Data Safety Disclosure
This Data Safety section is prepared in compliance with Google Play Store's Data Safety requirements. It provides a transparent overview of what data the Grozio app collects, how it is used, whether it is shared, and your options to manage it.
1. Core Data Practices
Does the Grozio App Collect Data?
YES. Grozio collects data to provide core app functionality including user authentication, order placement, delivery tracking, payments, and customer support.
Is Data Shared with Third Parties?
YES. Grozio shares data with service providers including Razorpay (payments), Firebase (auth/notifications), Google Maps (routing), Cloudinary (media), and Sentry (crash monitoring).
Can Users Request Data Deletion?
YES. Users can delete their account and associated data via the app (Profile > Settings > Delete Account) or at https://grozio.store/delete-account.html.
Is Data Encrypted in Transit?
YES. All data transmitted between the Grozio App and our servers is encrypted using HTTPS/TLS 1.2+. Payment data is handled by Razorpay's PCI-DSS compliant infrastructure.
2. Data Collected — Full Breakdown
| Data Type | Category | Collected | Shared | Required |
|---|---|---|---|---|
| Name | Personal Info | Yes | Yes | Required |
| Email Address | Personal Info | Yes | No | Optional |
| Phone Number | Personal Info | Yes | Yes (OTP, vendors) | Required |
| Profile Photo | Personal Info | Yes | No | Optional |
| Delivery Address | Personal Info | Yes | Yes (delivery partners) | Required |
| Precise GPS Location | Location | Yes | Yes (routing) | Required |
| Order History | App Activity | Yes | No | Required |
| Device Identifiers | Device Info | Yes | No | Required |
| Push Token (FCM) | Device Info | Yes | No | Required |
| Crash Logs | App Performance | Yes | Yes (Sentry) | Required |
| Payment Reference ID | Financial Info | Yes | No | Required |
| Photos/Images | Photos & Videos | Yes (profile, docs) | Yes (Cloudinary) | Optional |
| Identity Documents | Personal Info | Yes (Sellers/Partners) | No | Required (Partners) |
| Bank/UPI Details | Financial Info | Yes (Sellers/Partners) | Yes (Razorpay) | Required (Partners) |
| App Interactions | App Activity | Yes (Firebase) | No | Required |
| Ratings & Reviews | App Activity | Yes | Yes (vendor/partner) | Optional |
3. Purposes of Data Collection
| Purpose | Data Used |
|---|---|
| App Functionality | Name, phone, address, location, order data — to provide core services |
| Account Management | Phone number, email, profile photo — for registration, login (OTP/Google), profile |
| Order Processing | Address, order details, payment reference — to process and fulfill orders |
| Delivery Tracking | Precise location (customer + partner) — for real-time tracking via WebSockets |
| Payments | Payment reference IDs — via Razorpay; no card/UPI data stored on Grozio servers |
| Push Notifications | FCM push token — for order updates, promotions, delivery alerts |
| Analytics | App interactions, usage events — via Firebase Analytics (anonymized) |
| Crash Monitoring | Device info, error context — via Sentry for stability improvement |
| Fraud Prevention | Device info, transaction patterns — to detect and prevent fraudulent activity |
| Legal Compliance | Transaction history, KYC docs — retained per Indian tax and regulatory requirements |
4. Security Practices
- Encryption in Transit: Data encrypted using HTTPS / TLS 1.2+
- Encryption at Rest: Data encrypted at rest using AES-256 (MongoDB Atlas)
- Payment Security: Payment data handled by Razorpay — PCI-DSS Level 1 certified
- Zero Payment Data Storage: No raw card or UPI data ever stored on Grozio servers
- Right to Deletion: Users can request data deletion at any time