en
Browse web
Join us

Privacy policy

PRIVACY POLICY
Effective Date: 11/04/2026
Last Updated: 21/04/2026

1. INTRODUCTION

This Privacy Policy ("Policy") is published in compliance with the provisions of the
Information Technology Act, 2000, the Information Technology (Reasonable Security
Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, the
Digital Personal Data Protection Act, 2023 ("DPDPA"), and other applicable laws of the
Republic of India.

This Policy outlines the practices of Apnaseher Private Limited ("Apnaseher", "we",
"us", or "our") concerning the collection, use, storage, processing, disclosure, and
transfer of your Personal Data when you use our mobile application and website
(collectively, the "Platform") accessible at https://apnaseher.com.

Under the DPDPA, Apnaseher acts as a "Data Fiduciary" in respect of your Personal Data,
and you are the "Data Principal". Apnaseher processes your Personal Data only for lawful
purposes, on the basis of your free, specific, informed, unconditional, and unambiguous
consent, or on other legitimate grounds as permitted under Applicable Law.

By accessing or using the Platform, you signify your unconditional acceptance of this
Policy and provide your express consent to the collection, use, and disclosure of your
Personal Data in accordance with the terms herein. If you do not agree with the terms of
this Policy, you are advised not to use or access the Platform.

2. APPLICABILITY

This Policy applies to all users of the Platform, including but not limited to:

- Customers: Individuals who place orders for goods or services through the Platform.
- Vendors: Business entities, such as restaurants, grocery stores, pharmacies, sweet
  shops, bakeries, vehicle rental operators, and building material suppliers, who list
  their products or services on the Platform.
- Delivery Partners: Individuals who provide delivery services for orders placed on
  the Platform.

(Collectively referred to as "you" or "Users").

3. INFORMATION WE COLLECT

We collect Personal Data to provide and continually improve our products and services.
The types of Personal Data we collect are detailed below:

A. Information You Provide to Us:

We receive and store any information you enter on our Platform or provide to us in any
other way. This includes:

- Identity and Profile Data: Full name, email address, mobile number, password, delivery
  addresses, and profile picture.
- Vendor and Delivery Partner Data: In addition to the above, we may collect business
  registration details, PAN, GSTIN, bank account details, and vehicle information.
- Delivery Partner Location Data: For Delivery Partners, we collect precise geolocation
  data during active deliveries and while the app is running in the foreground or
  background to enable delivery tracking.
- Vehicle Rental Data: If you use the Vehicle Rental module as a User, we may collect
  your vehicle preference details and rental booking history. Vendors offering Rental
  Vehicles are required to provide vehicle registration details and valid insurance
  documentation.
- Parcel Delivery Data: If you use the Parcel Delivery module, we collect the sender's
  name, contact number, delivery address, recipient's name, recipient's contact number,
  recipient's delivery address, and a description of the Parcel contents. This information
  is shared with the assigned Delivery Partner to facilitate delivery.
- Payment Data: While you may provide credit card, debit card, or bank account
  information for transactions, we do not store this information on our servers. It is
  processed and tokenized by our third-party payment gateway partners who are PCI-DSS
  compliant.
- Communications: Records and copies of your correspondence (including email addresses
  and phone numbers) if you contact us for customer support or provide feedback.

B. Information We Collect Automatically:

- Location Data: We collect your precise or approximate location data, as determined
  through data such as GPS, IP address, and Wi-Fi, to facilitate order delivery and
  enhance your user experience.
- Device and Usage Data: We automatically collect information about your device and your
  interaction with our Platform. This includes your IP address, device identifiers (like
  IMEI number), operating system, browser type, mobile network information, pages viewed,
  features used, app crashes, and other system activity.
- Transactional Information: We collect transaction details related to your use of our
  services, including the type of services you requested or provided, order details, date
  and time the service was provided, amount charged, and payment method.

C. Information from Third-Party Sources:

We may receive information about you from third-party sources, such as our payment
gateway partners who provide us with transaction confirmation details, or from marketing
and advertising partners.

