How Servoraa collects, uses, protects and deletes your personal data
Servoraa (“we”, “us”, “our”, the “Platform”), a product of HashHorizon, provides QR-based dine-in ordering and WhatsApp engagement for partner restaurants, cafés and hotels.
We are the Data Fiduciary for the personal data described below under India’s Digital Personal Data Protection Act, 2023 (“DPDP Act”).
Data Fiduciary: Servoraa, a HashHorizon venture. Contact: tech@hashhorizon.in · +91 89480 80894. Grievance Officer: tech@hashhorizon.in.
We do not collect your address, email, payment-card numbers, government IDs, or location history through the ordering flow.
We process your data on the basis of the consent you give, and for limited legitimate uses permitted by the DPDP Act — to fulfil your order, send the service/marketing messages you opted into, run anonymised offer campaigns for restaurants without revealing your identity, and keep the Platform secure.
We do not sell your personal data or share it with restaurants/third parties for their own use. We share it only with processors operating the service on our instructions (e.g. our WhatsApp Business messaging provider) under data-protection obligations, and where legally required.
Encryption in transit and at rest, access controls that mask your identity from restaurants, and restricted internal access. The WhatsApp delivery leg is end-to-end encrypted by WhatsApp. We maintain a breach-response process and will notify the Data Protection Board and affected users as required by law.
We keep your name and mobile number for up to 180 days from your last order. After 180 days of inactivity — or earlier if you delete your data or withdraw consent — we delete or irreversibly anonymise it. Anonymised order statistics may be retained for analytics.
Intended for users aged 18+. We do not knowingly collect children’s data; processing a child’s data needs verifiable parental consent.
We may update this policy and post the new version with an updated date. Questions: tech@hashhorizon.in.
The agreement governing use of the Servoraa service
By scanning a Servoraa QR code, placing an order, or joining the Servoraa community, you agree to these Terms. If you do not agree, please do not use the service.
Servoraa provides a QR-based ordering and WhatsApp engagement layer used by partner restaurants. The food, service, pricing and order fulfilment are provided by the restaurant, not Servoraa.
You must be 18 or older and provide accurate information. You are responsible for the mobile number you submit.
Menu items, prices, availability, taxes and charges are set by the restaurant and may change. Payment is collected by the restaurant (UPI or cash at the counter) unless Servoraa expressly processes payment, in which case separate payment terms apply.
If you opt into service and/or marketing messages, you consent to receive them on WhatsApp at the number you provide. You can opt out anytime (reply STOP or call +91 89480 80894).
Servoraa is a technology platform, not the seller of food. To the extent permitted by law, Servoraa is not liable for the quality, safety or fulfilment of restaurant orders. The service is provided “as is”.
Servoraa’s total liability for any claim is limited to the amount of the relevant order. Servoraa is not liable for indirect, incidental, or consequential losses. Nothing here limits liability that cannot be limited under Indian law.
The Servoraa name, logo, software and content are owned by Servoraa (or its licensors).
We may suspend the service for breach or misuse. You can stop using it and delete your data anytime.
Governed by the laws of India; courts at Bengaluru, Karnataka have jurisdiction, subject to your consumer-protection rights.
We may update these Terms; continued use means acceptance. Contact: tech@hashhorizon.in.
Governing Servoraa ↔ Restaurant handling of customer data
These terms form part of the agreement between Servoraa (“Platform” / Data Fiduciary) and each partner establishment (“Restaurant”) and govern how customer personal data is handled.
Servoraa determines the purposes and means of processing customer personal data and is the Data Fiduciary. The Restaurant receives only anonymised order data and may request offer campaigns; it does not receive customer identity data.
Servoraa may use sub-processors (e.g. WhatsApp Business messaging, cloud hosting) under equivalent data-protection obligations. A current list is available on request.
The parties cooperate on breach notification to the Data Protection Board of India as required by the DPDP Act. On termination, the Restaurant loses all access to Platform data; Servoraa deletes or anonymises customer data per its retention policy.