CafeX Challo Privacy Policy

CaféX Communications Inc. (CafeX) and its affiliates value your privacy.  This privacy policy explains when and why we collect personal information about people who use our CafeX service (the “Service”), how we use it, the conditions under which we may disclose it to others and how we keep it secure. It also describes the choices available to you regarding the use of, your access to, and how to update and correct your personal information.

We may change this privacy policy from time to time, so please check this page occasionally to ensure that you are happy with any changes. By using the CafeX Challo service, you are agreeing to be bound by this privacy policy.

Any questions regarding this privacy policy and our privacy practices should be sent:

  • by email to
  • by writing to either of the following address:
    • CafeX Communications, 1460 Broadway, Suite 9054, New York, NY 10036, USA, Attn: Information Security and Compliance Officer

This privacy policy does not apply to visitors to the CafeX website at For privacy terms applicable to those visitors, please visit

Who are we?

CafeX creates software that makes it amazingly simple for people to collaborate in ways that work best for them.

In this policy “CafeX”, ‘we’, ‘us’ or ‘our’ means:

  • CaféX Communications Inc. 1460 Broadway, Suite 9054, New York, NY 10036. USA

How do we collect information from you?

We obtain various kinds of information about you when you use the Service.  Some of this information you provide directly to us, such as when you sign up or submit feedback. Some of it we get by observing how you use the Service.   If you choose to sign up or sign in with our Google or Microsoft SSO integration, we use and store your email address and, where available, full name.

What type of information is collected from you?

Voluntary information

When you set up to use our CafeX service and create an account, we collect personal information about you, including your name, email address, company name and potentially password if you use the CafeX Authentication Service.  We may also collect personal information from you when you request technical support or participate in one of our communities or message boards. We also collect personal information such as an IP address from any individual that our customer authorizes to utilize our service as a guest under its account.

Automatic information

As you use the Service, we may automatically collect certain information about your connection to our servers, your operating system, your IP address and your browser. We also collect personal information such as an IP address from any individual that our customer authorizes to utilize the Service. This information is collected to aid in diagnostics and auditing.

Use of cookies

We may use cookies and other identification technologies for record keeping purposes and to enhance your experience, if you choose to visit our websites.

Our websites, apps and Services may use the following types of cookies:

  • Strictly Necessary Cookies
    • These cookies are essential to enable you to browse our websites, apps and Services and use the available features.
  • Performance Cookies
    • These cookies collect information about how you use our websites, apps and Services. For instance, these cookies track which pages you visit most. This data may be used to help optimize our websites, apps and Services and make it easier for you to navigate within them. These cookies do not collect information that identifies you; all information is aggregated and anonymous.
  • Functionality Cookies
    • These cookies allow our websites, apps and Services to remember choices you make while browsing, such as geographic location and preferences such as text size and fonts. The information collected by these cookies will not personally identify you.

You have a variety of tools to control cookies, including browser controls to block and delete cookies. If you select browser settings that refuse cookies, you may not be able to obtain all or any of the Services intended.

How is your information used?

We use the information that we collect about you or that you provide to us, including any personal information, for the following purposes:

  •   to manage your account;
  •   to provide you with information, products or services that you request from us;
  •   to fulfil any other purpose for which you have provided the information;
  •   to carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;
  •   to notify you about changes to our products or services;
  •   in any other way we may describe when you provide the information;
  •   to assist in debugging issues with third party service providers with respect to our service(s);
  •   to provide information specified by the court or other legally binding order to the appropriate legal authorities; and
  •   for any other purpose with your permission.

How do we share your information?

We will not sell or rent your personal information to third parties, and we will not share your personal information with third parties for marketing purposes.

We share your personal information with your consent or as necessary to complete any transaction or provide the service you have requested or authorized. We also share data (i) with our subsidiary, (ii) with vendors working on our behalf, such as third party service providers (for example, but not limited to, data storage by Microsoft Azure or Amazon Web Services) who assist us in making the Service available, (iii) when required by law or to respond to legal process, (iv) to protect our customers, (v) to maintain the security of our products and services, and (vi) to protect our rights and property.