4. PURPOSE OF DATA COLLECTION AND USAGE

Your Personal Data is collected and processed for the following purposes, based on the
legal grounds of your consent and legitimate interest as permitted under the DPDPA and
other Applicable Law:

- To Provide and Manage Services: To facilitate your registration, manage your account,
  process your orders, and enable deliveries from Vendors to Customers via Delivery
  Partners across all Platform modules including Food, Grocery, Pharmacy, Sweets &
  Bakery, Parcel Delivery, Vehicle Rental, and Building Materials.
- To Facilitate Payments: To process payments for orders and to remit payments to Vendors
  and Delivery Partners.
- For Communication: To send you transactional communications, including order
  confirmations, delivery updates, OTPs, and service announcements via SMS, email, and
  push notifications.
- For Call Masking: To protect your privacy when communicating with Delivery Partners or
  Vendors, we use a call masking service operated by a third-party provider (currently
  Exotel Techcom Private Limited). This means neither you nor the Delivery Partner sees
  the other's actual mobile number. All such calls are routed through a virtual number
  and call logs may be retained for a limited period for safety and dispute resolution
  purposes.
- For Customer Support: To investigate and address your concerns, queries, and
  grievances, and to monitor and improve our customer support responses.
- For Safety, Security, and Fraud Prevention: To verify user identity, prevent fraudulent
  activities, and ensure the safety and security of all users and the integrity of our
  Platform.
- For Research, Development, and Analytics: To analyze usage trends, understand user
  behaviour, and improve the functionality, performance, and user experience of our
  Platform. We may use aggregated and anonymized data for these purposes.
- For Marketing and Promotions: To inform you about new products, services, and
  promotional offers that may be of interest to you. You have the right to opt-out of
  receiving such communications at any time.
- To Comply with Legal Obligations: To comply with applicable laws, regulations, court
  orders, or other legal processes, including for tax, GST, and audit purposes.

5. DATA SHARING AND DISCLOSURE

We do not sell or rent your Personal Data to third parties. We may share your Personal
Data only in the following circumstances:

- With Vendors and Delivery Partners: We share necessary information to fulfill your
  orders. For instance, a Customer's name, delivery address, and masked contact number
  are shared with the Vendor and the assigned Delivery Partner. A Vendor's location is
  shared with the Delivery Partner for pickup. In the case of Parcel Delivery, the
  recipient's name and delivery address are shared with the Delivery Partner.
- With Third-Party Service Providers: We engage third-party companies and individuals to
  perform services on our behalf. These currently include, but are not limited to:
    * Razorpay Software Private Limited — payment processing;
    * MSG91 (Walkover Web Solutions Private Limited) — SMS delivery and OTP services;
    * Google Firebase (Google LLC) — OTP authentication, push notifications, and
      analytics;
    * Exotel Techcom Private Limited — call masking and virtual telephony services;
    * DigitalOcean, LLC — cloud hosting and infrastructure.
  These service providers have access to your Personal Data only to perform their
  designated tasks and are contractually obligated not to disclose or use it for any
  other purpose.
- For Legal Reasons: We may disclose your Personal Data if we believe in good faith that
  such disclosure is necessary to: (a) comply with a legal obligation or a governmental
  request; (b) enforce our Terms and Conditions and other agreements; (c) protect the
  rights, property, or safety of Apnaseher, our users, or the public; or (d) detect,
  prevent, or otherwise address fraud, security, or technical issues.
- In Connection with a Business Transfer: In the event of a merger, acquisition,
  reorganization, bankruptcy, or sale of all or a portion of our assets, your Personal
  Data may be transferred as part of that transaction. We will notify you via email
  and/or a prominent notice on our Platform of any change in ownership or uses of your
  Personal Data.

6. CROSS-BORDER DATA TRANSFERS

Some of our third-party service providers, including Google LLC (Firebase) and
DigitalOcean, LLC, are based outside India and your Personal Data may be transferred
to, stored, and processed in countries other than India. Where such transfers occur,
we ensure that appropriate contractual safeguards are in place in accordance with
Applicable Law, including the requirements of the Digital Personal Data Protection
Act, 2023. By using the Platform and providing your Personal Data, you consent to such
transfers.

7. COOKIES AND TRACKING TECHNOLOGIES

We use cookies, pixels, and other similar tracking technologies to collect and store
information to provide a personalized experience, analyze usage patterns, and for
advertising purposes. You can control the use of cookies at the individual browser level,
but if you choose to disable cookies, it may limit your use of certain features or
functions on our Platform.

