DMFU Mess Owner Privacy Policy

1. Introduction

This Privacy Policy outlines how DMFU (operated by Beginning Solutions Pvt. Ltd.) collects, uses, processes, stores, and protects the personal and business data of mess owners who register and operate their meal services through the DMFU platform.

DMFU is committed to protecting the privacy of its mess providers and ensuring that all data is handled in compliance with applicable laws, including the Information Technology Act, 2000, and Indian Data Protection Regulations.

A. Purpose of this Privacy Policy

• Clearly explain what data is collected from mess providers.
• Outline how data is used and the legal basis for data processing.
• Ensure transparency regarding mess owner rights and data control.
• Describe DMFU’s practices for data security and confidentiality.

B. Scope of the Privacy Policy

• Account Registration and Management.
• Service Listing and Subscription Management.
• Financial Transactions (Coupon Withdrawals and Refund Management).
• Customer Interactions and Ratings Management.

C. Definition of Personal and Business Data Covered

DMFU collects both personal data and business-related information for the purpose of facilitating mess services on the platform.

Personal Data:

• Mess Owner's Full Name.
• Contact Details (Phone Number, Email Address).
• Government-Issued Identifiers (e.g., PAN, Aadhaar if required for tax purposes).

Business Data:

• Mess Name and Business Address.
• Food License Information (e.g., FSSAI Certificate).
• Bank Account Details for Coupon Withdrawals.
• Subscription Plans, Meal Pricing, and Service Descriptions.

Technical Data Collected Automatically:

• IP Address.
• Device Information.
• Browser Type.
• Usage Analytics (e.g., page visits, session duration).

D. Legal Basis for Data Collection and Processing

1. Contractual Necessity: Data is required to create and manage mess accounts, provide payment services, and facilitate user subscriptions.
2. Legal Obligations: Compliance with tax laws, KYC norms, and financial regulations.
3. Legitimate Interests: To improve platform services, conduct fraud prevention, and manage platform security.
4. Consent: For marketing purposes or optional data usage where explicit consent is required.

E. Data Collection Methods

1. Direct Data Collection: During account registration, when uploading documents for verification, and while updating mess service listings or bank details.
2. Automated Data Collection: Analytics tools capturing platform usage behavior, and device identification for security purposes.
3. Third-Party Sources: Payment gateways for transaction verification, and government databases for license validation (where applicable).

F. Data Retention Policy

• Active Account Data: Retained throughout the duration of the mess provider's use of the platform.
• Closed Account Data: Retained for up to 5 years post-account deactivation for legal and audit purposes.
• Financial Transaction Records: Retained for 7 years as per Indian taxation laws.

G. Data Security and Protection Measures

• Data Encryption: AES-256 encryption for sensitive information like bank details and personal identifiers.
• Access Control: Role-based access restrictions ensuring only authorized DMFU staff can access sensitive data.
• Secure Storage: All data stored on secure servers within India, compliant with Indian data localization laws.
• Regular Security Audits: Periodic reviews and penetration tests to identify and mitigate security risks.

H. Mess Owner Responsibilities Regarding Data Accuracy

• Providing accurate and complete information during account setup.
• Regularly updating contact details and bank account information.
• Ensuring food license data remains valid and up to date.

I. Mess Owner Rights Under This Policy

• Right to Access: Request a copy of the data stored by DMFU.
• Right to Rectification: Request corrections for inaccurate data.
• Right to Erasure (Data Deletion): Request data deletion after account closure (subject to regulatory retention policies).
• Right to Restrict Processing: Limit how DMFU uses personal data for non-essential purposes.
• Right to Withdraw Consent: Opt-out from marketing communications at any time.

J. Consequences of Non-Compliance with Data Requirements

• Account Suspension: If required data is missing or invalid.
• Payment Delays: Incomplete bank details may lead to payment holdbacks.
• Service Restrictions: Mess listings may be temporarily suspended until accurate information is provided.

K. Policy Changes and Updates

• Modify this Privacy Policy when required due to legal changes or service updates.
• Notify mess providers about significant changes via:
  • Email Notifications.
  • In-App Announcements.
• Continued use of the DMFU platform after updates implies consent to the revised policy.

L. Contact Information for Privacy Queries

• Support Email: dailymessforu@gmail.com
• Legal Department: dailymessforu@gmail.com
• Registered Office Address: Beginning Solutions Pvt. Ltd., [Office Address, City, PIN Code, India].

M. Mess Owner Acknowledgment and Agreement:

• By registering as a mess provider on DMFU, you acknowledge that you:
• Understand and consent to the collection, processing, and storage of your data as described in this policy.
• Agree to comply with data accuracy requirements and maintain up-to-date business details.
• Have reviewed your rights under Indian data protection laws.

2. Data Collection Details and Purpose of Use

This section provides a comprehensive breakdown of the types of data collected from mess providers, the methods of collection, and the purpose for which each data type is used within the DMFU platform.

A. Types of Data Collected from Mess Providers

DMFU collects the following categories of data from mess providers during account registration, service management, and payment processes:

1. Personal Identification Data (Required for Account Creation)

• Full Legal Name (as per identification documents).
• Contact Information:
  • Mobile Number (linked to the mess account).
  • Email Address.
• Government-Issued Identifiers (where applicable):
  • PAN Card (for taxation purposes).
  • Aadhaar Number (if required for KYC verification).

2. Business and Operational Data (Required for Service Management)

• Mess Name and Business Address.
• FSSAI License Number and Certification Upload (if applicable).
• Mess Service Details:
  • Meal Plans Offered.
  • Pricing Structure.
  • Service Timings and Operational Hours.

3. Financial Data (Required for Coupon Withdrawals and Refunds)

• Bank Account Details:
  • Account Holder’s Name.
  • Bank Name and Branch.
  • Account Number and IFSC Code.
• Payment Transaction Records:
  • Coupon Conversion History.
  • Withdrawal Requests.
  • Refund Transactions.

4. Technical and Usage Data (Collected Automatically)

• Device Information:
  • Device Model, Operating System, and Browser Type.
• IP Address.
• Usage Analytics:
  • Page Views, Click Events, Session Duration.

5. Communication and Feedback Data

• Support Tickets and Complaint Records.
• Feedback and Ratings Provided by Users on Mess Services.
• Email Communications Between DMFU and Mess Providers.

B. Methods of Data Collection

DMFU collects data through the following methods:

1. Direct Collection from Mess Providers:

• During account registration and profile setup.
• When updating the mess profile or meal plans.
• While submitting bank account information for withdrawals.

2. Automatic Collection Through Platform Use:

• Analytics Tools: Data automatically collected from mess provider interactions with the Mess Dashboard.
• Device Identifiers: Collected for fraud prevention and session management.

3. Third-Party Data Sources:

• Payment Gateway Integration: Bank account verifications through UPI and linked payment processors.
• Government Databases: Verification of FSSAI licenses and PAN card information.

C. Purpose of Data Collection and Processing

DMFU collects data strictly for business operations and to ensure legal compliance. The purposes for each data type are outlined below:

1. Personal Identification Data Usage:

• Purpose:
  • To create and verify the mess provider's account.
  • To ensure unique identity verification for each mess owner.
  • To prevent fraudulent accounts or impersonation attempts.
• Legal Basis:
  • Contractual Necessity: Required for account creation.
  • Legal Compliance: Necessary for KYC and taxation purposes.

2. Business and Operational Data Usage:

• Purpose:
  • To allow mess providers to:
    • List meal plans with accurate descriptions.
    • Manage subscription details and service hours.
  • To help users find mess services in their location.
  • For operational transparency and mess visibility within the DMFU platform.
• Legal Basis:
  • Contractual Obligation: Required for service listing.
  • User Convenience: Ensures proper searchability for users.

3. Financial Data Usage:

• Purpose:
  • To process:
    • Coupon withdrawals.
    • Refund settlements.
    • Transaction history tracking for financial reporting.
  • To ensure secure and timely payments to mess providers.
• Legal Basis:
  • Contractual Necessity: Required for coupon withdrawals.
  • Legal Compliance: Required under Indian tax regulations.

4. Technical and Usage Data Usage:

• Purpose:
  • To enhance platform performance through:
    • Load balancing and session management.
    • Diagnosing technical issues.
  • To track platform engagement and optimize the Mess Dashboard interface.
  • To identify unauthorized platform use or potential security threats.
• Legal Basis:
  • Legitimate Interest: Platform maintenance and fraud prevention.

5. Communication and Feedback Data Usage:

• Purpose:
  • To facilitate support interactions and resolve complaints.
  • To improve service quality based on mess feedback.
  • To allow users to rate and review mess services for transparency.
• Legal Basis:
  • Legitimate Interest: Service improvement and dispute handling.

