1. Introduction 

Ordrio Technologies Pvt Ltd (“Ordrio”, “we”, “us”, or “our”) operates a suite of commerce, delivery, billing, customer engagement, logistics, and business management platforms and services. This Privacy Policy explains how we collect, use, process, store, disclose, and protect information when you access or use our merchant/admin panels, customer storefronts, mobile applications, delivery/rider applications, APIs, integrations, hosted subdomains, and any related Ordrio-operated services (collectively, the “Platform”). By using the Platform, you agree to this Privacy Policy. 

2. Scope of This Policy 

This Privacy Policy applies to merchants and business clients, customers using merchant storefronts, delivery partners and riders, staff users, website visitors, support users, and other individuals interacting with the Platform. This Policy applies across all Ordrio products and services including Nadi, Kadal, Vayu, Doni, Ale, and related integrations or future products. 

3. Information We Collect 

Account & Identity Information: name, email address, mobile number, password hashes, authentication credentials, business/store information, tax information, billing details, branch information, and support communications. 

Customer & Transaction Information: orders, invoices, payment status, transaction history, subscriptions, wallet balances, loyalty activity, delivery addresses, customer notes, order preferences, and refund activity. 

Device & Usage Information: IP address, browser type, operating system, device identifiers, app version, access timestamps, usage activity, crash logs, diagnostic data, and performance metrics. 

Location Information: delivery tracking, rider location, store location, branch location, or approximate GPS data where required for operational functionality. 

Cookies & Tracking Technologies: We use cookies and similar technologies for authentication, analytics, session management, fraud prevention, performance optimization, and personalization. You may disable cookies through your browser settings, though certain features may not function properly. 

4. How We Use Information 

We use collected information to operate and maintain the Platform, authenticate users, process orders and payments, manage subscriptions and billing, provide customer support, deliver notifications, facilitate deliveries and logistics, improve Platform performance, generate analytics and reports, prevent fraud and abuse, enforce policies and legal obligations, monitor operational health and security, and develop new features and services. 

5. Merchant-Controlled Data 

Merchants using Ordrio may independently collect and manage customer information through their storefronts. In such cases, the Merchant acts as the data controller for their customer data, and Ordrio acts as a platform and service provider facilitating processing on behalf of the Merchant. Merchants are responsible for obtaining necessary customer consents, complying with local laws, and managing their own customer privacy obligations. 

6. Payments & Financial Data 

Payments may be processed through third-party payment providers. Ordrio does not store complete payment card information on its servers unless explicitly stated otherwise by the payment provider integration. Payment gateways, banking providers, and financial institutions may independently process your information according to their own policies. 

7. Communications & Notifications 

We may send transactional notifications, order updates, OTPs, billing alerts, delivery notifications, service announcements, support responses, security alerts, and promotional communications via email, SMS, WhatsApp, push notifications, in-app alerts, or phone calls. You may opt out of promotional communications where applicable, though operational and transactional communications may still be required. 

8. Third-Party Services & Integrations 

The Platform may integrate with third-party providers including payment gateways, logistics providers, analytics providers, social login providers, notification providers, cloud hosting vendors, POS systems, marketing systems, and external APIs. These third parties may independently process information according to their own privacy policies and practices. Ordrio is not responsible for third-party privacy practices. 

9. Data Retention 

We retain information for as long as reasonably necessary to provide services, maintain operational integrity, comply with legal obligations, resolve disputes, enforce agreements, support audits, and maintain backups. Certain information may continue to be retained even after account closure where legally required, operationally necessary, or required for fraud prevention, accounting, taxation, or security purposes. 

10. Account Inactivity 

Accounts inactive for six (6) months may be blocked. Accounts inactive for one (1) year may be permanently deleted. We may send advance notice before blocking or deleting inactive accounts where contact information is available. 

11. Data Security 

We implement commercially reasonable administrative, technical, and organizational safeguards to protect information, including encryption, access controls, authentication systems, and cloud infrastructure security. However, no method of electronic transmission or storage can guarantee absolute security. 

12. Backups & Data Responsibility 

We maintain our own backups for operational continuity. However, Clients are responsible for maintaining their own copies of critical business data. Ordrio does not guarantee recovery of data lost due to user actions, system failures, or force majeure events. 

13. Data Export 

You may request a copy of your data by contacting [email protected]. We will provide data exports in commonly used formats upon request, subject to verification of your identity and authorization. 

14. International Data Transfers 

Your information may be processed, transferred, or stored in jurisdictions outside your state or country, including cloud infrastructure regions used by Ordrio or its providers. By using the Platform, you consent to such transfers where permitted by applicable law. 

15. Your Rights & Choices 

Depending on applicable laws, you may have rights to access information, update information, request correction, request deletion, object to processing, or withdraw consent. Certain requests may be limited where retention is legally required, operational integrity must be maintained, fraud prevention is necessary, or contractual obligations apply. 

16. Account Deletion 

You may request account deletion by using available account controls, contacting the relevant Merchant, or contacting Ordrio support. Deletion requests may not immediately remove transactional records, invoices, logs, backups, or legally required records. Certain operational or historical records may be retained in archived or anonymized form. 

17. Children’s Privacy 

The Platform is not intended for individuals below the age permitted by applicable law without appropriate parental or guardian consent. We do not knowingly collect personal information from children in violation of applicable laws. 

18. Analytics & Platform Monitoring 

We may use analytics and monitoring systems to understand platform usage, improve stability, analyze performance, detect abuse, and optimize services. This may include aggregated usage analytics, crash reporting, and anonymized performance metrics. 

19. Changes to This Privacy Policy 

We may update this Privacy Policy from time to time. Updated versions become effective upon publication on the Platform. Continued use of the Platform after updates constitutes acceptance of the revised Privacy Policy. 

20. Contact Information 

Ordrio Technologies Pvt Ltd 

4-1-25C, Prithvi Soudha, Ambalpady Junction 

Udupi, Karnataka, 576101, India 

Jurisdiction: Karnataka, India 

Website: https://ordrio.com 

Email: [email protected] 

For privacy-related questions, data access requests, deletion requests, or other concerns, please contact us at the above email address.