Privacy Policy

Last Updated: June 10, 2026

Techcardz Services Private Limited ("we", "us", or "our") operates the techrestoPOS platform. This Privacy Policy informs you of our policies regarding the collection, use, protection, and disclosure of Personal Data when you use our Service and the choices you have associated with that data.

2.1 Types of Data Collected

A. Data Collected from Restaurant Partners (B2B)

When you register for our Service as a Restaurant Partner, we collect:

  • Business Information: Legal business name, GST Identification Number (GSTIN), business address, and operational details.
  • Personal Identification Information: Names, email addresses, phone numbers, and identification documents of the restaurant owners and authorized administrators.
  • Financial Data: Bank account details, UPI IDs, and billing addresses necessary for processing subscription payments and routing third-party gateway settlements.

B. Data Collected from End-Customers (B2B2C)

When diners interact with the techrestoPOS platform (e.g., via QR Code ordering, digital receipts, or loyalty programs) on behalf of our Restaurant Partners, we process:

  • Contact Information: Mobile numbers and names provided during order placement or loyalty program enrollment.
  • Transactional Data: Order history, dining preferences, items ordered, total bill amounts, and payment methods used.
  • Wallet Data: Information regarding virtual credit wallets, promotional balances, and loyalty point accrual. (Note: We do not directly collect or store sensitive credit card numbers or banking passwords; these are securely handled directly by our PCI-DSS compliant payment gateway partners like Razorpay).

C. Automatically Collected Usage Data

We automatically collect information on how the Service is accessed and used. This may include:

  • IP addresses, browser types, and versions.
  • The pages of our Service that you visit, the time and date of your visit, and the time spent on those pages.
  • Diagnostic data, device identifiers, and operating system details.

2.2 Purpose of Data Collection and Processing

We use the collected data for various comprehensive purposes:

  • Service Provision: To maintain, monitor, and provide our SaaS platform functionality to our Restaurant Partners.
  • Transaction Fulfillment: To facilitate the transmission of digital orders from diners to the kitchen display systems.
  • Analytics and Improvement: To analyze usage patterns to improve the software's UI/UX, speed, and reliability.
  • Communication: To send administrative notifications, invoices, OTP verifications (via Firebase/Twilio), and technical alerts.
  • Compliance: To comply with legal obligations, resolve disputes, and enforce our legal agreements.

2.3 Data Sharing and Disclosure

Techcardz Services Private Limited strictly prohibits the sale or unauthorized renting of personal data. We may disclose your data only in the following circumstances:

  • Authorized Third-Party Processors: We share data with trusted vendors required to run our infrastructure, including cloud hosting providers (e.g., AWS, DigitalOcean), SMS gateways, and payment processors. These vendors are legally bound to protect your data.
  • Legal Requirements: We may disclose your Personal Data in the good faith belief that such action is necessary to comply with a legal obligation, protect the rights or property of Techcardz Services Private Limited, prevent wrongdoing, or protect the personal safety of users.
  • Business Transfers: In the event of a merger, acquisition, or asset sale, your Personal Data may be transferred. We will provide notice before your Personal Data is transferred and becomes subject to a different Privacy Policy.

2.4 Data Retention and Security

We retain Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, we are required to retain financial transaction data to comply with tax laws), resolve disputes, and enforce our legal agreements.

We utilize enterprise-grade security architectures, including HTTPS/TLS encryption, firewall rules, and strict multi-tenant database access controls to prevent cross-tenant data leakage and unauthorized access.