Privacy Policy

1. Data controller

The controller of the data collected through this website is:

2. Data we collect

a) The data you send us through the contact form, when it is enabled: your name, your e-mail or phone number, and the content of your message.

b) Technical data automatically collected by our host to operate and secure the site: IP address, browser and device type, pages viewed, date and time of the visit (server logs).

As of today the contact form is not yet enabled: until it is, no form data is sent through the site. The site also sets no cookies (see the "Cookies" section).

3. Purpose and legal basis

• Handling your request and calling you back to confirm your order (enquiry, order, catering quote) — basis: your consent and/or steps taken at your request prior to any contract.
• Operating, securing and keeping the site available — basis: our legitimate interest and the technical needs of hosting.

Your data is never sold, rented, or used for advertising.

4. Recipients and processors

Your data may be processed by our technical providers, acting as processors:

• Cloudflare, Inc. — website hosting and delivery via its network (CDN), and the associated technical logs.
• Web3Forms or Formspree — only when the contact form is enabled: routing your message to us (the service in use will be named here once configured).

5. Transfers outside Mauritius

These providers (Cloudflare, and Web3Forms or Formspree) are established outside Mauritius, in particular in the United States; your data may therefore be transferred, processed and stored there. The Data Protection Act 2017 strictly regulates such transfers outside Mauritius. We rely on these providers’ contractual commitments and security measures.

This is one of the items to confirm with a Mauritian legal advisor (legal basis for the transfer and required information).

6. Retention period

Messages received through the form are kept for as long as needed to handle your request, then deleted — at the latest 12 months after our last exchange, unless a legal obligation requires otherwise. Technical logs are kept for limited periods by the host, for security purposes.

7. Cookies and trackers

This site uses no tracking, analytics or advertising cookies. It relies on no third-party analytics: no Google Analytics, no advertising pixel, and no external resources (fonts, maps and videos are hosted on the site itself). The site itself therefore sets no cookie and stores nothing in your browser. No consent banner is required.

Where applicable, our host (Cloudflare) may set a cookie strictly necessary for the security of the site; such a cookie, essential to the service, is exempt from consent.

8. Your rights

Under the Data Protection Act 2017, you have the following rights over your personal data:

• to be informed about the processing of your data;
• to access the data we hold about you;
• to have inaccurate or incomplete data corrected;
• to request the erasure of your data;
• to object to the processing, including any direct marketing;
• to withdraw your consent at any time, without affecting the lawfulness of processing already carried out.

To exercise these rights, contact us:

• +230 5834 9727 (phone / WhatsApp)

We may ask you to verify your identity before responding to your request.

9. Complaint

If you believe the processing of your data does not comply with the law, you may lodge a complaint with the Data Protection Office of Mauritius: dpo@govmu.org — dataprotection.govmu.org.

10. Security

The site is served over an encrypted connection (HTTPS). We apply reasonable technical and organisational measures to protect your data against unauthorised access, loss or disclosure.

11. Changes

This policy may be updated. The date below shows its latest revision.