SECTION 1 – WHAT DO WE DO WITH YOUR INFORMATION?
When you place an order through the Mirchili website or mobile applications, as part of the ordering and fulfillment process, we collect the personal information you voluntarily provide, such as your name, contact number, delivery address, and email address.
When you browse Mirchili’s online ordering platform, we automatically receive your device’s Internet Protocol (IP) address and related technical data in order to help us understand browser type, operating system, and improve platform performance and user experience.
Email & communication updates (if applicable):
With your permission, we may send you communications regarding menu updates, new offerings, promotions, features, or service-related announcements.
SECTION 2 – CONSENT
When you provide personal information to complete a transaction, place an order, verify payment, or arrange delivery, you consent to our collecting and using that information strictly for the specific purpose stated.
If we request your personal information for a secondary purpose, such as marketing or promotional communication, we will either ask for your explicit consent or provide you with a clear option to decline.
If you change your mind after opting in, you may withdraw your consent for us to contact you, or for the continued collection, use, or disclosure of your information, at any time by contacting us through the email address or phone numbers provided on the Mirchili website or app.
SECTION 3 – DISCLOSURE
We may disclose your personal information if required to do so by law, regulation, or legal process, or if you violate our Terms of Service.
SECTION 4 – HOSTED DATA
Mirchili’s online ordering platform is hosted on Spoonstream, which provides the e-commerce and ordering infrastructure that enables us to offer our products and services.
Your data is stored through Spoonstream’s data storage systems, databases, and application infrastructure. All data is stored on secure servers protected by firewalls and industry-standard safeguards.
SECTION 5 – PAYMENT DATA
If you choose a direct payment gateway to complete your order, your payment information is handled securely and encrypted in accordance with the Payment Card Industry Data Security Standard (PCI-DSS).
Transaction data is retained only for as long as necessary to complete the purchase and fulfill operational requirements. Once completed, transaction details are deleted in accordance with applicable security and compliance standards.
All payment gateways comply with PCI-DSS requirements as managed by the PCI Security Standards Council, a joint effort of major payment brands including Visa, MasterCard, American Express, and Discover. These standards help ensure the secure handling of payment information.
SECTION 6 – SECURITY
To protect your personal information, Mirchili takes reasonable precautions and follows industry best practices to prevent unauthorized access, misuse, disclosure, alteration, or destruction.
Information is protected using Secure Socket Layer (SSL) technology and encrypted with AES-256 encryption where applicable. While no method of transmission over the Internet or electronic storage is completely secure, we comply with PCI-DSS requirements and apply additional generally accepted security measures.
SECTION 7 – AGE OF CONSENT
By using the Mirchili website or applications, you confirm that you are at least the age of majority in your jurisdiction of residence, or that you have provided consent for any minor dependents under your supervision to use this platform.
SECTION 8 – CHANGES TO THIS PRIVACY POLICY
Mirchili reserves the right to modify this privacy policy at any time. Updates or changes will take effect immediately upon being published on the website.
If material changes are made, we will clearly indicate that the policy has been updated so you remain informed about what information we collect, how it is used, and under what circumstances it may be disclosed.