and database logins.
• API Keys: For integration with third-party services.
• Source Code: Code hosted on our private repositories during the build phase.

3. How We Use Your Information

We use the collected information for specific, legitimate business purposes:

• Project Execution: To communicate regarding milestones, chapters, and deliverables.
• Financial Management: For invoicing, payment processing, and tax reporting.
• Support & Maintenance: To troubleshoot issues and provide technical assistance.
• Service Improvement: Analyzing website traffic to optimize our UI/UX for future users.
• Legal Compliance: To prevent fraud and meet regulatory obligations under Indian law.

4. Data Storage and Security Measures

CodeCafe employs "Security by Design" principles.

• Encryption: All data in transit is protected by SSL/TLS encryption. Sensitive credentials stored in our internal systems are encrypted using AES-256.
• Access Control: Access to project-specific data is restricted to the specific developers and project managers assigned to your account.
• Backups: We perform regular encrypted backups of project data to prevent data loss due to unforeseen technical failures.
• Physical Security: Our development centers are equipped with restricted access and 24/7 monitoring

5. Cookies and Tracking Technologies

We use cookies to enhance your experience.

• Essential Cookies: Necessary for the website to function (e.g., login sessions).
• Analytical Cookies: Helping us understand how users find CodeCafe (e.g., Google Analytics).
• Preference Cookies: Remembering your settings (e.g., language or theme). You can manage your cookie preferences through your browser settings, though disabling certain cookies may affect website functionality.

6. Third-Party Sharing and Services

CodeCafe does not sell or trade your personal information. We only share data with trusted partners when necessary:

• Cloud Providers: (AWS, Google Cloud) for hosting development environments.
• Collaboration Tools: (Slack, Trello, Jira) for project management.
• Payment Processors: (Stripe, Razorpay) to facilitate milestone payments. All third-party partners are vetted to ensure they maintain data protection standards equivalent to our own.

7. User Rights and Choices

Under the Digital Personal Data Protection (DPDP) standards, you have the following rights:

• Right to Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request corrections to any inaccurate or incomplete information.
• Right to Erasure: Request that we delete your data (subject to legal retention requirements).
• Right to Object: Opt-out of marketing communications at any time.

8. Data Retention Policy

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected.

• Active Projects: Data is retained for the duration of the contract.
• Post-Launch: Project files and communication logs are retained for 2 years to support potential maintenance or updates.
• Financial Records: Billing data is retained for 7 years as required by Indian tax laws.

9. Children’s Privacy

Our services are directed toward business professionals and are not intended for individuals under the age of 18. We do not knowingly collect personal data from children.

10. Updates to This Policy

CodeCafe reserves the right to update this Privacy Policy to reflect changes in legal requirements or our internal processes. We will notify you of any significant changes via email or a prominent notice on our website.

11. Contact Information

If you have any questions or concerns regarding your privacy, please contact our Data Protection Officer: Email: [email protected]