Privacy Policy

1. Data We Collect

When you pre-book Sweet Pea, we collect the following information:

Personal Information

• Full name and email address
• Mobile number (optional)
• Country of residence
• Device version preference
• Referral information (referral code used, if applicable)
• Consent preferences (marketing, privacy)

Payment Information

• Payment method used (UPI, Card, Net Banking, Wallet, or Crypto)
• Transaction ID / Payment reference
• Cashfree order ID and payment ID
• Payment status and confirmation timestamp

Note: We do not store your credit/debit card numbers, CVV, UPI PIN, or bank login credentials. All sensitive payment data is handled directly by Cashfree Payments (PCI DSS Level 1 compliant) and never touches our servers.

Technical Data

• IP address (for fraud prevention)
• Browser user agent string
• Pages visited and interaction timestamps

2. How We Use Your Data

Your data is used to:

• Process and verify your pre-booking payment
• Manage your position on the priority waitlist
• Send payment confirmation and referral code via email
• Communicate product updates and launch notifications (if opted in)
• Provide priority purchase access at product launch
• Prevent fraud and duplicate bookings
• Generate anonymized, aggregate statistics
• Process refund requests

3. Payment Processing

Payments are securely processed by Cashfree Payments, a PCI DSS Level 1 compliant payment gateway regulated by the Reserve Bank of India (RBI).

• All payment pages are encrypted with 256-bit SSL/TLS.
• Card data is tokenized and stored by Cashfree — we never see or store your card details.
• Cryptocurrency payments are verified on-chain and do not pass through Cashfree.

Cashfree's privacy policy applies to data processed by their systems. Learn more at cashfree.com/privacy-policy.

4. Data Storage & Security

Your personal information is stored in encrypted databases hosted on secure cloud infrastructure (Neon Serverless Postgres). We use industry-standard security measures including:

• HTTPS encryption for all data in transit
• Parameterized database queries to prevent SQL injection
• Access controls and environment-separated credentials
• Rate limiting to prevent brute-force attacks
• Secure HTTP headers (HSTS, X-Frame-Options, CSP)

5. Data Sharing

We do not sell your data. We share data only with:

• Cashfree Payments — to process your payment transaction
• Resend — to deliver transactional and (if opted in) marketing emails
• Law enforcement — if required by law or court order

6. Your Rights (GDPR / CCPA)

Regardless of your location, you have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Delete your data at any time
• Withdraw consent for marketing communications
• Data portability — receive your data in a standard format
• Object to processing for specific purposes

7. Data Deletion

To request deletion of all your personal data, contact us at booking@openai-sweetpea.shop. We will process your request within 30 days.

Upon deletion, your waitlist position, referral code, and all personal data will be permanently removed. Payment transaction records may be retained as required by financial regulations.

8. Cookies

We use only essential cookies required for the site to function (e.g., cookie consent preference and session storage for payment flow). We do not use tracking cookies, advertising cookies, or third-party analytics.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted here with an updated date. Continued use of the Website constitutes acceptance of the revised policy.

10. Contact Us

For privacy inquiries or data requests, contact us at: