Ciboora
PricingContactDashboardWeb App
CIBOORA LEGAL

Privacy Policy

Effective date: 2 July 2026 · Last updated: 2 July 2026

This Privacy Policy explains how Umami Solutions Private Limited processes personal data through Ciboora. Ciboora is a business platform used by restaurants, their staff and authorised representatives.

1. Roles and responsibility

For account, billing, website and support data, Umami acts as the entity deciding why and how information is processed. For diner, employee, supplier and restaurant operational data entered by a subscribing organisation, that organisation generally determines the purpose of processing and Umami processes the data to provide Ciboora.

2. Information we process

  • Business and account details, including legal name, brand, outlet, address, GSTIN, owner and authorised-user information.
  • Contact and authentication data, including name, email, mobile number, password hashes, roles, sessions and security logs.
  • Restaurant data, including menu, orders, tables, KOT, inventory, purchases, expenses, reservations, staff and customer relationship records.
  • Subscription and transaction metadata, such as plan, billing status, payment identifiers, invoices and refund status. Full card or UPI credentials are processed by the payment provider and are not stored by Ciboora.
  • Technical information, including device, browser, IP address, timestamps, diagnostics, audit events and service usage.
  • Support communications, feedback and documents submitted for onboarding or troubleshooting.

3. Why we use information

We process information to provide and secure Ciboora, authenticate users, enforce role and plan controls, configure outlets, complete billing and onboarding, generate operational reports, respond to support requests, prevent fraud, maintain audit records, comply with law and improve service reliability.

4. Cookies and local storage

Ciboora may use essential cookies, browser storage and service-worker caches for authentication, preferences, security and installable web-app functionality. We do not use restaurant operational data for third-party advertising.

5. Sharing and service providers

Information may be shared with approved hosting, database, email, monitoring, support, payment and professional-service providers only as needed to operate Ciboora or comply with law. Razorpay processes payment information under its own terms and privacy practices. We do not sell personal data.

6. Cross-border processing

Some approved service providers may process information in other jurisdictions. Where applicable, we use reasonable contractual, technical and organisational measures and follow restrictions imposed by Indian law.

7. Security

We use measures such as encrypted transmission, password hashing, role-based access, audit logging, environment-secret separation, backups and access review. No system is completely secure, so users must protect credentials and promptly report suspected misuse.

8. Retention

Information is retained for as long as needed to provide the service, maintain security and audit records, resolve disputes, meet tax and legal obligations and enforce agreements. Retention periods vary by data type and account status. Data may be deleted or anonymised when no longer required.

9. Rights and requests

Subject to applicable law and the role of the subscribing restaurant, individuals may request access, correction, updating, erasure, withdrawal of consent where consent is the basis, or grievance redressal. Identity and authority may be verified before acting on a request.

10. Children

Ciboora is a business service and is not intended for use by children. Restaurant customers must not knowingly use Ciboora to collect children’s personal data without a lawful basis and any required verifiable consent.

11. Data incidents

We investigate suspected security incidents and will make notifications required by applicable law. Customers must promptly provide information reasonably needed to investigate an incident affecting their account.

12. Contact and grievance channel

Privacy requests and grievances can be sent to support@ciboora.com with the subject “Ciboora Privacy Request”.

Umami Solutions Private Limited
3rd Floor, FL-106, 46/1 Kendua Main Road, Kolkata – 700084, West Bengal, India
CIN: U62012WB2026PTC286911 · GSTIN: 19AAECU0731H1ZF
Ciboora

A product of Umami Solutions Private Limited.

ProductFeaturesPricingDownloadsDashboardDashboardWeb App
PoliciesTerms of UsePrivacy PolicyRefund PolicyCancellation PolicyDigital Service Delivery
ContactContact Ushello@ciboora.comsupport@ciboora.combilling@ciboora.com