Information · efoodcare
Privacy Policy
Effective: 6 Jun 2026
efoodcare ("we", "our", "the company") operates the efoodcare meal-subscription and food-ordering platform at efoodcare.in. This policy explains what personal information we collect, why we collect it, how we use it, and what choices you have. We comply with the Digital Personal Data Protection Act, 2023 (DPDPA) and applicable Indian regulations.
1. Information we collect
Account & identity: name, phone number, email, date of birth (optional), profile photo (optional). Address & geolocation: delivery addresses you save, your live location when you tap 'Use my location' (we never store continuous GPS — only the lat/lng at the moment of the tap). Subscription & order data: subscription tier, meal-pass start/end dates, attendance logs (QR scans), wallet balance, individual order histories, payment-method tokens (we never store full card or UPI PIN). Device & analytics: device model, OS, browser version, page-view events, crash logs — only aggregated/pseudonymous, used to fix bugs and improve UX.
2. Why we collect it
Delivering meals on time, accurate billing and refunds, attendance and anti-fraud (single-use QR check-in), customer support and dispute resolution, kitchen capacity planning, sending order/wallet/menu notifications you've opted in to, complying with FSSAI / GST / tax obligations.
3. Cookies & similar technologies
We use session cookies for login (auth_token, HTTPOnly, SameSite=Lax), a 'last viewed' cookie to resume your cart, and Google Analytics 4 for traffic measurement (anonymised IP, no cross-site tracking). You can clear cookies any time in your browser settings — you'll be logged out but no other data is lost.
4. Who we share data with
Payment processors (Razorpay, Paytm) — for processing your UPI/card payments; they receive only the amount and a non-personal order ID. Hyperlocal delivery partners — your name, phone, address, and order summary so the rider can deliver. FSSAI / tax authorities — only when legally compelled. We do NOT sell your data, share it with advertisers, or use it for any third-party marketing.
5. Data retention
Active subscriber profiles: kept while you have a paid subscription + 7 years for GST/tax compliance. Order/attendance logs: 7 years. Crash & analytics: 90 days, then deleted. Inactive accounts (no login for 24 months) are auto-anonymised: phone + email replaced with sha-256 hashes, name redacted to 'efoodcare guest'.
6. Your rights
Access — request a copy of all data we hold on you. Correction — fix wrong details directly in your profile. Erasure — delete your account from Profile → Delete Account; we'll purge personal fields within 30 days. Portability — download your order/attendance history as JSON. Grievance officer: Rushikesh Anil Tamhane, support@efoodcare.in, +91 91755 60211.
7. Children
Our services are for adults aged 18+. We do not knowingly collect data from minors. If you believe a child has signed up, contact the grievance officer and we'll delete the account within 7 days.
8. Security
All data is transmitted over HTTPS (TLS 1.3). Passwords are bcrypt-hashed. Payment tokens are stored only by the gateway (Razorpay / Paytm) — we never see the raw card / UPI PIN. Database access is restricted to two named engineers and audited monthly.
9. Cross-border transfers
All data is stored on Indian-region MongoDB Atlas servers. We do not transfer personal data outside India except for payment gateways (Razorpay, Paytm — both India-domiciled).
10. Changes to this policy
We'll notify you via in-app banner and email at least 7 days before any material change. The 'effective date' at the top is always the version you're seeing.
Contact
Questions? Email support@efoodcare.in or write to: efoodcare, shilangan Road, behind bhaktidham mandir, sai nagar, Amravati 444607, Maharashtra. We respond to every grievance within 72 hours.