Last Updated: 25/06/2025
This Privacy Policy ("Policy") outlines how Holbewoner Technologies Private Limited ("Doorush", "we", "us", or "our") collects, uses, stores, shares, and safeguards your personal and non-personal data when you use our mobile application, website, or any services (collectively referred to as the "Platform"). This Policy is issued in accordance with the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and is aligned with emerging expectations under India’s Digital Personal Data Protection Act, 2023 (DPDP Act).
By using the Doorush Platform, you agree to the practices described in this Policy. If you do not agree, you should not use the Platform or submit any information.
We may collect the following categories of information:
1.1 Personally Identifiable Information (PII): Includes your name, contact details, residential address, gender, date of birth, identity verification documents (if applicable), household information (e.g., number of rooms or presence of pets), and any additional data provided during account setup or service usage.
1.2 Financial Information: Includes your UPI ID, card/bank information, payment gateway preferences, transaction timestamps, and billing data. Sensitive data is collected via secure and compliant channels only (e.g., PCI-DSS compliant systems).
1.3 Service Interaction Data: Data related to usage behavior on the platform — type of services used, time of booking, ratings, feedback, order history, and support requests.
1.4 Device & Technical Information: We may collect technical information about the device used to access the Platform — such as IP address, operating system, browser type, language settings, device model, mobile carrier, advertising identifiers, and geolocation data (subject to permissions).
1.5 Cookies and Tracking: We use cookies, pixels, SDKs, and web beacons to store user preferences, enable features, deliver ads, and improve user experience. Users can configure cookie settings in their browser.
1.6 Communication Logs: All inbound/outbound communication including in-app chat, SMS, email, call records (where applicable), and WhatsApp conversations may be logged for quality assurance and dispute resolution.
We collect and process your data for the following lawful purposes:
To create and manage your Doorush account
To verify your identity and maintain account integrity
To process and fulfill service bookings
To facilitate real-time partner assignment and route tracking
To send order confirmations, OTPs, alerts, invoices, and feedback forms
To allow cancellation, refund processing, and payment reconciliation
To analyze user behavior and improve service quality
To customize content, recommend services, and personalize experience
To prevent fraud, enforce platform integrity, and monitor suspicious behavior
To enable platform diagnostics and customer support
To ensure compliance with legal, tax, or regulatory obligations
We rely on one or more of the following legal grounds under Indian law:
Consent: When you provide your data voluntarily (e.g., creating an account or contacting support)
Contractual necessity: To perform obligations linked to your service bookings
Legitimate interest: For enhancing our services, fraud detection, or network security
Legal obligations: To comply with applicable laws, government orders, or judicial proceedings
You have the right to withdraw consent at any time by emailing support@doorush.in, although certain functions may become unavailable.
We do not sell your personal information. We share it only under specific, lawful circumstances:
With service providers (Quick Help / Insta Cook partners) to fulfill bookings
With payment aggregators to complete financial transactions
With vendors handling cloud hosting, analytics, SMS/email delivery, and support
With marketing partners for advertising, remarketing, and campaign analysis (where consented)
With government agencies, courts, regulators, or law enforcement where mandated
During business transfers such as mergers, acquisitions, or restructuring
All vendors and partners are bound by confidentiality agreements and operate in compliance with Indian data privacy regulations.
Doorush aims to host and process data primarily within India. However, if any cross-border transfer of personal data is necessary (e.g., cloud storage or analytics support), it shall be:
In accordance with applicable Indian laws
Limited to jurisdictions offering equivalent data protection frameworks
Protected through standard contractual clauses and best-practice safeguards
We retain personal information only for as long as necessary for the purposes stated above, or as required by Indian tax, accounting, and legal standards. Retention periods include:
For active users: until account is deleted or user withdraws consent
For inactive users: 3 years from last interaction
For financial or compliance records: up to 7 years
For disputes or legal holds: until resolution or regulatory clearance
Users may request deletion of personal data unless legal obligations require retention.
You are entitled to exercise the following rights:
Right to Access: Request a summary of data we hold about you
Right to Correction: Request correction of outdated or inaccurate information
Right to Deletion: Request deletion of data unless retained for legal reasons
Right to Withdraw Consent: Opt-out of specific processing (e.g., marketing)
Right to Lodge Complaints: File a complaint with the Grievance Officer or relevant authority
To exercise any of the above, email: support@doorush.in with subject line “Data Rights Request.”
We implement robust technical and organizational security controls, including:
End-to-end encryption for sensitive fields (e.g., passwords, UPI IDs)
SSL/TLS security for all communications
Multi-factor authentication for internal access
Regular penetration testing and vulnerability patching
Role-based access control with audit logging
In case of a data breach affecting your information, we will notify you and regulatory bodies as required by law.
Doorush is not intended for individuals under 18 years. We do not knowingly collect data from minors. If a minor’s data has been shared unintentionally, parents/guardians are requested to email us immediately.
We use both first-party and third-party cookies to:
Manage sessions and login status
Personalize ads (e.g., Facebook Pixel, Google Ads)
Track traffic via analytics (e.g., Google Analytics, Firebase)
Users can adjust cookie settings in their browsers and may opt out of personalized advertising via their device or browser settings.
The Platform may contain external links to apps, websites, or APIs. Doorush is not responsible for third-party privacy practices. You are encouraged to review their policies before use.
We may amend this Policy periodically to reflect technological, regulatory, or business changes. Major updates will be notified via app pop-ups or email. Continued usage implies acceptance.
14. Consent and Binding Nature
By registering or using Doorush, you:
Consent to the collection and use of your data as per this Policy
Agree to the binding nature of this Policy and its integration with our Terms of Use
Understand your rights and obligations under applicable Indian privacy law
This document is generated electronically under the Information Technology Act, 2000. It does not require physical or digital signatures.
For queries regarding this Policy, write to support@doorush.in or visit our website at www.doorush.in/privacy.
