Privacy Policy
Entity: Favcore Tech Private Limited (“Favcore”, “we”, “us”, “our”)
Platforms covered: Website https://favcore.com, Favcore mobile applications, m‑site, admin and vendor portals (collectively, the “Platform”)
________________________________________
1. Introduction and Scope
1. This Privacy Policy explains how Favcore collects, uses, shares, stores, and protects your personal data when you access or use the Platform, and describes your rights in relation to such data under applicable Indian laws, including the Digital Personal Data Protection Act, 2023 (“DPDP Act”) and the Information Technology Act, 2000 and its rules.
2. Favcore operates a hyperlocal commerce and delivery Platform connecting customers with local vendors (e‑commerce, grocery, food and related categories) and independent delivery partners.
3. This Privacy Policy applies to:
– Customers/end‑users using the Platform
– Vendors/merchants and their authorized representatives
– Delivery partners
– Any other person whose personal data is collected through the Platform or related services.
If you do not agree with this Privacy Policy, please do not access or use the Platform.
________________________________________
2. Your Consent and Legal Basis
1. By:
– accessing or using the Platform,
– registering an account with us,
– submitting any personal data to us, or
– otherwise using our products or services,
you expressly consent to the collection, use, sharing, and processing of your personal data in accordance with this Privacy Policy, the Terms of Use, and applicable laws of India, including the DPDP Act.
2. Where required by law, we rely on your consent as the primary legal basis for processing your digital personal data, along with other permitted bases such as:
– performance of a contract (e.g., to fulfill your order),
– compliance with legal obligations (e.g., tax, KYC),
– legitimate use/legitimate purposes as recognized under Indian law (e.g., fraud prevention, network and information security).
3. You may withdraw your consent at any time as described in Section 10. However, withdrawal of consent may affect or limit your ability to use some or all features of the Platform.
________________________________________
3. Territory and Data Storage
1. Favcore currently offers its products and services only within India, and the Platform is intended for use by individuals located in India.
2. Your personal data will primarily be stored and processed within India. However, we may use reputable third‑party cloud and IT service providers (such as AWS or similar) which may involve cross‑border transfers as permitted under the DPDP Act and applicable rules.
3. Where data is transferred or processed outside India, we will ensure that such transfers comply with applicable Indian data protection requirements.
________________________________________
4. What Personal Data Do We Collect?
We may collect the following categories of personal data, depending on how you use the Platform:
4.1 Identity and Contact Data
• Full name
• Mobile number
• Email address
• Delivery and billing addresses
• PIN code, city, state
• Profile photo (if you choose to upload)
4.2 Account and Transaction Data
• Account username and login identifiers
• Order history (products, vendors, prices, dates, payment status)
• Cart, wishlist, preferences, and saved addresses
• Feedback, ratings, and reviews posted by you
• Communications with customer support or vendors
4.3 Payment and Financial Data
• Masked card details, UPI ID, wallet information (actual card data is usually processed by payment gateways and not stored by Favcore, except limited tokens or references as per law and PCI norms)
• Transaction IDs and payment confirmations
• GST‑related information (if you purchase for business use)
Payment processing is generally handled by third‑party payment service providers. We receive only limited information necessary to confirm payment success or failure.
4.4 Vendor / Delivery Partner / Regulatory Data
If you register as a Vendor or Delivery Partner, or otherwise interact with us in a business capacity, we may collect:
• PAN, Aadhaar (where allowed and required), GSTIN, shop registration details
• FSSAI license information (for food and grocery vendors)
• Bank account details for settlement
• Business contact details, shop address, photographs
• KYC documents and any other regulatory information required under law or platform policies
4.5 Technical and Usage Data
• IP address
• Device identifiers, device type, operating system, app version
• Browser type and version
• Access dates and times, pages viewed, referring/exit URLs
• Log data and diagnostic information
4.6 Location and Permission‑Based Data
With your explicit permission through app or browser settings, we may collect:
• Precise or approximate device location (for address suggestions, nearby vendors, and delivery tracking)
• Access to camera, microphone, and photo gallery (e.g., to upload KYC documents, order images, or proof of delivery)
• Access to contacts (e.g., to share a referral code or send order to saved contacts)
• Access to SMS/notification parsing for OTP auto‑read or payment confirmations, as allowed by platform policies and OS guidelines
You may control or revoke these permissions at any time through your device or app settings; however, certain features may not function properly without the required permissions.
4.7 Behavioural and Preference Data
• Browsing patterns and clickstream data on the Platform
• Product views, searches, filters used
• Response to promotions and offers
• In‑app events and feature usage
We use this information (often in aggregated or pseudonymized form) for analytics, personalization, and improvement of our services.
4.8 User‑Generated Content
• Posts, comments, reviews, ratings, messages, and other content you submit on the Platform or on Favcore’s official social media pages.
• Any information you voluntarily share in chat with vendors, support, or delivery partners (subject to our applicable terms and lawful monitoring for security/fraud).
________________________________________
5. How Do We Use Your Personal Data?
We use your personal data for the following purposes:
1. Service Delivery and Operations
– Creating and managing your account
– Processing and fulfilling orders
– Coordinating with vendors and delivery partners
– Providing real‑time order tracking and notifications
– Providing customer support and resolving issues
2. Payments and Settlements
– Processing your payments via third‑party payment gateways
– Facilitating refunds, cancellations, and settlements to vendors/delivery partners
– Complying with tax and accounting requirements
3. Personalization and Marketing
– Recommending products, offers, and services based on your usage and preferences
– Sending transactional alerts (order updates, delivery status, security alerts)
– Sending marketing and promotional communications (email, SMS, push notifications) where you have not opted out
4. Safety, Security, and Fraud Prevention
– Detecting and preventing fraud, abuse, and security incidents
– Monitoring suspicious activity and policy violations
– Enforcing our Terms of Use, Return/Refund Policy, and other platform rules
5. Legal and Regulatory Compliance
– Complying with applicable laws, regulations, and governmental requests
– Responding to lawful orders, notices, or investigations
– Maintaining records as required by tax, FSSAI, GST, and other authorities
6. Analytics, Research, and Product Improvement
– Aggregated analytics on traffic, usage, and performance
– Improving Platform design, features, and user experience
– Conducting internal research, surveys, and A/B testing
7. Loyalty, Membership, and Referral Programs
– Enrolling you in Favcore loyalty or subscription programs (where applicable)
– Tracking points, rewards, and benefits
– Running referral or incentive campaigns as per separate program terms
We process your data only for purposes that are reasonably connected with the above and for which you have been notified and/or have given consent, as required by the DPDP Act.
________________________________________
6. Cookies, SDKs, and Similar Technologies
1. We use cookies, SDKs, pixels, and similar technologies on the Platform to:
– Recognize you and your device
– Keep you signed‑in
– Remember your preferences
– Measure site/app performance and troubleshoot bugs
– Measure effectiveness of campaigns and offers
2. Some cookies are essential (strictly necessary) for the functioning of the Platform. Others are for analytics or advertising and may be optional.
3. We may use third‑party analytics tools such as Google Analytics or similar providers to understand how users interact with our Platform.
4. You can control cookies through your browser or device settings. However, disabling certain cookies may impact functionality or user experience.
5. Third‑party content embedded in the Platform (for example, maps, social media plugins, or ads) may set their own cookies, which are governed by their respective privacy policies.
________________________________________
7. How We Share Your Personal Data
We may share your personal data with the following categories of recipients, always on a need‑to‑know and purpose‑limited basis:
1. Vendors and Merchants
– To process and fulfill your orders
– To handle returns, replacements, and after‑sales service
– To manage complaints relating to specific orders
2. Delivery Partners and Logistics Providers
– To pick up orders from vendors and deliver to you
– To contact you for delivery coordination (calls/SMS/app notifications)
3. Payment Service Providers and Banks
– To process payments and refunds
– To detect and prevent payment fraud
4. Group Entities, Affiliates, and Service Providers
– Cloud hosting providers, SMS/email gateways, analytics tools, call centers, KYC service providers, and IT/security vendors
– All such parties are contractually bound to use data only for authorized purposes and implement appropriate security controls.
5. Regulators, Law Enforcement, and Government Authorities
– Where required by applicable law, regulation, legal process, or governmental request
– To protect rights, property, or safety of Favcore, users, or the public
– To enforce our Terms of Use, policies, or defend our legal rights
6. Business Transfers and Corporate Restructuring
– In connection with any merger, acquisition, asset sale, restructuring, or similar transaction, your data may be transferred to the new entity, subject to this Privacy Policy or a privacy policy at least as protective.
Favcore does not sell your personal data to third parties for their standalone marketing purposes.
________________________________________
8. Data Retention
1. We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required under applicable law (for example, tax, accounting, or regulatory retention periods).
2. In general:
– Account and transaction records may be retained for a minimum statutory period (e.g., 3–8 years) depending on legal requirements.
– KYC and regulatory data (for vendors/delivery partners) may be retained as required by sector‑specific rules.
– Logs and security records may be retained for a reasonable period for fraud prevention and security monitoring.
3. Once the purpose of processing is fulfilled, or retention is no longer legally required, we may:
– securely delete or destroy the data, or
– irreversibly anonymize it for analytics and research purposes (data no longer identifies you).
4. If you request account deletion or withdrawal of consent, we will act in accordance with Section 10 and applicable law, while still retaining data where legally necessary (for example, for resolving disputes or complying with legal obligations).
________________________________________
9. Security Practices
1. We implement reasonable technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, such as:
– Encryption in transit (HTTPS/TLS)
– Access controls and authentication
– Segregation of duties and role‑based access
– Regular monitoring and logging
2. Despite our best efforts, no system is completely secure. By using the Platform, you understand and accept the inherent risks of data transmission over the internet.
3. You are responsible for:
– Maintaining the confidentiality of your account credentials
– Using strong passwords and changing them periodically
– Logging out after use, especially on shared devices
4. In case of a personal data breach that is likely to cause significant harm, we will take steps required under applicable law, which may include notifying affected users and/or the Data Protection Board or other regulators.
________________________________________
10. Your Rights and Choices
Under applicable Indian data protection laws (including the DPDP Act), you may have the following rights, subject to conditions and verification:
1. Right to Access
– You can access basic information about what personal data we hold about you and how we process it.
2. Right to Correction and Updating
– You can review, correct, and update your personal data using your account settings or by contacting us.
– We will take reasonable steps to ensure that inaccurate or incomplete data is corrected.
3. Right to Erasure (Right to be Forgotten)
– You may request deletion of your personal data when it is no longer necessary for the purpose for which it was collected, or if you withdraw consent, subject to our legal/regulatory obligations.
4. Right to Withdraw Consent
– You may withdraw consent for processing of certain data (for example, marketing communications, access to device permissions).
– Withdrawal will be effective going forward and will not affect prior lawful processing.
– Withdrawal may limit or prevent your use of some or all Platform features.
5. Right to Grievance Redressal
– You have the right to register a complaint with our Grievance Officer if you believe we have not fulfilled our obligations under applicable law.
6. Marketing and Communication Preferences
– You can opt‑out of non‑essential marketing communications (email/SMS/push) via:
• in‑app notification/communication preferences, or
• the “unsubscribe” link in emails, or
• by contacting us at the email ID below.
To exercise your rights, you may:
• Use the self‑service options in your account settings where available, or
• Write to us at support@favcore.com with an appropriate subject (e.g., “Data Access Request”, “Data Deletion Request”, “Withdrawal of Consent”).
We may need to verify your identity before acting on requests and may deny or partially comply with a request where required or permitted by law.
________________________________________
11. Children’s Data
1. The Platform is intended only for persons who can form a legally binding contract under the Indian Contract Act, 1872 (typically 18 years or older).
2. We do not knowingly collect personal data from children under 18. If you are a parent or guardian and believe that a child has provided us personal data, please contact us so that we can take appropriate steps.
3. By providing any child’s personal data (for example, family details for delivery), you represent that you have the authority to do so and that such sharing is lawful.
________________________________________
12. Third‑Party Links and Integrations
1. The Platform may contain links to third‑party websites, apps, payment pages, or services. Your use of such third‑party services will be governed by their respective terms and privacy policies.
2. Favcore is not responsible for the privacy practices, security standards, or content of such third‑party sites or services. We encourage you to review their privacy policies before providing any personal data.
________________________________________
13. Intermediary Obligations and Compliance
1. Favcore acts as an “intermediary”/“platform” under the Information Technology Act, 2000 and the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, and is required to publish and abide by this Privacy Policy, its Terms of Use, and user agreement.
2. To maintain safe‑harbour protection, Favcore will exercise due diligence, including:
– Informing users periodically about its policies and rules
– Taking down unlawful content upon receiving valid notice
– Cooperating with lawful directions of authorities, as required
________________________________________
14. Changes to This Privacy Policy
1. We may update or modify this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons.
2. The updated version will be posted on the Platform with a new “Last updated” date. In case of significant changes, we may also provide additional notice within the app/website (for example, a banner or pop‑up).
3. Your continued use of the Platform after any such changes constitutes your deemed acceptance of the updated Privacy Policy, in line with our Terms of Use.
________________________________________
15. Contact Details
If you have any questions, concerns, or complaints regarding this Privacy Policy or our data practices, you may contact:
Support
Email: support@favcore.com
Support URL: https://favcore.com/support
Response time: We aim to acknowledge grievances within 48 hours and to provide a substantive response within the timelines prescribed under applicable law.
