Menu
Last updated: September 29, 2025
“WoktoWalk India”, “we”, “us” or “our” refers to Shree Sharda Associates Pvt Ltd operating the WoktoWalk India website, apps and related services.
Registered office: C 16, Pamposh Enclave, New Delhi, India – 110048
This Policy explains how we collect, use, share and protect personal data when you use our websites, mobile apps, and any service that links to this Policy (the “Services”). By using the Services you agree to this Policy and our Terms of Use.
This Policy applies to users in India. If you order from a partner restaurant, that restaurant will process some of your data as an independent data fiduciary for order fulfilment. See “Our role vs restaurants” below.
We collect data you give us, data we get automatically, and data from partners.
We use it to run our Services, take your orders, prevent fraud, support you, improve products, and with your choice personalise marketing.
We use cookies, Meta Pixel and Conversions API, and analytics. You can change cookie choices anytime in Cookie Settings.
We don’t store card numbers. Payments are tokenised per RBI rules.
You can access, correct, delete, withdraw consent, lodge a grievance, and nominate a person to act for you.
We protect data with technical and organisational controls.
We may process data outside India with safeguards and subject to future Government transfer restrictions.
Account & profile: name, email, phone, password, addresses.
Orders & delivery: items in cart, delivery notes, communication preferences.
Payments: we receive payment status and tokenised references from our payment partners. We do not store full card numbers.
Support & feedback: messages, ratings, recorded calls/chats for quality and training.
Marketing choices: subscriptions, opt-outs, channel preferences.
Sensitive data you volunteer: e.g., allergies or dietary needs you choose to share. Please share such details with the restaurant in the order notes. If you send them to us (for example in a complaint), we will only use them for that purpose with your consent.
Device & usage: IP address, device identifiers, app version, browser, pages viewed, time on page, clickstream, crashes.
Approximate location: if you allow it, to show nearby restaurants and estimate delivery times.
Cookies & similar tech: see “Cookies & tracking”.
Payment partners & banks: payment status, token, last 4 digits for refunds and fraud checks.
Logistics & communication vendors: delivery status, SMS/WhatsApp delivery.
Analytics & ad partners: aggregated campaign performance, audience segments, attribution insights.
Social logins (if you use them): basic profile data from that provider after you authorise.
Provide the Services: create and manage your account, take and route orders, coordinate delivery, issue invoices, process refunds.
Service messages: order status, security alerts, policy updates.
Customer support: identify you, resolve issues, improve service quality.
Safety & fraud: detect abuse, chargebacks, duplicate accounts, bot activity.
Product improvement: analytics, testing, research, reporting.
Marketing: with your choice, send offers, recommendations, and measure campaign performance.
Legal: comply with tax, accounting, and other legal obligations.
We process personal data as permitted under the Digital Personal Data Protection Act, 2023 and the DPDP Rules, 2025, including:
Your consent for optional purposes like marketing and non-essential cookies. You can withdraw consent anytime in Profile → Privacy or Cookie Settings.
Legitimate uses allowed by law, such as to provide services you asked for, prevent fraud, comply with law, respond to incidents, and for network and information security.
We use cookies and similar technologies to:
run the site and keep you signed in
measure visits and performance
reduce fraud
with your choice, personalise ads and recommendations
This includes Meta Pixel, Meta Conversions API, and analytics tools. These help us understand what brought you to our site, whether an ad worked, and what to improve. You can change or withdraw cookie choices anytime in Cookie Settings. Your ad preferences on Facebook or Instagram also influence what you see on those platforms.
We avoid dark patterns. No pre-ticked boxes. Unsubscribe and cookie changes are one-click where possible.
Some platforms we integrate with (for example Meta) may use publicly shared content on their services to develop or improve AI systems. This does not include your private messages or minors’ content. EU/UK users may have opt-out options offered by those platforms which may not apply in India. For details, review the platform’s own privacy policy.
