This Privacy Policy explains how Brewszilla collects, uses, safeguards, shares, and retains personal data when you use the Brewszilla app and related online services in India.
This Policy forms part of the Terms and by using the services you consent to practices described here, subject to applicable Indian laws on electronic records and data protection.
This Policy applies to individuals who browse, create accounts, place orders, partner as breweries or brands, interact via chats or community meetups, or contact support through Brewszilla's channels.
Brewszilla acts as a data fiduciary for digital personal data under India's Digital Personal Data Protection framework and engages data processors under written contracts with appropriate safeguards.
Processing relies on your consent and other lawful purposes such as providing requested services, preventing fraud, and complying with legal obligations consistent with Indian privacy principles.
You may withdraw consent at any time via in‑app settings or published contact channels, and such withdrawal will be honored prospectively as permitted by law.
Brewszilla does not knowingly collect data from persons under 18 and restricts registration and features accordingly, removing any inadvertent collection upon verified notice.
Age-gating and verification measures may be applied where features relate to restricted products or venues subject to local law and platform policies.
Account and profile details such as name, contact information, age or birth year, preferences, mobile number, photographs, posts and reviews, comments/feedback, followers, contact details of friends, favorites, search history, bookmarks, and event registrations are collected to create and manage your account and provide services.
Order, delivery, and transaction details including brew tours, classes, NGO events, and payment information are processed to fulfill purchases, manage invoices and refunds, and provide customer support and status updates.
Device and usage data such as app events, identifiers, IP address, language, crash logs, location information via GPS/cellular/Wi-Fi networks, metadata, and files containing personal information help improve reliability, security, and product experience.
If you enable contacts discovery, only hashed phone numbers are used to help identify connections on the platform for meetups and community features, and these hashes are not shared with other users or partners.
This feature is optional and can be disabled at any time in settings, after which related data will no longer be processed except as required for security or legal compliance.
Payments may be processed by compliant payment gateways including PhonePe and Google Pay, and card data is handled under PCI‑DSS standards by those providers; Brewszilla does not store full card details.
Settlement records and limited payment metadata are retained as required for billing, fraud prevention, audits, and legal compliance.
Cookies, pixels, and SDKs including session cookies, persistent cookies, third-party cookies, secure cookies, HttpOnly cookies, Flash cookies, analytics cookies, and pixel tags may be used to keep you signed in, remember preferences, secure sessions, measure performance, and improve features, with controls available via device settings.
Where required, consent banners or in‑app toggles are provided for non‑essential cookies or similar identifiers.
Data is used to operate core features, complete transactions, provide support, personalize content and experiences, secure accounts, prevent abuse, enhance services, communicate with users, display relevant advertisements, enable interactive features like connections and meetups, and improve the platform through analytics and testing.
Processing also supports legal compliance, tax and accounting, incident response, technical issue resolution, research utilizing collected data, and grievance redressal consistent with intermediary and data‑protection rules.
Data may be shared with service providers under confidentiality and security obligations for hosting, analytics, communications, customer support, delivery, and payments.
Information may be disclosed to venue partners including breweries, brew class masters, brew tour organizers, and community leaders to fulfill orders and event access, to authorities when legally required, and in reorganizations subject to continuity of protection.
If data is transferred across borders, Brewszilla will follow applicable DPDP Act restrictions and government notifications regarding approved jurisdictions and safeguards.
Cross‑border transfers will be limited to lawful purposes with contractual protections and technical controls appropriate to the risk.
Data is retained only for as long as necessary to fulfill stated purposes, meet legal and accounting requirements, resolve disputes, and enforce agreements, after which it is deleted or irreversibly anonymized.
Retention schedules may vary by category such as orders, payments, and security logs, and are periodically reviewed for necessity.
Brewszilla implements reasonable security practices for sensitive personal data, including encryption, access controls, and monitoring aligned with Indian IT security requirements.
Vulnerability management and incident response processes are maintained, and users are encouraged to use strong passwords and report suspicious activity promptly.
You can access, correct, update, or delete certain data through settings and may request export, objection to processing, or withdrawal of consent within the limits of applicable law.
If classified as a significant data fiduciary context applies, additional mechanisms like dedicated grievance handling and data protection contacts will be communicated.
Transactional communications such as OTPs, receipts, service alerts, and policy updates are necessary for service delivery and may be sent electronically under Indian law.
Marketing messages, if any, follow applicable consent and opt‑out rules, and preferences can be updated in‑app or via published opt‑out channels.
Third‑party sites, SDKs, and services are governed by their own policies, and Brewszilla is not responsible for their practices; use discretion and review their terms and notices.
Security hygiene such as avoiding suspicious links and keeping devices updated helps reduce risk when engaging external resources.
