Cookie Policy – Kashfresh.com

1. Introduction

1.1
This Cookie Policy (“Policy”) explains how Kashfresh.com, owned and operated by Badana Communications and Business Pvt. Ltd., uses cookies and similar tracking technologies to provide, improve, secure, and personalize our platform. This Policy forms an integral part of our Privacy Policy and Terms & Conditions, and it applies to all users who access or interact with our website, mobile application, vendor dashboards, APIs, or marketplace services.

1.2
Kashfresh is a hybrid multi-vendor e-commerce marketplace where both in-house products and third-party vendor products are sold. Due to the nature of our operations, multiple layers of digital tracking technologies are used for:

User authentication and smooth navigation
Product recommendations
Vendor analytics and marketplace optimization
Advertising and marketing
Platform security
Compliance and fraud detection

1.3
By accessing or using Kashfresh, you consent to the use of cookies and other tracking technologies as described in this Policy. If you do not agree with these terms, you must modify your cookie preferences or discontinue using the platform.

1.4
This Policy complies with international laws and standards, including:

Information Technology Act, 2000 (India)
Indian DPDP principles
Consumer Protection (E-Commerce) Rules, 2020
GDPR (European Union)
ePrivacy Directive (“Cookie Law”)
CCPA/CPRA (California)
PIPEDA (Canada)
Global digital marketing compliance standards

2. Definitions

2.1 “Cookies”
Small text files stored on your browser or device when you visit Kashfresh, enabling features such as login, cart operations, analytics, and advertising.

2.2 “Tracking Technologies”
Tools such as cookies, web beacons, pixel tags, tracking scripts, local storage, SDKs (for apps), device fingerprinting, session identifiers, and server logs.

2.3 “First-Party Cookies”
Cookies set directly by Kashfresh, used for platform functionality, personalization, and internal analytics.

2.4 “Third-Party Cookies”
Cookies placed by external partners such as analytics tools, advertising networks, logistics integrations, or vendor tools.

2.5 “Session Cookies”
Temporary cookies deleted when the browser or app session ends.

2.6 “Persistent Cookies”
Cookies stored until they expire or are manually removed by the user.

2.7 “Consent Banner”
The interface presented to users, especially in GDPR regions, enabling cookie preference selection.

2.8 “Essential Cookies”
Technically required cookies that enable fundamental platform functions (e.g., login, cart, payment).

2.9 “Non-Essential Cookies”
Cookies used for analytics, advertising, personalization, and tracking—disabled unless consent is given (in GDPR regions).

2.10 “Device Identifiers”
Unique IDs such as IMEI, IDFA, GAID, IP addresses, and browser fingerprints used for security and tracking.

3. Purpose of This Cookie Policy

3.1
This Policy outlines:

Types of cookies used on Kashfresh
How cookies and tracking technologies function
Why we use them
Third parties involved in cookie placement
Storage durations and expiration periods
User rights and consent controls
Opt-out mechanisms
Legal basis for cookie use

3.2
This Policy applies to all devices used to access Kashfresh, including:

Desktops
Laptops
Mobile phones
Tablets
Smart devices that can run the Kashfresh app

3.3
Vendors using our seller dashboard are also subject to this Policy, as cookies are used for authentication, session management, listing accuracy, and analytics.

4. Scope of Cookie Usage on Kashfresh

4.1
Cookies are used in all areas of our marketplace ecosystem, including:

Homepage navigation
Product listing pages
Vendor stores
Search engine and filters
Checkout and payment pages
User account dashboards
Wishlist and favorites
App screens and notifications
Vendor management dashboards

4.2
Cookies enable Kashfresh to:

Identify users and maintain logged-in sessions
Store cart items during browsing
Prevent fraud and unauthorized access
Generate personalized search results
Improve platform performance and speed
Measure marketing campaign effectiveness
Provide vendor performance insights
Enhance buyer-seller interactions

4.3
Disabling certain cookies may degrade or completely disable portions of the platform.

5. Legal Basis for Cookie Usage

In compliance with GDPR, DPDP principles, and global cookie regulations, Kashfresh relies on multiple legal bases:

5.1 Consent (GDPR-Compliant Regions)

5.1.1
Non-essential cookies (analytics, advertising, personalization) require explicit consent through a cookie banner.

5.1.2
Users in EU/EEA, UK, and similar jurisdictions must consent before such cookies are activated.

5.1.3
Consent may be withdrawn at any time through:

Cookie settings panel
Browser settings
Device settings

5.2 Contractual Necessity

5.2.1
Essential cookies required for:

Login
Cart operations
Order processing
Security authentication

are enabled without requiring explicit consent, as they are necessary to provide requested services.

5.3 Legitimate Interests

5.3.1
Kashfresh uses certain cookies under legitimate interest, such as:

Platform diagnostics
Security monitoring
Fraud prevention

This processing does not override user privacy rights.

5.4 Legal Obligations

We may use cookies to:

Detect fraudulent activities
Maintain audit logs
Maintain required records for compliance

Such cookies support legal compliance obligations.

6. Categories of Cookies Used on Kashfresh

Kashfresh employs several classes of cookies, each performing distinct roles.

6.1 Essential Cookies (Strictly Necessary)

6.1.1
These cookies enable:

Logging in and account authentication
Cart management and saving items
Secure checkout
Session management
Fraud detection
Payment gateway integration
Vendor authentication for dashboard access

6.1.2
Examples of essential cookies include:

Session ID cookies
CSRF protection cookies
Security tokens
Payment gateway temporary cookies
Authentication status cookies

6.1.3
Essential cookies cannot be disabled, as they are required for core platform functions.

6.2 Performance and Analytics Cookies

6.2.1
These cookies help us understand user behavior and optimize the platform. They track:

Page load speed
App responsiveness
User flow
Bounce rates
Click patterns
Navigation structures

6.2.2
Analytics tools may include:

Google Analytics
Internal data tools
Heatmap tools
Crash reporting and debugging scripts
Uptime and monitoring tools

6.2.3
We anonymize analytics data where possible.

6.3 Functional Cookies

These cookies store user preferences and enhance usability.

