DineMitra ("we," "us," or "our") is committed to protecting the privacy of restaurant owners, operators, staff, and any other individuals ("you") who use our platform. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you access or use the DineMitra restaurant management and POS platform, our website, mobile applications, and related services (collectively, the "Platform"). Please read this policy carefully. If you disagree with its terms, please discontinue use of the Platform.
1 Information We Collect
We collect several categories of information depending on how you interact with DineMitra:
Account & Registration
- Name, email, phone number, and business name when you create an account.
- Restaurant details such as type, number of tables, and operating locations.
- Login credentials (passwords stored in encrypted form, never plain text).
Billing & Payment
- Subscription plan, billing cycle preference, and payment method details.
- Payments are processed by our third-party processor. DineMitra does not store full card numbers directly.
- Invoice history and GST-related billing records.
Business & Operational Data
- Menu items, orders, KOTs, table assignments, and sales transactions.
- Inventory records, stock levels, ingredient usage logs, and low-stock alerts.
- Staff accounts, shift records, login activity, and performance reports.
Usage & Technical Data
- IP address, browser type, OS, and device identifiers.
- Pages visited, features used, session duration, and click-path data.
- Error logs, crash reports, and approximate geographic location from IP.
Communications Data
- Messages, queries, or feedback you send via email, contact forms, or WhatsApp support.
- Support tickets, onboarding session notes, and training records.
2 How We Collect Information
We collect information through the following means:
- Directly from you — when you register, set up your restaurant profile, configure your menu, process orders, or contact our support team.
- Automatically — when you use the Platform, our servers automatically log usage and technical data via cookies, web beacons, and similar tracking technologies.
- From third-party integrations — if you connect DineMitra with third-party services (such as payment gateways, delivery aggregators, or accounting tools), we may receive relevant data from those services as permitted by their own privacy policies.
- From your devices — when you access DineMitra on a mobile phone, tablet, or handheld POS device, we may collect device-level identifiers and network information to support your session.
3 How We Use Your Information
DineMitra uses the information we collect for the following purposes:
To Provide & Operate the Platform
- Process orders, generate bills (GST and Non-GST), and manage KOTs.
- Enable table management, inventory tracking, and staff performance monitoring.
- Deliver real-time analytics, sales reports, and business dashboards.
- Manage your subscription, process payments, and issue invoices.
To Improve & Develop the Platform
- Analyze usage patterns to understand which features are most valuable.
- Identify bugs, performance bottlenecks, and areas for improvement.
- Develop and test new features including reporting modules and integrations.
- Use aggregated, anonymized data for product research. This cannot identify your restaurant.
To Communicate with You
- Send account notifications, subscription confirmations, and renewal reminders.
- Provide onboarding support, staff training guidance, and product updates.
- Respond to support queries via email, WhatsApp, or contact forms.
- Share promotional offers (you may opt out at any time).
To Ensure Security & Compliance
- Detect, prevent, and respond to fraudulent activity or unauthorized access.
- Maintain audit logs for account security and compliance purposes.
- Comply with applicable Indian laws, tax regulations, and legal obligations.
4 Sharing of Information
DineMitra does not sell, rent, or trade your personal information or business data to third parties for their marketing purposes. We may share your information only in the following limited circumstances:
- Service Providers: We engage trusted third-party vendors to help us operate the Platform — including cloud hosting providers, payment processors, email delivery services, and customer support tools. These vendors are contractually bound to process your data only as directed by us.
- Third-Party Integrations: If you connect DineMitra with external services (e.g., delivery platforms, accounting software, or GST filing tools), relevant data may be shared with those services. Such sharing is governed by the third party's own privacy policies.
- Legal Requirements: We may disclose information if required by applicable law, court order, government regulation, or to protect the rights, safety, or property of DineMitra, our users, or the public.
- Business Transfers: In the event of a merger, acquisition, or sale of DineMitra's business, your information may be transferred as part of the transaction. We will notify affected users prior to any such transfer becoming effective.
- With Your Consent: We may share your information for any other purpose with your explicit prior consent.
5 Customer & Restaurant Data
All business data you enter into DineMitra — including your menu, orders, billing records, inventory, and staff information ("Customer Content") — belongs to you. DineMitra acts as a data processor with respect to your Customer Content and processes it only to provide the services described in our Terms of Service.
We do not access your Customer Content for any purpose other than delivering and improving the Platform, providing technical support when requested, and complying with legal obligations. Your restaurant's transaction history, customer order records, and financial data are not shared with third parties except as described in this policy.
If your restaurant collects personal information about your own customers (such as names or contact details for delivery orders), you are responsible for ensuring that such collection complies with applicable data protection laws. DineMitra is not responsible for your restaurant's compliance obligations as a separate data controller.
6 Cookies & Tracking Technologies
DineMitra uses cookies and similar technologies (such as local storage and web beacons) on our website and web-based platform to enhance your experience and gather usage analytics. Cookies are small data files stored on your browser or device.
Essential Cookies
Required for the Platform to function correctly, including maintaining your login session and preserving your preferences.
Analytics Cookies
Help us understand how users interact with the Platform so we can improve performance and usability. We may use tools such as Google Analytics.
Functional Cookies
Remember your settings and preferences (e.g., language, outlet selection) to personalize your experience.
Marketing Cookies
Used on our public website to understand traffic sources and measure campaign effectiveness. These do not affect the POS platform itself.
You can control cookie preferences through your browser settings. Please note that disabling essential cookies may affect the functionality of the Platform.
7 Data Retention
We retain your information for as long as your account is active or as necessary to provide you with the Platform's services. Specifically:
- Account Data: Retained for the duration of your active subscription and for up to 90 days after account termination, after which it is deleted or anonymized unless longer retention is required by law.
- Business & Operational Data: Sales records, billing data, and GST reports may be retained for up to 7 years to comply with Indian tax and accounting regulations.
- Usage Logs: Technical and usage logs are typically retained for 12 months for security and diagnostic purposes.
- Communications: Support emails and chat records may be retained for up to 2 years for quality assurance and continuity of service.
Upon request prior to account deletion, we will provide you with an export of your Customer Content in a commonly used format. After the retention period expires, data is securely deleted or irreversibly anonymized.
8 Data Security
DineMitra implements industry-standard technical and organizational security measures to protect your information from unauthorized access, loss, alteration, or disclosure. These measures include:
- Encryption of data in transit using TLS (Transport Layer Security).
- Encrypted storage of sensitive credentials such as passwords.
- Access controls ensuring that only authorized DineMitra personnel can access production systems and customer data.
- Regular security audits and vulnerability assessments of our infrastructure.
- Monitoring systems to detect suspicious or unauthorized activity.
Despite these measures, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security of your data. In the event of a data breach that affects your information, we will notify you as required by applicable law.
You are also responsible for maintaining the security of your account credentials. Do not share your password with anyone, and notify us immediately at dinemitrainfo@gmail.com if you suspect any unauthorized access.
9 Your Rights & Choices
Depending on your location and applicable law, you may have the following rights with respect to your personal information:
Access
Request a copy of the personal information we hold about you.
Correction
Ask us to correct inaccurate or incomplete information about you.
Deletion
Request deletion of your personal information, subject to our legal retention obligations.
Portability
Request a machine-readable export of your Customer Content to transfer to another service.
Objection / Restriction
Object to or request that we limit certain processing of your data where you believe we lack a legitimate basis.
Marketing Opt-Out
Unsubscribe from promotional communications at any time by clicking "unsubscribe" in any marketing email or contacting us directly.
To exercise any of these rights, please contact us at dinemitrainfo@gmail.com. We will respond within 30 days of receiving your request. We may ask you to verify your identity before processing your request.
10 Children's Privacy
The DineMitra Platform is intended for use by restaurant owners, operators, and staff who are at least 18 years of age. We do not knowingly collect personal information from individuals under the age of 18. If we become aware that we have inadvertently collected personal information from a minor, we will promptly delete such information from our systems. If you believe we have collected information from a minor, please contact us immediately at dinemitrainfo@gmail.com.
11 Third-Party Links & Integrations
The DineMitra Platform and website may contain links to third-party websites, tools, or services — including payment gateways, delivery aggregators, GST portals, and social media platforms. These third-party services operate independently of DineMitra and have their own privacy policies. We are not responsible for the privacy practices or content of any third-party service.
We use HubSpot to manage contact form submissions and customer communications. Data submitted through our forms is processed by HubSpot in accordance with their own privacy policy. We encourage you to review the privacy policies of any third-party services you access through or alongside DineMitra.
12 Cross-Border Data Transfers
DineMitra is based in India and primarily stores and processes data within India. However, some of our third-party service providers — such as cloud infrastructure providers and analytics tools — may process data in other countries. When we transfer your data outside of India, we take reasonable steps to ensure that appropriate safeguards are in place and that the transfer complies with applicable data protection laws.
By using the DineMitra Platform, you acknowledge and consent to the transfer of your information to countries outside your country of residence, including countries that may have different data protection standards than your own jurisdiction.
13 Legal Basis for Processing
Where applicable data protection laws require us to have a legal basis for processing your personal information, we rely on the following grounds:
- Contractual Necessity: Processing is necessary to fulfil our obligations under our Terms of Service — for example, managing your subscription, processing transactions, and operating your restaurant's POS system.
- Legitimate Interests: Processing is necessary for our legitimate business interests, such as improving the Platform, ensuring security, and preventing fraud, provided those interests are not overridden by your rights.
- Legal Obligation: Processing is required to comply with applicable Indian laws, including tax and accounting regulations (e.g., GST record-keeping requirements).
- Consent: Where we rely on your consent — such as for marketing communications — you have the right to withdraw that consent at any time.
14 Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, the Platform, or applicable law. When we make material changes, we will update the "Last updated" date at the top of this page and notify you through in-app notices or email, where appropriate.
We encourage you to review this Privacy Policy periodically. Your continued use of the DineMitra Platform after the effective date of any changes constitutes your acknowledgment of the updated policy.
15 Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or the way DineMitra handles your personal information, please reach out to us. We are committed to addressing your concerns promptly and transparently.
Also see our Terms of Service for the full legal framework governing your use of DineMitra.