You may request account closure and data deletion through in‑app controls or the contact channels published within the app, subject to lawful retention needs.
Brewszilla will act on verified requests within a reasonable period and confirm outcomes or reasons if retention obligations apply.
This Policy may be updated to reflect service changes or legal requirements, with notice provided in‑app or through other reasonable means where required, and continued use signifies acceptance.
Material changes will include an effective date and references to key updates to support transparency and informed choices.
A grievance redressal mechanism is maintained per Indian IT rules, and contact details for submissions and appeals are published within the app and updated as regulations evolve.
You may also have the right to escalate to the Data Protection Board or relevant authority consistent with DPDP Act procedures once fully in force.
The service is not configured to respond to browser‑based Do Not Track signals, and cookie controls should be managed via device or in‑app settings.
This Policy is governed by the laws of India and any disputes are subject to applicable dispute resolution provisions stated in the Terms.
Jurisdiction and arbitration details, where applicable, will follow the Terms to ensure consistency between documents.
This Data Privacy and Retention Policy establishes how Brewszilla Technologies Private Limited ("Brewszilla") collects, processes, retains, and deletes personal data in compliance with Indian data privacy and technology laws.
It applies to all data handled through the Brewszilla app, website, partner interfaces, and business operations, including users, merchants, employees, contractors, and service providers.
Brewszilla handles data in accordance with the DPDPA and IT Act, following these core principles:
Brewszilla may collect and process:
Personal data will be retained only until the purpose for which it was collected is fulfilled or consent is withdrawn, whichever is earlier, except where retention is necessary to comply with legal or regulatory obligations.
Certain records (e.g., invoices, financial transactions, tax records) are retained as per statutory timelines under tax, corporate, and financial compliance laws.
Account and activity logs may be preserved for limited durations for fraud detection, grievance redressal, or analytics until anonymized.
Under the draft DPDP Rules, e‑commerce and social intermediaries with over two crore users may retain data up to three years from the last user interaction or withdrawal of consent, whichever is later.
Once retention periods end, personal data will be securely deleted, de‑identified, or archived in anonymized form unless continued retention is legally mandated.
Brewszilla implements reasonable security practices and procedures per the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, including:
Brewszilla may share data:
Data is never sold or disclosed for unauthorized marketing or profiling without valid consent.
Under the DPDPA, users have the right to:
Responses will be issued in clear terms within statutory timelines, consistent with DPDPA standards.
Where personal data is transferred outside India, Brewszilla ensures that the destination jurisdiction or recipient provides equivalent protection as defined under the DPDPA and any government‑designated rules.
Transfers occur via contractual clauses or adequacy decisions to safeguard individuals' rights and limit processing to legitimate business needs.
Brewszilla maintains incident response protocols including:
Data principals may request deletion through in‑app privacy settings or by writing to dataprivacy@brewszilla.in.
Requests will be processed within 30 days, subject to verification and lawful retention exceptions (such as financial or tax compliance).
| Data Category | Retention Period | Action After Expiry |
|---|---|---|
| User account & identity data | Until account deletion or 3 months of inactivity | Secure erasure or anonymization |
| Financial and tax records | 8 years (per fiscal law) | Archived for audit or purged |
| Transaction logs | 3 years from order date | Anonymized for analytics |
| Marketing & consent records | Until consent withdrawal | Deleted upon request |
| Employee/Contractor data | Term of engagement + legal limit | Archived or erased securely |
For questions or complaints about this policy or data handling, contact Brewszilla's Data Protection Officer (DPO):
Email: dataprivacy@brewszilla.in
Postal Address: Brewszilla Private Limited, Indiranagar, Bangalore, Karnataka, India
Grievances will be acknowledged within seven working days and resolved within 30 days, in accordance with DPDPA and IT compliance timelines.
This policy is reviewed annually or upon regulatory updates and may be revised to align with new rules issued under the DPDPA or other applicable Indian laws.
Continued use of Brewszilla after updates takes effect constitutes acknowledgment and acceptance of the revised policy.
This Data Privacy and Retention Policy is governed by the laws of India, including the Digital Personal Data Protection Act, 2023 and the Information Technology Act, 2000. Disputes are subject to the exclusive jurisdiction of the courts in Bangalore, India.
This Cookie Policy ("Cookie Policy") is a part of and incorporated within and is to be read along with the Privacy Policy ("Policy") and Terms of Use. The capitalized terms used in this Cookie Policy, but not defined herein, shall have the meaning given to such terms in the Privacy Policy.
Cookies are small text files that are stored on your computer or mobile device when you visit a website or open a Mobile app. They are used to remember your preferences, store information, and track your online behavior.
