Privacy Policy

Your Data Belongs
To You. Always.

We built OnePe on a foundation of trust. That means being completely transparent about what data we collect, how we use it — and making an unconditional promise never to sell it.

Last updated: June 2025  ·  Effective immediately

Privacy at a Glance

What You Need to Know, Upfront

No legalese. Six plain-language facts about how we handle your information.

We Never Sell Your Data

Your personal information — name, phone number, dining history — is never sold, rented or traded to any third party. Not now, not ever.

Restaurant-Only Promotions

Only restaurant owners you have actually dined at may send you promotional messages — and only within the platform.

Full Transparency

We document exactly what we collect and why. No hidden fields, no silent tracking, no surprise profiling.

Your Data is Secure

All data is encrypted in transit and at rest. Access to your personal information is strictly controlled and logged.

You Stay in Control

You can request to view, correct or delete all personal data we hold about you at any time by contacting our support team.

Real Human Support

Any privacy concern will be addressed by a real person from our team — not an automated form response.

Our Unconditional Data Promise

OnePe will never sell, lease, broker or share your personal data with any third-party advertiser, data broker, marketing platform, or external company for commercial purposes. This is not a marketing claim — it is a binding principle embedded into how we build our product and run our business.

Zero data sold to third parties — ever
No ads served based on your personal profile
Promotions only from restaurants you've visited
Full data deletion on account closure
Encryption in transit and at rest
Access requests honoured within 72 hours

Promotional Messages Explained

How Restaurant Promotions Work

We know unsolicited marketing is annoying. Here is exactly how the promotional message system works — and the strict rules that protect you.

The Journey of a Promotional Message

1
You dine at a restaurant on OnePe When you visit a restaurant that uses our platform and place an order or check in, a verified dining record is created — this is your confirmed connection to that establishment.
2
The restaurant owner wants to reach out Only the owner of that specific restaurant — verified by us and bound by our platform terms — may send you a promotional message through OnePe. They cannot access your raw phone number or email; all communication happens inside our platform.
3
You receive the message — and you stay in control You receive the message in-app. You can opt out of promotions from any individual restaurant at any time, with no questions asked. Restaurants that abuse this feature are removed from the platform.
No Cold Outreach

Restaurants cannot message people who have never visited them. There is no way to buy a list or reach strangers.

Platform-Only Channel

Your phone number and email are never revealed to restaurant owners. All messaging is through our secure platform channel.

Opt-Out Anytime

One tap in-app to stop promotions from any restaurant, permanently. No dark patterns, no re-subscription traps.

Strict Limits Enforced

Restaurants are subject to frequency caps and content guidelines. Spam or misleading promotions result in immediate suspension.

Full Policy

Privacy Policy — Complete Details

The complete policy for OnePe (onepe.in), operated by OnePe Technologies. Questions? Email us at privacy@onepe.in

1. Data We Collect

We collect only the information necessary to provide our restaurant management and dining services. This falls into three categories:

Account & Identity Data

  • Name, mobile number and email address (provided when you create an account)
  • Profile photo (optional, uploaded by you)
  • Language and regional preferences

Transaction & Dining Data

  • Order history — what you ordered, at which restaurant, and when
  • Payment method type (UPI, card, cash) — we do not store full card numbers
  • Table and booking details at restaurants you have visited
  • Ratings and reviews you submit

Technical Data

  • IP address, device type and operating system (for security and fraud prevention)
  • App version and session logs (for debugging and service improvement)
  • Location data — only when you grant permission, and only to show nearby restaurants
We do not collect: Sensitive personal data such as biometrics, financial account credentials, Aadhaar numbers, or health information.

2. How We Use Your Data

Your data is used for one purpose — making OnePe work well for you:

  • Enabling orders, table bookings, digital menus and bill payments at restaurants
  • Showing your order history so you can reorder favourites
  • Sending transactional notifications — order confirmations, payment receipts, booking reminders
  • Customer support — diagnosing issues when you reach out to us
  • Security — detecting unauthorised access and preventing fraud
  • Product improvement — aggregate, anonymised analytics to understand which features are used
We do not build advertising profiles. Your dining behaviour is never used to target you with ads on other platforms or to enrich third-party marketing databases.

3. Sharing & Third Parties

We do not sell your personal data to any third party. This is absolute. No exceptions for advertisers, data brokers, analytics companies, or any other commercial entity.

We share data only in the following limited and necessary situations:

Payment Processors — When you pay for an order, transaction data is passed to a licensed payment gateway (such as Razorpay or Paytm) to process the payment. These partners are bound by PCI-DSS and their own strict privacy obligations. We never share more than the transaction amount and a reference ID.

Infrastructure Providers — Our servers and databases are hosted by reputable cloud providers. Data stored with them is encrypted and accessible only by OnePe staff with a legitimate need.

Legal Requirements — If required by Indian law, a court order, or a legitimate government authority, we may be compelled to disclose specific data. We will always notify you where legally permitted before doing so.

Business Transfers — In the event of a merger, acquisition or sale of OnePe, user data would transfer to the acquiring entity. We would notify you at least 30 days in advance and you would retain the right to delete your account.

4. Promotional Messages from Restaurants

OnePe allows restaurant owners to send promotional messages to their past diners. This feature is governed by strict rules:

  • Eligibility: A restaurant owner may only send promotions to users who have a verified, confirmed dining record at their restaurant.
  • Channel: All promotional messages are delivered in-app via the OnePe platform. Your phone number and email address are never shared with the restaurant.
  • Frequency: Restaurants are subject to daily and weekly message caps to prevent spam. Exceeding these limits results in suspension of messaging privileges.
  • Content: Messages must comply with our promotional content guidelines. Misleading, offensive or unsolicited content is prohibited.
  • Opt-out: You can opt out of promotional messages from any specific restaurant at any time directly from the message itself. You can also disable all restaurant promotions globally from your account settings.
  • Enforcement: Restaurants that receive opt-out complaints above a threshold, or that violate our messaging policy, are suspended immediately and reviewed by our team.
Important: Restaurants cannot send you cold messages. They must have a confirmed, recorded dining interaction with you on the platform before they can reach out. We actively monitor for abuse of this feature.

5. Security

We take the security of your data seriously and implement multiple layers of protection:

  • All data in transit is protected by TLS 1.2+ encryption
  • Data at rest is encrypted using AES-256
  • Access to production systems is restricted to authorised personnel only, with multi-factor authentication enforced
  • All access to personal data is logged and audited
  • We conduct regular security reviews and vulnerability assessments
  • Passwords are hashed using bcrypt — we cannot see or recover your password

In the event of a data breach that affects your personal information, we will notify affected users within 72 hours of becoming aware of the incident, in compliance with applicable Indian data protection law.

6. Cookies & Tracking

Our website and web app use a minimal set of cookies:

  • Essential cookies — Required for login sessions and security. Cannot be disabled.
  • Preference cookies — Remember your language and display settings.
  • Analytics cookies — Anonymous, aggregated page-view data to understand how features are used. No personal identifiers are included.

We do not use advertising cookies. We do not allow any third-party advertising network to set cookies on our website. You can manage cookie preferences from your browser settings at any time.

7. Your Rights

You have the following rights over your personal data, which we will honour within 72 hours of a valid request:

  • Right to Access — Request a copy of all personal data we hold about you
  • Right to Rectification — Ask us to correct inaccurate or incomplete information
  • Right to Erasure — Request permanent deletion of your account and all associated personal data
  • Right to Restrict Processing — Ask us to pause using your data while a concern is under review
  • Right to Data Portability — Receive your data in a structured, machine-readable format
  • Right to Withdraw Consent — Withdraw any consent you have previously given at any time

To exercise any of these rights, email us at privacy@onepe.in with the subject line "Data Request". We will verify your identity before processing any request.

8. Children's Privacy

OnePe is not directed at children under the age of 13. We do not knowingly collect personal data from anyone under 13. If you are a parent or guardian and believe your child has created an account, please contact us immediately and we will delete the account and all associated data promptly.

9. Changes to this Policy

We may update this Privacy Policy from time to time. When we make significant changes, we will:

  • Update the "Last updated" date at the top of this page
  • Send an in-app notification to all registered users
  • For material changes affecting your rights, provide at least 14 days' notice before the change takes effect

Your continued use of OnePe after the effective date constitutes acceptance of the updated policy. If you do not agree with any changes, you may delete your account before the effective date.

10. Contact Us

For any questions, concerns, or data requests related to this Privacy Policy, please reach out to us. A real person from our team will respond.

This policy was last reviewed and updated in June 2025 and applies to all users of onepe.in and the OnePe mobile application.

Privacy You Can Count On

Join thousands of diners across India who trust OnePe to keep their information private and their dining experience seamless.

Get Started Free About Us