How Ducemus Technologies Private Limited (“Waitr”) collects, uses and protects information across the Waitr platform.
This Privacy Notice and Privacy Policy (“Privacy Policy”) describes how Ducemus Technologies Private Limited (“WAITR”, “Company”, “we”, “us”, or “our”) collects, receives, stores, processes, uses, transfers, discloses, retains, and protects information obtained through the WAITR platform, including but not limited to websites, mobile applications, web applications, APIs, loyalty programs, customer engagement systems, merchant onboarding systems, payment integrations, software products, communications channels, and related services (collectively, the “Platform”).
WAITR is a technology platform designed to enable restaurants and food-service businesses to manage digital ordering, customer engagement, loyalty programs, offers, rewards, payments, reviews, analytics, customer retention initiatives, and related operational functions.
This Privacy Policy applies to:
By accessing, registering for, using, or otherwise interacting with the Platform, you acknowledge that you have read, understood, and accepted this Privacy Policy.
For the purpose of this Privacy Policy:
WAITR may collect information directly from users, indirectly from merchants, automatically through technology systems, and through third-party integrations.
WAITR operates a shared ecosystem model.
Restaurants retain ownership of their direct customer relationships and transaction records generated through their establishments.
However, customers who participate in WAITR-powered loyalty programs, rewards systems, customer engagement programs, offer campaigns, review systems, or network-wide promotional initiatives acknowledge that WAITR may process and utilize such information to provide platform-wide services.
WAITR may create and maintain customer profiles for the purpose of:
WAITR shall not sell merchant-specific customer databases to competing merchants.
WAITR processes information for legitimate business purposes including:
WAITR may operate one or more loyalty programs on behalf of participating merchants and the WAITR ecosystem.
Customers may earn, accumulate, redeem, transfer, lose, or otherwise interact with loyalty points, rewards, offers, promotional credits, cashback incentives, vouchers, coupons, memberships, badges, rankings, and engagement benefits.
WAITR reserves the right to:
Unless expressly stated otherwise, loyalty points do not constitute legal tender, stored value, securities, or cash equivalents.
WAITR may permit customers to submit reviews, ratings, photographs, feedback, comments, and recommendations.
By submitting such content, users grant WAITR a non-exclusive, worldwide, royalty-free right to use, reproduce, display, distribute, analyze, publish, and promote such content in connection with the operation of the Platform.
WAITR reserves the right to remove content that:
WAITR may integrate with authorized payment service providers and payment gateways. Payment transactions may be processed through third-party providers.
WAITR does not intentionally store CVV numbers, card PINs, One-Time Passwords (OTP), or full payment card details.
Settlement and payment-related information may be shared with authorized payment providers solely for the purpose of transaction processing, settlement, reconciliation, compliance, fraud prevention, and regulatory reporting.
Subject to applicable law and user consent, WAITR may send loyalty updates, rewards notifications, promotional offers, restaurant recommendations, platform announcements, event invitations, and product updates.
Communications may be sent through email, SMS, WhatsApp, push notifications, and in-app messaging. Users may opt out of promotional communications at any time.
WAITR uses cookies, software development kits (SDKs), pixels, tags, web beacons, session technologies, device identifiers, and similar technologies to improve the functionality, security, performance, and usability of the Platform.
These technologies may be used for user authentication, session management, security monitoring, fraud detection, performance optimization, personalized experiences, marketing attribution, analytics and reporting, customer journey analysis, and platform improvements.
Users may modify browser settings to reject cookies; however, certain features of the Platform may not function properly as a result.
WAITR may use automated systems, analytics tools, machine learning technologies, and artificial intelligence capabilities to personalize offers, recommend restaurants and menu items, optimize customer engagement, improve loyalty programs, detect fraudulent activities, improve customer support, and enhance platform performance.
WAITR may create aggregated, anonymized, pseudonymized, or statistical datasets for business intelligence and product development purposes. Such datasets shall not be used to directly identify individual users.
WAITR may engage third-party service providers to support business operations and service delivery. These providers may include payment gateways, POS providers, cloud hosting providers, analytics platforms, communication providers, SMS providers, WhatsApp Business providers, email service providers, customer support providers, fraud prevention providers, and security service providers.
Third-party providers shall only receive information necessary to perform their designated functions. WAITR takes commercially reasonable steps to ensure that such providers maintain appropriate security and confidentiality obligations.
WAITR may integrate with third-party restaurant management systems and POS platforms, including but not limited to Petpooja, billing systems, kitchen management systems, inventory systems, restaurant CRM systems, and delivery management systems.
Information exchanged through such integrations may include orders, menu information, inventory information, customer information, loyalty information, and transaction records.
WAITR shall not be responsible for privacy practices implemented independently by such third-party systems. Users and merchants are encouraged to review the privacy policies of integrated providers.
WAITR may disclose information under the following circumstances:
To facilitate the provision of services requested by users.
To enable merchants to manage orders, customers, rewards, offers, and related operations.
To comply with applicable laws, court orders, government directives, regulatory requests, and tax obligations.
To investigate and prevent fraud, unauthorized activity, security incidents, and financial abuse.
In connection with mergers, acquisitions, investments, asset sales, and corporate restructuring.
To auditors, lawyers, accountants, consultants, and advisors engaged by WAITR.
WAITR does not sell personal information to third parties.
By participating in WAITR-powered loyalty programs, reward systems, promotions, and customer engagement programs, users acknowledge and agree that WAITR may provide platform-wide loyalty experiences, offer network-wide promotions, recommend participating restaurants, send personalized offers, deliver customer engagement campaigns, and administer platform-wide rewards.
Such activities shall be conducted in accordance with applicable laws and user preferences. WAITR shall take reasonable measures to ensure that confidential merchant business information is protected.
WAITR maintains administrative, technical, organizational, and physical safeguards designed to protect information from unauthorized access, disclosure, alteration, misuse, destruction, or loss. Security measures may include access controls, role-based permissions, encryption technologies, audit logging, vulnerability monitoring, secure development practices, vendor assessments, network security controls, and incident response procedures.
Despite our efforts, no method of electronic transmission or storage can guarantee absolute security. Users acknowledge that internet-based services inherently involve security risks.
WAITR retains information only for as long as reasonably necessary to provide services, fulfill contractual obligations, comply with legal requirements, resolve disputes, enforce agreements, prevent fraud, and conduct audits.
Retention periods may vary depending on the category of information involved. Upon expiration of retention requirements, information may be deleted, destroyed, anonymized, or archived where legally required.
Subject to applicable law, users may have the right to:
WAITR may require identity verification before fulfilling such requests.
Users who have concerns regarding privacy, security, personal information, or platform practices may contact our Grievance Officer:
WAITR shall endeavor to respond to grievances within a reasonable period of time.
WAITR primarily operates within India. However, in order to provide efficient, secure, and scalable services, certain information may be processed, stored, backed up, transmitted, or accessed through infrastructure, vendors, or service providers located outside India. Such service providers may include cloud hosting providers, analytics providers, communication providers, security service providers, customer support providers, and business intelligence providers.
Where cross-border transfers occur, WAITR shall take commercially reasonable measures to ensure that such transfers are conducted in accordance with applicable laws and that appropriate safeguards are maintained to protect information. By using the Platform, users acknowledge and consent to such transfers where necessary for service delivery.
WAITR services are intended for individuals who are eighteen (18) years of age or older. WAITR does not knowingly collect personal information from children.
If WAITR becomes aware that information has been collected from a minor without appropriate authorization, reasonable efforts shall be undertaken to delete such information. Parents or guardians who believe a child has submitted information to WAITR may contact the Grievance Officer.
WAITR reserves the right to transfer, assign, disclose, or otherwise make available information in connection with mergers, acquisitions, investments, joint ventures, corporate restructuring, reorganization, insolvency proceedings, asset transfers, and business sales.
In such situations, information may be transferred as part of the business assets involved in the transaction. Any successor entity shall continue to protect such information in accordance with applicable laws.
WAITR may access, preserve, review, monitor, and disclose information where reasonably necessary to comply with legal obligations, respond to lawful government requests, cooperate with regulatory authorities, investigate fraud, investigate abuse of the Platform, protect WAITR's rights, protect merchant interests, protect customer interests, prevent financial crimes, and prevent cybersecurity incidents.
WAITR may disclose information where disclosure is reasonably necessary to protect life, property, safety, or public interest.
Reviews, feedback, feature suggestions, recommendations, survey responses, ratings, and other submissions provided to WAITR may be used by WAITR for product development, platform improvement, service enhancement, marketing purposes, analytics, and business operations.
Users acknowledge that WAITR may use such submissions without additional compensation unless otherwise agreed. Users retain ownership of content originally created by them, subject to licenses granted to WAITR under this Privacy Policy and associated Terms of Service.
WAITR maintains internal procedures for identifying, investigating, managing, and responding to security incidents. In the event of a data security incident that materially impacts personal information, WAITR may investigate the incident, take containment measures, notify affected parties where legally required, notify regulators where legally required, implement corrective actions, and conduct remediation activities.
The timing and nature of notifications shall be determined in accordance with applicable laws and the circumstances of the incident.
While WAITR implements reasonable safeguards to protect information, users acknowledge that no electronic system can be completely secure, internet transmissions involve inherent risks, and third-party providers may experience failures beyond WAITR's control.
To the maximum extent permitted by applicable law, WAITR shall not be liable for indirect, incidental, consequential, punitive, or special damages arising from unauthorized access, security incidents, technical failures, or circumstances beyond its reasonable control. Nothing in this Privacy Policy shall limit rights that cannot be legally excluded under applicable law.
WAITR is committed to complying with applicable Indian privacy and data protection laws, including the Digital Personal Data Protection Act, 2023 (“DPDP Act”), as amended from time to time.
WAITR shall process personal data for lawful purposes; based on consent or other lawful grounds; in a fair and transparent manner; with reasonable safeguards; and for specified and legitimate purposes. Users may exercise rights available under applicable law by contacting WAITR through the channels specified in this Privacy Policy.
WAITR may create anonymized, aggregated, statistical, or de-identified datasets derived from information collected through the Platform. Such datasets may be used for industry benchmarking, product development, business intelligence, market analysis, investor reporting, service optimization, and operational improvements. Such datasets shall not be intended to directly identify individual users.
WAITR reserves the right to modify, amend, update, replace, or revise this Privacy Policy at any time. Updated versions may be published through the WAITR website, mobile applications, merchant dashboards, customer portals, and email communications.
Continued use of the Platform after publication of changes shall constitute acceptance of the revised Privacy Policy. Users are encouraged to periodically review this Privacy Policy.
This Privacy Policy shall be governed by and interpreted in accordance with the laws of India. Any disputes, claims, proceedings, or controversies arising out of or relating to this Privacy Policy shall be subject to the exclusive jurisdiction of the competent courts located in Puducherry, India.
Nothing contained herein shall prevent WAITR from seeking equitable or injunctive relief in any jurisdiction where necessary to protect its rights or interests.
For any questions, requests, concerns, complaints, or privacy-related inquiries, please contact:
In accordance with applicable laws, the designated Grievance Officer for WAITR is:
Users may contact the Grievance Officer regarding privacy concerns, requests, complaints, access requests, correction requests, consent withdrawal requests, or other data protection matters.