Privacy policy

 

This Privacy Policy (“Policy”) outlines how Ceres Foods Private Limited (hereinafter referred to as “Ceres Foods”), a company incorporated under the laws of India and the brand owner of “MOI SOI” (collectively referred to as “We”, “Us”, or “Our”), collects, uses, discloses, and protects the personal data of users (hereinafter referred to as “You”, “Your”) who access or use our website: www.moisoi.in (“Website”).

This Policy complies with the Digital Personal Data Protection (DPDP) Act, 2023, Information Technology (IT) Act, 2000, SPDI Rules, 2011, IT Rules, 2021, Consumer Protection (E-Commerce) Rules, 2020, and Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, along with applicable international laws such as the General Data Protection Regulation (GDPR) (collectively referred to as “Applicable Laws”).

1. Personal Information

1.1 Data We Collect

We collect only the personal data necessary to deliver our services, including:

  • Full name

  • Email address

  • Contact details

  • Payment details (processed via third-party gateways)

  • Order history

  • Dietary preferences or allergies (if voluntarily provided)

  • Technical information such as IP address, browser type, device identifiers, and approximate location (for delivery optimization)

1.2 When We Collect Data

Personal data is collected when you:

  • Create an account

  • Browse products

  • Place orders

  • Track deliveries

  • Submit reviews

  • Subscribe to promotions

1.3 Sensitive Data & Minors

  • Personal and sensitive data is processed strictly in accordance with Applicable Laws.

  • We do not knowingly collect data from individuals below 18 years without verifiable parental or guardian consent.

2. Purpose of Use

We process personal data for lawful and legitimate purposes, including:

  • Order processing, payments, and delivery

  • Customer support and grievance redressal

  • Fraud detection and platform security

  • Personalization (with consent)

  • Transactional and service communications

  • Marketing communications (opt-in only)

  • Analytics using anonymized/aggregated data

  • Legal, regulatory, accounting, and tax compliance

Lawful Basis for Processing

Processing is based on:

  • User consent

  • Performance of a contract (order fulfilment)

  • Legal obligations

  • Legitimate uses under Section 7 of the DPDP Act (e.g., fraud prevention, cybersecurity)

3. Disclosure of Personal Information

We do not sell or rent personal data. Data may be shared with:

  • Service Providers: Payment processors, logistics partners, IT and analytics providers (on a need-to-know basis)

  • Legal Authorities: Courts, regulators, or government bodies when required by law

  • Business Transfers: In case of mergers, acquisitions, or restructuring (with safeguards)

Cross-Border Transfers

Where personal data is transferred outside India, it is done in compliance with the DPDP Act and applicable safeguards.

4. Data Security and Retention

4.1 Security Measures

We implement:

  • Encryption

  • Firewalls

  • Role-based access control

  • Periodic security audits

4.2 Data Retention

Personal data is retained only as long as necessary for its purpose or legal requirements, after which it is securely deleted.

4.3 Data Breach Protocol

In case of a data breach:

  • Affected users and the Data Protection Board of India will be notified within prescribed timelines

  • Appropriate remedial actions will be taken

5. Data Fiduciary

Under the DPDP Act, 2023, Ceres Foods Private Limited acts as the Data Fiduciary, determining how and why personal data is processed.

6. Rights of Users

You have the following rights under Applicable Laws:

  • Right to access your data

  • Right to correct inaccurate or incomplete data

  • Right to withdraw consent

  • Right to data portability

  • Right to restrict processing

  • Right to grievance redressal

📩 Contact: hello@moisoi.in
📞 Phone: +91 99304 90007

7. Cookies and Tracking Technologies

7.1 Usage

We use cookies and similar technologies for:

  • Essential website functionality

  • Analytics

  • Targeted advertising (with consent)

7.2 User Control

You may:

  • Disable cookies via browser settings

  • Manage preferences through cookie banners

8. Children’s Privacy

We do not knowingly collect personal data of individuals under 18 years. Any such data will be deleted unless valid parental consent is obtained.

9. Third-Party Services

Our Website may contain links to third-party platforms (e.g., payment gateways, social media). We are not responsible for their privacy practices. Please review their respective policies.

10. International Data Compliance

For international users, we ensure equivalent protection standards and provide opt-out options where applicable.

11. Consent

By using the Website, creating an account, or providing information, you:

  • Consent to the collection and processing of your data as per this Policy

Separate consent is obtained for:

  • Marketing communications

  • Non-essential cookies

You may withdraw consent at any time.

12. User Responsibilities

Users agree to:

  • Provide accurate and complete information

  • Not impersonate others or misrepresent data

  • Comply with applicable laws while exercising rights

13. Amendments

This Policy may be updated periodically. Continued use of the Website constitutes acceptance of the revised Policy.

14. Governing Law & Jurisdiction

This Policy is governed by the laws of India. Courts in Mumbai shall have exclusive jurisdiction.

15. Grievance Redressal

We aim to resolve grievances within 15 days or as required by law.

Grievance Officer / Data Protection Officer
📧 Email: hello@moisoi.in
📞 Phone: +91 99304 90007
📍 Address:
Office No. 4A, 4th Floor, Clan House
Plot No. 161A, Hemu Kalani Marg
Sindhi Society, Chembur
Mumbai – 400071

Last Updated: 02 April 2026