Legal Center

← Back to Home

Privacy Policy

Last Updated: November 25, 2025

Compliance Note: This Privacy Policy is published in accordance with the provisions of the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023.

1. Introduction

Welcome to our platform ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when you use our e-commerce platform.

2. Data We Collect

We collect the following types of information as a Data Fiduciary:

  • Personal Information: Name, Phone Number, Email Address, Delivery Address.
  • Sensitive Personal Data: Health information (Prescriptions), Financial information (Bank Account/UPI details for refunds).
  • Technical Data: IP Address, Device ID, Browser Type, Cookies.

3. Purpose of Data Processing

We process your data for the following lawful purposes:

  • To process and deliver your orders (Contractual Necessity).
  • To verify prescriptions as required by the Drugs and Cosmetics Act, 1940.
  • To improve our platform and user experience (Legitimate Interest).
  • To comply with legal obligations (e.g., tax laws, cyber security regulations).

4. Consent

By using our platform, you explicitly consent to the collection and use of your information as described in this policy. You have the right to withdraw your consent at any time by contacting our Grievance Officer.

5. Data Sharing and Disclosure

We do not sell your personal data. We may share your data with:

  • Service Providers: Logistics partners, Payment Gateways (Razorpay/UPI), and Cloud Service Providers.
  • Legal Authorities: When required by law or to protect our rights and safety.

6. Data Security

We implement reasonable security practices and procedures as mandated by the IT Act, 2000, including encryption (SSL), access controls, and regular security audits to protect your data from unauthorized access.

7. Your Rights (Data Principal Rights)

Under the DPDP Act, 2023, you have the right to:

  • Access and review your personal data.
  • Correct or update inaccurate data.
  • Request erasure of your data (Right to be Forgotten).
  • Nominate a representative in case of incapacity.

8. Grievance Redressal

In accordance with the IT Act 2000 and DPDP Act 2023, if you have any grievances regarding your data, please contact our Grievance Officer:

Mr. Data Protection Officer

Safenest Technologies Pvt Ltd

Email: support@groapp.in

Address: 123, Tech Park, Bangalore - 560103, India