Privacy Policy — AnnSetu Consumer App

Effective date: 3 July 2026 · Applies to the AnnSetu consumer mobile application ("the App") operated by AnnSetu ("we", "us"). Contact: help@annsetu.org

AnnSetu connects people who want to share surplus food or request meals with AnnSetu centers and delivery riders. This policy explains what personal data the App collects, why, who it is shared with, and the choices you have. We process personal data in accordance with the Digital Personal Data Protection Act, 2023 (India).

1. Data we collect

CategoryDetailsPurpose
Identity & contactName, mobile number (verified via SMS OTP), optional emailAccount creation, login, communication about your requests
Addresses & locationSaved addresses, landmark, pincode; precise device location (GPS) when you choose it for a pickup or delivery; location accuracyMatching you to a serving center, routing the rider to you, serviceability checks
Request detailsMeal counts, meal type, notes, recipient name/phone (if you order for someone else), food photos you uploadFulfilling pickup and meal requests; quality and safety review
Payment dataPayment and order identifiers, amount, plan, payment status. Card/UPI details are collected and processed by Razorpay; we never see or store themProcessing Hunger Hero+ memberships and other payments
Device & usagePush notification token, app version, ad banner impressionsOrder status notifications, showing and measuring sponsored banners
Rewards & impactReward points, redemptions, meals shared/received historyOperating the rewards program and your impact summary

2. How your data is shared

3. Rider location shown to you

While your request is active you can see the assigned rider's live location and ETA. This is provided for delivery transparency and stops when the request completes.

4. Data retention

We keep your account data while your account is active. Request, payment, and reward records are retained as needed for operations, audit, and legal obligations (payment records per applicable financial regulations). OTP challenges are short-lived and automatically expire.

5. Security

Data is encrypted in transit. Database access follows a deny-by-default rule set: your data is readable only by your authenticated account, and all sensitive writes (payments, rewards, request status) happen on our servers, not from devices. Photos you upload are private to your account and our operations team.

6. Your rights and choices

7. Children

The App is intended for users 18 years and older. We do not knowingly collect data from children.

8. Changes to this policy

We will post updates on this page and update the effective date. Material changes will be notified in the App.