Privacy Policy

ShopInStreet ("we", "our", "us") operates a restaurant technology platform including the Vendor App, Customer App, Driver App, and associated websites at shopinstreet.com and its subdomains.

This Privacy Policy applies to all users of our platform — restaurant owners, customers, and delivery partners.

Restaurant Owners (Vendor App):

• Name, phone number, email address
• Restaurant name, address, GSTIN, FSSAI license number
• Bank account details (for payment settlements only)
• Menu items, photos, pricing you upload
• Order history and revenue data

Customers (Customer App & Website):

• Phone number (for OTP login)
• Name and delivery addresses
• Order history and preferences
• Device information and location (for delivery)
• Payment transaction records (processed by Razorpay)

Delivery Partners (Driver App):

• Name and phone number
• Live location during active deliveries
• Delivery history and earnings

• To provide and operate the ShopInStreet platform
• To process orders and payments
• To send order notifications and delivery updates via SMS, WhatsApp, and push notifications
• To enable restaurant owners to run marketing campaigns to their customers
• To improve our products and fix bugs
• To comply with legal obligations

We do not sell your personal data to third parties. We do not use your data for advertising on other platforms.

We share data only when necessary to provide our services:

• Razorpay — payment processing
• 2Factor.in — OTP SMS delivery
• Meta (WhatsApp Business API) — order and marketing notifications
• Cloudinary — image storage
• Railway / AWS — cloud hosting
• Expo — push notifications

All third-party providers are bound by data processing agreements and applicable privacy laws.

• All data is stored on encrypted servers in secure cloud infrastructure
• Passwords are hashed and never stored in plain text
• Payment data is handled entirely by Razorpay — we never store card numbers
• Access to production data is restricted to authorized team members only
• We use HTTPS across all platforms

You have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Request deletion of your account and all associated data
• Withdraw consent for marketing communications at any time
• Export your data in a portable format

To exercise any of these rights, contact us at hello@shopinstreet.com or use our Data Deletion Request page.

• Active account data is retained while your account is active
• Order records are retained for 7 years for tax and legal compliance
• Upon account deletion, personal data is removed within 30 days
• Anonymised, aggregated data may be retained indefinitely for analytics

ShopInStreet is not intended for users under 18 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with their data, contact us immediately and we will delete it.

Our websites use minimal cookies necessary to operate the service (session management, authentication). We do not use advertising tracking cookies. You can disable cookies in your browser settings, but some features may not work correctly.

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date above and notify users via email or in-app notification for significant changes.