6.3.1 Examples include:

Language and region selection
Saved addresses
Wishlist persistence
Recently viewed products
Vendor dashboard preferences

6.3.2
Blocking these cookies may impair personalized features.

6. Categories of Cookies Used on Kashfresh (Continued)

6.4 Advertising Cookies

6.4.1
Advertising cookies enable Kashfresh and third-party partners to:

Display relevant ads based on user interests
Conduct remarketing campaigns
Track ad performance metrics
Limit repetition of ads
Measure conversion rates
Build audience segments for targeted promotions

6.4.2
Advertising partners may include:

Google Ads
Meta (Facebook & Instagram)
Affiliate marketing networks
E-commerce marketing tools
In-app advertising platforms

6.4.3
These cookies collect data such as:

User device identifiers
IP address
Browsing and search history
Behavioral patterns
Engagement with ads

6.4.4
Users in certain jurisdictions must explicitly opt-in before advertising cookies are activated.

6.5 Personalization Cookies

6.5.1
These cookies tailor the Kashfresh shopping experience by analyzing:

Purchase preferences
Viewed categories
Wishlist items
Browsing frequency
Cart abandonment behavior

6.5.2
Personalization cookies enable:

Customized product recommendations
Dynamic homepage content
Personalized vendor suggestions
Tailored category highlights
Optimized search results

6.5.3
These cookies greatly improve user satisfaction but are optional in GDPR-regulated regions.

7. Third-Party Cookies Overview

7.1
Third-party cookies are placed by service providers assisting Kashfresh with analytics, advertising, logistics coordination, payment verification, and fraud prevention.

7.1 Analytics Providers

Third-party analytics tools help in:

Monitoring user interactions
Optimizing website and app performance
Improving vendor analytics dashboards
Identifying content or UX bottlenecks

Common providers include:

Google Analytics
Firebase Analytics
App performance SDKs
Heatmapping tools such as Hotjar (if used)

7.2 Advertising and Marketing Partners

These partners use cookies to:

Display ads across platforms
Build advertising audiences
Track conversions
Monitor marketing ROI

Examples may include:

Google Marketing Platform
Meta Pixel
Affiliate tracking cookies

7.3 Social Media Integrations

When users interact with Kashfresh through social media, such as:

Sharing products
Logging in via social platforms
Viewing embedded content

third-party platforms such as Facebook, Instagram, Twitter, and Pinterest may place cookies.

7.4 Payment Gateways

Payment providers may place cookies to:

Prevent fraud
Validate transactions
Maintain secure checkout flows
Save limited session identifiers

These cookies do not store sensitive financial credentials.

7.5 Logistics and Delivery Partners

Some logistics systems may use cookies to:

Sync delivery status
Validate address formats
Detect duplicate or invalid entries
Validate courier integrations

8. Cookies and Tracking Technologies in Mobile Applications

8.1
Kashfresh mobile apps (Android or iOS) use tracking mechanisms such as:

SDK-based analytics
Device identifiers
Local storage
Push notification tokens
In-app event tracking
Crash analytics

8.1 Device Identifiers Used in Apps

Device identifiers may include:

Google Advertising ID (GAID)
Apple Identifier for Advertisers (IDFA)
IP address
Device model and OS version

These identifiers support:

App personalization
Fraud prevention
Performance optimization
Marketing attribution

8.2 Local Storage in Mobile Apps

Local storage may retain:

Login tokens
Cart data
User preferences
Notification settings
Cached images for faster browsing

8.3 Mobile Analytics SDKs

SDKs help improve app performance by tracking:

App crashes
Slow loading screens
Session duration
Click interactions
Screen paths

Examples may include:

Firebase Crashlytics
Adjust / Appsflyer
Mixpanel

These SDKs operate under strict data protection requirements.

9. Marketplace-Specific Cookie Behaviors (Vendor Layer)

Kashfresh is not a simple retail shop; it is a multi-vendor hybrid marketplace. This architecture introduces specialized cookie and tracking behaviors.

9.1 Vendor Authentication Cookies

9.1.1
Vendor dashboard access requires cookies that:

Validate session tokens
Maintain secure login
Track listing-related changes
Protect vendor account integrity

These cookies are essential and cannot be disabled for vendors.

9.2 Vendor Analytics Cookies

Kashfresh provides vendors with insights such as:

Most viewed products
Engagement rates
Conversion statistics
Visitor behavior on vendor pages

Cookies support these features but present aggregated, anonymized data—vendors never receive direct personal data about buyers.

9.3 Vendor Behavior Monitoring Cookies

These cookies help Kashfresh:

Detect unauthorized vendor activity
Monitor listing compliance
Prevent attempts to extract buyer data
Identify fraudulent seller patterns

This protects marketplace integrity.

9.4 Cookies for Product Listing Management

Vendor-side tools use cookies to:

Auto-save product drafts
Manage inventory data
Track image uploads
Speed up repeated listing tasks

9.5 Restrictions on Vendor Use of Cookies

Vendors may not:

Place unauthorized third-party tracking pixels on Kashfresh
Manipulate cookies to collect user information
Use external analytics scripts without approval

Violations may lead to account termination.

10. Duration and Expiration of Cookies

10.1
Cookies vary in lifespan depending on their purpose.

10.1 Session Cookies

Expire automatically when:

The browser is closed
The session times out
User logs out

Used mainly for:

Cart management
Login sessions
Checkout process

10.2 Persistent Cookies

May last:

24 hours
30 days
6 months
1 year or longer (depending on user preference settings)

Used for:

Saved logins
Language settings
Wishlist continuity
Behavioral personalization

10.3 Third-Party Cookie Expiration

Third-party services determine their own expiration durations, which may vary based on:

Marketing campaign cycles
Analytics configurations
SDK settings
Advertising identifiers

Kashfresh ensures all partners follow legally required expiration limits.

11. How Cookies Are Used for Security and Fraud Prevention

11.1
Security is a core priority for Kashfresh. Cookies play a critical role in preventing unauthorized access, fraudulent activities, and abuse within the marketplace ecosystem—both on buyer and vendor sides.

11.1 Authentication Security

11.1.1
Authentication cookies help verify user identity during:

Login sessions
Checkout operations
Vendor dashboard access

11.1.2
These cookies ensure:

Users remain securely logged in
Unauthorized devices cannot hijack sessions
Session tokens remain valid and tamper-proof

11.2 Fraud Detection and Prevention

11.2.1
Fraud prevention cookies help detect suspicious behaviors such as:

Repeated failed login attempts
Multiple account creation from a single device
Unusual payment attempts
Abnormal browsing patterns
Automated bot activity

11.2.2
These cookies support security measures including:

CAPTCHA triggering
Transaction verification flags
Temporary access restrictions
Risk scoring systems

11.3 Payment Security

11.3.1
Cookies used by payment gateways ensure:

Tokenization of card data
Prevention of repeated or duplicate transactions
Validation of secure checkout flow
Authentication using 3D Secure and other protocols

11.3.2
Payment cookies never store:

Card numbers
CVV codes
Net banking passwords
UPI PINs

11.4 Vendor Compliance Monitoring

11.4.1
For vendors, cookies detect:

Suspicious product upload patterns
Attempts to extract buyer data
Unauthorized script injections
Misuse of seller dashboards

11.4.2
Vendor security cookies help maintain marketplace integrity and prevent fraud from the seller side.

11.5 Device & Browser Fingerprinting

11.5.1
Certain security cookies generate temporary device fingerprints using:

IP address
Browser type
Time zone
Screen resolution
OS version

11.5.2
These fingerprints help:

Detect hacked or stolen accounts
Block suspicious login attempts
Reduce spam and platform abuse

11.5.3
Fingerprinting data is anonymized and not used for marketing.

12. How Cookies Support Customer Experience Enhancement

12.1
Cookies significantly enhance user experience by enabling smoother interactions across the platform. Without many of these cookies, users would encounter slower browsing, repeated login prompts, and reduced personalization.

12.1 Personalized Shopping Experience

12.1.1
Cookies help tailor content such as:

Product recommendations
Personalized deals
Vendor suggestions
Recently viewed products
Trending items in the user’s region

12.1.2
These features rely heavily on behavior and preference cookies.

12.2 Faster Browsing and Improved Performance

12.2.1
Performance cookies support:

Faster page load times
Smooth navigation
Cached resources (images, text, scripts)
Reduced server load

12.2.2
These cookies optimize platform efficiency for users on all devices.

12.3 Seamless Cart and Checkout Experience

12.3.1
Cookies allow:

Cart contents to persist between sessions
Saving items for later
Pre-filling of preferred addresses
One-click reorder options

12.3.2
Without these cookies, even minor navigation actions could reset cart items.

12.4 Multi-Device Synchronization

12.4.1
Cookies enable:

Syncing carts across devices
Maintaining logged-in sessions
Unified user preferences (theme, language, currency)
Continuity between website and mobile app

12.5 Website Customization

12.5.1
Functional cookies help display:

Local currency
Region-specific content
Time-based offers
Vendor stores near the user’s location

13. Data Collected Through Cookies

Kashfresh collects various types of non-intrusive data through cookies. This data supports analytics, security, personalization, and performance improvements.

13.1 Technical and Device Data

13.1.1
Includes:

Browser type and version
Operating system
Device type
IP address
Screen orientation and resolution
Time zone settings

13.1.2
Used for:

Site optimization
Error reporting
Layout responsiveness

13.2 Behavioral Data

13.2.1
Includes:

Pages visited
Time spent on pages
Click events
Scroll behavior
Search queries
Interaction patterns

13.2.2
Used for:

Personalized recommendations
UX improvements
Vendor metrics and marketplace analytics

13.3 Transactional Interaction Data

13.3.1
Includes:

Cart additions and removals
Checkout attempts
Payment process flow
Wishlist updates

13.3.2
Used for:

Improving checkout efficiency
Reducing cart abandonment
Enhancing search-to-purchase flow

13.4 Advertising and Attribution Data

13.4.1
Includes:

Referral links
Ad impressions
Click-through rates
Campaign identifiers
Conversion tracking codes

13.4.2
Used for:

Measuring marketing ROI
Optimizing campaigns
Retargeting interested users

13.5 Vendor Performance and Compliance Data

13.5.1
Cookies collect aggregated data on:

Product views
Conversion rates
Bounce rates per listing
Customer engagement patterns

13.5.2
Vendors do not see identifiable personal data; only metrics.

14. User Consent, Withdrawal & Cookie Preference Management

Kashfresh respects user rights related to cookie consent and provides multiple mechanisms for adjusting preferences.

14.1 Initial Consent (GDPR Regions)

14.1.1
Users are shown a cookie consent banner when:

Visiting Kashfresh for the first time
Clearing browser cookies
Accessing from a new device

14.1.2
Users may accept:

All cookies
Only essential cookies
Selected categories

14.2 Withdrawal of Consent

Users may withdraw consent by:

Revisiting cookie settings
Changing browser preferences
Using “Do Not Track” features
Clearing stored cookies

14.3 Browser-Level Cookie Controls

Users may:

Block all cookies
Block third-party cookies
Clear existing cookies
Enable privacy or incognito browsing

14.4 App-Level Tracking Preferences

In mobile apps, users may disable:

Personalized advertising
Push notification tracking
App-level analytics (where supported)

15. How Users Can Manage Cookies

Kashfresh provides multiple tools and options for users to manage how cookies are stored and used on their devices.

15.1 Browser Settings

15.1.1
Users may modify cookie preferences through common browsers such as:

Google Chrome
Mozilla Firefox
Microsoft Edge
Safari
Opera
Samsung Internet

15.1.2
Common options include:

Blocking all cookies
Blocking only third-party cookies
Allowing cookies only from visited sites
Automatically deleting cookies on exit
Enabling “Do Not Track”
Clearing stored cookies

15.1.3
Kashfresh does not control browser-level settings and cannot override user preferences.

15.2 Device Settings (Mobile Applications)

15.2.1
Users may control app-level tracking through:

Android app permissions
iOS App Tracking Transparency (ATT)
Push notification preferences
Ad personalization settings (GAID/IDFA controls)

15.2.2
Users can disable or restrict:

Access to location
Tracking for advertising
Background data usage
App cookies stored in local storage

15.3 In-Platform Cookie Preference Panel

15.3.1
Kashfresh offers an internal preference panel (for web users) enabling:

Acceptance or decline of non-essential cookies
Adjustment of analytics cookies
Management of advertising cookies
Review of cookie categories

15.3.2
Users may update preferences at any time.

15.4 Third-Party Opt-Out Tools

Kashfresh supports industry-standard opt-out mechanisms such as:

Google Ads Settings
Facebook/Meta Ads Preferences
Network Advertising Initiative (NAI) opt-out
Digital Advertising Alliance (DAA) tools

These tools offer broader ad-tracking control across the web.

15.5 Limitations of Opt-Out Mechanisms

15.5.1
Opting out may disable:

Personalized product recommendations
Certain marketplace insights
Tailored vendor suggestions
Saved shopping preferences

15.5.2
Essential cookies cannot be disabled without compromising platform functionality.

16. Third-Party Tracking Technologies (Pixels, Beacons, Scripts)

While cookies are the primary tracking method, Kashfresh also uses non-cookie technologies for operational and marketing purposes.

16.1 Tracking Pixels

16.1.1
Pixels are tiny transparent images or code snippets used to:

Measure email engagement
Track advertising conversions
Monitor user interactions
Analyze marketing channels

16.1.2
Examples include:

Meta (Facebook) Pixel
Google Conversion Pixel

16.2 Web Beacons

16.2.1
Web beacons collect information such as:

IP address
Device type
Timestamp
Open rates for email newsletters

16.2.2
These do not store data on the device but work in conjunction with cookies.

16.3 JavaScript Tracking Scripts

16.3.1
Scripts enable:

Dynamic content loading
User activity recording
Heatmap generation
Error logging
A/B testing

16.3.2
These scripts help improve UX and platform performance.

16.4 SDK Tracking in Mobile Apps

16.4.1
Software Development Kits (SDKs) inside mobile apps collect:

App crash reports
Push notification metrics
App performance data
Attribution for marketing campaigns

16.4.2
SDK permissions vary based on OS-level controls.

16.5 Server-Side Tracking

16.5.1
Kashfresh also logs:

Server request headers
IP addresses
Timestamped interactions
Security audit trails

16.5.2
This tracking cannot be disabled, as it is necessary for platform integrity and safety.

17. Use of Cookies for Marketplace Optimization

Because Kashfresh is a hybrid multi-vendor marketplace, cookies support advanced optimization across buyer, seller, and admin ecosystem layers.

17.1 Search Algorithm Optimization

Cookies help Kashfresh:

Understand search trends
Improve autocomplete suggestions
Rank products based on user relevance
Personalize search results

These optimizations enhance marketplace competitiveness and user satisfaction.

17.2 Product Recommendation Engine

17.2.1
Cookies provide data for recommendation algorithms identifying:

Preferred categories
High-engagement vendors
Products viewed but not purchased
Complementary product suggestions

17.2.2
This leads to:

Higher user satisfaction
Reduced search effort
More efficient discovery of relevant products

17.3 Vendor Ranking and Visibility Optimization

Cookies track:

Listing performance
User engagement
Conversion patterns
Product bounce rates

These insights help Kashfresh:

Adjust listing visibility
Improve quality control
Reward high-performing vendors

17.4 Quality Assurance and Listing Accuracy

Marketplace-wide cookie analytics help detect:

Misleading product listings
Poor-performing SKUs
Items with high abandonment rates
Vendors requiring compliance review

17.5 Checkout Flow Optimization

Cookies help identify:

Points where users abandon checkout
Payment method preferences
UI friction points

These insights guide UX improvements.

18. Cookies Used in Vendor Dashboards (Advanced Operational Layer)

Vendor dashboards rely heavily on cookies for authentication, analytics, and workflow continuity.

18.1 Authentication and Session Cookies

18.1.1
Vendors rely on session cookies for:

Login persistence
Two-factor authentication
Inventory management access
Secure product upload sessions

18.1.2
Disabling these cookies makes the vendor dashboard unusable.

18.2 Listing and Inventory Management Cookies

18.2.1
Cookies auto-save:

Product drafts
Pricing updates
Listing modifications

18.2.2
They reduce data loss during:

Network disruptions
Session timeouts
Browser crashes

18.3 Vendor Analytics Cookies

18.3.1
Used for:

Monitoring listing performance
Understanding customer engagement
Tracking sales trends
Displaying actionable insights

18.3.2
Only aggregated and anonymized buyer data is shown.

18.4 Compliance and Monitoring Cookies

Used to detect:

Unauthorized script activity
Suspicious product uploads
Attempts to extract restricted user data
Violations of platform rules

These cookies maintain marketplace safety.

19. User Rights Under GDPR, CCPA, DPDP & Global Laws (Cookie-Specific Rights)

19.1
Kashfresh respects cookie-related rights granted by international privacy laws.

19.1 GDPR Rights (EU/EEA Users)

Users may:

Accept/Reject cookies
Request details of cookies used
Withdraw consent at any time
Object to profiling
Request data erasure linked to cookies

19.2 CCPA/CPRA Rights (California Users)

Californian users may:

Opt out of “sharing” for advertising purposes
Request disclosure of cookie-related data
Request deletion of such data

19.3 DPDP Principles (Indian Users)

Indian users have rights to:

Access cookie-related data
Correct inaccuracies
Withdraw consent
Prevent processing beyond stated purpose

19.4 PIPEDA Rights (Canada)

Users may:

Request clarity on cookie purposes
Question necessity
Obtain copies of cookie-linked data

20. Data Storage, Retention & Cookie Expiration Policies

20.1
Kashfresh adheres to strict data retention standards for cookie-generated data. Retention durations vary by purpose, legal requirement, and type of cookie. Cookies themselves may be stored on the user’s device until they expire or are manually deleted.

20.1 Session Cookies

20.1.1
Session cookies are stored temporarily and deleted when:

The browser is closed
The user logs out
A session timeout occurs
App activity resets (for mobile apps)

20.1.2
Session cookies track:

Cart contents
Login states
Temporary user preferences

Session cookies do not store personal data beyond what is required for temporary functionality.

20.2 Persistent Cookies

20.2.1
These cookies remain stored for days, months, or years depending on their purpose. For example:

Functional cookies may last 6–12 months
Analytics cookies may last 1–2 years
Advertising cookies may last from 30 days to 1 year

20.2.2
Persistent cookies improve:

Personalized recommendations
Faster login
Platform convenience

Users can manually delete persistent cookies at any time.

20.3 Third-Party Cookie Retention Durations

20.3.1
Retention periods vary based on third-party policies. For example:

Google Ads cookies may last 30 to 540 days
Facebook cookies may last based on activity and account settings
Analytics cookies may last between 90 days and 2 years

20.3.2
Kashfresh ensures all third-party partners comply with regional legal limits on retention.

20.4 Server-Side Retention of Cookie Data

20.4.1
Data derived from cookies may be stored in Kashfresh servers for:

Fraud detection
Compliance auditing
Marketplace optimization
Vendor performance metrics

20.4.2
Server logs may remain available for:

6 months (minimum, IT Act compliance)
Up to 2 years (security monitoring)
Longer periods when legally mandated

20.4.3
Server-side derived data is used in aggregated or anonymized formats whenever possible.

20.5 Automatic Expiry and Renewal Cycle

Some cookies renew automatically when:

Users revisit the platform
Preferences are updated
New sessions begin

Kashfresh maintains transparency by listing expiration periods in cookie preference panels (for applicable jurisdictions).

21. Third-Party Data Sharing & Limitations

21.1
While Kashfresh uses third-party services, cookie-generated personal data is never sold or misused. All third-party sharing is strictly limited to operational and compliance needs.

21.1 Analytics Providers

Analytics partners may access:

User behavior metrics
Device-level data
Session information

They do not receive:

Contact information
Payment details
Direct identifiers (unless explicitly consented)

21.2 Advertising Networks

Ad partners receive cookie identifiers that allow:

Ad targeting
Remarketing
Conversion analysis

However, they do not receive identifiable personal information unless consented.

21.3 Logistics Partners

Logistics integrations may use cookies to:

Validate shipping data
Identify repeat delivery issues
Track order fulfillment status

Cookies do not store personal delivery details beyond usage scope.

21.4 Payment Gateways

Payment providers may use session cookies to:

Authenticate transactions
Prevent fraud
Validate payment flows

They do not store raw card data on Kashfresh cookies or servers.

21.5 Marketplace Vendors

Vendors do not receive any cookie data generated by buyers.

Vendors only receive operational data:

Customer name
Delivery address
Phone number
Order details

Cookies remain within the Kashfresh ecosystem and cannot be accessed by vendors.

21.6 Prohibited Third-Party Use

21.6.1
Kashfresh prohibits any third-party partner from:

Selling user cookie data
Creating external user profiles
Using cookie data beyond the contracted purpose
Sharing cookie data with unauthorized parties

21.6.2
Violations result in:

Contract termination
Legal action
Reporting to authorities

22. Cross-Border Cookie Data Transfers

22.1
Because Kashfresh operates globally, cookie-derived information may be transferred across borders for analytics, advertising, performance optimization, or cloud hosting.

22.1 Compliance with GDPR Transfer Rules

Cookie data may be transferred to:

United States
Europe
Middle Eastern regions
Asia-Pacific servers

Where required, transfers follow:

Standard Contractual Clauses (SCCs)
Binding corporate rules
Adequacy agreements

22.2 Compliance with Indian DPDP Principles

22.2.1
Data exported from India follows:

Purpose limitation
Storage limitation
Consent-based sharing for non-essential activities

22.2.2
Certain cookie data (e.g., analytics logs) may be stored externally under strict contractual obligations ensuring security.

22.3 Compliance with CCPA/CPRA

22.3.1
Cross-border transfers of cookie data are classified as “sharing,” not “selling,” unless explicitly consented.

22.3.2
California residents have:

Right to opt out of cross-border ad tracking
Right to know how data is transferred
Right to request deletion of tracking history

22.4 Transfer to Cloud Providers

Kashfresh uses secure cloud providers that may store cookie-derived data in geographically distributed data centers.

22.4.1
All cloud providers:

Meet global security standards
Use encryption at rest and in transit
Maintain access controls

22.5 User Consent for International Transfers

Users in GDPR and similar jurisdictions must consent to:

Analytics cookies
Advertising cookies
Personalization cookies

before any international transfer occurs.

23. Liability & Limitations Regarding Cookies

23.1
Kashfresh takes all reasonable steps to protect cookie-generated data. However, certain limitations apply.

23.1 User Responsibility

Users must:

Avoid sharing devices without logging out
Use secure networks
Keep browsers updated
Manage cookie preferences appropriately

Kashfresh is not liable for losses arising from user negligence.

23.2 Third-Party Cookies

23.2.1
Kashfresh does not control third-party cookie behavior beyond contractual obligations.

23.2.2
Users must consult third-party cookie policies for complete details.

23.3 Platform Availability Issues

Cookies contribute to platform functionality. If users disable essential cookies:

Checkout may not work
Login may fail
Personalized content may disappear

Kashfresh is not responsible for reduced usability due to disabled cookies.

23.4 Legal and Regulatory Exceptions

Kashfresh may be compelled to disclose cookie-related data under:

Court orders
Law enforcement requests
Regulatory compliance audits

Only minimal data necessary will be shared.

24. Data Protection Measures for Cookie Data

24.1
Kashfresh maintains strong administrative, technical, and physical safeguards to protect data collected through cookies. These measures are designed to prevent unauthorized access, misuse, alteration, and accidental loss of cookie-generated data.