D. Data Sharing and Disclosure

DMFU does not sell mess provider data. However, limited sharing occurs under the following conditions:

1. Internal Data Sharing:

• With DMFU Support Teams: For complaint handling and account verification.
• With Financial Departments: For managing coupon withdrawals and tax reporting.

2. Third-Party Sharing:

• Payment Gateways: To facilitate coupon withdrawals.
• Government Bodies: For FSSAI validation and tax compliance.
• Legal Authorities: If required under a court order or government request.

3. User Visibility (Limited Sharing):

• Mess Profile Data Only:
  • Mess name, location, pricing, and available meal plans are shared with users.
• Personal Data:
  • Users do not have access to the mess provider’s contact information or financial data.

E. Data Retention Periods and Disposal

DMFU retains mess provider data only as long as necessary for the purposes outlined:

• Account-Related Data: Retained for 5 years after account closure.
• Financial Records: Retained for 7 years for compliance with tax regulations.
• Technical Logs: Retained for 12 months for security purposes.

Data Disposal:

After the retention period, data is securely deleted using data-wiping techniques.

F. Mess Provider Rights Related to Data Usage

• Right to Access: Request a copy of stored data.
• Right to Rectification: Request corrections to inaccurate information.
• Right to Object: Object to non-essential data use.
• Right to Deletion: Request account and data deletion (subject to legal retention limits).

G. Consequences of Incomplete Data Submission

• Account Suspension: Incomplete personal or financial data may result in service suspension.
• Payment Delays: Coupon withdrawals may be withheld if bank details are incorrect or incomplete.
• Restricted Service Visibility: Mess plans may be hidden from user searches if business details are inaccurate.

H. Contact Information for Data Collection Queries

• Support Email: dailymessforu@gmail.com
• Legal Compliance Team: dailymessforu@gmail.com
• Registered Office: Beginning Solutions Pvt. Ltd., [Office Address, City, PIN Code, India].

✅ Key Takeaways from Data Collection Details and Purpose of Use:

• Data Transparency: DMFU collects data only for service delivery, security, and legal compliance.
• No Data Selling: DMFU does not sell mess provider data.
• Strict Security Measures: Bank and identification data are AES-256 encrypted.
• Mess Provider Rights: Clear rights to access, modify, and delete personal data.

I. Mess Provider Acknowledgment and Agreement:

By continuing to use the DMFU platform, you acknowledge and agree that:

• You understand the data types collected and purposes.
• You consent to data processing for operational and legal purposes.
• You are aware of your rights and DMFU’s data retention policies.

3. Data Security Measures and Safeguards

This section explains the security protocols, technologies, and safeguards DMFU implements to protect the personal and business data of mess providers. It covers how data is stored, protected from unauthorized access, and handled in compliance with industry standards.

A. DMFU’s Commitment to Data Security

DMFU prioritizes the protection of mess provider data by implementing advanced security measures to:

• Prevent unauthorized access, data breaches, and cyber threats.
• Ensure the confidentiality, integrity, and availability of stored data.
• Align with industry standards such as ISO/IEC 27001 and Indian IT Security Standards.

B. Data Encryption Standards

DMFU uses strong encryption protocols to safeguard sensitive data both in transit and at rest.

1. Data Encryption at Rest (Stored Data):
   • All sensitive data, including bank details, mess owner identifiers, and FSSAI licenses, are encrypted using:
   • AES-256 encryption (Advanced Encryption Standard).
   • Data stored on servers is tokenized to prevent unauthorized data linking.
2. Data Encryption in Transit (Data Transfer):
   • Data transmitted between DMFU servers, mess provider dashboards, and third-party services is protected by:
   • TLS 1.3 encryption (Transport Layer Security).
   • All communication between DMFU’s servers and payment gateways is secured using end-to-end encryption.

C. Secure Data Storage Practices

DMFU stores all mess provider data in secure cloud infrastructure with restricted access.

• Primary Storage: Secure cloud servers hosted in India to comply with data localization laws.
• Backup Servers: Data is backed up regularly on redundant servers for disaster recovery.
• Physical Security: Server facilities are equipped with 24/7 surveillance and biometric access controls.

D. Access Control and Role-Based Permissions

To minimize data exposure, DMFU has implemented role-based access controls (RBAC) for data handling.

• Restricted Access: Only authorized personnel, such as the DMFU support team and compliance officers, can access sensitive data.
• Two-Factor Authentication (2FA): All admin accounts with data access are secured with 2FA protocols.
• Session Management: Automatic logout after 15 minutes of inactivity on the Mess Dashboard.

E. Security Audits and Vulnerability Assessments

DMFU conducts regular security audits and assessments to ensure ongoing data protection.

• Frequency:
  • Quarterly internal security reviews.
  • Annual third-party security audits.
• Scope:
  • Vulnerability scanning for data breaches.
  • Penetration testing on DMFU’s server architecture.

F. Data Anonymization and Tokenization

To further protect sensitive data, DMFU implements data anonymization techniques where possible.

• Tokenization: Sensitive data like bank details and contact information are replaced with non-sensitive tokens for internal use.
• Anonymization: When data is used for analytics or platform performance reviews, it is anonymized to avoid linking with specific mess providers.

G. Third-Party Security Standards and Integrations

DMFU partners with third-party services for payment processing and infrastructure hosting. All partners must comply with strict security requirements.

• Payment Gateways: DMFU works only with PCI DSS-compliant payment gateways.
• Cloud Storage Partners: Must meet ISO/IEC 27001 standards.
• Vendor Audits: DMFU reviews third-party data handling practices annually.

H. Data Breach Prevention Measures

DMFU takes proactive steps to prevent and minimize the risk of data breaches:

• Real-Time Threat Detection: DMFU uses Intrusion Detection Systems (IDS) and firewall monitoring to identify suspicious activities.
• Automated Threat Alerts: Security teams are notified of abnormal behavior patterns, such as:
• Repeated failed login attempts.
• Unusual data export activities.

I. Data Breach Handling Protocol

In the event of a data breach, DMFU has a structured incident response plan:

1. Breach Identification and Containment:
   • Real-time alerts will trigger an immediate investigation by DMFU’s security team.
   • Affected systems will be isolated to prevent further damage.
2. Notification to Affected Parties:
   • DMFU will notify:
   • Mess Providers within 72 hours of breach detection.
   • Regulatory Authorities (if required by law).
   • Notification Contents:
   • Nature of the breach.
   • Data potentially exposed.
   • Steps taken to mitigate risks.
3. Corrective Measures and Remediation:
   • Conduct a root cause analysis.
   • Implement additional security patches and preventive measures.
4. Post-Incident Review and Documentation:
   • A complete incident report will be documented, including:
   • Timeline of events.
   • Security vulnerabilities identified.
   • Future recommendations to prevent recurrence.

J. Data Security Responsibilities of Mess Providers

While DMFU takes extensive measures to secure data, mess providers must also follow security best practices:

1. Secure Password Management:
   • Use strong passwords with a mix of letters, numbers, and symbols.
   • Avoid using common phrases or repeating passwords across platforms.
2. Device Security:
   • Access the Mess Dashboard only from secure devices.
   • Keep the operating system and antivirus software updated.
3. Preventing Unauthorized Access:
   • Do not share account credentials with unverified third parties.
   • Report suspicious activity to DMFU Support immediately.

K. Consequences of Non-Compliance with Security Standards

Failure to comply with security best practices or DMFU’s data protection standards may result in:

• Temporary Account Suspension: If non-compliance poses security risks.
• Service Restrictions: Limited access to payment withdrawals until issues are resolved.
• Legal Action: In cases where security negligence leads to a data breach affecting multiple users.

L. Security Compliance Certifications and Standards Followed by DMFU

DMFU adheres to recognized data protection standards, including:

• ISO/IEC 27001: Information Security Management.
• PCI DSS Compliance: For payment security standards.
• Indian IT Act, 2000: Compliance with Indian cybersecurity laws.

M. Contact Information for Security Concerns

Mess providers can report security concerns, suspicious activity, or seek clarification on DMFU’s data protection measures by contacting:

• Support Email: dailymessforu@gmail.com
• Security Team Email: security@dmfu.com
• In-App Support Chat: Available in the Mess Dashboard.

✅ Key Takeaways from Data Security Measures and Safeguards:

• AES-256 Encryption: Applied for both data at rest and data in transit.
• Role-Based Access Control (RBAC): Limited data visibility based on user roles.
• Proactive Monitoring: Real-time threat detection systems and firewalls.
• Incident Response: Clear breach management protocol with 72-hour notifications.
• Mess Owner Responsibility: Secure password use and device security are essential.

N. Mess Provider Acknowledgment and Agreement:

By using the DMFU platform, you confirm that:

• You understand DMFU’s data security standards and agree to comply with best practices.
• You acknowledge that DMFU uses industry-standard encryption and firewall protection for data protection.
• You agree to take personal responsibility for maintaining secure login credentials.

