Hyderabad Customers Only – Delivery Enabled

Privacy Policy

Sri Lohitha Foods Private Limited (“Company”, “we”, “our”, or “us”) respects your privacy and is committed to protecting your personal information in accordance with applicable Indian laws, including the Information Technology Act, 2000, Consumer Protection Act, 2019, Consumer Protection (E-Commerce) Rules, 2020, Digital Personal Data Protection Act, 2023 (DPDPA), and other applicable regulations.

By accessing or using our website, products, or services, you agree to the terms of this Privacy Policy.

1. Information We Collect

We may collect the following information from customers and website visitors:

Personal Information

  • Full name
  • Mobile number
  • Email address
  • Billing and shipping address
  • GST details (where applicable)

Transaction Information

  • Order details
  • Payment information
  • Delivery information
  • Purchase history

Technical Information

  • IP address
  • Browser/device information
  • Cookies and analytics data
  • Website usage information

2. Purpose of Collection

Your information may be used for:

  • Processing and delivering orders
  • Customer support and grievance handling
  • Payment processing
  • Improving our products and services
  • Sending transactional updates (order confirmation, dispatch, delivery)
  • Legal, taxation, and GST compliance under the Companies Act, 2013 and Income Tax Act, 1961
  • Fraud prevention and security purposes

3. Sharing of Information

We do not sell or rent customer data. Information may be shared only with:

  • Delivery/logistics partners
  • Payment gateway providers
  • Technology and cloud service providers
  • FSSAI and food-safety regulatory authorities where required
  • Government/tax authorities (GST, Income Tax) where legally required

All such parties are bound by confidentiality obligations and are expected to maintain appropriate data protection standards as required under applicable law.

4. Payment Security

Payments are processed through RBI-authorised, PCI-DSS compliant third-party payment gateways. We do not store complete debit/credit card details on our servers. All payment data is encrypted in transit using SSL/TLS protocols.

5. Cookies

Our website may use cookies and related technologies to improve user experience, analyse website traffic, and remember customer preferences. Cookies are small text files stored on your device by your browser.

Customers may disable cookies through browser settings; however, some website functionality may be affected.

6. Data Retention

Customer data is retained as follows:

  • Order and transaction records: minimum 7 years for GST/tax compliance (CGST Act, 2017; Income Tax Act, 1961)
  • Customer account data: retained for the duration of your account and up to 3 years after closure
  • Legal and dispute-related records: as required under applicable law or court orders
  • Marketing communication preferences: until withdrawal of consent

7. Customer Rights

In accordance with the Digital Personal Data Protection Act, 2023 (DPDPA), customers have the following rights:

  • Right to Access: obtain information about personal data we hold about you
  • Right to Correction: request correction of inaccurate or incomplete data
  • Right to Erasure: request deletion of personal data, subject to legal retention obligations
  • Right to Grievance Redressal: lodge a complaint with our Grievance Officer
  • Right to Withdraw Consent: at any time, for processing based on consent
  • Right to Nominate: nominate an individual to exercise your rights in the event of death or incapacity (DPDPA 2023, Sec. 14)

Customers may also opt-out from promotional communications at any time.

8. Data Security

We implement reasonable administrative, technical, and organisational safeguards to protect customer information from unauthorised access, misuse, or disclosure, as required under the Information Technology Act, 2000, Section 43A, and the IT (Reasonable Security Practices and Procedures) Rules, 2011.

However, no electronic transmission or storage system is completely secure. In the event of a data breach, we will notify affected users and the Data Protection Board (once constituted under DPDPA 2023) as required by law.

9. Third-Party Links

Our website may contain links to third-party websites or services. We are not responsible for the privacy practices or content of such third parties. We encourage you to review the privacy policies of any third-party websites you visit.

10. Children's Privacy

Our services are not intended for individuals below 18 years of age. We do not knowingly collect personal data from minors. If we become aware that a minor has provided us with personal data without verifiable parental consent, we will delete such data promptly.

Legal Reference: DPDPA 2023, Sec. 9 — Special provisions for children's data.

11. Grievance Redressal

In accordance with the Consumer Protection (E-Commerce) Rules, 2020, Rule 4(1)(b) and (c), and the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021:

Grievance Officer

Name of Grievance Officer — The Manager

Sri Lohitha Foods Private Limited

Email: support@lohithafoods.com

Phone: +91 8008301730

Working Hours: Monday to Saturday, 9:00 AM – 6:00 PM IST

Customer complaints will be acknowledged within 48 hours and resolved within one month of receipt, as required under Rule 4(1)(c) of the Consumer Protection (E-Commerce) Rules, 2020.

12. Changes to Privacy Policy

We reserve the right to modify this Privacy Policy at any time. Updated versions will be posted on this page with the revised effective date. For material changes, we will notify registered customers via email or prominent website notice.

Legal Reference: Consumer Protection (E-Commerce) Rules, 2020 | Digital Personal Data Protection Act, 2023 | IT Act, 2000 (Sec. 43A) | Consumer Protection Act, 2019 | CGST Act, 2017 (Sec. 36)