Data Policy

1. Overview & Commitment

FoodBridge.io (“FoodBridge.io,” “we,” “us,” or “our”) operates the FoodBridge.io platform (the “Platform”). This Privacy Policy explains how we collect, use, store, share, and protect information when you use our Platform, mobile applications, APIs, and related services (collectively, “Services”).

Our Core Promise:

Your data is yours. You decide what to share within the network and what to keep private. Foodbridge.io will never sell your personal or business data to third parties for advertising or marketing purposes. We collect only what we need to provide and improve the Services.

This Policy applies to all Users of the Platform, including Manufacturers, Distributors, Retailers, and their authorized personnel. By using the Services, you consent to the practices described in this Policy.

2. Information We Collect

2.1 Information You Provide

Category	Data Collected	Purpose
Account Information	Name, email, phone number, business name, GSTIN, business type, address	Account creation, identity verification, invoicing, compliance
Business Data	Product catalogs, pricing, inventory levels, order records, invoices, delivery records	Core service delivery — order management, inventory tracking, invoicing
Transaction Data	Purchase orders, payment records, delivery confirmations, returns, audit trails	Order processing, dispute resolution, financial reconciliation
Communication Data	Campaign content, messages sent through Platform, support tickets	Campaign delivery, customer support, service improvement
Payment Information	Billing address, payment method (processed by third-party gateways)	Subscription billing. We do not store full credit card numbers.

2.2 Information Collected Automatically

Category	Data Collected	Purpose
Device Information	Device type, operating system, browser type, screen resolution	Optimizing Platform experience, troubleshooting
Usage Data	Pages visited, features used, time spent, clicks, search queries within Platform	Service improvement, feature analytics, personalization
Log Data	IP address, access timestamps, error logs, referring URLs	Security monitoring, debugging, fraud prevention
Location Data	Approximate location (IP), precise location (only if GPS enabled for delivery)	Route optimization, delivery tracking, regional config

2.3 Information from Third Parties

We may receive information from third-party integrations you authorize (e.g., Tally accounting data, payment gateway transaction confirmations, WhatsApp Business API delivery receipts) and publicly available business registration databases for verification purposes.

3. How We Use Your Information

We use collected information for the following purposes:

Service Delivery: Processing orders, managing inventory, generating invoices, facilitating deliveries, running campaigns, and all core Platform functionality.
AI & Intelligence: Powering demand prediction, smart supplier matching, inventory optimization, SmartBasket recommendations, and network-effect insights.
Communication: Sending transactional notifications (order confirmations, delivery updates, payment receipts) via email, SMS, WhatsApp, and in-app notifications.
Support: Resolving support requests, troubleshooting issues, and providing managed onboarding services.
Platform Improvement: Analyzing usage patterns to improve features, fix bugs, develop new functionality, and optimize performance.
Security: Detecting and preventing fraud, unauthorized access, and other security threats.
Legal Compliance: Meeting obligations under applicable laws, responding to legal processes, and enforcing our Terms of Service.
Marketing: With your consent, sending product updates, feature announcements, and relevant industry content. You may opt out at any time.

What we will never do:

We will never sell your personal or business data to advertisers. We will never share your specific inventory levels, pricing, or financial data with competitors. We will never use your data in ways not described in this Policy.

4. Data Sharing & Disclosure

4.1 Within the Network (User-Controlled)

When you participate in the Foodbridge.io Network, certain information is shared with your supply chain partners as configured by you:

Product catalogs and pricing you choose to make visible
Order and delivery information relevant to the transaction
Campaign and promotional content you distribute
Business profile information you make public on the Marketplace

You control these sharing settings. Internal data (inventory levels, margins, internal notes, financial records) is never shared without your explicit action.

4.2 Service Providers

We share data with trusted third-party service providers who assist us in operating the Platform:

Cloud Hosting: For data storage and computing infrastructure
Payment Processors: For processing subscription and transaction payments
Communication Providers: For delivering SMS, email, and WhatsApp notifications
Analytics Tools: For Platform usage analytics and performance monitoring

All service providers are bound by contractual obligations to protect your data and use it solely for the purposes we specify.

4.3 Legal Requirements

We may disclose your information if required by law, regulation, legal process, or government request, or to protect the rights, property, or safety of Foodbridge.io, our Users, or the public.

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction. We will notify you of any such change and any choices you may have regarding your information.

4.5 Aggregated Data

We may share aggregated, anonymized data that cannot identify individual Users for industry benchmarking, research, and market insights.

5. Your Data Control & Rights

You are always in control.

The following rights are available to all Foodbridge.io Users, regardless of Subscription Plan.

5.1 Access & Portability

You have the right to request a copy of all personal and business data we hold about you. Data exports are available in standard formats (CSV, Excel, JSON). Requests will be fulfilled within 15 business days at no charge.

5.2 Correction

You may update or correct your account information at any time through the Platform settings. For data corrections that cannot be made directly, contact our support team.

5.3 Deletion

You may request deletion of your personal data. Upon account termination, personal data will be deleted within 30 days, except where retention is required by law (e.g., tax records, transaction records required under GST regulations). Business transaction records involving other Users may be retained in anonymized form.

5.4 Restriction of Processing

You may request that we restrict processing of your data in certain circumstances, such as while verifying the accuracy of contested data or while we assess an objection to processing.

5.5 Objection

You may object to processing of your data for marketing purposes at any time. You may also object to processing based on our legitimate interests, and we will honor your objection unless we have compelling legitimate grounds.

5.6 Consent Withdrawal

Where processing is based on your consent, you may withdraw consent at any time. Withdrawal does not affect the lawfulness of processing conducted before withdrawal.

5.7 Communication Preferences

You can manage your communication preferences (email, SMS, WhatsApp, in-app notifications) through your account settings. Transactional notifications essential to service delivery cannot be opted out of while your account is active.

6. Data Security

Foodbridge.io implements industry-standard security measures to protect your data:

Encryption: All data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
Access Controls: Role-based access controls, multi-factor authentication for administrative access, and regular access reviews.
Infrastructure: Hosted on enterprise-grade cloud infrastructure with SOC 2 compliance. Regular security audits and penetration testing.
Monitoring: 24/7 security monitoring, intrusion detection systems, and automated threat response.
Incident Response: Documented incident response procedures. In the event of a data breach, we will notify you and relevant authorities within 72 hours as required by applicable law.
Employee Training: All Foodbridge.io employees with data access undergo regular security awareness training and are bound by confidentiality agreements.

Your Responsibility:

While we protect data on our Platform, you are responsible for maintaining the security of your account credentials, authorized user access, and any data you export from the Platform.

7. Data Retention

Data Type	Retention Period	Reason
Account Information	Account duration + 30 days	Service delivery, post-termination data export
Transaction Records	7 years from transaction	GST compliance, tax audit requirements
Invoice & Payment	8 years from FY end	Companies Act compliance, tax regulations
Usage & Log Data	12 months	Security monitoring, service improvement
Communication Records	3 years	Dispute resolution, support quality
Anonymized Data	Indefinitely	Platform improvement, AI training, insights

Data is securely deleted or anonymized after the retention period expires. You may request earlier deletion of non-legally-required data at any time.

8. Cookies & Tracking Technologies

8.1 What We Use

Essential Cookies: Required for Platform functionality — session management, authentication, security tokens. Cannot be disabled.
Analytics Cookies: Help us understand how Users interact with the Platform. Can be opted out.
Preference Cookies: Remember your settings, language preferences, and UI customizations. Can be opted out.

8.2 What We Do NOT Use

We do not use advertising or retargeting cookies.
We do not use third-party tracking pixels from social media platforms.
We do not sell cookie data to third parties.

8.3 Managing Cookies

You can manage cookie preferences through your browser settings or our cookie consent banner. Disabling essential cookies may impact Platform functionality.

9. AI & Machine Learning

Foodbridge.io uses artificial intelligence and machine learning to deliver key Platform features.

9.1 How AI Uses Your Data

Demand Prediction: Analyzes historical order patterns within your network to forecast demand. Uses your transaction data and network-wide aggregated trends.
Supplier Matching: Evaluates location, capacity, pricing, and quality signals to recommend optimal suppliers. Uses your sourcing preferences and catalog data.
Inventory Optimization: Recommends stock levels based on historical sales, seasonal patterns, and network demand. Uses your inventory and sales data.
SmartBasket: Optimizes Retailer orders based on budget, past preferences, and product performance. Uses order history and catalog data.

9.2 Training Data

Our AI models are trained on aggregated and anonymized data from across the Network. Individual User data is never used in isolation for model training. You benefit from the collective intelligence of the Network while your specific business data remains private.

9.3 AI Decision Transparency

AI-generated recommendations are presented as suggestions, not automated decisions. Users retain full control over all business decisions. You may request an explanation of how any AI recommendation was generated by contacting support.

10. Third-Party Services

The Platform integrates with the following categories of third-party services:

Payment Gateways: For processing financial transactions. Subject to their own privacy policies.
WhatsApp Business API: For delivering notifications and campaign messages. Subject to Meta’s privacy policy.
SMS Providers: For OTP verification and transactional SMS notifications.
Tally / Accounting Software: (Enterprise plan) For accounting data synchronization, authorized by you.
Cloud Infrastructure: For data hosting, storage, and computing.

We vet all third-party providers for security and privacy compliance. However, we are not responsible for the privacy practices of third-party services.

11. International Data Transfers

Foodbridge.io primarily stores and processes data within India. In cases where data is processed outside India (e.g., through cloud infrastructure providers with global networks), we ensure that appropriate safeguards are in place, including contractual protections consistent with applicable data protection laws. We comply with the Digital Personal Data Protection Act, 2023 (DPDPA) and any regulations issued thereunder regarding cross-border data transfers.

12. Children’s Privacy

The Platform is designed for business use and is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a minor, we will take steps to delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. Material changes will be communicated via email notification and a prominent notice on the Platform at least 30 days before the changes take effect.

14. Grievance Officer & Contact

In accordance with the Information Technology Act, 2000 and the Digital Personal Data Protection Act, 2023, Foodbridge.io has appointed a Grievance Officer:

Grievance Officer: Data Protection Officer, Foodbridge.io
Email: privacy@foodbridge.io
Response Time: We will acknowledge your grievance within 48 hours and resolve it within 30 days.

For general privacy inquiries:

Email: privacy@foodbridge.io
Website: foodbridge.io
Address: Plot no F-262, Industrial Area Phase 8B, Mohali, Punjab 160071

Your trust matters.

If you feel your data privacy concerns have not been adequately addressed, you have the right to lodge a complaint with the relevant data protection authority as established under the Digital Personal Data Protection Act, 2023.