Data Protection Policy
10 Minutes India — Protecting Your Personal Data
Sis Startup IT Solution Infotech Private Limited
CIN:
U62099UP2026PTC241647 | Last Updated: April 10, 2026
Your Privacy Matters
10 Minutes India is committed to protecting your personal data in compliance with the Information Technology Act, 2000, IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and upcoming Digital Personal Data Protection Act, 2023.
1. Policy Overview
This Data Protection Policy explains how 10 Minutes India collects, processes, stores, and protects your personal data when you use our hyperlocal food and grocery delivery platform. We handle your data responsibly to deliver fast, reliable service while maintaining your privacy.
Data Minimization
We collect only what's needed for delivery
Limited Retention
Data deleted when no longer needed
Encryption
All data encrypted in transit and at rest
2. Data We Collect for Delivery Services
Identity Data
Name, phone number (required for OTP), email (optional)
Location Data
Delivery addresses, real-time GPS (when app is open) for accurate delivery
Payment Data
UPI ID, saved card tokens (not full card numbers—handled by PCI-DSS compliant payment gateways)
Order Data
Order history, preferences, dietary restrictions (if provided)
3. How We Use Your Data
Fulfill Deliveries
Share your address and phone with delivery partners to complete orders (partners see limited data, hidden after delivery)
Order Updates
Send SMS/push notifications for order status, delivery ETA, and promotional offers (you can opt out)
Fraud Prevention
Analyze patterns to prevent fake refund claims, COD abuse, and payment fraud
Legal Compliance
Share with authorities if legally required (court orders, regulatory requests)
4. Data Sharing
We share your data only with:
| Recipient | Data Shared | Purpose |
|---|---|---|
| Delivery Partners | Name, phone (masked), address | Complete delivery |
| Vendor Partners | Order items, delivery notes | Prepare order |
| Payment Gateways | Transaction data (tokenized) | Process payments |
| Analytics Providers | Anonymized usage data | App improvement |
5. Data Retention
We retain your data for:
- Active accounts: As long as your account is active
- Order history: 3 years (for tax/legal compliance)
- Deleted accounts: Data anonymized within 90 days
- Payment data: Handled by payment processors per PCI-DSS
6. Your Rights
Under Indian data protection laws, you have the right to:
Access Your Data
Request a copy of data we hold about you (Settings → Privacy → Download My Data)
Correct Inaccuracies
Update your profile information anytime in the app
Delete Your Account
Request account deletion (Settings → Privacy → Delete Account)
Opt Out of Marketing
Unsubscribe from promotional communications anytime
7. Security Measures
We protect your data through:
- 256-bit SSL/TLS encryption for all data transmission
- Phone number masking for delivery partners
- Two-factor authentication (OTP) for login
- Regular security audits and penetration testing
- Data stored on secure cloud infrastructure (AWS/GCP) in India
8. Contact Data Protection Officer
Data Protection Officer
Email: privacy@10minutesindia.com
Response: Within 72 hours
Registered Office
Sis Startup IT Solution Infotech Pvt Ltd
Varanasi, Uttar Pradesh — 221010
CIN: U62099UP2026PTC241647 | Last Updated: April 10, 2026