Legal
Privacy Policy
We're committed to protecting your privacy. This policy explains what data we collect, how we use it, and your rights over it.
📅 Last Updated: May 16, 2025
Summary: EazyEvent collects only what's necessary to connect you with caterers. We never sell your personal data. You can request deletion of your account at any time.
1. Who We Are
EazyEvent ("we", "our", "us") is a food catering marketplace platform that connects consumers with caterers for events across India. Our registered office is at Bengaluru, Karnataka, India. You can reach our privacy team at privacy@eazyevent.com.
2. Information We Collect
2.1 Information You Provide
- Account registration: Full name, email address, optional phone number, and password (stored as a bcrypt hash — never plain text).
- Consumer profile: Dietary preferences, preferred cuisines, and event history to personalize recommendations.
- Caterer profile: Business name, cuisine types, service areas, menu items, pricing, and business documents for verification.
- Event details: Event type, date, venue, guest count, and special requirements when making a booking.
- Reviews: Ratings and written feedback you submit after a completed booking.
- Communications: Messages sent through our in-app messaging or support channels.
2.2 Information Collected Automatically
- Device data: Device type, operating system version, app version, and unique device identifiers.
- Usage data: Screens visited, features used, search queries, and time spent in the app.
- Log data: IP address, timestamps, error logs, and crash reports (used for debugging).
- Location: General location (city/region) inferred from IP address for showing relevant caterers. We do not collect precise GPS location.
2.3 Information from Third Parties
- Payment processors provide us with transaction status (success/failure) but not your full card details — we never store payment card data.
- If you sign in via Google or other OAuth providers, we receive your name and email from that provider.
3. How We Use Your Information
- To create and manage your account and verify your identity via email OTP.
- To match consumers with caterers based on event needs, location, and preferences.
- To process and manage bookings between consumers and caterers.
- To send transactional emails: booking confirmations, OTPs, password resets, and booking updates.
- To display caterer profiles, menus, and reviews to consumers.
- To allow caterers to view their bookings, manage their menu, and track earnings.
- To resolve disputes, investigate fraud, and enforce our Terms & Conditions.
- To improve the platform through aggregated, anonymized analytics.
- To comply with applicable Indian laws and regulations.
4. Legal Basis for Processing
We process your data under the following legal bases:
- Contract performance: Processing necessary to provide the platform services you've signed up for.
- Legitimate interests: Fraud prevention, platform security, and service improvement.
- Legal obligation: Compliance with applicable laws (e.g., tax records, consumer protection laws).
- Consent: Marketing communications (you can withdraw consent at any time).
5. Sharing of Information
We do not sell your personal data. We share data only in these circumstances:
- Between consumers and caterers: When a booking is made, the consumer's event details and name are shared with the caterer; the caterer's profile and contact details are shared with the consumer.
- Service providers: We use trusted third parties for email delivery (SMTP), cloud hosting, and analytics — all bound by data processing agreements.
- Legal requirements: If required by law, court order, or government authority in India.
- Business transfers: In the event of a merger or acquisition, user data may be transferred to the acquiring entity (with prior notice to users).
6. Data Retention
- Account data is retained for as long as your account is active.
- Booking records are retained for 3 years after the event date for legal and tax compliance.
- OTPs and verification codes expire within 10 minutes and are deleted after use.
- Deleted accounts: personal identifiers are purged within 30 days; anonymized aggregate data may be retained indefinitely.
7. Cookies & Tracking
Our mobile apps do not use browser cookies. Our web-based admin and landing pages may use:
- Essential cookies: Required for login sessions and security.
- Analytics cookies: Anonymous usage statistics (e.g., Google Analytics). You can opt out via browser settings.
8. Data Security
- All API communication uses HTTPS/TLS encryption.
- Passwords are hashed using bcrypt with a secure salt — we never store plain-text passwords.
- JWT authentication tokens are stored securely using Flutter Secure Storage (hardware-backed keystore on Android, Keychain on iOS).
- Our servers are hosted on secure cloud infrastructure with restricted access controls.
- We conduct regular security reviews and promptly address reported vulnerabilities.
9. Your Rights
Under India's Digital Personal Data Protection Act (DPDPA) 2023 and applicable laws, you have the right to:
- Access: Request a copy of the personal data we hold about you.
- Correction: Request correction of inaccurate or incomplete data.
- Deletion: Request deletion of your account and associated personal data (subject to legal retention obligations).
- Portability: Receive your data in a machine-readable format.
- Withdraw consent: Opt out of marketing communications at any time via the unsubscribe link in emails.
- Grievance: Lodge a complaint with India's Data Protection Board if you believe your rights have been violated.
To exercise any of these rights, contact us at privacy@eazyevent.com. We will respond within 30 days.
10. Children's Privacy
EazyEvent is not intended for individuals under 18 years of age. We do not knowingly collect personal data from minors. If we become aware that a minor has registered, we will delete their account promptly. If you believe a child's data has been collected, contact us immediately.
11. Changes to This Policy
We may update this Privacy Policy from time to time. When we make significant changes, we will notify registered users by email and display a prominent notice in the app for at least 30 days. Continued use of EazyEvent after the effective date constitutes acceptance of the updated policy.
12. Contact Us
For any privacy-related questions, concerns, or requests: