Introduction
Welcome to TiffinEZ Customer App ("we," "our," or "us"). We are committed to protecting your privacy
and ensuring the security of your personal information. This Privacy Policy explains how we collect,
use, disclose, and safeguard your information when you use our mobile application to discover tiffin
services, subscribe to meal packages, and manage your orders.
By using the TiffinEZ Customer App, you agree to the collection and use of information in accordance
with this policy.
1. Information We Collect
1.1 Personal Information
- Phone Number: Collected during registration for authentication via Firebase
Authentication
- Name: Your name for account identification and order processing
- Email Address: (If provided) for communication purposes
1.2 Location Information
- Delivery Addresses: GPS coordinates (latitude/longitude), full addresses,
street information, city, state, postal code
- Google Maps Data: Place IDs, formatted addresses for accurate delivery
- Approximate Location: To help you find nearby tiffin services (only when you
choose to enable)
1.3 Subscription and Order Information
- Package Subscriptions: Meal plans you subscribe to, package details, validity
periods
- Meal Preferences: Type of meals (lunch/dinner/both), number of tiffins,
delivery or dine-in preference
- Order History: Past orders, order status, delivery details, timestamps
- Meal Management: Meal skip requests, extra tiffin requests
1.4 Tiffin Service Information
- Service Browsing: Tiffin services you view or interact with
- Menu Viewing: Daily menus you access
- Service Images: Photos of tiffin services and packages you view
1.5 Payment Information
- Transaction Records: Package purchase amounts and dates
- Subscription History: Recharge and renewal information
- Note: We do NOT store credit card or payment card details
1.6 Technical Information
- Device Information: Device type, operating system, app version
- Usage Data: Features accessed, time spent in app, interaction patterns
- Log Data: IP address, timestamps, error logs, crash reports
2. How We Collect Information
We collect information through:
- Direct Input: Information you provide during registration, subscription, and
order placement
- Firebase Authentication: Phone number verification and user authentication
- Google Maps API: Location and address information you provide for deliveries
- Automated Technologies: App usage patterns and device information
- Cookies: Limited use for session management (mobile app only)
3. How We Use Your Information
We use your information for the following purposes:
3.1 Service Provision
- Authenticate and verify your identity
- Process your meal subscriptions and orders
- Coordinate deliveries to your specified addresses
- Display nearby tiffin services and menus
- Enable meal skipping and extra tiffin requests
- Send order confirmations and delivery notifications
3.2 Communication
- Send order status updates and delivery notifications
- Provide important service announcements
- Respond to your inquiries and support requests
- Send promotional offers (with your consent)
3.3 Service Improvement
- Analyze usage patterns to improve app functionality
- Personalize your experience based on preferences
- Develop new features and services
- Enhance order accuracy and delivery efficiency
3.4 Legal Compliance
- Comply with applicable laws and regulations
- Protect against fraud and unauthorized access
- Resolve disputes and enforce our Terms of Service
- Maintain transaction records for accounting purposes
4. How We Share Your Information
We do not sell your personal information. We share information only in the
following circumstances:
4.1 Service Providers
- Firebase (Google): For authentication services
- Google Cloud Platform: For secure data storage and hosting
- Google Maps: For location and mapping services
- Database Providers: For secure storage of your account and order information
4.2 Tiffin Service Providers
- Your Contact Information: Name, phone number shared with tiffin services you
subscribe to
- Delivery Addresses: Shared with tiffin services and assigned delivery partners
for order fulfillment
- Order Details: Meal preferences, tiffin quantities, and delivery schedules
4.3 Delivery Partners
- Delivery Information: Your name, phone number, delivery address, and order
details shared with delivery partners assigned to your orders
- GPS Coordinates: To facilitate accurate and efficient deliveries
4.4 Legal Requirements
- When required by law, court order, or government regulation
- To protect our rights, property, or safety, or that of our users
- To prevent fraud or illegal activities
- To enforce our Terms of Service
4.5 Business Transfers
- In connection with a merger, acquisition, or sale of assets (you will be notified in advance)
5. Data Storage and Security
5.1 Storage Location
- Data is stored securely on Google Cloud Platform servers
- Database hosted on secure PostgreSQL servers with encryption
- Backup systems maintained for data recovery
5.2 Security Measures
- Encryption: Industry-standard SSL/TLS encryption for all data transmission
- Firebase Authentication: Secure phone-based authentication
- Access Controls: Strict access controls and authentication mechanisms
- Regular Audits: Security audits and vulnerability assessments
- Secure APIs: Token-based authentication for all API endpoints
5.3 Data Retention
- Active Account: Data retained while your account is active
- Order History: Retained for 3 years for customer service and dispute resolution
- Transaction Records: Retained for 7 years for accounting and tax purposes
- Account Deletion: You may request account deletion at any time (see Your Rights
section)
6. Your Rights and Choices
6.1 Access and Update
- View and update your profile information within the app
- Access your order history and subscription details
- View and manage your saved delivery addresses
6.2 Account Management
- Update Information: Modify your name, addresses, and preferences
- Delete Addresses: Remove saved delivery addresses
- Close Account: Request permanent account deletion (contact support)
6.3 Location Control
- Enable/Disable Location: Control location access in device settings
- Manual Address Entry: Enter addresses manually without sharing device location
6.4 Communication Preferences
- Push Notifications: Disable in device settings or app preferences
- Marketing Communications: Opt-out of promotional messages
- Order Updates: Cannot opt-out of essential order and delivery notifications
6.5 Data Portability
- Request a copy of your personal data in a structured, commonly used format
- Export your order history and subscription information
7. Third-Party Services
Our app integrates with the following third-party services:
7.1 Firebase Authentication (Google)
7.2 Google Maps Platform
7.3 Google Cloud Platform
These services have their own privacy policies, and we encourage you to review them.
8. Children's Privacy
The TiffinEZ Customer App is intended for users aged 13 and above. We do not knowingly collect
information from children under 13 (or 16 in the EU). If you are a parent or guardian and believe
your child has provided us with personal information, please contact us immediately, and we will
delete such information.
9. International Data Transfers
Your information may be transferred to and processed in countries other than your country of
residence. We ensure appropriate safeguards are in place to protect your information in accordance
with applicable data protection laws, including:
- Standard contractual clauses approved by regulatory authorities
- Adequate protection measures as required by GDPR and other regulations
10. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices or legal
requirements. We will notify you of significant changes through:
- In-app notifications
- Email notifications (if provided)
- Prominent notice when you open the app
The "Last Updated" date at the top indicates when changes were made. Continued use of the app after
changes constitutes acceptance of the updated policy.
11. Data Protection Rights
11.1 EU Users (GDPR Rights)
If you are in the European Union, you have the following rights:
- Right to Access: Request a copy of your personal data
- Right to Rectification: Correct inaccurate or incomplete data
- Right to Erasure: Request deletion of your personal data ("right to be
forgotten")
- Right to Restrict Processing: Limit how we use your data
- Right to Data Portability: Receive your data in a portable format
- Right to Object: Object to certain types of processing
- Right to Withdraw Consent: Withdraw consent at any time without affecting prior
processing
11.2 California Users (CCPA Rights)
If you are a California resident, you have the following rights:
- Right to Know: Know what personal information is collected about you
- Right to Delete: Request deletion of your personal information
- Right to Opt-Out: Opt-out of the sale of personal information (we do NOT sell
your data)
- Right to Non-Discrimination: Not be discriminated against for exercising your
rights
11.3 India Users
In compliance with Indian data protection laws:
- You have the right to access and correct your personal information
- You can withdraw consent for data processing
- You can request data deletion (subject to legal retention requirements) - Request Account Deletion
- You can file complaints with the appropriate regulatory authority
12. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or your data:
13. Dispute Resolution
If you have concerns about how we handle your data:
- Contact us directly at info@tiffinez.in
- We will investigate and respond within 30 days
- If unresolved, you may file a complaint with your local data protection authority
For EU users: You have the right to lodge a complaint with your supervisory authority.
14. Legal Basis for Processing (GDPR)
We process your personal data based on:
- Consent: You have given clear consent for specific processing activities
- Contract: Processing is necessary to fulfill our service agreement with you
- Legal Obligation: Processing is required to comply with legal requirements
- Legitimate Interests: Processing is necessary for our legitimate business
interests (e.g., fraud prevention, service improvement)
15. Cookies and Tracking Technologies
The TiffinEZ Customer App uses minimal tracking technologies:
- Session Management: Temporary session tokens for authentication
- Analytics: Firebase Analytics to understand app usage (you can opt-out in
settings)
- No Advertising Cookies: We do not use advertising or tracking cookies
You can control analytics through your device settings or app preferences.
16. Your Choices Summary
| Feature |
How to Control |
| Location Access |
Device Settings → TiffinEZ → Location |
| Push Notifications |
Device Settings → TiffinEZ → Notifications |
| Marketing Messages |
App Settings → Communication Preferences |
| Analytics |
App Settings → Privacy → Analytics Opt-Out |
| Account Deletion |
Contact info@tiffinez.in |
| Data Export |
Contact info@tiffinez.in |
App Store Privacy Labels
Apple App Store Privacy Labels
Data Used to Track You:
None
Data Linked to You:
- Contact Info (Name, Phone Number)
- Location (Precise Location for delivery)
- Identifiers (User ID)
- Purchases (Package subscriptions)
- Usage Data
Data Not Linked to You:
Google Play Data Safety Section
Data Collected:
- Personal Info (Name, Phone Number)
- Location (Precise Location)
- Financial Info (Purchase history, not payment cards)
- App Activity (In-app actions, order history)
Data Sharing:
- Shared with tiffin service providers and delivery partners for order fulfillment
- Not sold to third parties
- Not used for advertising
Data Security:
- Data is encrypted in transit using SSL/TLS
- Data is encrypted at rest
- You can request data deletion
- Complies with Google Play's Families Policy (if applicable)