These are temporary cookies that are deleted when the user closes the browser or app. They are used to store information about the user's session, such as their login status or current page location.
These are longer-term cookies that are stored on the user's device for a set period of time, even after the browser or app is closed. They are often used to store preferences or to track user behavior for advertising purposes.
These are cookies that are set by a domain other than the one the user is visiting. They are often used for tracking purposes or to display targeted ads.
These are encrypted cookies that are only sent over secure, encrypted connections. They are often used to store sensitive information, such as login credentials.
These are cookies that can only be accessed by the server, not the client. They are used to store information that is not intended to be displayed to the user, such as session identifiers.
These are cookies that are stored in the user's Adobe Flash Player, rather than in the browser or app. They are often used to store preferences or tracking information.
They are used to collect and analyze data about how you use the website, including the pages you visit and the actions you take while on the site. This information is then used to help the website owner understand how users interact with their site and to improve the user experience. Analytics cookies do not collect personal information, but they do allow websites to track your movements and actions while you are on their site.
"Pixel tags" (also called beacons or pixels) are small blocks of code installed on (or called by) a webpage, app, or advertisement which can retrieve certain information about your device and browser, including for example: device type, operating system, browser type and version, website visited, time of visit, referring website, IP address, and other similar information, including the small text file (the cookie) that uniquely identifies the device. Pixels provide the means by which third parties can set and read browser cookies from a domain that they do not themselves operate and collect information about visitors to that domain, typically with the permission of the domain owner.
You can find more detailed information about cookies and how they work at https://www.aboutcookies.org.
When you visit a Brewszilla.com, Brewszilla.com sends a cookie to your device, which is stored in your browser's cookie folder. When you return to the same website, your browser sends the cookie back to our server. This allows us to remember your preferences and track your behavior on the site. By using this website you agree to Brewszilla's use of cookies as described in this Cookie Policy and also to the use of cookies on the other country, regional or practice specific websites contained in brewszilla.com that you may visit, as described in their accompanying cookie policy.
Cookies can be used for a variety of purposes, such as remembering your login information, keeping track of items in your shopping cart, and customizing the content of a website based on your preferences. Brewszilla.com will use cookies to track your online behavior for advertising purposes.
Cookies in a Brewszilla App are small pieces of data that are stored on a user's device when they access the app. These cookies can be used to track the user's activity within the app, as well as to personalize the user's experience. For example, a cookie may be used to store the user's login information so that they do not have to enter it each time they access the app. Cookies can also be used to remember the user's preferences, such as the language they prefer or the items they have added to their shopping cart. Overall, cookies help to improve the user's experience by making it easier and more convenient for them to use the app.
"Software Development Kits" (also called SDKs) function like pixels and cookies, but operate in the mobile app context where pixels and cookies cannot always function. The primary app developer can install pieces of code (the SDK) from partners in the app, and thereby allow the partner to collect certain information about user interaction with the app and information about the user device and network information.
You can control the use of cookies in your web browser's settings. You can choose to accept all cookies, block all cookies, or be prompted to decide whether to accept or block each cookie. You can also delete cookies that have already been stored on your device. If you disable the cookies that we use, this may impact your experience while on the Brewszilla Platform, for example you may not be able to visit certain areas of the Brewszilla Platform or you may not receive personalized information when you visit the Brewszilla Platform or you may also be unable to login to services or programs, such as logging into forums or accounts.
Any use of our Services on any of the Brewszilla Platforms will help us in remembering your user preferences and settings, determining the popularity of content, delivering and measuring the effectiveness of advertising campaigns, analyzing site traffic and trends, and generally understanding the online behaviors and interests of people who interact with our Services.
We may use 3rd party cookies from social media and analytics tools to track user behavior and gather data on their preferences and habits. This data can be used to personalize the user experience, such as by suggesting menu items based on previous orders, or by offering targeted promotions and discounts.
3rd party cookies are typically placed by external advertisers or marketing companies that work with the food delivery app. These cookies can be used to track users across different websites and devices, and to gather data on their online behavior. This data can then be used to create targeted advertisements and offers that are more likely to be relevant and appealing to the user.
Food delivery apps may also use 3rd party cookies to track the effectiveness of their marketing campaigns and to gather data on user engagement with the app. This data can help the app optimize its marketing efforts and improve the user experience.
Overall, 3rd party cookies can play a significant role in the functionality and performance of food delivery apps, helping them to better understand and serve their users.
For more information about what Facebook collects when you use Facebook or Instagram buttons on the Brewszilla Platform, please see: Data Policy.
For more information about what Twitter collects when you use the Brewszilla Platform, please see: https://twitter.com/en/privacy.
For more information about Google Analytics cookies, please see Google's help pages and privacy policy: