How we collect, use, share, and protect your information when you use the Intraeats mobile application.
This Privacy Policy explains how Intraeats ("we", "our", "us") handles personal information when you use our Android mobile application ("the App"). The App offers food ordering and delivery, AI-powered food scanning and calorie tracking, dietitian booking, water-intake reminders, and related features.
By creating an account, ordering food, or otherwise using the App, you confirm that you have read this Privacy Policy and consent to the practices described below. If you do not agree, please do not use the App.
This policy is published in compliance with India's Digital Personal Data Protection Act, 2023 (DPDP Act), the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the disclosure requirements of the Google Play Store.
This policy is permanently available at: https://intraeats.in/privacy-policy.html
We only collect information that is necessary to operate the App and provide the features you use. The table below summarises every category of personal data the App collects, why it is collected, and where it is stored.
| Data Type | What & Why | Where Stored |
|---|---|---|
| Name | Used to personalise your account and address you on order receipts. | Cloud Firestore |
| Email Address | Used as your sign-in identifier and for sending order updates and account notifications. | Firebase Authentication, Cloud Firestore |
| Phone Number | Used by the delivery partner to contact you and for order-related communication where applicable. | Cloud Firestore |
| Precise & Approximate Location | Used to suggest your delivery address at signup, find restaurants near you, calculate delivery distance, and verify whether you are within our service area. On Android 12+, you can choose between Precise (recommended for accurate delivery) or Approximate (neighbourhood-level) accuracy. Location is requested only while the App is in use; we do not collect background location. | Processed on-device; coordinates saved with your order in Cloud Firestore. |
| Health Information | Optional. If you use the Health features, we store your weight, height, age, dietary preferences, allergies, daily calorie target, and your day-by-day calorie intake from the AI Food Scanner. This data is private and visible only to you and, if you book a consultation, to your assigned dietitian. | Cloud Firestore (per-user, private) |
| Payment Data | When you pay online, payment is processed by Razorpay. Intraeats does not see or store your card or UPI details — we only receive a payment success/failure status and a reference ID. | Razorpay (PCI-DSS certified) |
| Photos & Camera | When you use the AI Food Scanner, the photo you capture or pick from your gallery is sent to Google's Gemini API for nutritional analysis. Photos are not retained on our servers after analysis completes. | Transient — sent to Google Gemini, then discarded |
| Water Reminder Preferences | If you enable the water-intake reminder feature, we store your daily glass target, reminder schedule, and each day's glass count so you can track your hydration progress. | Cloud Firestore (per-user, private) |
| App Activity | Order history, items viewed, coupons applied, in-app preferences, water-glass logs, and notification opt-in status. Used to provide order tracking, save your preferences, and improve the App. | Cloud Firestore |
| Device Info | FCM (Firebase Cloud Messaging) registration token used to deliver order status and water-reminder notifications to your device. | Firebase Cloud Messaging |
Some information is collected only when you actively choose to use related features — for example, your saved delivery addresses, dietitian booking notes, support chat messages, and feedback submitted through the App.
We use your information for the following purposes only:
We do not sell, rent, or trade your personal data to third parties for marketing purposes.
Under the DPDP Act 2023, we process your personal data on the following lawful grounds:
You may withdraw consent at any time. Withdrawing consent does not affect the lawfulness of processing carried out before the withdrawal.
The App relies on the following third-party services. Each is bound by its own privacy policy, which we encourage you to review.
We use Firebase Authentication, Cloud Firestore, Firebase Storage, and Firebase Cloud Messaging to handle sign-in, store user data, and deliver notifications. Firebase is operated by Google LLC. Firebase privacy details.
When you scan food, the photo is sent to Google's Gemini Generative Language API for analysis. Per Google's policy, this data is processed to return a result and is not used to train Google's models for paid API users. Gemini API terms.
Online payments are processed by Razorpay Software Private Limited, a PCI-DSS-compliant payment gateway. Intraeats does not see or store your card, UPI, or net-banking credentials. Razorpay privacy policy.
We use OpenStreetMap tiles to display the delivery tracking map. Your IP address may be visible to the OpenStreetMap tile server when map tiles are fetched. OpenStreetMap privacy policy.