Third party processors

A full list of Sub-processors and Subcontractors can be found at

If you are a Customer and have any questions on these partnerships, please contact your CafeX account manager or email

How long do we retain your information?

We review our retention periods for personal information on a regular basis. We are legally required to hold some types of information to fulfil our statutory obligations (for example, to comply with obligations relating to invoicing and taxes).  We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as is specified in any relevant contract between you and us.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not reasonably possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information on hardened servers that are hosted on highly secure data centers, and isolate it from any further processing until deletion is possible.

Your choices

We will not contact you for marketing purposes by email or phone except (i) as necessary to enter into a contract or fulfil our contractual obligations a contract, (ii) with your permission, or (iii) for legitimate purposes permitted by applicable law.,  We will provide an unsubscribe option on all marketing emails you receive from us. You may also contact us at to unsubscribe or if you have any other questions or concerns regarding your receipt of marketing materials from us.

Accessing and correcting your information

You may contact us at with any request to access, correct or delete any personal information that you have provided to us. We make good faith efforts to honor reasonable requests to access, correct or delete your personal information. If you request that we delete your personal information, your Service account information may also be removed. We may not accommodate a request to remove personal information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

In addition, if you are using our CafeX service as a guest of our customers, it is up to you to decide what, if any, information to provide during such use.  Depending on your request, it may not be possible for our customers to address all of your questions without further information from you. Nevertheless, if you do not wish to provide certain information, then you should not do so.  If you are using our CafeX service as a guest of our customer, you may also contact our customer directly to request to access, correct or delete any of the personal information you’ve provided to our customer or withdraw your consent to us processing your personal data by.

Data security

We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration and disclosure. All information you provide to us is stored on our secure servers behind firewalls.

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of the Service or our website, you are responsible for keeping this password confidential. We urge you to be careful about giving out information in public areas of our website like message boards. The information you share in public areas may be viewed by any user of our website.

Unfortunately, the transmission of information via the Internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to the Service. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Service.

Children’s privacy.

We encourage parents and guardians to take an active role in their children’s online activities. We do not knowingly collect personal information from children without appropriate parental or guardian consent. If you believe that we may have collected personal information from someone under the applicable age of consent in your country without proper consent, please contact us at and we will take appropriate measures to investigate and address the issue promptly.

Consent to transfer, processing and storing of personal information.

As CafeX is a global organization, we may transfer your personal information to CafeX in the United States, to our subsidiary in the United Kingdom, or to third parties and business partners as described above that are located in various countries around the world. By using the Service or providing any personal information to us, where applicable law permits, you consent to the transfer, processing, and storage of such information outside of your country of residence where data protection standards may be different.

We safeguard and enable the transfer of personal information from the European Union (EU) to the US by participating in, and certifying our compliance with, the EU-US Privacy Shield Framework and Principles as set forth by the US Department of Commerce, which relates to the collection, use, and retention of personal information transferred from the EU to the US. CafeX is committed to subjecting all personal data received from EU member countries, in reliance on the EU-US Privacy Shield Framework, to the Framework’s applicable Principles. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about these Privacy Shield Frameworks, visit the US Department of Commerce’s Privacy Shield site at

CafeX is responsible for the processing of personal data it receives under the Privacy Shield Framework and subsequently transfers to a third party acting as an agent on its behalf. We comply with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

In compliance with the US-EU Privacy Shield Principles, we commit to resolve complaints about privacy and our collection or use of the personal information of EU individuals. If you believe we retain your personal data within the scope of our Privacy Shield certification, you may direct any queries or complaints regarding our Privacy Shield certification or compliance to the address above.  We will respond to any inquiries or complaints within 45 days at no cost to you.

If you feel we failed to provide an adequate response, you may contact JAMS (, which provides an independent third-party dispute resolution mechanism. Under certain conditions more fully described on the Privacy Shield website (, you may be entitled to invoke binding arbitration through the Privacy Shield Panel when other dispute resolution procedures have been exhausted.

We are subject to the investigatory and enforcement powers of the US Federal Trade Commission with respect to personal data received or transferred pursuant to the EU-US Privacy Shield Framework.

Last Updated – Neil Ellis – 2021-02-15