We share data only as needed and with safeguards:
Restaurants you order from, to prepare and fulfil the order
Group companies that help us operate the Services
Service providers: hosting, analytics, customer support, communications, KYC/AML where required, payment processing, logistics
Ad/measurement partners: where you permit marketing cookies and only for measurement and personalisation you chose
Custom Audience partners: if we upload hashed contact lists to show or exclude ads. You can opt out of list-based marketing at [email protected]
Legal, safety, and compliance: regulators, courts, law enforcement when required or to protect rights, safety or property
Business change: merger, acquisition or restructuring. Successors will honour this Policy
We do not sell your personal data.
WoktoWalk India is the data fiduciary for your account, site/app operations, analytics, and marketing you choose.
The restaurant you order from is an independent data fiduciary for preparing and delivering your order, and for any record they must keep.
We and the restaurant will each handle requests that relate to our respective roles. If a request overlaps we’ll coordinate.
We do not store full card numbers. Card details are tokenised by our payment partners in line with RBI rules. We may store a token and last 4 digits to process refunds and prevent fraud.
If you pay with UPI, wallet, or net banking, we receive transaction references and status from the PSP or bank.
For refunds we share minimal details with payment partners and your bank as required.
Our Services are not directed to children under 18. We don’t personalise ads to minors. We don’t knowingly collect data from children without verifiable consent of a parent or guardian. Parents or guardians can contact our Grievance Officer to review or delete a child’s information.
We use limited profiling to:
detect fraud and platform abuse
recommend restaurants and dishes
create or exclude ad audiences where you allowed marketing cookies
You can object to marketing-related profiling by changing Cookie Settings or emailing [email protected]. Fraud checks are needed to protect you and the platform.
We keep data only as long as needed for the purpose or as required by law:
Orders, invoices, tax records: 8–10 years
Customer support records: up to 3 years
Marketing preferences and contact lists: until you opt out or after 12–24 months of inactivity
Cookie identifiers: as listed in the Cookie Policy
When no longer needed we delete or de-identify data. If deletion isn’t immediately possible (for example backups), we isolate and secure it until deletion.
We may process data outside India through trusted providers under contracts that require data protection and security. India allows cross-border transfers except to any countries the Government may restrict in future. If you want more detail about transfer safeguards, contact us.
We use encryption in transit, access controls, least-privilege access, logging, network isolation, regular training, and vendor due diligence. If we become aware of a personal data breach that risks harm, we will notify affected users and the Data Protection Board of India as required by law.
You can:
Access the data we hold about you
Correct inaccurate or incomplete data
Delete data, subject to legal retains
Withdraw consent for optional processing
Opt out of marketing at any time
Nominate a person to exercise your rights if you pass away or are incapacitated
Raise a grievance with our Grievance Officer. If unresolved, you may approach the Data Protection Board of India
How to use your rights:
In-app: Profile → Privacy and Cookie Settings
Email: [email protected]
We aim to acknowledge requests quickly and resolve them within the timelines prescribed by law.
We may create hashed contact lists to show or exclude ads on platforms like Meta. You can opt out of list-based marketing by emailing [email protected] with subject “Opt out of Custom Audiences”. Platform controls still apply to what you see on their services.
Some browsers send signals like Global Privacy Control (GPC). Where technically feasible we treat recognised signals as opt-outs for marketing cookies on our site.
Our site may link to other websites or allow social logins. Those services have their own privacy policies. Please review them before sharing data.
We may update this Policy to reflect legal, technical or business changes. If changes are material we’ll notify you in-app or by email. Continued use of the Services means you accept the updated Policy.
Shree Sharda Associates Pvt Ltd
Brand: WoktoWalk India
Email: [email protected]
Grievance Officer (India): Anirudh Agarwal, [email protected], C 16, Pamposh Enclave, New Delhi, India – 110048
Pacific Mall, Jasola, New Delhi
Terminal 1, IGI Delhi
CP67 Mall, Mohali
Bhartiya City Mall, Bangalore
Mall of Mysore, Mysore
