Privacy Policy

Introduction

Upstocker ("we", "us", or "our") operates an online grocery service that lets customers browse products, place orders, and make payments. This Privacy Policy explains what information we collect (we collect email and mobile numbers from customers), how we use and protect that information, and the choices available to you.

Information we collect

We collect the following personal information to provide the service:

• Contact details: email address and mobile number used for account creation, order confirmations, and delivery coordination.
• Account information: account username, password (hashed), profile name and preferences if you create an account.
• Order & payment information: items ordered, delivery address, order totals, and payment transaction records. Payments are processed using third-party payment processors such as Razorpay — card or bank details are handled by those processors and are not stored by Upstocker except where tokenized/payment references are needed to manage refunds or subscriptions.
• Device & technical data: device type, IP address, app or browser version, and crash logs if you opt in to diagnostics.

How we use your information

We use your information to:

• Create and manage your account and authenticate you securely.
• Process orders, coordinate deliveries, and handle payments and refunds.
• Send transactional messages like order confirmations, delivery updates, and receipts.
• Improve our product, investigate issues, and provide customer support.
• Comply with legal and tax obligations (for example retaining order records when required).

Third-party service providers

We use trusted third-party providers to operate our service, including:

• Payment processors (for example, Razorpay) that handle card/bank payments and store sensitive payment details under their own secure systems.
• Email and SMS providers for transactional communications and OTP messages.
• Cloud hosting providers that store encrypted backups and application data.
• Optional analytics and crash-reporting tools (only if you opt in).

These providers act as processors and are contractually required to protect data. We do not sell personal information to third parties.

Security

We implement reasonable safeguards such as encryption in transit (HTTPS), access controls, and secure storage. When payment data is involved, we rely on PCI-compliant processors; Upstocker does not store full card numbers. Despite safeguards, no system is perfectly secure — we will notify affected users and regulators in the event of a qualifying breach.

Children’s privacy

Upstocker is intended for adult customers. We do not knowingly collect personal information from children under 13. If you believe we have collected information about a child in error, contact us and we will remove it.

Your rights

Subject to applicable law, you may have rights to access, correct, or request deletion of your personal data. To exercise these rights contact us at the address below. We will verify requests to protect your account and respond within applicable timeframes.

Cookies & tracking

We use cookies and similar technologies on our website to operate the service and, with your consent, for analytics. You can control cookie preferences through your browser or device settings.

Data retention & deletion

We retain account and transactional data while needed to provide our services. Inactive accounts may be retained for up to 2 years from last activity to allow reactivation and to meet legal obligations. Financial and tax-related records may be retained up to 7 years where required by law.

To request deletion of your account and personal data, send an email from the address registered to your account to pingwgc@gmail.com with the subject Account Deletion Request. We will verify the request and typically complete deletion within 7 working days, subject to legal and payment-processor retention requirements.

Contact

For questions or privacy requests contact: pingwgc@gmail.com