Privacy Policy

Effective date: 15 May 2026

Zesty is a restaurant operations platform for QR ordering, kitchen workflow, billing, inventory, staff access, analytics, mobile workflows, contact requests, and priority support tickets.

Scope

This Privacy Policy explains how Zesty collects, uses, stores, shares, and protects personal data and restaurant operating data when users access the website, marketing forms, authenticated web application, mobile application, customer ordering flows, support tools, and related services.

For Indian users and restaurant customers, this policy is intended to be read consistently with the Digital Personal Data Protection Act, 2023 and applicable Indian laws. Restaurant organizations using Zesty remain responsible for the customer and staff data they decide to collect through their workspace.

Data we collect

We collect account data such as name, email address, phone number, authentication records, organization membership, role, permissions, security settings, session details, and support access activity.

Restaurant organizations may store operational data such as restaurant profile details, branches, menus, item prices, taxes, table sessions, orders, bills, payment state, manual UPI review information, inventory, suppliers, recipes, stock counts, expenses, staff records, customer records, feedback, campaigns, analytics, and configuration settings.

Customer ordering flows may collect customer name, phone number, table/session information, order details, payment status, refund context, feedback, and communication preferences where enabled by the restaurant.

Marketing and contact forms may collect name, email, phone, restaurant name, role, city, outlet count, interest area, current tools, timeline, and message details. Priority support tickets may include issue descriptions, replies, attachments, internal notes, ticket status, and audited support access choices.

We also collect technical information such as IP address, device and browser data, operating system, approximate network-derived location, logs, error reports, security events, and usage events needed to operate and secure the platform.

How we use data

We use data to provide and secure Zesty, authenticate users, manage organizations and roles, process orders and bills, support payment and refund workflows, operate inventory and analytics features, send transactional communications, manage subscriptions, respond to contact requests, provide priority support, troubleshoot issues, prevent abuse, improve product quality, and comply with legal obligations.

We do not add fabricated customer metrics, testimonials, or usage claims to marketing pages based on user data.

Lawful basis and consent

Where applicable law requires consent or notice, restaurants are responsible for giving appropriate notice to their customers and staff before using Zesty to collect or process personal data. Zesty processes data to provide requested services, fulfill contracts, comply with law, protect the platform, and support legitimate operational needs of restaurant organizations.

Payments

Zesty may use payment providers such as Razorpay and other configured providers for subscriptions, customer payments, and payment verification. Zesty does not store full card numbers, UPI credentials, or bank account credentials. Payment providers may process payment identifiers, transaction status, billing details, fraud-prevention signals, and settlement information under their own terms and policies.

Communications

Zesty may send account, security, billing, OTP, order, receipt, support, email, WhatsApp, and operational notifications. Restaurants are responsible for ensuring they have a lawful basis to contact their own customers and staff.

Sharing and processors

We share data with service providers only as needed to operate Zesty, including hosting, databases, storage, authentication, email, messaging, payment processing, analytics, monitoring, support tooling, and security providers. We may disclose data when required by law, court order, government request, fraud prevention, platform security, enforcement of terms, or a business transfer.

Support access and attachments

Priority support tickets may include screenshots, PDFs, CSV/text files, and short video attachments. Eligible organization owners or admins may choose to allow support-team access for debugging. Support access is audited, including reason, target user, organization context, and ticket reference where applicable.

Security

We use role-based access controls, organization scoping, authenticated APIs, audit logs, signed upload and download URLs, encryption where appropriate, and operational safeguards. No system is perfectly secure, so organization owners and admins should use strong credentials, remove departed staff, review permissions, and protect payment and messaging provider credentials.

Retention

We retain data while accounts or restaurant workspaces are active and as needed for operations, audit logs, billing, tax, payment disputes, support, security, backups, and legal requirements. We may delete or anonymize data when it is no longer needed or when a valid deletion request can be honored.

Rights and requests

Users may request access, correction, export, or deletion of personal data, subject to restaurant administrator controls, identity verification, contractual duties, and legal retention obligations. Staff and restaurant customers should usually contact the restaurant organization first because the organization controls much of the workspace data.

Children

Zesty is intended for restaurant operations and is not directed to children. Restaurants should not use Zesty to knowingly collect children's personal data unless they have a lawful basis and required notices or consents.

International transfers

Zesty and its service providers may process data in India or other locations where infrastructure, support, or provider services operate. When data is transferred, we use practical safeguards required for the service and applicable law.

Contact

For privacy questions, contact the Zesty operator at hello@zesty.id or through the support channel available in the application.