24.1 Encryption and Secure Transmission

24.1.1
Cookie data transmitted between your device and Kashfresh servers is protected using:

TLS/SSL encryption
Encrypted tokens
HTTPS-only secure communication

24.1.2
Third-party services integrated into the platform must meet equivalent encryption standards.

24.2 Access Control Mechanisms

24.2.1
Only authorized employees or contractors with legitimate operational roles can access cookie-derived data.

24.2.2
Access requires:

Authentication
Role-based permissions
Logging and monitoring
Periodic access audits

24.3 Prevention of Unauthorized Tracking

24.3.1
Kashfresh does not allow:

Hidden trackers
Unauthorized vendor pixels
Covert data scraping
Unapproved analytics scripts

24.3.2
Automated systems constantly scan for:

External scripts added by vendors
Suspicious JavaScript injections
Attempts to bypass tracking controls

24.4 Fraud Prevention and Anomaly Detection

24.4.1
Security cookies alert Kashfresh to:

Bot activity
Repeated failed logins
Suspicious vendor behaviors
Abnormal browsing patterns

24.4.2
Fraud-related cookie data is retained only as long as necessary for:

Investigation
Legal reporting
Marketplace protection

24.5 Secure Storage Practices

24.5.1
Cookie-derived data stored on Kashfresh servers is protected through:

Encryption at rest
Strict firewall configurations
Regular vulnerability assessments
Industry-standard hashing algorithms

24.5.2
Kashfresh performs routine security audits compliant with:

ISO27001 (where applicable)
CERT-In guidelines
GDPR security standards

24.6 Data Minimization Principles

24.6.1
Kashfresh collects only the cookie data needed to:

Provide essential functionality
Improve user experience
Conduct analytics
Enable advertising (with consent)

24.6.2
We avoid collecting:

Sensitive personal data
Financial information
Government IDs
Health-related data

25. Children’s Cookie Usage Policy

25.1
Kashfresh does not knowingly collect cookie-related data from children under 18 years of age.

25.1 Parental Consent Requirement

25.1.1
If a minor accesses the platform:

Use must be supervised by a parent or guardian
Consent for cookie usage is assumed to be provided by the guardian

25.2 Removal of Unauthorized Cookie Data

25.2.1
If Kashfresh becomes aware that a minor’s cookie-generated data was collected without appropriate permissions, we will:

Delete such data
Restrict the account
Notify guardians where appropriate

25.3 No Personalized Advertising to Minors

25.3.1
Kashfresh does not intentionally use cookies for:

Behavioral profiling
Targeted advertising
Interest-based marketing

when the user is identified as a minor.

26. Vendor-Specific Cookie Restrictions

Vendors operating on Kashfresh must comply with strict cookie-related rules to protect buyer privacy.

26.1 Vendors Cannot Place Their Own Tracking Cookies

26.1.1
Vendor product pages are fully controlled by Kashfresh. Vendors may not:

Insert custom JavaScript
Add tracking pixels
Integrate external analytics tools
Embed advertising tags
Attempt to collect behavioral data

26.1.2
Any attempt to circumvent these rules results in:

Immediate suspension
Product delisting
Permanent ban
Legal action in severe cases

26.2 Vendor Dashboard Cookie Controls

26.2.1
Vendor dashboards use essential cookies for:

Authentication
Session continuity
Inventory updates
Product listing management

26.2.2
Vendors cannot disable these cookies as they are required for secure platform operations.

26.3 Vendor Behavior Monitoring Cookies

26.3.1
Kashfresh uses cookies to:

Detect attempts to harvest buyer data
Identify repeated listing violations
Prevent counterfeit or illegal product uploads
Monitor suspicious inventory updates

26.3.2
These cookies help ensure marketplace safety and compliance.

26.4 Vendor Data Privacy Compliance

26.4.1
Vendors must comply with:

Indian IT Act
DPDP principles
Marketplace privacy requirements
GDPR (if applicable)

26.4.2
Violation may trigger:

Legal penalties
Marketplace removal
Reporting to authorities

27. Updates to Cookie Policy

27.1
Kashfresh reserves the right to modify, update, or replace any portion of this Cookie Policy at any time, in compliance with legal and operational requirements.

27.1 Reasons for Updates

Changes may occur due to:

New cookie technologies
Vendor system updates
Legal or regulatory changes
Introduction of new analytics tools
Advertising partner updates
Platform enhancements

27.2 Notification of Policy Changes

Users may be notified via:

Banner announcements
Email notifications (for major updates)
Pop-up cookie notices
Updated “Last Modified” date

27.3 Acceptance of Policy Changes

27.3.1
Continued use of Kashfresh after Policy updates constitutes acceptance of the revised Cookie Policy.

27.3.2
Users who disagree with updates must:

Adjust cookie preferences
Stop using non-essential portions of the platform
Request deletion of cookie-linked data (subject to legal limits)

28. Contact Information & Grievance Redressal

Kashfresh provides multiple channels for cookie-related inquiries, concerns, or complaints.

28.1 Grievance Officer (India – IT Act Compliance)

Name: Akhtar Badana
Email: complaints@kashfresh.com
Phone: +91-9419061646
Correspondence and PR Office Address:
1st Floor, Bhat Complex, Near Astan, Airport Road,
Humhama, Srinagar, J&K, India – 190021

28.2 Global Privacy & Cookie Queries

Users outside India may contact:

📧 privacy@kashfresh.com

28.3 Response Timeline

Kashfresh aims to:

Acknowledge inquiries within 72 business hours
Resolve cookie-related issues within 30 days
Escalate unresolved matters to regulatory authorities when required

29. Cross-Border Regulations & Legal Frameworks Affecting Cookie Usage

29.1
Because Kashfresh serves global users, cookie usage is subject to multiple regulatory frameworks that differ by region. Kashfresh ensures compliance with the strictest applicable standards and maintains transparent data-handling practices.

