Privacy Policy
Last Updated: December 17, 2025
This Privacy Policy describes how Nextserve Software Private Limited ("Nextserve", "we", "our", "us") collects, uses, stores, and protects personal information when you use our products and services, including the SOG (Scan, Order & Go) platform, mobile applications, websites, and related services (collectively, the "Services").
By accessing or using our Services, you agree to the practices described in this policy.
1. Information We Collect
a. User Account Information
- Name
- Email address
- Mobile/phone number
- Password (stored in encrypted/hashed form)
- Account preferences and settings
b. Order and Transaction Information
- Order details (items selected, quantities, customizations)
- Table number and restaurant/venue information
- Order history and status
- Payment method preference (not actual payment credentials)
- Invoice and billing information
c. Guest Session Information
For users who do not create an account, we collect:
- Temporary session identifier
- Phone number (if provided for order updates)
- Order details for the session
d. Device and Technical Information
- Device type and operating system
- Browser type and version
- IP address
- Device tokens for push notifications (FCM tokens)
- App usage and interaction data
e. Location Information
When you scan a QR code at a restaurant table, the system associates your order with that specific table location. We do not collect precise GPS location data.
Payment Information: Payments are processed directly by our authorized payment gateway partner, PhonePe. Nextserve does not store, process, or have access to your card details, UPI IDs, PINs, or banking credentials. All payment data is handled securely by PhonePe in compliance with RBI and NPCI regulations.
2. How We Use Your Information
We use collected information for the following purposes:
- Service Delivery: Enable scan-to-order functionality, process orders, and route them to the appropriate restaurant/kitchen
- Order Management: Provide order status updates, confirmations, and notifications
- Payment Processing: Facilitate payment confirmation via PhonePe payment gateway
- Communication: Send service-related notifications, respond to support requests, and provide order updates
- Platform Improvement: Analyze usage patterns to improve platform performance and user experience
- Security: Protect against fraud, unauthorized access, and other security threats
- Legal Compliance: Comply with applicable laws and regulations
Marketing communications are sent only with explicit user consent and can be opted out of at any time.
3. Data Sharing and Disclosure
We do not sell or rent your personal data.
Data may be shared only with the following parties for legitimate business purposes:
| Recipient | Purpose | Data Shared |
|---|---|---|
| Restaurant Partners | Order fulfillment and preparation | Order details, table number, customer name (if provided) |
| PhonePe (Payment Gateway) | Payment processing | Transaction amount, order reference |
| Firebase (Google) | Push notifications | Device tokens, notification content |
| Cloud Infrastructure Providers | Hosting and data storage | Encrypted application data |
| Legal/Regulatory Authorities | Legal compliance | As required by law or court order |
Each third party is expected to comply with applicable data protection laws and maintain appropriate security measures.
4. Role Clarification
Understanding the roles of different parties:
- Nextserve Software Private Limited acts as a technology platform provider, offering the SOG software solution to restaurants and food service businesses.
- Restaurant Partners (Vendors) are responsible for order preparation, fulfillment, food quality, and direct customer service. They act as independent data controllers for their customer relationships.
- PhonePe (Payment Gateway) operates independently and handles all financial data processing in compliance with RBI and NPCI regulations.
5. Data Retention
We retain personal data only as long as necessary for the purposes outlined in this policy:
- Order Data: Retained based on vendor subscription terms and applicable legal/tax requirements
- User Accounts: Retained until the user requests account deletion
- Guest Session Data: Retained in the system for operational and support purposes
- Analytics Data: Retained as per vendor preferences and aggregated for platform improvement
- Legal/Compliance Data: Retained as required by applicable laws (typically 7 years for financial records in India)
Data may be anonymized and retained for analytics and reporting purposes.
6. Data Security
We implement reasonable administrative, technical, and organizational safeguards to protect personal data, including:
- Encryption of data in transit (TLS/HTTPS) and at rest
- Secure password hashing using industry-standard algorithms
- JWT-based authentication with token expiration
- Role-based access control for system users
- Regular security assessments and monitoring
- Cloud infrastructure with enterprise-grade security (Google Cloud Platform)
However, no digital system is completely secure, and users acknowledge this inherent risk when using online services. We encourage users to use strong passwords and protect their account credentials.
7. Cookies and Local Storage
Our web application uses cookies and local storage technologies for:
- Authentication: Storing JWT tokens to maintain your login session
- Cart Data: Saving your cart items for convenience
- Push Notifications: Storing FCM tokens for real-time order updates
- Preferences: Remembering your theme and display preferences
Users may disable cookies via browser settings, though some features may not function correctly without them.
8. Third-Party Links and Services
Our Services may contain links to third-party websites, payment gateways, or services. We are not responsible for their content, privacy practices, or data handling. Users should review the respective privacy policies of:
- PhonePe: https://www.phonepe.com/privacy-policy/
- Google/Firebase: https://policies.google.com/privacy
9. Your Rights
Subject to applicable laws, you have the following rights regarding your personal data:
- Access: Request access to your personal data held by us
- Correction: Request correction of inaccurate or incomplete data
- Deletion: Request deletion of your account and associated data
- Withdrawal of Consent: Withdraw consent for marketing communications at any time
- Data Portability: Request a copy of your data in a structured format
- Objection: Object to processing of your data for certain purposes
To exercise these rights, please contact us using the details provided below. We will respond within 30 days of receiving your request.
10. Children's Privacy
Our Services are not intended for use by individuals under 18 years of age. We do not knowingly collect personal data from minors. If we become aware that we have collected data from a minor without appropriate consent, we will take steps to delete such information.
11. Legal Compliance
This Privacy Policy is designed to comply with:
- Information Technology Act, 2000 (India) and associated rules
- Digital Personal Data Protection Act, 2023 (India)
- Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
- Applicable RBI and NPCI guidelines for payment processing
12. Changes to This Policy
We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:
- Update the "Last Updated" date at the top of this policy
- Notify users through appropriate channels (email, in-app notification, or website notice)
Continued use of our Services after such updates constitutes acceptance of the revised policy.
13. Contact Us & Grievance Officer
For questions, concerns, data requests, or complaints regarding this Privacy Policy or our data practices, please contact us:
Nextserve Software Private Limited
Address:
B-316, Sai Keerthi Prime
Chandanagar, Hyderabad
Telangana - 500050, India
Email: info@nextserve.co.in
Phone: +91 85228 98866
Grievance Officer
Name: [To be designated]
Email: info@nextserve.co.in
Response Time: We will acknowledge your request within 48 hours and provide a resolution within 30 days.
Nextserve Software Private Limited
GST: 36AAKCN8161C1ZE
© 2025 All Rights Reserved