# Privacy Policy for SocietyChef
**Last Updated**: November 27, 2025
**Effective Date**: November 27, 2025
**Digital Personal Data Protection Act, 2023 Compliant**
---
## Introduction
Welcome to SocietyChefâ„¢ ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information in compliance with the Digital Personal Data Protection Act, 2023 (DPDP Act). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application (the "App").
By using SocietyChefâ„¢, you agree to the collection and use of information in accordance with this Privacy Policy and DPDP Act compliance terms. If you do not agree with this policy, please do not use our App.
**Developer Information**:
- **App Name**: SocietyChefâ„¢
- **Developer**: Mahendra Kumar
- **FSSAI License No.**: In Process
- **PAN**: CZBPS8471F
- **Contact Email**: founderoffice@societychef.com
- **Address**: Avalon Park, Prestige City, Sarjapur, Bangalore, 562125
- **Country**: India
---
## 1. Information We Collect
### 1.1 Personal Information You Provide
When you register and use our App, we collect the following information:
#### Account Information:
- **Name** (first name, last name)
- **Email address**
- **Phone number**
- **Profile picture** (optional)
- **Password** (encrypted and securely stored)
- **Gender** (optional)
#### Location Information:
- **Society/Residential address**
- **City**
- **PIN code**
- **Delivery address**
- **Approximate location** (latitude/longitude when you use location services)
#### Residency Verification Documents:
- **Government-issued ID** (Aadhaar card, passport, driving license, etc.)
- **Document images** uploaded for verification
- **Document type and number** (for verification purposes only)
#### Payment Information:
- **Order history**
- **Transaction details**
- **Payment method preference**
**Note**: We do NOT store your credit card, debit card, or UPI details. All payment processing is handled securely by our payment partner, Razorpay.
#### Cook-Specific Information (if you register as a cook):
- **Bank account details** (for payouts)
- **IFSC code**
- **PAN card number** (for tax compliance and platform verification)
- **Food Safety License** (if applicable)
- **Menu items and pricing**
- **Business hours**
- **Kitchen images** (optional)
#### Usage Information:
- **Order history**
- **Favorite meals and cooks**
- **Ratings and reviews**
- **Chat messages** (between users and cooks)
- **Support ticket conversations**
- **App preferences and settings**
### 1.2 Information We Collect Automatically
#### Device Information:
- **Device type** (phone/tablet)
- **Operating system** (Android version)
- **Device identifier** (Android ID)
- **IP address**
- **Mobile network information**
- **Screen resolution**
#### App Usage Data:
- **App features used**
- **Pages/screens viewed**
- **Time spent on app**
- **Crash reports and error logs**
- **Performance data**
- **Search queries**
- **Tap/click behavior**
#### Location Data:
- **GPS coordinates** (when you enable location services)
- **Wi-Fi access points**
- **Cell tower information**
- **Approximate location based on IP address**
We collect location data to:
- Show you nearby cooks and meals
- Enable delivery to your address
- Verify your society membership
- Improve local recommendations
### 1.3 Information from Third-Party Services
#### Google Sign-In:
- Email address
- Name
- Profile picture
- Google account ID
#### Phone Authentication:
- Phone number
- SMS verification code
- Firebase Authentication UID
#### Social Media (if you choose to share):
- Public profile information
- Friends list (for referrals)
---
## 2. How We Use Your Information
We use your information for the following purposes:
### 2.1 Core App Functionality
- **Account Creation and Management**: Create and manage your user account
- **Authentication**: Verify your identity when you log in
- **Order Processing**: Process food orders and payments
- **Delivery**: Coordinate delivery of meals to your address
- **Communication**: Send order updates, notifications, and support messages
- **Residency Verification**: Verify that you live in the society you claim
### 2.2 Service Improvement
- **Personalization**: Recommend meals based on your preferences and history
- **Analytics**: Understand how users interact with the app
- **Performance Monitoring**: Identify and fix bugs and crashes
- **Feature Development**: Develop new features based on usage patterns
- **Quality Assurance**: Ensure the app works properly across devices
### 2.3 Safety and Security
- **Fraud Prevention**: Detect and prevent fraudulent activities
- **Security Monitoring**: Protect against unauthorized access
- **Community Safety**: Verify cook credentials and residency
- **Dispute Resolution**: Resolve issues between users and cooks
- **Legal Compliance**: Comply with legal obligations
### 2.4 Marketing and Communication (Optional)
- **Promotional Offers**: Send you special offers and discounts
- **Product Updates**: Notify you about new features
- **Newsletters**: Share recipes, tips, and community stories
- **Surveys**: Collect feedback to improve our service
**You can opt-out of marketing communications at any time** through app settings or by clicking "Unsubscribe" in emails.
### 2.5 Payment Processing
- **Transaction Processing**: Process payments through Razorpay
- **Refunds**: Handle refund requests
- **Financial Records**: Maintain transaction history for cooks and users
- **Tax Compliance**: Generate invoices and tax documents
### 2.6 Customer Support
- **Support Requests**: Respond to your inquiries and issues
- **Complaint Resolution**: Address and resolve complaints
- **Service Quality**: Monitor and improve support quality
---
## 3. How We Share Your Information
We do NOT sell your personal information to third parties. We share your information only in the following circumstances:
### 3.1 With Other Users (Limited Sharing)
**When you place an order**, we share with the cook:
- Your name
- Delivery address
- Phone number (for delivery coordination)
- Order details
**When you are a cook**, we share with customers:
- Your cook name/business name
- Profile picture
- Ratings and reviews
- Menu items
- Society/delivery area
We do NOT share your government ID, full address, or payment details publicly.
### 3.2 Service Providers
We share information with trusted third-party service providers who help us operate the app:
#### Firebase (Google LLC)
- **Purpose**: Authentication, database, cloud storage, analytics, crash reporting
- **Data Shared**: Email, phone, user ID, app usage data, device info
- **Privacy Policy**: https://firebase.google.com/support/privacy
#### Razorpay
- **Purpose**: Payment processing
- **Data Shared**: Order amount, transaction details, email, phone
- **Privacy Policy**: https://razorpay.com/privacy/
#### Google Sign-In
- **Purpose**: User authentication
- **Data Shared**: Email, name, profile picture, Google account ID
- **Privacy Policy**: https://policies.google.com/privacy
#### Google Maps API
- **Purpose**: Location services, society search, delivery tracking
- **Data Shared**: Location data, search queries
- **Privacy Policy**: https://policies.google.com/privacy
#### SMS Gateway (for OTP)
- **Purpose**: Phone number verification
- **Data Shared**: Phone number, verification code
- **Retention**: Codes expire after 5 minutes
### 3.3 Legal Requirements
We may disclose your information if required by law or in response to:
- Court orders or legal processes
- Government or regulatory requests
- Protection of our rights and property
- Investigation of fraud or policy violations
- Emergency situations involving safety
### 3.4 Business Transfers
If SocietyChef is involved in a merger, acquisition, or asset sale, your information may be transferred. We will provide notice before your information is transferred and becomes subject to a different privacy policy.
### 3.5 With Your Consent
We may share your information for other purposes with your explicit consent.
---
## 4. Data Security
We implement industry-standard security measures to protect your information:
### 4.1 Technical Measures
- **Encryption in Transit**: All data transmitted between your device and our servers uses HTTPS/TLS encryption
- **Encryption at Rest**: Data stored in Firebase is encrypted at rest
- **Secure Authentication**: Firebase Authentication with bcrypt password hashing
- **API Security**: API keys and tokens are securely stored and rotated regularly
- **Access Controls**: Role-based access control for admins and staff
### 4.2 Organizational Measures
- **Employee Training**: Staff trained on data protection practices
- **Access Limitation**: Only authorized personnel can access user data
- **Regular Audits**: Security audits and penetration testing
- **Incident Response**: Procedures for data breach notification and response
### 4.3 Payment Security
- **PCI DSS Compliance**: Razorpay is PCI DSS Level 1 certified
- **No Card Storage**: We never store credit/debit card details
- **Tokenization**: Payment tokens used instead of card numbers
### 4.4 Your Responsibilities
- Keep your password confidential
- Log out after using shared devices
- Report suspicious activity immediately
- Keep your app updated
**Important**: While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.
---
## 5. Data Retention
We retain your information for as long as necessary to provide our services and comply with legal obligations:
### 5.1 Account Information
- **Active Accounts**: Retained while your account is active
- **Inactive Accounts**: Deleted after 3 years of inactivity (with prior notice)
- **Deleted Accounts**: Personal data deleted within 30 days of account deletion request
### 5.2 Transaction Records
- **Order History**: Retained for 7 years (for tax and legal compliance)
- **Payment Records**: Retained for 7 years (for financial auditing)
- **Invoices**: Retained for 7 years (as per Indian tax law)
### 5.3 Verification Documents
- **Residency Proofs**: Retained while account is active + 1 year after closure
- **Deleted**: Upon account deletion or user request (unless legally required)
### 5.4 Communications
- **Support Tickets**: Retained for 2 years
- **Chat Messages**: Retained for 1 year
- **Marketing Emails**: Retained until you opt-out
### 5.5 Analytics and Logs
- **App Usage Data**: Aggregated and anonymized after 90 days
- **Crash Reports**: Retained for 90 days
- **Error Logs**: Retained for 30 days
### 5.6 Backups
- **Backup Retention**: 30 days
- **Backup Deletion**: Data in backups is deleted according to retention schedule
---
## 6. Your Rights and Choices
You have the following rights regarding your personal information:
### 6.1 Access and Portability
- **View Your Data**: Access your profile, order history, and settings in the app
- **Download Your Data**: Request a copy of your data in a portable format (email support@societychef.com)
### 6.2 Correction and Update
- **Edit Profile**: Update your name, email, phone, address through app settings
- **Correct Errors**: Request correction of inaccurate information
### 6.3 Deletion
- **Delete Account**: Request account deletion through app settings or email
- **Right to Be Forgotten**: We will delete your data within 30 days (except data required for legal compliance)
**Note**: Deleting your account will:
- Remove your profile and personal information
- Cancel active orders (with refund if applicable)
- Delete your meal history and preferences
- Remove you from our mailing list
### 6.4 Marketing Communications
- **Opt-Out**: Unsubscribe from marketing emails via "Unsubscribe" link
- **Push Notifications**: Disable in app settings or device settings
- **SMS**: Reply STOP to opt-out (transactional SMS will continue)
### 6.5 Location Services
- **Disable Location**: Turn off location services in device settings
- **Impact**: You won't be able to browse nearby cooks or place orders without manual address entry
### 6.6 Cookies and Tracking
- **Clear Cache**: Clear app cache in settings
- **Analytics Opt-Out**: Disable analytics in app settings (where available)
### 6.7 Data Portability
- **Export Data**: Request your data in JSON or CSV format
- **Transfer**: Use exported data with other services
### 6.8 Complaints
- **Contact Us**: Email privacy@societychef.com
- **Regulatory Authority**: File a complaint with the Data Protection Authority in your jurisdiction
---
## 7. Children's Privacy
SocietyChef is designed for general audiences. While we do not specifically restrict usage by age, we encourage parental guidance for younger users.
- Parents and guardians are encouraged to supervise their children's use of the app
- If you believe information has been collected inappropriately, contact us
---
## 8. International Data Transfers
### 8.1 Data Storage
- **Primary Storage**: India (Firebase Asia-South1 region)
- **Backup Storage**: Multi-region Google Cloud Storage
- **Processing**: Data may be processed in countries where our service providers operate
### 8.2 International Users
If you access our app from outside India:
- Your data may be transferred to and stored in India
- India may have different data protection laws
- By using our app, you consent to this transfer
### 8.3 Data Protection Standards
We ensure that any international transfers comply with applicable data protection laws through:
- Standard contractual clauses
- Adequacy decisions
- Privacy Shield (where applicable)
---
## 9. Third-Party Links and Services
Our app may contain links to third-party websites and services:
- **Social Media**: Links to Facebook, Instagram, Twitter
- **Payment Gateways**: Razorpay payment pages
- **External Content**: Recipe blogs, food articles
**Disclaimer**: We are not responsible for the privacy practices of third-party sites. Please review their privacy policies before providing any information.
---
## 10. Cookies and Tracking Technologies
### 10.1 What We Use
- **Session Cookies**: Keep you logged in during your session
- **Preference Cookies**: Remember your app settings
- **Analytics Cookies**: Understand app usage (Google Analytics for Firebase)
- **Performance Cookies**: Monitor app performance and crashes
### 10.2 Third-Party Cookies
- **Firebase Analytics**: Tracks app usage and user behavior
- **Crashlytics**: Monitors app crashes and errors
- **Google Sign-In**: Manages authentication state
### 10.3 Your Choices
- Clear app data in device settings
- Opt-out of analytics (settings may vary by platform)
- Use incognito/private mode (limited functionality)
---
## 11. California Privacy Rights (CCPA)
If you are a California resident, you have additional rights:
### 11.1 Right to Know
- Categories of personal information collected
- Sources of information
- Business purpose for collecting information
- Categories of third parties with whom we share information
### 11.2 Right to Delete
- Request deletion of personal information
- Exceptions: Legal compliance, fraud prevention, security
### 11.3 Right to Opt-Out
- Opt-out of sale of personal information
- **We do NOT sell personal information**
### 11.4 Non-Discrimination
- We will not discriminate against you for exercising your rights
### 11.5 How to Exercise Rights
- Email: privacy@societychef.com
- Subject: "California Privacy Rights Request"
- Include: Your name, email, phone number registered with us
**Response Time**: Within 45 days of verified request
---
## 12. European Union (GDPR) Rights
If you are in the EU, you have rights under the General Data Protection Regulation (GDPR):
### 12.1 Lawful Basis for Processing
- **Consent**: You agreed to our terms and privacy policy
- **Contract**: Processing necessary to provide our services
- **Legal Obligation**: Compliance with tax and financial regulations
- **Legitimate Interest**: Fraud prevention, service improvement
### 12.2 Your Rights
- **Right to Access**: Obtain a copy of your data
- **Right to Rectification**: Correct inaccurate data
- **Right to Erasure**: Request deletion ("right to be forgotten")
- **Right to Restrict Processing**: Limit how we use your data
- **Right to Data Portability**: Transfer your data to another service
- **Right to Object**: Object to processing for direct marketing
- **Right to Withdraw Consent**: Withdraw consent at any time
### 12.3 Data Protection Officer
- Email: dpo@societychef.com
- **Supervisory Authority**: You can file a complaint with your local data protection authority
---
## 13. Indian Data Protection Laws
We comply with applicable Indian laws, including:
### 13.1 Information Technology Act, 2000
- Reasonable security practices implemented
- Data breach notification procedures in place
### 13.2 Payment Regulations (RBI)
- Compliance with RBI guidelines for payment data storage
- Use of RBI-compliant payment gateways (Razorpay)
### 13.3 Consumer Protection Act, 2019
- Fair and transparent data practices
- Grievance redressal mechanisms
---
## 14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Changes will be effective upon posting.
### 14.1 Notification of Changes
- **In-App Notification**: Alert when you open the app
- **Email Notification**: For material changes (if you opted in)
- **Version History**: Available at the bottom of this policy
### 14.2 Your Acceptance
- Continued use of the app after changes constitutes acceptance
- If you don't agree, please stop using the app and delete your account
### 14.3 Material Changes
For significant changes affecting your rights:
- We will provide 30 days notice
- You will be required to accept the new policy to continue using the app
---
## 15. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices:
### 15.1 General Inquiries
- **Email**: support@societychef.com
- **Phone**: +91-9190314732
- **Address**: H NO 50 Premier Orchard Colony, Bhanpur, Huzur, Bhopal, Madhya Pradesh - 462037
- **Response Time**: Within 48 hours
### 15.2 Privacy-Specific Inquiries
- **Email**: privacy@societychef.com
- **Subject**: "Privacy Policy Inquiry"
### 15.3 Data Protection Officer
- **Email**: dpo@societychef.com
- **For**: GDPR-related requests, data protection concerns
### 15.4 Legal Notices
- **Email**: legal@societychef.com
- **Address**: SocietyChef, Avalon Park, Prestige City, Sarjapur, Bangalore, 562125
---
## 16. DIGITAL PERSONAL DATA PROTECTION ACT, 2023 COMPLIANCE
### 16.1 Legal Basis for Processing
We process your personal data under the following lawful grounds as per DPDP Act, 2023:
1. **Consent**: You have given clear consent for us to process your personal data for specific purposes
2. **Performance of Contract**: Processing is necessary to fulfill our services to you
3. **Legal Obligation**: Processing is required to comply with Indian laws (tax, FSSAI, etc.)
4. **Legitimate Interest**: Processing is necessary for our legitimate business interests while respecting your rights
### 16.2 Your Rights Under DPDP Act, 2023
As a Data Principal, you have the following rights:
#### Right to Access:
- Request confirmation of what personal data we hold about you
- Obtain a copy of your personal data in accessible format
- Understand how your data is being processed
#### Right to Correction:
- Request correction of inaccurate personal data
- Request completion of incomplete data
- Update your information anytime through app settings
#### Right to Erasure (Right to be Forgotten):
- Request deletion of your personal data when:
- Data is no longer necessary for the purpose
- You withdraw consent and no other legal basis exists
- Data is processed unlawfully
- You object to processing and no overriding legitimate grounds exist
- **Limitations**: We may retain data if required by law or for legal claims
#### Right to Data Portability:
- Receive your personal data in structured, machine-readable format (JSON/CSV)
- Transfer your data to another service provider
- Available for data processed based on consent or contract
#### Right to Withdraw Consent:
- Withdraw consent at any time for consent-based processing
- Withdrawal does not affect lawfulness of prior processing
- May affect your ability to use certain app features
#### Right to Grievance Redressal:
- Lodge complaints about data processing
- Contact our Data Protection Officer
- Approach Data Protection Board of India if unsatisfied
#### Right to Nominate:
- Nominate another individual to exercise your rights in case of death or incapacity
- Nomination can be made through app settings or written request
### 16.3 How to Exercise Your Rights
**In-App**: Settings → Privacy → Data Rights
**Email**: dpo@societychef.com (Data Protection Officer)
**Written Request**:
Data Protection Officer
SocietyChef
Avalon Park, Prestige City
Sarjapur, Bangalore - 562125
**Response Timeline**: We will respond to your request within **30 days** of receipt.
### 16.4 Data Protection Officer (DPO)
**Name**: [To be appointed]
**Email**: dpo@societychef.com
**Phone**: [To be added]
**Responsibilities**:
- Monitor DPDP Act compliance
- Handle data subject requests
- Conduct privacy impact assessments
- Coordinate with Data Protection Board
- Manage data breach notifications
### 16.5 Data Processing Principles
We adhere to the following principles:
1. **Lawfulness, Fairness, Transparency**: Process data lawfully and inform you clearly
2. **Purpose Limitation**: Collect data only for specified, legitimate purposes
3. **Data Minimization**: Collect only necessary data
4. **Accuracy**: Maintain accurate and up-to-date data
5. **Storage Limitation**: Retain data only as long as necessary
6. **Integrity and Confidentiality**: Implement appropriate security measures
7. **Accountability**: Demonstrate compliance with DPDP Act
### 16.6 Children's Data Protection
**Age Restriction**: SocietyChef is intended for users 18 years and above.
**Data Protection**: We maintain appropriate security measures to protect all user data and comply with applicable privacy laws.
### 16.7 Cross-Border Data Transfer
Your data is primarily stored in India. If transferred abroad:
- Only to countries approved by Indian government
- With adequate data protection safeguards
- With your explicit consent
- For limited purposes (payment processing, cloud services)
**Current International Transfers**:
- Firebase (Google Cloud, USA) - Approved adequacy standard
- Payment Gateways (India-based servers)
### 16.8 Automated Decision Making
We use automated processing for:
- Meal recommendations based on preferences
- Fraud detection for suspicious transactions
- Content moderation for inappropriate images
**Your Rights**:
- Request human review of automated decisions
- Contest decisions affecting your rights
- Receive explanation of decision-making logic
### 16.9 Data Retention Schedule
| Data Type | Retention Period | Legal Basis |
|-----------|------------------|-------------|
| Account information | Until account deletion + 1 year | Contract |
| Order history | 7 years | Tax law (Section 138 IT Act) |
| Payment records | 7 years | Financial regulations |
| Chat messages | 2 years | Dispute resolution |
| Verification documents | 5 years after verification | KYC compliance |
| Analytics data | 3 years | Business intelligence |
| Cookies | 1 year | Consent |
| Crash logs | 90 days | Technical support |
**Post-Retention**: Data is securely deleted using industry-standard erasure methods.
### 16.10 Significant Data Fiduciaries
If SocietyChef processes data of more than threshold users (as notified by Government), we will:
- Appoint Data Protection Officer
- Conduct Data Protection Impact Assessments (DPIA)
- Implement additional security measures
- Undergo periodic data audits
- Submit compliance reports to Data Protection Board
---
## 17. DATA BREACH NOTIFICATION
### 17.1 What Constitutes a Data Breach
A data breach includes:
- Unauthorized access to your personal data
- Accidental or unlawful destruction of data
- Loss, alteration, or disclosure of data
- Theft of user databases or credentials
- Ransomware or cyberattacks affecting data
- Insider threats or employee misconduct
### 17.2 Our Data Breach Response Plan
**Within 72 Hours of Discovery**, we will:
#### Step 1: Containment (0-24 hours)
- Identify and isolate affected systems
- Stop the breach from spreading
- Secure backup data
- Preserve evidence for investigation
#### Step 2: Assessment (24-48 hours)
- Determine scope: What data was affected?
- Identify affected users
- Assess severity and risk level
- Classify breach type and impact
#### Step 3: Notification (48-72 hours)
- **Data Protection Board**: Notify within 72 hours via official portal
- **Affected Users**: Notify by email, SMS, and in-app notification
- **Law Enforcement**: Report if criminal activity suspected
- **Media/Public**: Issue statement for high-risk breaches affecting >10,000 users
#### Step 4: Remediation (Ongoing)
- Fix security vulnerabilities
- Reset compromised passwords
- Provide credit monitoring (if financial data affected)
- Offer identity theft protection
- Implement enhanced security measures
### 17.3 What We Will Tell You
Breach notification will include:
1. **Nature of Breach**: What happened and how?
2. **Data Affected**: What information was compromised?
3. **Date and Time**: When did breach occur and when discovered?
4. **Number Affected**: How many users impacted?
5. **Consequences**: Potential risks to you
6. **Actions Taken**: How we responded and secured systems
7. **Your Actions**: Steps you should take (password reset, monitor accounts)
8. **Contact Information**: DPO email and helpline number
9. **Compensation**: If applicable, how to claim
### 17.4 Notification Methods
**Primary**: Email to registered email address
**Secondary**: SMS to registered mobile number
**Tertiary**: In-app notification banner
**Public**: Website notice (for large-scale breaches)
**Media**: Press release (for breaches affecting >50,000 users)
### 17.5 Your Actions After Breach Notification
**Immediate Actions**:
1. ✅ Change your SocietyChef password immediately
2. ✅ Change passwords on other sites if you reused the same password
3. ✅ Enable two-factor authentication on your account
4. ✅ Monitor bank statements and credit card transactions
5. ✅ Watch for phishing emails pretending to be from SocietyChef
6. ✅ Contact your bank if payment information was compromised
**Ongoing Monitoring**:
- Check credit report for unusual activity
- Set up fraud alerts with credit bureaus
- Monitor your email for suspicious activity
- Be cautious of identity theft attempts
### 17.6 Compensation and Remedies
For breaches caused by our negligence:
- **Free credit monitoring**: 1 year for financial data breaches
- **Identity theft insurance**: Up to ₹1 lakh coverage
- **Legal support**: Assistance with identity theft cases
- **Monetary compensation**: As determined by Data Protection Board or courts
**Exclusions**: No compensation if breach caused by:
- User's own negligence (sharing passwords, phishing)
- Force majeure events
- Third-party actions beyond our control
### 17.7 Breach Prevention Measures
We implement:
- **Encryption**: AES-256 for data at rest, TLS 1.3 for data in transit
- **Access Controls**: Role-based access, least privilege principle
- **Monitoring**: 24/7 security monitoring and intrusion detection
- **Audits**: Regular security audits and penetration testing
- **Training**: Employee data security awareness programs
- **Incident Response Team**: Dedicated team for breach response
- **Backup**: Daily encrypted backups with off-site storage
### 17.8 Reporting Suspicious Activity
If you suspect unauthorized access to your account:
**Immediate Contact**:
📧 Email: security@societychef.com
📞 Phone: [Security Hotline - 24/7]
🔒 In-App: Settings → Security → Report Breach
**Provide**:
- Account details (email/phone)
- Date/time of suspicious activity
- Description of what you noticed
- Any suspicious emails or messages received
---
## 18. Platform Liability and User Agreement
### 16.1 Platform Role and Limitation of Liability
**SocietyChef acts solely as a technology platform and facilitator** that connects home cooks ("Cooks") with customers ("Foodies") within residential societies. **WE DO NOT PREPARE, HANDLE, OR DELIVER FOOD.**
### 16.2 Food Quality and Safety Disclaimer
**IMPORTANT NOTICE**:
1. **No Liability for Food Quality**: SocietyChef, its directors, employees, agents, and affiliates **ARE NOT LIABLE** for:
- Food quality, taste, freshness, or preparation standards
- Food safety, hygiene, or sanitation practices
- Foodborne illnesses, allergic reactions, or health issues
- Food contamination, adulteration, or spoilage
- Mislabeling of ingredients, allergens, or dietary information
- Non-compliance with FSSAI or other food safety regulations
2. **Direct Contractual Relationship**: By placing an order through SocietyChef, you acknowledge and agree that:
- The contract for food preparation and delivery is **DIRECTLY BETWEEN THE FOODIE AND THE COOK**
- SocietyChef is merely facilitating the connection and transaction
- All disputes regarding food quality, safety, or service must be resolved directly between the Foodie and Cook
- SocietyChef has no control over the actual food preparation process, ingredients used, or hygiene standards maintained by Cooks
3. **Independent Contractors**: All Cooks on the platform are **independent contractors** and not employees, agents, or representatives of SocietyChef. Their actions, representations, and food preparation practices are their own responsibility.
### 16.3 User Responsibilities
**Cook's Responsibilities**:
- Maintain valid FSSAI license/registration (as applicable)
- Follow all food safety and hygiene regulations
- Accurately represent ingredients, allergens, and dietary information
- Use fresh, quality ingredients and proper food handling practices
- Comply with all local health and safety regulations
- Bear full responsibility for any health issues arising from their food
**Foodie's Responsibilities**:
- Verify Cook's credentials and ratings before ordering
- Communicate dietary restrictions and allergies clearly
- Inspect food upon delivery for quality and safety
- Report issues directly to the Cook first
- Understand that food is prepared in home kitchens, not commercial facilities
- Accept risk associated with home-cooked food purchases
### 16.4 Indemnification
**BY USING THIS PLATFORM, YOU AGREE TO INDEMNIFY, DEFEND, AND HOLD HARMLESS** SocietyChef and its officers, directors, employees, partners, and agents from any and all:
- Claims, damages, losses, liabilities, costs, and expenses (including legal fees)
- Arising from food quality, safety, allergic reactions, or foodborne illnesses
- Related to disputes between Foodies and Cooks
- Resulting from Cook's breach of food safety regulations
- Connected to misrepresentation of food items or ingredients
### 16.5 Dispute Resolution
1. **Primary Resolution**: All disputes regarding food quality, delivery, or service must be resolved directly between the Foodie and Cook.
2. **Platform Role**: SocietyChef may, at its sole discretion, provide a communication channel for dispute resolution but is not obligated to intervene or make decisions.
3. **No Mediation Obligation**: SocietyChef is not required to mediate, arbitrate, or resolve disputes between users.
4. **Legal Action**: Any legal action related to food quality or safety must be pursued against the Cook directly, not against SocietyChef.
### 16.6 Regulatory Compliance
While SocietyChef encourages Cooks to comply with all applicable food safety regulations:
- **We do not inspect Cook's kitchens or food preparation areas**
- **We do not verify FSSAI licenses or health certifications**
- **We do not conduct food quality or safety audits**
- **We do not guarantee regulatory compliance by Cooks**
Users acknowledge that home-based food preparation may not be subject to the same regulations as commercial restaurants.
### 16.7 Assumption of Risk
**BY ORDERING FOOD THROUGH SOCIETYCHEF, YOU EXPRESSLY ACKNOWLEDGE AND ASSUME ALL RISKS** associated with:
- Consuming food prepared in home kitchens
- Potential food allergies, contamination, or illness
- Accuracy of ingredient and allergen information provided by Cooks
- Quality, freshness, and safety of food items
### 16.8 Maximum Liability Cap
To the maximum extent permitted by law, if SocietyChef is found liable for any claims related to food quality or safety, **our total liability shall not exceed the transaction fee** collected by SocietyChef for that specific order (typically 5-10% of order value), and shall exclude:
- Medical expenses
- Lost wages
- Pain and suffering
- Punitive or consequential damages
### 16.9 No Warranty
SocietyChef provides the platform **"AS IS" and "AS AVAILABLE"** with **NO WARRANTIES** regarding:
- Food quality, safety, or fitness for consumption
- Accuracy of Cook-provided information
- Timeliness or reliability of delivery
- Compliance with food safety regulations
### 16.10 Jurisdiction and Governing Law
This agreement shall be governed by the laws of India. Any legal disputes must be filed in the courts of Bhopal, Madhya Pradesh, and **must name the Cook as the primary defendant** in matters related to food quality or safety.
---
## 19. Consent
By using SocietyChef, you acknowledge that you have read, understood, and agree to this Privacy Policy and DPDP Act compliance terms.
**For Users Under 18**: You confirm that you are at least 18 years old or have parental/guardian consent.
**Acceptance**: Your continued use of the app constitutes acceptance of this policy and any future amendments.
---
## Version History
- **Version 1.0** - November 26, 2025: Initial version
---
## Appendix: Data Categories Summary
### Personal Identifiers
- Name, email, phone, user ID, device ID
### Financial Information
- Order amount, transaction history (card details NOT stored)
### Location Data
- GPS coordinates, address, city, society name
### User-Generated Content
- Reviews, ratings, chat messages, uploaded documents
### Usage Data
- App interactions, search queries, preferences, order history
### Device Information
- OS version, device type, IP address, screen resolution
### Professional Information (Cooks Only)
- Bank details, PAN, menu items, pricing
- Cooking history, ratings, reviews
---
**Last Review Date**: November 26, 2025
**Next Review Date**: November 26, 2026
---
© 2025 SocietyChef. All rights reserved.