Privacy Policy

Last updated: 13 June 2026

This Privacy Policy explains how Srinivasa Fresh Mart(“we”, “us”, “our”) collects, uses, shares, and protects your personal data when you use our mobile app, website, and delivery service. We are committed to handling your information responsibly and in accordance with India's Information Technology Act, 2000 and its rules, and the Digital Personal Data Protection Act, 2023 (DPDP Act).

1. Who we are

Srinivasa Fresh Mart is a single neighbourhood grocery store operating in Kismatpur, Hyderabad, Telangana, India, offering vegetables, fruits, pooja samagri and flowers for local delivery. For any privacy questions, contact us at srinivasafreshmart@gmail.com.

2. Information we collect

• Account information: your mobile number (used for WhatsApp OTP login) and the name you provide.
• Delivery information: the delivery addresses you save, including any location/geo-coordinates you select on the map so we can confirm you are within our delivery area and find your home.
• Order information: the items you order, quantities, amounts, your chosen delivery slot, payment mode (cash or UPI), and your order history.
• Device & technical information: a push-notification token (if you enable notifications) and basic diagnostic/usage data needed to operate the service and keep it secure.
• Communications: messages you send us via WhatsApp, email or phone.

We do not collect card or bank details — payment is made in cash or by UPI directly to the delivery person at your door. We do not knowingly collect data from anyone under 18.

3. How we use your information

• To create and secure your account and sign you in via WhatsApp one-time password (OTP).
• To process, pack, deliver and invoice your orders, and to confirm you are within our service area.
• To send transactional updates (OTP, order confirmed, out for delivery, delivered, invoice) over WhatsApp.
• To send optional push notifications about new arrivals and offers, which you can turn off at any time.
• To prevent fraud, abuse and spam (including via Google reCAPTCHA / Firebase App Check).
• To provide customer support and comply with legal, tax and accounting obligations.

4. Messaging — WhatsApp, not SMS

All transactional messages (login codes, order updates and invoices) are sent through the WhatsApp Business platform (Meta), not SMS. Engagement notifications (such as new arrivals) are delivered as push notifications via Firebase Cloud Messaging (Google). You can disable push notifications in your device settings at any time.

5. Who we share data with

We do not sell your personal data. We share it only as needed to run the service:

• Our delivery personnel receive the minimum needed to deliver a specific order (your name, delivery address, contact number and amount to collect), via a secure, expiring link.
• Service providers / processors: Google (Firebase authentication, database, hosting, Cloud Messaging and Google Maps) and Meta (WhatsApp Business) process data on our behalf to operate the app.
• Legal: we may disclose information if required by law, regulation, or a valid legal request, or to protect our rights and the safety of others.

6. Cookies & local storage

Our website and app use local storage to keep your cart and session, and Google reCAPTCHA/Firebase App Check, which may set tokens to verify that requests come from genuine app users. We do not use third-party advertising or tracking cookies.

7. Data retention

We keep your account and order data while your account is active and for as long as needed to provide the service and to meet legal, tax and accounting requirements. Login OTP sessions are short-lived and expire automatically. When data is no longer required, we delete or anonymise it.

8. How we protect your data

Data is transmitted over encrypted connections (HTTPS). Access to order and customer data is restricted to the shop owner and authorised systems. OTP codes are never stored in plain text. While no system is perfectly secure, we take reasonable technical and organisational measures to protect your information.

9. Your rights

Subject to applicable law, including the DPDP Act, 2023, you may:

• access the personal data we hold about you;
• correct or update inaccurate data;
• request deletion of your account and data (see our Account & Data Deletion page);
• withdraw consent for optional processing (e.g. push notifications); and
• raise a grievance with our Grievance Officer (below).

To exercise any right, email srinivasafreshmart@gmail.com from your registered contact.

10. Account & data deletion

You can ask us to delete your account and personal data at any time. See the Account & Data Deletion page for how to request it and what is removed.

11. International transfers

Our processors (Google, Meta) may process data on servers located outside India. Where they do, they are contractually required to protect it consistent with this policy and applicable law.

12. Changes to this policy

We may update this policy from time to time. We will post the updated version here with a new “Last updated” date; significant changes will be communicated where appropriate.

13. Grievance Officer & contact

In line with the Information Technology Rules and the Consumer Protection (E-Commerce) Rules, 2020, you may contact our Grievance Officer:

• Name: The Proprietor, Srinivasa Fresh Mart
• Email: srinivasafreshmart@gmail.com
• Phone / WhatsApp: +91 95026 07169
• Address: Kismatpur, Hyderabad, Telangana, India

We acknowledge grievances within 48 hours and aim to resolve them within one month of receipt.