29.1 Indian Data Protection & IT Act Compliance

29.1.1
Under the Information Technology Act, 2000, and DPDP principles, Kashfresh:

Collects only necessary cookie data
Uses cookies for lawful purposes
Ensures transparency through this Policy
Protects cookie-generated data using strong safeguards

29.1.2
Indian users may withdraw consent for non-essential cookies at any time.

29.2 GDPR & ePrivacy Directive Compliance

29.2.1
Users in EU/EEA must provide explicit consent before:

Analytics cookies
Personalization cookies
Advertising cookies

are activated.

29.2.2
GDPR requires:

Freely given consent
Clear and affirmative actions
Ability to withdraw consent easily
Transparency regarding cookie usage

29.2.3
The ePrivacy Directive mandates:

Prior consent (except for essential cookies)
Informing users of cookie purposes and partners
Maintaining an accessible cookie settings panel

Kashfresh fully adheres to these requirements.

29.3 UK GDPR & PECR Compliance

29.3.1
Under post-Brexit UK GDPR and PECR (Privacy and Electronic Communications Regulations):

Users must approve non-essential cookies
Full disclosure is required for third-party tracking
Cookie lifespans must be reasonable

29.4 CCPA & CPRA Compliance

29.4.1
California residents have rights regarding cookie usage, including:

Opt-out of “sharing” cookie data for cross-context advertising
Right to know what categories of cookies are used
Right to deletion of cookie-derived data

29.4.2
CCPA defines cookie-based advertising as:

“Sharing” for advertising
Not necessarily “selling”

unless direct personal identifiers are exchanged.

29.5 PIPEDA (Canada)

29.5.1
Canadian users have rights to:

Know why cookie data is collected
Withdraw consent
Request correction of inaccurate cookie-derived data

29.5.2
Kashfresh meets PIPEDA’s requirements of:

Purpose specification
Limiting data use
Protecting cookie-derived information

29.6 Middle East, GCC & APAC Region Regulations

29.6.1
Many regions (e.g., UAE, Saudi Arabia, Singapore) mandate:

Clear consent mechanisms
Data minimization
Strong security protections
No unauthorized transfers

29.6.2
Kashfresh aligns cookie practices with these principles.

30. Detailed User Rights Under Global Cookie Laws

Users across the world hold specific rights regarding the handling of their cookie-related data.

30.1 Right to Be Informed

30.1.1
Users may request complete information about:

What cookies are used
Cookie purpose
Data shared with third parties
Cookie retention timelines

This Cookie Policy fulfills that obligation.

30.2 Right to Consent or Refuse

Users may:

Accept all cookies
Reject non-essential cookies
Customize cookie categories
Withdraw consent at any time

Consent is never bundled or forced.

30.3 Right to Withdraw Consent

30.3.1
Users may withdraw consent via:

Cookie settings panel
Browser controls
Mobile OS privacy settings

30.3.2
Withdrawal does not affect the lawfulness of earlier processing.

30.4 Right to Access Cookie Data

Users may request:

A copy of cookie-related data
A description of tracking technologies used
A list of third parties who receive cookie data

30.5 Right to Rectification

Users may update cookie-linked personal data by updating:

Account preferences
Login settings
Address or profile details

30.6 Right to Deletion (Right to be Forgotten)

30.6.1
Users may request deletion of:

Cookie-derived behavioral profiles
Stored analytics logs
Personalization preferences
Device identifiers (where possible)

30.6.2
Kashfresh may retain minimal cookie-derived data if:

Required for fraud prevention
Required for legal compliance
Needed to resolve disputes

30.7 Right to Restrict Processing

Users may request limitations on:

Advertising cookies
Analytics cookies
Personalization cookies

while essential cookies remain active.

30.8 Right to Object to Profiling

30.8.1
Users may object to:

Behavioral advertising
Personalized recommendations
Interest-based product suggestions

Kashfresh will honor such requests unless profiling is required for fraud prevention or security.

30.9 Right to Data Portability

30.9.1
For EU/EEA users, cookie-derived personal data may be exportable in machine-readable formats where technically feasible.

30.10 Rights of California Consumers Under CPRA

Users may:

Opt-out of cross-context advertising
Limit use of sensitive personal data
Receive detailed disclosures regarding trackers

31. Final Acceptance & Legal Validity Declaration

31.1
By using Kashfresh, users acknowledge reading and understanding this Cookie Policy and agree to the use of cookies as described.

31.1 Acceptance of Policy

31.1.1
Continued navigation, browsing, or interaction after viewing the cookie banner constitutes acceptance.

31.1.2
Use of essential cookies is mandatory for the platform to function.

31.2 Legal Standing

31.2.1
This Cookie Policy forms a legally binding agreement between:

User
and
Badana Communications and Business Pvt. Ltd. (Kashfresh.com)

31.2.2
This Policy supersedes any prior cookie-related communications unless explicitly replaced by updated versions.

31.3 Governing Law

31.3.1
For Indian users, this Policy is governed by:

Laws of India
Jurisdiction of Srinagar Courts (J&K)

31.3.2
For international users:

GDPR applies to EU/EEA users
CCPA/CPRA applies to California users
PIPEDA applies to Canadian users
Local laws apply where relevant

31.4 Limitation of Access if Cookies Are Refused

31.4.1
Certain services may be unavailable if users disable essential cookies, including:

Checkout and payment
Login and account management
Vendor dashboards
Personalized browsing

31.4.2
Kashfresh is not responsible for degraded functionality due to cookie refusal.

32. Appendix: Examples of Cookies Used on Kashfresh

32.1
This appendix provides representative examples of cookies that may be placed on a user’s device while accessing Kashfresh. The exact names, durations, or functions may vary depending on device type, browser version, vendor integrations, and updates to our platform or third-party services.