4. Data Sharing and Third-Party Integrations

This section explains how DMFU shares mess owner data with third parties, the purposes for such sharing, the security measures in place, and the mess owner's rights regarding third-party data handling.

A. DMFU's Principles for Data Sharing

DMFU follows a minimal data-sharing approach, meaning data is only shared when:

• Essential for Service Delivery: To process payments, verify identities, and ensure regulatory compliance.
• Legally Required: To meet tax obligations and government mandates.
• Security-Driven: To prevent fraud and ensure platform integrity.

B. Types of Third Parties with Whom DMFU Shares Data

DMFU may share limited data with the following categories of third parties:

1. Payment Processors and Financial Institutions

Purpose:

• To process coupon withdrawals and refunds.
• To verify the authenticity of bank details.

Third-Party Services Used: Razorpay, Paytm, and other PCI DSS-compliant gateways.

Data Shared:

• Bank Account Holder’s Name.
• Account Number and IFSC Code.
• Transaction IDs and Payment Amounts.

2. Government and Regulatory Bodies

Purpose:

• To comply with Indian taxation laws, FSSAI regulations, and KYC standards.
• For audits and financial reporting.

Data Shared:

• PAN Card Number (for tax compliance).
• FSSAI License Information (if applicable).
• Bank Transaction Records.

3. Cloud Storage and Hosting Providers

Purpose: To securely store mess provider data and ensure platform uptime.

Third-Party Services Used: AWS (Amazon Web Services) – India-based secure cloud servers.

Data Shared:

• Personal Data (Encrypted).
• Business Listings and Subscription Plans.
• User Interaction Logs.

Security Measures Applied:

• AES-256 Encryption for stored data.
• Restricted server access with multi-factor authentication (MFA).

4. Analytics and Performance Tools

Purpose:

• To monitor platform performance and improve user experience.
• To detect and mitigate fraudulent activities.

Third-Party Services Used: Google Analytics for usage behavior analysis.

Data Shared:

• IP Address (Anonymized).
• Device Information.
• Session Logs and Click Activity.

Security Measure: No personally identifiable information (PII) is shared.

5. Customer Support and Service Tools

Purpose: To handle mess owner inquiries and resolve technical issues.

Third-Party Services Used: Freshdesk for support ticket management.

Data Shared:

• Mess Owner's Name.
• Contact Information (Email & Phone Number).
• Support Ticket History.

C. Situations Where DMFU May Disclose Data Without Consent

DMFU may disclose mess provider data without prior consent in the following situations:

• Legal Compliance: When required by court orders, law enforcement requests, or government directives.
• Fraud Prevention: If a mess provider is involved in suspected financial fraud, DMFU may share data with fraud detection agencies.
• Mergers and Acquisitions: If DMFU undergoes a merger, acquisition, or asset sale, mess provider data may be transferred to the new entity with notice.

D. Data Minimization Practices (What DMFU Does Not Share)

DMFU does not share the following sensitive data with any third party:

• Mess Owner Passwords.
• Full Bank Account Details (beyond necessary for payment processing).
• Personal Identification Numbers (e.g., Aadhaar) for unauthorized purposes.

E. Security Measures for Third-Party Data Handling

DMFU ensures that all third-party integrations meet industry-standard security benchmarks:

• Vendor Vetting: Only partners with ISO/IEC 27001 and PCI DSS certifications are engaged.
• Data Encryption: All data shared with third parties is encrypted using TLS 1.3 encryption.
• Access Control: Third parties can only access minimum required data for their services.
• Confidentiality Agreements: All third-party service providers sign Data Protection Agreements (DPAs) with DMFU.

F. Mess Owner Consent for Data Sharing

DMFU requires explicit consent for:

• Marketing Collaborations: If mess data is to be shared with advertising platforms.
• Optional Features: For mess visibility boosts and partnerships beyond basic service delivery.

How Consent is Collected:

• Consent is obtained during account registration and can be modified anytime under the Mess Dashboard Settings.

G. Mess Owner Rights Regarding Third-Party Sharing

Mess providers have the following rights concerning third-party data sharing:

• Right to Know: Mess providers can request a list of third parties who have accessed their data.
• Right to Object: Providers can refuse certain data sharing practices unless legally required.
• Right to Revoke Consent: Consent for marketing data sharing can be withdrawn anytime.

H. Data Sharing Retention Timeline and Disposal

Retention Period:

• Data shared with third parties for payment processing is retained for 7 years for tax compliance.
• Non-financial data (e.g., usage analytics) is anonymized and retained for 12 months.

Data Disposal:

• Upon expiration of the retention period, data is permanently deleted through:
• Secure file wiping protocols.
• Tokenization removal for stored financial data.

I. Consequences of Declining Third-Party Data Sharing

Mess providers who choose to decline sharing data with third parties may face:

• Restricted Payment Services: Payment withdrawals may be delayed or declined.
• Limited Platform Features: Certain features (e.g., mess rating analytics) may be disabled.
• Inability to List Services: Without FSSAI verification and payment authorization, the mess may be restricted from listing services.

J. Contact Information for Data Sharing Queries

Mess providers can inquire or raise concerns about third-party data sharing by contacting:

• Support Email: dailymessforu@gmail.com
• Legal Compliance Team: dailymessforu@gmail.com
• Registered Office: Beginning Solutions Pvt. Ltd., [Office Address, City, PIN Code, India]

✅ Key Takeaways from Data Sharing and Third-Party Integrations:

• Limited Sharing: DMFU shares data only when necessary for service delivery, compliance, and security.
• Secure Integrations: All third parties are vetted and meet international security standards.
• Mess Owner Control: Mess owners have rights to object, review, and revoke consent for non-essential sharing.
• No Unauthorized Sharing: DMFU never sells mess provider data for profit.

K. Mess Provider Acknowledgment and Agreement:

By using the DMFU platform, you acknowledge and agree that:

• You understand the types of data shared with third parties.
• You consent to the necessary data sharing required for service delivery.
• You retain the right to object to certain types of data sharing unless legally required.

5. Data Retention and Deletion Policies

This section outlines DMFU's policies for data retention, the duration for which mess provider data is stored, conditions under which data is deleted, and the process for secure data disposal. These policies ensure compliance with Indian data protection laws and international best practices.

A. Principles of Data Retention

• Purpose Limitation: Data is retained only as long as necessary for the specific purpose for which it was collected.
• Legal Compliance: Data retention is mandated for compliance with Indian tax laws and financial regulations.
• Data Minimization: Only essential data is retained while redundant data is deleted.
• Transparency: Mess providers have the right to know how long their data will be stored.

B. Types of Data Retained and Retention Duration

DMFU retains different categories of mess provider data for varying durations based on the nature of the data and its intended use.

1. Personal Identification Data

• Data Collected:
  • Full Name.
  • Contact Information (Email, Phone).
  • Government Identifiers (e.g., PAN, Aadhaar for taxation purposes).
• Retention Period: Retained for 5 years after the account closure to meet legal obligations and for audit purposes.

2. Business and Operational Data

• Data Collected:
  • Mess Name and Address.
  • Service Listings and Meal Plans.
  • FSSAI License and Certifications.
• Retention Period:
  • Retained for as long as the mess provider is actively using the platform.
  • Deleted within 180 days after account termination unless required for audits.

3. Financial Data

• Data Collected:
  • Bank Account Information (Account Holder Name, IFSC, Account Number).
  • Transaction Histories (Coupon Withdrawals and Refund Records).
• Retention Period: Retained for 7 years after the transaction as per Indian tax laws (Income Tax Act, 1961).

4. Technical and Usage Data

• Data Collected:
  • IP Address.
  • Device Information.
  • User Interaction Logs (e.g., session data, click patterns).
• Retention Period: Retained for 12 months for security analysis and platform optimization.

5. Communication and Support Data

• Data Collected:
  • Support Tickets.
  • Complaint Records.
  • Feedback and Response Logs.
• Retention Period: Retained for 3 years from the date of ticket closure for service improvement and dispute resolution.

C. Data Deletion Policy and Procedures

• 1. Account Deletion Upon Request
  • Request Process: Mess providers can request deletion through the dashboard or email dailymessforu@gmail.com.
  • Verification: Two-step verification via OTP confirmation and identity check.
  • Processing Timeline: Completed within 30 days of verification.
• 2. Automatic Data Deletion After Account Closure
  • Inactive accounts are notified and deleted after 180 days of inactivity.
• 3. Partial Deletion for Compliance
  • Certain data is retained for legal compliance (e.g., financial records).
  • Non-essential data is deleted within the stipulated period.
• 4. Deletion After Policy Violations
  • Essential records retained for 5 years for dispute handling.
  • Non-essential data deleted within 90 days.

D. Secure Data Deletion Methods

• Digital Shredding: Permanent erasure using cryptographic methods.
• Tokenized Data Removal: Deletion of tokenization keys for sensitive data.
• Secure Overwriting: Use of 3-pass deletion protocols.

E. Data Retention Extensions (Special Cases)

• Legal disputes or regulatory audits may require extended retention.

F. Mess Provider Rights Related to Data Retention and Deletion

• Right to Know: Request a report on stored data.
• Right to Deletion: Request removal of redundant data.
• Right to Restrict Processing: Request limited data retention under specific conditions.

G. Consequences of Declining Data Retention

• Service Restrictions: Listings may be disabled.
• Coupon Withdrawals Blocked: Pending payments withheld.
• Account Suspension: Non-compliance may result in suspension.

H. Data Archival Policy (Long-Term Storage)

• Secure Offline Storage: Encrypted with controlled access.
• Retention Period: Archived data is deleted after the mandatory retention period.

I. Contact Information for Data Retention and Deletion Queries

• Email: dailymessforu@gmail.com
• Legal Compliance: dailymessforu@gmail.com
• Office: Beginning Solutions Pvt. Ltd., [Office Address, City, PIN Code, India]

✅ Key Takeaways from Data Retention and Deletion Policies:

• Retention Period: DMFU retains data for 5-7 years for legal compliance.
• Data Deletion: Secure methods include cryptographic erasure.
• Mess Provider Rights: Can request data deletion or access anytime.
• Security Assurance: Archived data is encrypted and access is limited.

J. Mess Provider Acknowledgment and Agreement:

By continuing to use the DMFU platform, you acknowledge and consent to the data retention and deletion policies described above.

6. Mess Owner Rights and Control Over Data

This section outlines the data rights mess owners have regarding their personal and business information stored by DMFU. It also explains how mess providers can exercise these rights, ensuring compliance with Indian data protection laws and global best practices.

A. Overview of Mess Owner Rights

Mess providers using DMFU are granted the following data rights:

1. Right to Access (Data Transparency)
2. Right to Rectification (Correction of Data)
3. Right to Data Portability (Transferability of Data)
4. Right to Object to Data Processing
5. Right to Erasure (Data Deletion)
6. Right to Restrict Processing
7. Right to Withdraw Consent
8. Right to Lodge a Complaint

B. Right to Access (Transparency and Data Awareness)

What It Means:

• Mess providers have the right to request full access to the data DMFU holds about them.
• This includes both personal data (e.g., name, contact details) and business data (e.g., meal plans, financial records).

How to Exercise:

• Mess providers can request access through:
  • Mess Dashboard → Privacy Settings → Request Data Report.
  • Or by sending a formal request to dailymessforu@gmail.com.

Response Timeline:

• DMFU will respond within 15 working days with a comprehensive data summary.

C. Right to Rectification (Correction of Data)

What It Means:

• Mess providers can request corrections to inaccurate, outdated, or incomplete data.

Common Cases for Rectification:

• Incorrect mess address.
• Outdated bank details.
• Invalid FSSAI license numbers.

How to Exercise:

• Rectifications can be requested via:
  • Mess Dashboard → Edit Profile Section.
  • Or by contacting dailymessforu@gmail.com.

Processing Timeline:

• DMFU will verify and update the corrected data within 7 working days.

D. Right to Data Portability (Data Transfer)

What It Means:

• Mess providers have the right to request a machine-readable copy of their data for use on another platform or service.
• Data will be provided in a CSV or JSON format.

Types of Transferable Data:

• Personal Identification Data.
• Business and Service Listings.
• Financial Transaction Records.

How to Exercise:

• Submit a request through:
  • Mess Dashboard → Privacy Settings → Request Data Export.
  • Or email dailymessforu@gmail.com.

Processing Timeline:

• DMFU will provide the requested data within 15 working days.

E. Right to Object to Data Processing

What It Means:

• Mess providers can object to the processing of their data under specific circumstances, such as:
  • Direct marketing communications.
  • Non-essential data collection practices.

Impact of Exercising This Right:

• Objecting to certain types of data processing may:
  • Limit access to non-essential features (e.g., marketing promotions).
  • Not affect core services like meal listing and payments.

How to Exercise:

• Toggle data preferences under Mess Dashboard → Privacy Preferences.

F. Right to Erasure (Right to Be Forgotten)

What It Means:

• Mess providers can request the permanent deletion of their data under the following conditions:
  • When they stop using the DMFU platform.
  • If the data is no longer necessary for its original purpose.
  • If the mess provider withdraws consent.

Exceptions:

• DMFU may decline deletion if:
  • The data is required for legal compliance (e.g., tax reporting).
  • Active financial disputes are unresolved.

How to Request Data Deletion:

• Mess Dashboard → Account Settings → Delete My Account.
• Or submit a formal deletion request via dailymessforu@gmail.com.

Processing Timeline:

• DMFU will delete the requested data within 30 working days, except data retained for legal purposes.

G. Right to Restrict Processing

What It Means:

• Mess providers can request a temporary halt to data processing in the following situations:
  • When the data’s accuracy is being verified.
  • During the review of a data correction request.
  • If the provider objects to non-essential marketing use of data.

Impact:

• Data will be restricted from active use but not deleted during the restriction period.

How to Exercise:

• Enable the restriction setting via:
  • Mess Dashboard → Privacy Preferences → Restrict Data Usage.
  • Or send a formal restriction request via dailymessforu@gmail.com.

H. Right to Withdraw Consent

What It Means:

• Mess providers have the right to withdraw consent previously given for data collection or marketing communications.

How to Withdraw Consent:

• Mess Dashboard → Privacy Preferences → Withdraw Consent.
• DMFU will stop processing data within 7 working days after withdrawal.

I. Right to Lodge a Complaint (Data Rights Violations)

What It Means:

• If a mess provider believes their data rights have been violated, they can lodge a formal complaint with:
  • DMFU’s Compliance Team.
  • Or relevant Indian regulatory authorities.

Steps for Filing a Complaint:

1. Contact DMFU Support:
   • Submit a formal complaint to dailymessforu@gmail.com.
2. Escalation (If Unresolved):
   • If unresolved within 15 days, the provider can escalate to dailymessforu@gmail.com.
3. Regulatory Reporting:
   • If still unresolved, mess providers can contact the Data Protection Authority of India (DPAI) under the proposed Digital Personal Data Protection Bill.

J. How DMFU Facilitates Mess Owner Rights

DMFU ensures transparent access to data control features:

• Privacy Dashboard: Accessible directly via the Mess Dashboard → Privacy Center.
• Data Access Tools: Automated tools for data export, rectification, and deletion requests.
• Support Accessibility: A dedicated Privacy Support Team to handle complex rights requests.

K. Consequences of Declining Certain Data Rights

While DMFU fully supports mess owners' rights, declining certain data usage may result in:

• Account Suspension: If essential data for tax compliance is removed.
• Restricted Payment Access: If bank details are not provided.
• Reduced Service Visibility: If service listings are incomplete.

L. Contact Information for Exercising Rights and Clarifications

Mess providers can contact DMFU for data rights inquiries or complaints at:

• Support Email: dailymessforu@gmail.com
• Legal Department: dailymessforu@gmail.com
• In-App Support: Available under Mess Dashboard → Help Center.

✅ Key Takeaways on Mess Owner Rights:

• Comprehensive Data Control: Mess providers have rights over access, correction, deletion, and portability.
• Transparency: Mess providers can access their data via the Mess Dashboard or direct support requests.
• Data Security: DMFU complies with Indian data protection standards and grants full transparency over data handling.

M. Mess Provider Acknowledgment and Agreement:

By continuing to use the DMFU platform, you confirm that:

• You understand your data rights as outlined above.
• You can access, rectify, or delete your data as needed.
• You acknowledge DMFU’s compliance with data protection laws.

7. Legal Compliance and Governing Laws

This section outlines how DMFU ensures compliance with Indian data protection laws and other relevant legal frameworks while handling mess owner data. It also defines the legal jurisdiction governing data disputes and the platform's obligations under applicable regulations.

A. Legal Frameworks Governing Data Handling at DMFU

DMFU complies with the following Indian legal standards for data protection and privacy:

1. Information Technology Act, 2000 (India)

• DMFU adheres to Section 43A and Section 72A, which govern:
• Secure handling of personal data.
• Data breach reporting requirements.
• Financial liability for data mishandling.

2. Digital Personal Data Protection (DPDP) Bill, 2023

• DMFU aligns with the latest provisions of the DPDP Bill, including:
• Lawful Data Processing: Data is only collected for specific business purposes.
• Purpose Limitation: Data is not reused for purposes beyond the original collection intent.
• User Consent: Mess providers give explicit consent for data handling and can withdraw it.

3. Income Tax Act, 1961 (India)

• DMFU retains financial transaction records and tax data for up to 7 years in compliance with:
• GST Reporting.
• PAN-based income tax compliance.

4. Food Safety and Standards Authority of India (FSSAI)

• DMFU ensures mess providers supply valid FSSAI licenses where applicable for legal compliance with food safety laws.

B. Lawful Basis for Data Processing (Legal Justification)

DMFU processes mess provider data based on the following lawful grounds:

• 1. Contractual Necessity: Data collected for account creation, payment processing, and service listing is essential to provide services under the Terms & Conditions.
• 2. Legal Obligations: Data is collected to meet regulatory requirements such as:
• Tax Compliance.
• KYC (Know Your Customer) Verification.
• Audit Requirements.
• 3. Legitimate Business Interests: Certain data processing is necessary to:
• Prevent fraudulent activity.
• Maintain platform security.
• Improve service quality and user experience.
• 4. Consent-Based Processing: Consent is explicitly obtained for:
• Marketing communications.
• Participation in promotional campaigns.
• Non-essential data use (e.g., data analytics).

C. Compliance with Data Localization Laws (India)

• Data Storage Location: All mess provider data is stored within India on secure servers (e.g., AWS India Region).
• Cross-Border Data Transfer: DMFU does not transfer mess provider data outside India, except for third-party services compliant with Indian data protection standards.

D. Regulatory Compliance Measures Implemented by DMFU

To ensure full legal compliance, DMFU has implemented the following internal policies:

• 1. Data Protection Impact Assessments (DPIA): Regular assessments are conducted to:
• Identify data vulnerabilities.
• Ensure lawful data collection and minimum data usage.
• 2. Compliance Audits and Monitoring: Quarterly Audits: Internal reviews of data handling practices.
• 3. Vendor Compliance Management: DMFU ensures that third-party service providers (e.g., payment gateways) meet:
• PCI DSS standards for financial data security.
• ISO/IEC 27001 standards for cloud storage security.
• 4. Training and Awareness Programs: DMFU provides regular data protection training to:
• Staff handling mess provider data.
• Customer support teams managing sensitive information.

E. Legal Jurisdiction and Dispute Resolution

Jurisdiction:

• All legal matters concerning data handling and privacy violations fall under the jurisdiction of the Courts of [City, State, India].

Governing Law:

• The Information Technology Act, 2000 and Indian Contract Act, 1872 govern DMFU’s data policies.

F. Dispute Resolution Process (Data-Related Disputes)

If a mess provider raises a data-related dispute, DMFU follows this structured resolution process:

• 1. Informal Resolution Stage: The mess provider should first raise the issue via:
• Mess Dashboard → Support Center.
• Or email dailymessforu@gmail.com.
• 2. Internal Review (Within 7 Days): DMFU will investigate the issue and provide a written response.
• 3. Escalation to Compliance Team: If unresolved, the issue will be escalated to the Legal Compliance Team at dailymessforu@gmail.com.
• 4. External Arbitration (If Required): If internal efforts fail, the dispute may be referred to a neutral arbitration body under the Arbitration and Conciliation Act, 1996.

G. Consequences of Non-Compliance with Legal Requirements

• Account Suspension: If critical documents like PAN or FSSAI licenses are missing.
• Coupon Payment Freezes: If financial details are incomplete or invalid.
• Legal Penalties: DMFU may report non-compliance to regulatory authorities if required by law.

H. Mess Provider Responsibilities for Legal Compliance

• Provide Accurate Information: Ensure all submitted documents (e.g., PAN, FSSAI certificates) are valid.
• Maintain Compliance: Regularly update licenses and business data.
• Cooperate with Audits: Comply with data verification requests when requested by DMFU.

I. Changes to Legal Policies and Compliance Standards

• DMFU reserves the right to update its Legal Compliance and Governing Laws section:
• Notification Protocol:
• Mess providers will be notified via:
• In-App Notifications.
• Email Alerts.
• Continued Usage Consent:
• Continuing to use DMFU after a legal update constitutes implied acceptance.

J. Contact Information for Legal Inquiries

• Legal Department: dailymessforu@gmail.com
• Support Team: dailymessforu@gmail.com
• Registered Office: Beginning Solutions Pvt. Ltd., [Office Address, City, PIN Code, India].

✅ Key Takeaways from Legal Compliance and Governing Laws Section:

• Compliance Focus: DMFU adheres to the IT Act, 2000, DPDP Bill, 2023, and FSSAI standards.
• Clear Legal Grounds: Data is processed for contractual necessity, legal compliance, and consent-based processing.
• Mess Owner Responsibility: Mess providers must ensure accurate and up-to-date data.
• Legal Jurisdiction: Disputes will be handled under Indian legal frameworks.

K. Mess Provider Acknowledgment and Agreement:

• By continuing to use the DMFU platform, you confirm that:
• You understand DMFU’s Legal Compliance and Governing Laws policies.
• You consent to DMFU's data handling based on Indian data laws.
• You agree to provide accurate business data and comply with legal standards.

8. Policy Amendments and Updates

This section outlines how DMFU manages updates to the Mess Owner Privacy Policy, how mess providers will be informed of changes, and their rights concerning policy modifications.

A. Purpose of Policy Amendments

DMFU reserves the right to update this Mess Owner Privacy Policy to:

• Align with legal and regulatory changes (e.g., amendments to the IT Act, 2000 or DPDP Bill, 2023).
• Reflect changes in platform features (e.g., modifications to the coupon system or mess service listing).
• Strengthen security practices and improve data protection standards.
• Clarify or expand mess provider rights and data handling practices.

B. Frequency and Scope of Policy Updates

Policy Review Frequency:

• DMFU conducts annual reviews of its privacy policy for alignment with current laws and operational requirements.

Scope of Updates May Include:

• Changes to data collection practices.
• Adjustments in data retention periods.
• New third-party service integrations.
• Updated mess provider rights based on feedback.
• Revised security measures and compliance standards.

C. Notification Process for Policy Changes

DMFU is committed to transparency and will notify mess providers of policy amendments through the following channels:

• 1. In-App Notifications: Mess providers will receive a pop-up alert in the Mess Dashboard with a summary of the changes and a link to the updated policy.
• 2. Email Notifications: An email will be sent to the registered mess owner’s email address, summarizing:
  • Key policy changes.
  • Effective date of the update.
  • Instructions on how to review the full policy.
• 3. Platform Announcements: Updates will be published in the Privacy Policy section of the DMFU website.

D. Timeline for Policy Amendments to Take Effect

To ensure fairness, DMFU will:

• Provide a 15-day advance notice for significant policy changes.
• For minor updates (e.g., clarifications or formatting improvements), DMFU may implement the changes immediately.

Effective Date: The effective date will be clearly mentioned at the beginning of the updated policy.

E. Mess Owner Consent and Acknowledgment Process

DMFU requires explicit consent for critical policy changes affecting:

• Data Sharing Practices.
• Data Retention Timelines.
• Changes in Payment Handling.

Consent Mechanisms:

1. In-App Consent Box: Mess providers will be prompted to click “I Agree” before accessing the Mess Dashboard after major updates.
2. Email Confirmation: For certain changes, DMFU may seek confirmation via a one-click consent link in the email.

F. Right to Object to Policy Amendments

Mess providers have the right to:

• Object to any significant changes in data handling that go beyond the original consent given.
• Request Clarification if the policy language seems unclear or ambiguous.
• Decline Consent for non-mandatory data usage (e.g., optional marketing data sharing).

How to Object:

• Mess providers can object by contacting dailymessforu@gmail.com with a detailed explanation of their concern.
• DMFU will review the objection within 10 working days.

Outcome:

• If the objection relates to non-essential data usage, mess services will continue with restricted data use.
• If the objection conflicts with legal requirements, DMFU may restrict account features.

G. Consequences of Declining Mandatory Policy Changes

If a mess provider declines consent for mandatory changes related to legal compliance or platform security, the following actions may be taken:

• Service Restrictions: Access to core features (e.g., coupon withdrawals) may be paused.
• Account Suspension: If critical compliance data (e.g., tax information) is refused, the account may be temporarily suspended.
• Termination of Services: If compliance cannot be met, DMFU reserves the right to terminate the service agreement.

H. Record Keeping for Policy Amendments

DMFU maintains a version control system for policy amendments, ensuring complete transparency regarding historical policy versions.

• Version Number.
• Effective Date.
• Summary of Changes.
• Reason for the Change.

I. Reversion and Policy Restoration Rights

In rare cases where a policy update results in operational challenges, DMFU reserves the right to:

• Revert to a Previous Version: If the policy amendment is found to be ineffective.
• Issue a Temporary Update Suspension: While policy language is clarified.

J. Special Circumstances for Immediate Policy Changes

DMFU may introduce immediate policy changes without prior notice under the following conditions:

• Legal Directives: If required by government orders or court mandates.
• Security Breach Protocols: To protect platform data from imminent threats.
• Force Majeure Events: In cases of natural disasters or cyberattacks.

Mess providers will be notified post-implementation with a full explanation of the changes.

K. Mess Provider Responsibilities Regarding Policy Updates

Mess providers are responsible for:

• Regularly Reviewing Policy Changes: Staying informed by periodically reviewing the Privacy Policy page.
• Ensuring Accurate Contact Information: Keeping the registered email address updated for policy communications.
• Seeking Clarification: Raising concerns promptly if any policy term is unclear.

L. Contact Information for Policy Amendments and Clarifications

Mess providers can reach out for clarifications or to discuss concerns related to policy changes through:

• Support Team: dailymessforu@gmail.com
• Legal Compliance Department: dailymessforu@gmail.com
• Registered Office: Beginning Solutions Pvt. Ltd., [Office Address, City, PIN Code, India].

✅ Key Takeaways from Policy Amendments and Updates:

• Transparency: DMFU ensures mess providers receive advance notifications for significant updates.
• Consent Requirements: Explicit consent is obtained for major policy changes.
• Mess Owner Rights: Mess providers can object or seek clarification on policy amendments.
• Advance Notice: A 15-day notice is provided for significant changes.

M. Mess Provider Acknowledgment and Agreement:

By continuing to use the DMFU platform, you confirm that:

• You understand DMFU’s Policy Amendments and Updates procedure.
• You acknowledge your right to object or seek clarification on policy modifications.
• You agree to comply with any mandatory changes introduced for legal or security purposes.

9. Contact Information and Support Services for Mess Owners

This section provides comprehensive details about how mess owners can contact DMFU for support, file complaints, request clarifications, and receive assistance with their data rights, platform issues, and compliance concerns.

A. Overview of Support Services for Mess Owners

DMFU offers a dedicated support system to ensure mess owners receive timely assistance for:

• Account Management Issues: Registration, data updates, and deletions.
• Financial Transactions: Coupon withdrawals, refund concerns, and delayed payments.
• Policy Clarifications: Privacy policies, terms of service, and compliance questions.
• Technical Support: Mess Dashboard errors, QR code issues, and technical disruptions.

B. Available Support Channels for Mess Owners

DMFU provides multiple channels for mess owners to reach out for support based on the nature of their query.

• 1. In-App Support Chat (Primary Channel): Available within the Mess Dashboard for real-time assistance.
  • Support Categories:
    • Payment Issues.
    • Subscription Management.
    • Data Deletion Requests.
  • Availability: Monday to Saturday: 9:00 AM – 7:00 PM (IST). Closed on Sundays and Public Holidays.
• 2. Email Support (For Official and Non-Urgent Queries): Mess providers can submit detailed support requests via:
  • General Support: dailymessforu@gmail.com
  • Payment and Withdrawal Issues: dailymessforu@gmail.com
  • Legal Compliance Issues: dailymessforu@gmail.com

  Expected Response Time:

  • General Queries: Within 24-48 hours.
  • Payment Disputes: Within 3-5 working days.
  • Legal and Compliance Queries: Within 7 working days.
• 3. Phone Support (For Critical Issues Only):
  • Phone Hotline: +91-8484837340 (For urgent issues like major technical failures or financial disputes).
  • Hours of Operation: Monday to Saturday: 10:00 AM – 6:00 PM (IST).
• 4. Support Ticket System (For Tracking Requests): Mess owners can create a support ticket via:
  • Mess Dashboard → Help Center → Raise a Ticket.
  • Each ticket is assigned a unique reference number for tracking progress.
• 5. Knowledge Base and Self-Service Resources:
  • Available at www.dmfu.com/support.
  • Resources Include:
    • FAQs on data rights, policy clarifications, and service management.
    • Step-by-Step Guides for managing mess listings, coupon withdrawals, and more.

C. Support Response Time Commitments

D. How to File a Complaint or Service Issue

Mess providers can file complaints directly through the Mess Dashboard or via email.

Steps to Report a Complaint:

1. Log into the Mess Dashboard.
2. Navigate to: Help Center → Raise a Complaint.
3. Select the Issue Type: Payment, Technical Error, Data Privacy, etc.
4. Provide Details: Include a clear description, relevant screenshots, and transaction IDs (if applicable).
5. Submit and Receive Ticket Number: A unique ticket number will be assigned for tracking purposes.

E. Complaint Escalation Process

If a mess owner is dissatisfied with the initial response, they can escalate their complaint as follows:

• Step 1: Submit a Standard Support Ticket: Contact through Mess Dashboard or dailymessforu@gmail.com. DMFU will attempt resolution within 3-5 working days.
• Step 2: Escalation to Senior Support Specialist: If unresolved, the issue is forwarded to a Senior Support Specialist. Expected response within 5-7 working days.
• Step 3: Escalation to Compliance Team (Final Stage): If the issue remains unresolved, mess providers can escalate directly to the Legal Compliance Team by emailing dailymessforu@gmail.com. The compliance team will respond within 10 working days.
• Step 4: Arbitration (For Legal Disputes): If internal processes fail to resolve the dispute, mess owners can request arbitration under the Arbitration and Conciliation Act, 1996.

F. Support Limitations and Exclusions

DMFU support services do not cover the following situations:

• Third-Party Failures: Issues arising from external platforms like banking services or internet outages.
• Non-Compliance with Policies: If a mess provider refuses to comply with mandatory legal data retention policies.
• Outdated Contact Information: If the mess provider fails to update their contact details in the Mess Dashboard.

G. Support for Data Rights Requests (Critical Cases)

Mess providers can request assistance regarding their data rights (as outlined earlier) for:

• Data Access Requests.
• Data Rectification Requests.
• Account Deletion or Restriction Requests.

How to Raise a Data Rights Request:

• Via the Mess Dashboard under Privacy Settings.
• Email dailymessforu@gmail.com with supporting documentation.

H. Emergency Support Protocol (Critical Failures)

DMFU has a priority support protocol for handling critical situations such as:

• Platform Outages.
• Payment Gateway Failures.
• Mass Data Breach Notifications.

Emergency Contact:

• Critical Hotline: +91-8484837340
• Email: emergency@dmfu.com

Action Timeline:

• Immediate Acknowledgment: Within 2 hours.
• Issue Resolution: Within 24 hours (depending on severity).

I. Mess Owner Responsibilities in Using Support Services

• Provide Clear Details: Ensure complaints include all necessary information for faster resolution.
• Maintain Updated Contact Information: To receive timely updates on complaints.
• Avoid Misuse: Misuse of support services (e.g., repeated invalid claims) may result in restricted service access.

J. Contact Information for Support Services

• General Support: dailymessforu@gmail.com
• Payment Issues: dailymessforu@gmail.com
• Legal Compliance: dailymessforu@gmail.com
• Phone Support: +91-8484837340
• Website: www.dmfu.com/support

✅ Key Takeaways for Contact Information and Support Services:

• Multiple Channels: DMFU offers in-app chat, email, phone, and a ticket system for mess owner support.
• Clear Response Times: Response times vary based on the issue type, with critical issues receiving priority.
• Escalation Process: Mess owners can escalate unresolved issues to the Compliance Team.
• Emergency Support: Dedicated support exists for platform failures and payment issues.

K. Mess Provider Acknowledgment and Agreement:

• By using DMFU's support services, you confirm that:
• You understand the support channels and timelines available.
• You agree to provide accurate details for faster issue resolution.
• You acknowledge the importance of cooperating with DMFU for effective service delivery.

10. Data Breach Protocol and Security Incidents

This section outlines DMFU’s data breach response protocol for mess owner data, the preventive measures in place, and the steps taken to mitigate damage in the event of a security incident. It also covers mess owner responsibilities and rights regarding breach notifications and compensation.

A. Definition of a Data Breach

A data breach is defined as any unauthorized access, disclosure, loss, alteration, or misuse of mess owner data held by DMFU.

Examples of Data Breaches Include:

• Unauthorized access to personal data (e.g., PAN, bank details).
• Unauthorized third-party access to the Mess Dashboard.
• Data loss due to cyberattacks (e.g., phishing, ransomware).
• Physical theft or damage to DMFU’s data servers.

B. Data Breach Prevention Measures

DMFU takes proactive security measures to minimize the risk of data breaches:

1. Encryption Standards:
   • AES-256 encryption for sensitive data at rest.
   • TLS 1.3 encryption for data in transit.
2. Role-Based Access Controls (RBAC):
   • Restricted Access: Only authorized DMFU personnel can access sensitive data.
   • Two-Factor Authentication (2FA): Mandatory for all administrative accounts.
3. Security Monitoring Tools:
   • Intrusion Detection Systems (IDS) to monitor unauthorized access attempts.
   • Real-Time Threat Alerts: Automated alerts for unusual activity patterns.
4. Regular Security Audits and Testing:
   • Quarterly Vulnerability Assessments.
   • Annual Penetration Testing by certified third-party firms.

C. Data Breach Detection and Identification

DMFU has a three-tiered detection system to identify potential breaches:

1. Automated Detection: Real-time scanning for unusual login attempts, data exports, or failed logins.
2. Manual Detection: Periodic manual reviews by DMFU’s security team.
3. Third-Party Alerts: External service providers (e.g., cloud hosting platforms) notify DMFU of vulnerabilities.

D. Data Breach Reporting Protocol (For Internal Use)

Upon identifying a data breach, DMFU activates the following steps:

Step 1: Breach Containment (Within 2 Hours)

• Isolate the affected data systems immediately.
• Disable compromised user accounts and restrict further platform access.

Step 2: Breach Assessment (Within 6 Hours)

• Determine the scope of the breach:
  • Data types affected.
  • Number of impacted mess owners.
• Identify the source of the breach:
  • Internal system failure.
  • External cyberattack.
  • Third-party vendor breach.

Step 3: Breach Classification (Within 12 Hours)

• Low Risk: No sensitive data compromised.
• Medium Risk: Partial data exposed (e.g., contact details).
• High Risk: Critical data compromised (e.g., bank details, personal identifiers).

E. Mess Owner Notification Protocol

If a data breach occurs and impacts mess owner data, DMFU will:

1. Timely Notification:

• Notify all affected mess providers via:
  • Email Alert.
  • In-App Notification.

Timeline: Within 72 hours of breach discovery.

2. Breach Details Included in the Notification:

• Nature of the data breach.
• Types of data compromised.
• Steps DMFU is taking to mitigate risks.
• Instructions for mess providers on protective actions (e.g., password reset).

3. Regulatory Notification:

DMFU will notify Indian regulatory authorities if the breach:

• Involves financial data.
• Affects a significant number of users.
• Is required under the DPDP Bill, 2023 or IT Act, 2000.

F. Mitigation Measures Post-Breach

DMFU implements the following damage control steps immediately after a confirmed data breach:

1. Password Resets and Account Lockdown:

• Force reset all impacted mess provider passwords.
• Enable account suspension for further investigation.

2. Data Restoration and Backup Protocol:

• Recover data using secure backup systems.
• Verify the integrity of restored data.

3. Security Reinforcement:

• Apply immediate security patches for identified vulnerabilities.
• Conduct a full platform security review.

G. Compensation and Liability in Case of Data Breach

DMFU takes responsibility for breaches caused due to negligence or platform vulnerabilities but holds limited liability under specific conditions.

1. When DMFU is Liable:

• If the breach results from internal security lapses or system misconfigurations.
• If unauthorized third-party access occurs due to platform vulnerabilities.

Compensation Offered:

• Refund of platform service fees for the impacted month.
• Additional one-time security credit for affected accounts (if financial loss occurs).

2. When DMFU is Not Liable:

• Breaches caused by mess owner negligence, such as:
  • Sharing login credentials.
  • Weak passwords.
  • Unauthorized access from personal devices.
• Data breaches caused by force majeure events (e.g., natural disasters).

H. Mess Owner Responsibilities During a Security Incident

Mess providers are expected to:

• Report Suspicious Activity Immediately: Notify DMFU within 24 hours if unauthorized account activity is noticed.
• Change Passwords Promptly: Use a strong, unique password after receiving a breach notification.
• Cooperate with DMFU Investigations: Provide requested details for faster resolution.

I. Data Breach Prevention Recommendations for Mess Owners

DMFU advises mess providers to take the following measures for self-protection:

1. Use Strong Authentication:

• Enable two-factor authentication (2FA) for the Mess Dashboard.
• Avoid using default passwords after registration.

2. Regular Device Security Checks:

• Keep antivirus software updated.
• Avoid logging into the Mess Dashboard from public networks.

3. Avoid Phishing Attacks:

• Never click on suspicious emails or links claiming to be from DMFU.
• Verify official communications through official channels only.

J. Legal Obligations and Compliance for Breach Handling

DMFU follows the Data Breach Handling Standards set by:

• IT Act, 2000 (India) – Section 72A for data confidentiality breaches.
• DPDP Bill, 2023 – Mandatory reporting for high-risk data breaches.

K. Contact Information for Reporting Security Incidents

Mess owners can report data breaches or suspicious activity through:

• Support Team: dailymessforu@gmail.com
• Security Team: security@dmfu.com
• Legal Compliance Team: dailymessforu@gmail.com

✅ Key Takeaways from Data Breach Protocol and Security Incidents:

• Proactive Measures: DMFU uses AES-256 encryption, 2FA, and regular audits to minimize breach risks.
• Clear Notification Protocol: Affected mess providers will be notified within 72 hours of breach discovery.
• Mess Owner Responsibilities: Mess owners must maintain strong passwords and report suspicious activity.
• Limited Liability: DMFU compensates only when the breach results from platform vulnerabilities.

L. Mess Provider Acknowledgment and Agreement:

By continuing to use the DMFU platform, you confirm that:

• You understand DMFU’s Data Breach and Security Incident Protocols.
• You will take reasonable measures to protect your account credentials.
• You acknowledge DMFU’s limited liability based on platform vulnerabilities.

11. Cookies and Tracking Technologies (Updated)

This section explains how DMFU uses cookies, tracking technologies, and similar tools to collect data from mess providers interacting with the Mess Dashboard and DMFU’s services. It covers the types of cookies used, their purposes, mess owner rights, and how to manage cookie preferences.

A. What Are Cookies?

Cookies are small text files stored on a user’s device (computer, smartphone, or tablet) when they visit the DMFU platform. Cookies allow DMFU to:

• Remember user preferences and settings.
• Improve platform performance and personalize the user experience.
• Collect usage analytics for platform optimization.

B. Types of Cookies Used by DMFU

DMFU uses multiple categories of cookies for different purposes. Some are essential for the platform’s functionality, while others help improve user experience.

1. Essential Cookies (Strictly Necessary)

• Required for core platform functions such as:
• Secure login sessions.
• Account authentication.
• Maintaining service availability.
• Data Collected:
• Session Identifiers.
• Security Tokens.
• Retention Period:
• Stored temporarily and deleted after session termination.
• Consent Requirement:
• Not required, as they are essential for service delivery.

2. Functional Cookies (Preference Cookies)

• Used to remember mess owner preferences, such as:
• Language settings.
• Dashboard layout preferences.
• Data Collected:
• User-selected settings (e.g., currency preferences).
• Retention Period:
• Stored for up to 6 months unless cleared manually.
• Consent Requirement:
• Required, as they are not essential for platform functionality.

3. Analytics Cookies (Performance Tracking)

• Used for platform optimization and performance analytics.
• Helps DMFU monitor:
• Frequency of dashboard logins.
• Page visit patterns.
• Third-Party Services Used:
• Google Analytics (for anonymized usage metrics).
• Data Collected:
• IP Address (Anonymized).
• Click Behavior.
• Session Duration.
• Retention Period:
• Retained for up to 12 months.
• Consent Requirement:
• Required before enabling.

4. Marketing and Retargeting Cookies

• Used to deliver promotional content and targeted ads to mess providers.
• DMFU may use retargeting cookies for:
• Platform updates.
• New service launches.
• Data Collected:
• Interaction Data (e.g., clicked ads).
• Device Type.
• Location (Approximate).
• Third-Party Tools Used:
• Meta Pixel for social media retargeting.
• Retention Period:
• Retained for up to 90 days.
• Consent Requirement:
• Explicit Consent Required.

C. Web Beacons and Similar Tracking Technologies

DMFU also uses web beacons and similar tracking tools for:

• Email Tracking: To monitor whether mess providers open official emails.
• Pixel Tags: For monitoring ad campaign effectiveness.
• Data Collected:
• Time of Email Opening.
• Clicked Links in the Email.
• Retention Period:
• Stored for 30 days post-email delivery.
• Consent Requirement:
• Required for marketing purposes.

D. How DMFU Uses Cookies and Tracking Data

DMFU uses cookies and tracking data for the following purposes:

• 1. Service Delivery and Platform Security: Maintain secure login sessions. Prevent unauthorized access using security cookies.
• 2. Platform Analytics and Performance Monitoring: Identify dashboard usage patterns. Improve service features based on user behavior.
• 3. Personalization and User Experience: Customize the dashboard layout for individual mess providers. Save language preferences.
• 4. Marketing and Promotions: Send personalized service offers and feature updates. Retarget mess providers who have shown interest in premium services.

E. Third-Party Cookie Usage and Integrations

DMFU collaborates with third-party service providers for analytics and marketing purposes. These providers have independent privacy policies and comply with Indian data protection standards.

F. Mess Owner Control Over Cookies (Consent Management)

DMFU offers full control over cookie preferences through the Mess Dashboard.

• 1. Managing Cookie Preferences:
• Mess Dashboard → Privacy Settings → Cookie Preferences.
• Options to:
• Enable All Cookies.
• Enable Essential Cookies Only.
• Customize Cookie Preferences.
• 2. How to Withdraw Consent for Cookies:
• Mess providers can withdraw consent for non-essential cookies by:
• Deleting cookies through the browser settings.
• Adjusting settings in the Cookie Preference Center.
• 3. Blocking Cookies (Potential Impact):
• Blocking essential cookies may result in:
• Limited dashboard functionality.
• Inability to process coupon withdrawals.
• Session timeouts.

G. Data Retention and Expiry for Cookies

Cookie Retention Policy:

• Session Cookies: Expire when the session ends.
• Persistent Cookies: Stored for a maximum of 6 months unless manually cleared.

H. Mess Owner Rights Regarding Cookies and Tracking Data

Mess providers have the following rights related to cookies and tracking data:

• Right to Access: View what cookies are being stored.
• Right to Rectification: Request correction of tracking data errors.
• Right to Withdraw Consent: Disable non-essential cookies anytime.
• Right to Object: Decline non-essential cookies without losing core platform functionality.

I. Consequences of Declining Cookies

Mess providers who decline non-essential cookies will:

• Still have full access to core platform features.
• May experience limited access to personalized content and marketing offers.

J. Security Measures for Cookie Storage and Usage

DMFU ensures that all cookies and tracking technologies:

• Use encrypted identifiers for session cookies.
• Are stored securely with AES-256 encryption.
• Cannot be accessed by unauthorized parties.

K. Contact Information for Cookie-Related Queries

Mess providers can raise concerns or seek clarifications regarding cookies through:

• Support Team: dailymessforu@gmail.com
• Privacy Compliance: dailymessforu@gmail.com

✅ Key Takeaways from Cookies and Tracking Technologies:

• Essential Cookies: Necessary for secure platform functionality.
• Consent Management: Mess providers can manage cookies directly from the Mess Dashboard.
• Third-Party Cookies: Used only for analytics and marketing with explicit consent.
• Full Control: Mess providers can withdraw cookie consent anytime.

L. Mess Provider Acknowledgment and Agreement:

By continuing to use the DMFU platform, you confirm that:

• You understand DMFU’s use of cookies and tracking technologies.
• You have the right to control your cookie preferences at any time.
• You consent to the use of essential cookies for platform security and service delivery.

12. Children's Privacy and Age Restrictions

This section explains DMFU's policies regarding the protection of minors' data, the age restrictions for mess providers using the platform, and the steps taken to ensure compliance with Indian child data protection laws.

A. Platform Eligibility and Age Restrictions

DMFU’s services are not intended for minors under the age of 18.

• Mess Provider Eligibility: Only individuals aged 18 years or older can register as mess owners and use the platform to list their meal services.
• No Child Users: DMFU does not knowingly allow minors to register or manage mess services.

Verification Measures:

• During account registration, DMFU requires government-issued ID verification (e.g., PAN Card, Aadhaar) to confirm age eligibility.
• If an individual below 18 years attempts to create a mess provider account, the registration will be denied.

B. Collection of Data from Minors (Prohibited)

DMFU does not intentionally collect personal data from minors under 18 years.

Prohibited Data Types Include:

• Full Name or Contact Information
• Payment Details
• School or Educational Data

Steps Taken to Prevent Collection:

• Age confirmation during account registration.
• Regular audits to ensure no minor-operated mess listings exist.

C. Handling of Accidentally Collected Minor Data

If DMFU becomes aware that minor data was inadvertently collected:

• Immediate Data Deletion: The data will be immediately deleted from all systems.
• Account Closure: The associated mess provider account will be terminated unless the registered individual can prove they are above 18 years.
• Parental Notification: If contactable, parents or guardians will be informed of the data removal and account termination.

D. Parental Consent and Supervision (If Applicable)

In rare situations where family-run mess services involve minors working under parental supervision (e.g., a family-owned food business), DMFU requires:

• Direct Parental Control: The parent or legal guardian must be the primary account holder and responsible for all transactions and data submissions.
• No Independent Accounts: Minors cannot operate an account independently, even with parental consent.

E. Compliance with Child Data Protection Laws

DMFU strictly complies with the following child data protection regulations:

• 1. Information Technology Act, 2000 (India): Section 43A and 72A prohibit unauthorized handling of minor data.
• 2. Digital Personal Data Protection (DPDP) Bill, 2023: DMFU adheres to Section 9, which restricts the processing of children’s data without verified consent from a guardian.
• 3. International Standards Followed (COPPA Compliance): Though primarily governed by Indian laws, DMFU voluntarily aligns with standards such as:
  • Children's Online Privacy Protection Act (COPPA)
  • General Data Protection Regulation (GDPR) – Article 8 (Children's Data Protection)

F. How DMFU Protects Children's Privacy (Preventive Measures)

DMFU has implemented technical safeguards to prevent unauthorized access or registration of minors:

• 1. Identity Verification Checks: Government ID verification is mandatory for all mess provider accounts.
• 2. Automated Age Detection Tools: Automated filters during the registration process flag users under 18 years based on:
  • Date of Birth Entries
  • ID Mismatch Alerts
• 3. Manual Account Audits: Regular manual reviews to identify and suspend minor accounts.

G. Mess Owner Responsibilities Regarding Child Privacy

Mess providers using the DMFU platform must:

• Avoid Employing Minors in Account Management: Mess providers must ensure only adult representatives manage the mess services on the platform.
• Report Violations: If a mess provider becomes aware of a minor accessing the platform, they must report it immediately to dailymessforu@gmail.com.

H. Consequences of Violating Age Restrictions

Failure to comply with DMFU’s age restriction policies may result in:

• Account Suspension: The mess provider account will be temporarily restricted.
• Account Termination: If verified minor activity continues, the account will be permanently closed.
• Legal Reporting: DMFU may report violations to Indian authorities for legal compliance.

I. Reporting Child Privacy Violations

If a minor account is identified or suspected on DMFU, mess providers or concerned individuals can report it by:

• Support Email: dailymessforu@gmail.com
• Compliance Team: dailymessforu@gmail.com
• Phone: +91-8484837340 (for urgent issues).

J. Mess Provider Rights Regarding Child Data Handling

Mess providers have the right to:

• Request Verification: Confirm DMFU’s compliance with child privacy laws.
• Report Violations: Notify DMFU of any suspected violations.
• Seek Clarification: Request clarity on DMFU’s data handling procedures for child protection.

K. Contact Information for Child Privacy Queries

For questions or concerns related to child privacy policies, mess providers can contact:

• Support Team: dailymessforu@gmail.com
• Legal Compliance Team: dailymessforu@gmail.com

✅ Key Takeaways from Children's Privacy and Age Restrictions:

• No Minors Allowed: DMFU restricts platform access to individuals aged 18 years or older.
• Strict Data Handling: DMFU does not collect or process minor data intentionally.
• Compliance: DMFU adheres to Indian IT laws and the DPDP Bill, 2023 for child data protection.
• Parental Control: Family-operated businesses must have adult guardians as the primary account holder.

L. Mess Provider Acknowledgment and Agreement:

By using the DMFU platform, you confirm that:

• You meet the age eligibility requirement of 18 years or older.
• You understand and agree that minor accounts are not permitted.
• You acknowledge DMFU’s right to terminate accounts if child data handling policies are violated.

13. Marketing and Communication Preferences

This section explains how DMFU manages marketing communications sent to mess providers, the types of messages sent, consent requirements, and how mess providers can control their communication preferences.

A. Types of Marketing and Communication Messages Sent by DMFU

DMFU sends the following types of marketing and service-related communications to mess providers:

1. Service Announcements (Non-Promotional)

• Important updates about platform changes, policy modifications, and service interruptions.
• Examples:
  • Scheduled maintenance notifications.
  • Security advisories.

Consent Requirement: Not Required (considered essential for platform functionality).

2. Promotional Messages (Marketing Content)

• Offers, discounts, and service promotions related to premium features.
• Notifications for special events, product launches, or partnership offers.

Consent Requirement: Explicit Consent Required.

3. Transactional Messages (Service-Related)

• Notifications directly tied to a mess provider’s platform usage, such as:
  • Payment confirmations.
  • Subscription renewals and coupon withdrawals.

Consent Requirement: Not Required, as these messages are essential for service operations.

4. Feedback and Survey Requests

• Periodic invitations for service feedback and experience improvement surveys.

Consent Requirement: Optional Consent with the ability to opt out.

B. Legal Basis for Sending Marketing Communications

DMFU sends marketing communications based on the following legal grounds:

1. Contractual Necessity:

• Transactional and essential service-related messages are sent as part of service delivery obligations.

2. Legitimate Business Interest:

• Marketing messages are sent to improve user engagement and service visibility, ensuring relevance to mess providers.

3. Consent-Based Marketing:

• Promotional messages are only sent with prior consent from mess providers.

C. