Bonafide Bakes

Privacy Policy

Last updated: January 03, 2026

This Privacy Policy (“Policy”) describes how Bonafide Bakes (Bonafidebakes) (“Company”, “we”, “us”, “our”) collects, uses, stores, discloses, and protects personal information when you access or use our website, mobile application (where available), or order through our official channels (collectively, the “Services”).

This Policy is intended to align with applicable Indian law, including the Information Technology Act, 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (“SPDI Rules”).

1. Definitions

  • Personal information / Personal data: Information that identifies, or can reasonably be used to identify, an individual (for example, name, phone number, email address, or address).
  • SPDI (Sensitive Personal Data or Information): As defined under the SPDI Rules (for example, passwords and certain financial information). We avoid collecting SPDI unless necessary to provide the Services.
  • Processing: Any operation performed on personal data, such as collection, storage, use, disclosure, or deletion.

2. Information We Collect

2.1 Information You Provide

  • Name
  • Phone number
  • Email address
  • Delivery and/or billing address
  • Order details and preferences (including notes such as custom messages)
  • Communications with us (support requests, feedback)

2.2 Information Collected Automatically

  • Device and browser information (for example, IP address, device identifiers, operating system)
  • Usage information (for example, pages visited, time spent, referring URLs)
  • Cookies and similar technologies (see Section 8)

2.3 Payments

Payments are processed through third-party payment gateways. We do not intentionally store full card numbers, CVV, or net-banking credentials on our servers. We may retain limited transaction references, payment status, and invoice details for accounting, fraud prevention, dispute handling, and customer support.

3. How We Use Information

We use personal information to:

  • Process orders and provide delivery and/or pickup services
  • Communicate order confirmations, updates, and service-related messages
  • Provide customer support and handle complaints
  • Improve the Services, inventory planning, and customer experience
  • Comply with legal obligations (including tax, accounting, and consumer disputes)
  • Prevent fraud, misuse, and security incidents
  • Send marketing communications only where permitted and/or where you have opted in (you may opt out at any time)

We do not sell personal information.

4. Sharing and Disclosure

We may share personal information on a need-to-know basis with the following categories of recipients:

  • Service providers: Such as delivery partners, payment processors, hosting providers, and messaging providers, only to the extent required to perform services for us.
  • Third-party ordering platforms: Where you place orders through such platforms (their terms and privacy practices may govern your transaction with them).
  • Legal and regulatory authorities: Where required by law, court order, or valid government request.
  • Business transfers: In connection with a merger, acquisition, reorganization, or sale of assets, subject to appropriate safeguards and any notice requirements under applicable law.

5. Data Storage and Security

We store personal information on servers located in India and apply reasonable security practices and procedures, including access controls, encryption in transit (HTTPS), and operational safeguards. No system is completely secure; however, we take reasonable steps to protect personal information against unauthorized access, alteration, disclosure, or destruction.

6. Retention

We retain personal information only for as long as necessary for the purposes described in this Policy, including to meet legal, tax, and accounting requirements. We may retain order and invoice records for statutory timelines. Information that is no longer required is deleted or anonymized, subject to backups and technical constraints.

7. Your Choices and Rights

  • Request access to, and correction of, your personal information
  • Withdraw consent where processing is based on consent (for example, marketing)
  • Request deletion, subject to legal obligations and legitimate purposes (for example, retaining invoices)

To exercise these rights, contact us at cravings@bonafidebakes.com or +91 99009 55225. We may require identity verification before acting on requests.

8. Cookies

We use cookies and similar technologies for essential site functionality, security, and analytics. You may control cookies through your browser settings. Disabling cookies may limit certain features of the Services.

9. Children

The Services are not intended for individuals under 18. If we learn that we have inadvertently collected personal information of a minor without appropriate guardian involvement, we will take reasonable steps to delete such information.

10. Updates to This Policy

We may update this Policy from time to time. Updates will be posted on our website with a revised “Last updated” date.

11. Contact and Grievance Redressal

For privacy-related questions or complaints, contact:

  • Email: cravings@bonafidebakes.com (or bonafidebakes.co@gmail.com)
  • Phone: +91 99009 55225
  • Address: Hagadur Main Road, Whitefield, Bengaluru, Karnataka 560066, India

We will acknowledge grievances within 48 hours and aim to resolve them within 30 days, subject to the nature of the request and any dependencies on third parties.