32.1 Essential Cookies (Strictly Necessary)

32.1.1 SessionID

Purpose: Maintains logged-in sessions
Type: First-party, session
Duration: Ends when browser/app is closed
Category: Authentication

32.1.2 CSRF-Token

Purpose: Prevents cross-site request forgery attacks
Type: First-party, essential
Duration: Short-term session cookie

32.1.3 Cart-Tracker

Purpose: Stores cart items temporarily
Type: First-party
Duration: Session or 24 hours

32.1.4 Checkout-Flow-Status

Purpose: Ensures secure navigation between checkout steps
Duration: Session
Special Note: Required for payment gateway interoperability

32.2 Functional Cookies

32.2.1 Language-Preference

Purpose: Saves selected language
Duration: 6 months

32.2.2 Location-Preference

Purpose: Displays region-based content and shipping options
Duration: Persistent

32.2.3 Wishlist-Saver

Purpose: Saves wishlist items across sessions
Duration: 12 months

32.3 Analytics Cookies

32.3.1 GA_Client_ID

Purpose: Google Analytics session tracking
Type: Third-party
Duration: 2 years

32.3.2 PageView-Tracker

Purpose: Internal analytics for product discovery
Type: First-party
Duration: 90 days

32.3.3 Heatmap-Session

Purpose: Tracks click and scroll patterns
Duration: Per session
Special Note: May be disabled for certain jurisdictions

32.4 Advertising Cookies

32.4.1 GoogleAds-Remarketing

Purpose: Displays personalized ads on Google partner sites
Duration: 30–540 days

32.4.2 Meta-Pixel-ID

Purpose: Tracks conversions and user engagement with ads
Duration: Varies based on Meta settings

32.4.3 Affiliate-Click-ID

Purpose: Tracks affiliate referrals and commissions
Duration: 30 days

32.5 Personalization Cookies

32.5.1 Recommendation-Engine-ID

Purpose: Tailors product suggestions
Duration: 180 days

32.5.2 Recent-Views

Purpose: Saves product view history
Duration: 30–90 days

32.6 Vendor-Specific Cookies (Marketplace Operations)

32.6.1 Vendor-Auth-Key

Purpose: Validates vendor dashboard login
Duration: Session

32.6.2 Inventory-Sync

Purpose: Auto-saves product edits
Duration: 24 hours

32.6.3 Listing-Draft-Saver

Purpose: Retains draft listings
Duration: 3 days

32.7 App-Specific Cookies & Local Storage Examples

32.7.1 App-Device-ID

Purpose: Identifies device for push notifications
Duration: Until app uninstall

32.7.2 App-Crash-Log-Key

Purpose: Stores crash-related data for diagnostics
Duration: Varies by platform

33. Extended Definitions & Glossary

For clarity and legal precision, this section defines key terms referenced throughout the Cookie Policy.

33.1 “Aggregated Data”

Information that has been combined and anonymized, making it impossible to identify an individual user.

33.2 “Anonymization”

A technical process that irreversibly removes identifiable personal data, ensuring compliance with GDPR and global privacy laws.

33.3 “Behavioral Advertising”

Ads shown to users based on their browsing patterns, product interests, and engagement history.

33.4 “Consent”

A freely given, specific, informed, and unambiguous indication of the user’s wishes, typically expressed via an affirmative action such as clicking “Accept.”

33.5 “First-Party Cookie”

A cookie placed directly by Kashfresh’s domain, used for core functionality, security, and personalization.

33.6 “Third-Party Cookie”

A cookie placed by external service providers such as analytics tools, advertising networks, or social media plug-ins.

33.7 “Tracking Technology”

Any technology used to identify users, collect behavioral data, or track interactions beyond traditional cookies, including:

Pixels
Web beacons
Device fingerprints
JavaScript trackers
SDK-based tracking

33.8 “Local Storage”

A client-side storage mechanism used in mobile apps and browsers to store persistent data such as:

Login states
Preferences
Cached assets

33.9 “Cross-Context Behavioral Advertising”

A type of advertising where user activity across different websites or apps is used to show targeted ads.

33.10 “Strictly Necessary Cookies”

Cookies essential for:

Logging in
Navigating the platform
Completing transactions
Maintaining security sessions

These cannot be disabled.

34. Final Clause & Acceptance Statement

34.1
This Cookie Policy is a legally binding component of the Kashfresh user agreement. It must be read alongside:

The Privacy Policy
Terms & Conditions
Vendor Agreement (for sellers)
Return & Refund Policy

34.1 Acceptance of Cookies Through Use

34.1.1
By using Kashfresh, continuing to browse the platform, or clicking “Accept” on the cookie banner, users consent to:

The use of cookies as described
Processing of cookie-derived data
Cross-border transfers in compliance with global regulations

34.1.2
Users may refuse or withdraw consent for non-essential cookies at any time through:

Cookie settings page
Browser preferences
Device-level privacy controls

34.2 Continuous Updating of the Cookie Policy

34.2.1
Kashfresh may revise this Policy to reflect:

Technological advancements
Changes in marketplace operations
Updates to analytics or advertising tools
Legislative or regulatory updates

34.2.2
The “Last Updated” date will always reflect the latest version.

34.3 Dispute Resolution & Governing Law

34.3.1
For Indian users, this Policy is governed by:

The laws of India
Jurisdiction of Srinagar Courts, J&K

34.3.2
International users are protected under their respective regional laws, including:

GDPR (EU/EEA)
UK GDPR
CCPA/CPRA (California)
PIPEDA (Canada)

34.4 Contact & Support for Cookie-Related Queries

If users have concerns, questions, or require support related to cookies, tracking technologies, or privacy rights, they may contact:

📌 Grievance Officer (India):
Akhtar Badana
📧 complaints@kashfresh.com
📞 +91-9419061646

📌 Global Privacy Contact:
privacy@kashfresh.com

34.5 Final Binding Statement

34.5.1
This Cookie Policy, together with related Kashfresh policies, forms the complete agreement governing cookie usage.

34.5.2
By accessing Kashfresh:

You confirm that you have read and understood this Policy
You acknowledge your legal rights and obligations
You agree to the lawful use of cookies as outlined herein

34.5.3
Users who do not agree with the Cookie Policy must discontinue using Kashfresh or adjust cookie settings to disable non-essential tracking.