We retain your data only as long as it is needed for the purpose for which it was collected. The table below lists every category and the corresponding retention period.
| Data Category | Action on Account Deletion | Retention Period |
|---|---|---|
| Account profile | Deleted | Removed immediately. Removed from encrypted backups within 30 days. |
| Personal order history | Deleted | Immediately, removed from backups within 30 days. |
| Anonymized billing records | Retained | Up to 7 years, as required by Indian Income Tax Act, 1961 and CGST Act, 2017. |
| Health profile & calorie history | Deleted | Immediately, removed from backups within 30 days. |
| Water reminder data | Deleted | Immediately, removed from backups within 30 days. |
| Food scan photos | — | Not retained; discarded immediately after Google Gemini returns an analysis result. |
| Coupon usage records | Deleted | Immediately, removed from backups within 30 days. |
| Dietitian booking records | Deleted | Immediately, removed from backups within 30 days. |
| Device FCM token | Deleted | Removed when you delete your account or uninstall the App. |
| Fraud & abuse prevention logs | Retained | Up to 2 years from the date of the incident. |
| Crash & diagnostic logs | — | Up to 90 days. Logs do not contain personally identifying information. |
We take reasonable technical and organisational measures to protect your personal data, including:
No method of electronic storage is 100% secure. Please notify us immediately at privacy@intraeats.in if you believe your account has been compromised.
Under India's Digital Personal Data Protection Act, 2023, you have the following rights:
To exercise any of these rights, contact our Grievance Officer using the details in Section 14.
You can delete your Intraeats account at any time directly from inside the App:
When you delete your account, the following data is permanently removed:
If you are unable to access the App, you may request deletion by emailing privacy@intraeats.in from your registered email. We will process your request within 7 business days.
An overview of the deletion process is also published at https://intraeats.in/delete-account.html.
The App is intended for users aged 18 and above. At signup, every user is required to confirm that they are 18 or older. We do not knowingly collect personal data from anyone under 18.
If you are a parent or guardian and believe that a child under 18 has provided personal data, please contact us at privacy@intraeats.in and we will delete the information promptly.
The App requests the following Android permissions. Each is requested only when the related feature is first used. You may deny or revoke any permission via Settings → Apps → Intraeats → Permissions.
| Permission | Why It Is Used |
|---|---|
| Location (Precise & Approximate) | Used to detect your delivery address, find nearby restaurants, and calculate delivery distance. On Android 12+, you can choose between Precise (recommended for exact delivery pin) or Approximate (neighbourhood-level). Used only while the App is in use — never in the background. |
| Camera | Capture food photos for the AI Food Scanner feature. |
| Photos / Media (Read) | Pick a saved food image from your gallery for AI nutritional analysis. |
| Notifications | Send order status updates, water-drink reminders (if enabled), and promotional offers (if not opted out). |
| Vibration | Vibrate the device for important in-app notifications. |
| Internet | Required for all online features including ordering, payments, food scanning, maps, and notifications. |
Revoking a permission will disable the related feature but will not affect other parts of the App.
Some of our processors (Google Firebase, Google Gemini API, Razorpay) may store or process data on servers located outside India. When data is transferred outside India, we ensure that the receiving processor provides protection comparable to the DPDP Act, in line with Section 16 of the Act.
We may update this Privacy Policy from time to time. The "Effective date" at the top will always indicate the latest version.
For material changes, we will provide at least 14 days' advance notice through an in-app notification before changes take effect.
Your continued use of the App after the effective date constitutes acceptance. If you do not accept the changes, you may delete your account before the effective date.
If you have questions about this Privacy Policy, wish to exercise your rights, or want to raise a grievance, please contact our Grievance Officer.
Name: Abir Ghosh
Privacy & Data Requests: privacy@intraeats.in
General Support: hello@intraeats.in
Phone: +91-8001087752
Address: Manmohan Dey Rd, Barsul, Burdwan, West Bengal, India
Response time: Within 30 days of receipt of your request
If you are not satisfied with our response, you may escalate your complaint to the Data Protection Board of India as constituted under the DPDP Act, 2023.