8. DATA SECURITY

We are committed to protecting your data. We implement and maintain reasonable security
practices and procedures, including administrative, physical, and technical safeguards,
as required under Section 43A of the Information Technology Act, 2000 and the DPDPA.
These measures include data encryption in transit and at rest, access control mechanisms,
and regular security audits.

In the event of a Personal Data breach that is likely to affect your rights or interests,
we will notify you and, where required under Applicable Law, the Data Protection Board of
India, in the manner and within the timelines prescribed under the DPDPA.

No method of transmission over the Internet or method of electronic storage is 100%
secure. While we strive to use commercially acceptable means to protect your Personal
Data, we cannot guarantee its absolute security.

9. DATA RETENTION

We will retain your Personal Data only for as long as is necessary for the purposes set
out in this Policy, or as required to comply with our legal obligations, resolve disputes,
and enforce our agreements. The retention period may vary depending on the type of data
and the purpose for which it was collected. Upon the expiry of the retention period, your
Personal Data will be securely deleted or anonymized in accordance with the DPDPA.

10. YOUR RIGHTS AND CHOICES

As a Data Principal under the DPDPA and as a user of the Platform, you have the following
rights with respect to your Personal Data:

- Right to Access and Confirmation: You may request confirmation of whether your Personal
  Data is being processed and obtain a summary of the Personal Data being processed and
  the processing activities undertaken by us.
- Right to Update and Correction: You can access and correct your profile information
  through your account settings on the Platform. You may also contact us to correct
  inaccurate or incomplete Personal Data.
- Right to Erasure: You may request the deletion of your account and associated Personal
  Data, subject to our legal and contractual retention obligations. We will process such
  requests in accordance with the DPDPA.
- Right to Withdraw Consent: You may withdraw your consent to our processing of your
  Personal Data at any time. Please note that withdrawing consent may result in your
  inability to use some or all of our services and will not affect the lawfulness of
  processing based on consent before its withdrawal.
- Right to Grievance Redressal: You have the right to lodge a complaint with our
  Grievance Officer regarding any discrepancies or grievances with respect to the
  processing of your Personal Data. If your grievance is not resolved to your
  satisfaction, you may escalate the matter to the Data Protection Board of India,
  as established under the DPDPA.
- Right to Nominate: Under the DPDPA, you have the right to nominate another individual
  who shall exercise your rights in the event of your death or incapacity.
- Right to Opt-Out: You can opt-out of receiving promotional or marketing communications
  from us by following the unsubscribe instructions in those communications or by changing
  your notification settings in the app.

To exercise any of these rights, please contact us using the information provided in
Section 13.

11. CHILDREN'S PRIVACY

Our Platform is not intended for use by individuals under the age of 18. We do not
knowingly collect Personal Data from children. If we become aware that we have
inadvertently collected Personal Data from a child under 18, we will take steps to delete
such information from our records promptly in accordance with the DPDPA.

12. CHANGES TO THIS PRIVACY POLICY

We may update this Policy from time to time to reflect changes in our practices or for
other operational, legal, or regulatory reasons. We will notify you of any material
changes by posting the new Policy on the Platform and updating the "Last Updated" date.
Your continued use of the Platform after such changes constitutes your acceptance of
the revised Policy.

13. GOVERNING LAW AND JURISDICTION

This Privacy Policy shall be governed by and construed in accordance with the laws of
the Republic of India, including the Information Technology Act, 2000, and the Digital
Personal Data Protection Act, 2023. Any disputes arising out of or in connection with
this Policy shall be subject to the exclusive jurisdiction of the competent courts in
Anand, Gujarat, India.

14. GRIEVANCE OFFICER AND CONTACT INFORMATION

In accordance with the Information Technology Act, 2000, and the rules made thereunder,
the name and contact details of the Grievance Officer are provided below. For any
queries, concerns, or grievances regarding this Privacy Policy or the processing of your
Personal Data, please contact us at:

Name of Grievance Officer: Rahin Malek
Company Name: Apnaseher Private Limited
Registered Address: 100ft Road, Anand, Gujarat – 388001, India
Email for General Queries: support@apnaseher.com
Email for Grievances: support@apnaseher.com
Response Time: Within 30 days of receiving the grievanceIf your grievance is not resolved within the prescribed time or you are dissatisfied with
the resolution, you may approach the Data Protection Board of India in accordance with
the provisions of the Digital Personal Data Protection Act, 2023.