Lyra EnterprisesLyra Enterprises← Home

Lyra Enterprises

Privacy Policy

Last updated: 6 May 2026

This policy explains what personal data Lyra Enterprises collects when you use our coffee/tea vending machines or the website brew.lyra-app.co.in, why we collect it, and how you can exercise your rights over it.

1. Data we collect

  • Account data — phone number and an optional name when you sign in to the customer portal.
  • Order data — drink type, customisation, machine ID, timestamp and order amount.
  • Payment metadata — Razorpay order id, payment id and signature. We do not see or store card numbers, UPI PINs or net-banking credentials. Those are handled entirely by Razorpay (PCI-DSS Level 1 certified).
  • Technical data — IP address, browser/user-agent, and basic device information used for security and abuse prevention.

2. Why we collect it

  • To accept and fulfil your order on a specific Machine.
  • To process payments securely and to issue refunds where required.
  • To detect fraud, abuse or technical issues, and to keep the Service available.
  • To respond to customer support queries you raise with us.
  • To comply with our legal and tax obligations under Indian law.

3. Where data is stored

Customer and order data is stored in our Supabase database hosted within the Asia/Pacific region. Payment processing is performed by Razorpay Software Private Limited (India). We do not sell or rent your personal data.

4. Sharing with third parties

We share limited personal data only with:

  • Razorpay — to process payments and refunds.
  • Supabase — as our managed database/hosting provider.
  • Government / law-enforcement — only when required by valid legal process.

5. Cookies

We use a small number of strictly-necessary cookies to keep you signed in and to protect against CSRF attacks. We do not use advertising or third-party tracking cookies on this Service.

6. Retention

Order and payment records are retained for at least 8 years to comply with Indian accounting and tax law. Account information is retained as long as your account is active. You may request deletion of your account at any time, subject to the retention requirements above.

7. Your rights

You may request, free of charge:

  • A copy of the personal data we hold about you.
  • Correction of inaccurate data.
  • Deletion of data not legally required to be retained.
  • To withdraw consent and stop further processing.

To exercise any of these rights, email sales@lyraenterprise.co.in from the address linked to your account.

8. Security

Traffic to brew.lyra-app.co.in is protected by HTTPS/TLS. Passwords and API keys are stored only as salted hashes; payment secrets are never written to our servers. We follow industry-standard practices for access control and audit logging.

9. Changes

We may update this policy from time to time. The “Last updated” date at the top of the page reflects the most recent revision.

10. Grievance officer

In line with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, our grievance officer is:

Lyra Enterprises — Grievance Officer
10/21, Vasuki Street, Cholapuram, Ambattur, Chennai – 600053.
Email: sales@lyraenterprise.co.in