Go Restro

1. Personal Information We Collect

We collect information in two ways: automatically and voluntarily.

A. Automatically Collected (Device & Usage Data)

• Cookies - Small data files to remember preferences.
• Log Files - IP address, browser type, ISP, pages visited, timestamps.
• Web Beacons & Pixels - Track page views and email opens.
• Google Analytics - Anonymous traffic and behavior data.

B. Voluntarily Provided (Account & Order Data)

When you register, subscribe, or purchase:

• Name, email, phone number
• Business name, GSTIN, address
• Payment details (processed securely via gateways)
• Restaurant menu, staff, and transaction data

2. How We Use Your Information

We use your data only for legitimate business purposes:

• To create and manage your GoRestro account
• To process payments and generate GST-compliant invoices
• To provide support and send critical updates
• To improve platform performance and user experience
• To detect and prevent fraud, abuse, or security threats
• To comply with Indian laws (IT Act, DPDP Act, GST laws)
• To send promotional emails (you can opt out anytime)

We process data under lawful grounds such as consent, contract performance, legal obligation, and legitimate business interests.

3. Sharing Your Information

We do not sell or rent your personal data. We share only with:

• Payment Gateways (Razorpay, Stripe, PayU) - for secure transactions
• Cloud Providers (AWS India Region) - for data storage
• Analytics Tools (Google Analytics) - anonymized data only
• Government Authorities - when required by law (e.g., tax audits)

All partners are contractually bound to protect your data under Indian law.

4. Third-Party Services and Processors

To run the service, we may use third-party tools for:

• Authentication and account verification
• Payment processing and invoice generation
• Server monitoring, logs, and uptime analytics
• Email/SMS notifications and customer support ticketing

These providers act under our instructions and are restricted from using your data for unrelated purposes.

5. Do Not Track

We do not currently respond to "Do Not Track" browser signals. You can manage cookies via your browser settings.

6. Your Rights Under DPDP Act, 2023

As an Indian user, you have the right to:

• Access a copy of your personal data
• Correct inaccurate information
• Request deletion (subject to legal retention)
• Withdraw consent for marketing
• File a complaint with the Data Protection Authority of India

To exercise your rights, email: privacy@GoRestro.com

7. Data Retention

We retain your data only as long as necessary:

• Active accounts: For the duration of your subscription + 3 years (tax compliance)
• Inactive accounts: Deleted after 180 days unless legally required
• Financial records: 8 years (per Indian GST law)

8. Minors

GoRestro is not intended for use by individuals under 18 years of age. We do not knowingly collect data from minors.

9. Data Security

We use industry-standard safeguards, including:

• Encryption in transit (SSL/TLS) and controlled access policies
• Role-based permissions and authentication controls
• Regular backups and audit logs
• Infrastructure monitoring and vulnerability management

Data is stored in AWS Mumbai Region to support Indian data localization requirements.

10. Data Breach and Incident Response

In case of a security incident affecting personal data, we will investigate, take containment steps, and notify impacted users and authorities as required by applicable law.

11. Cross-Border Data Transfers

Where cross-border processing is required for service operations, we implement reasonable safeguards and contractual protections consistent with Indian legal requirements.

12. Grievance Redressal

For complaints or unresolved privacy concerns, write to: privacy@GoRestro.com. We aim to acknowledge and respond within a reasonable time.

13. Changes to This Policy

We may update this policy to reflect legal or operational changes. Material updates will be notified via email and in-app alerts. Continued use implies acceptance.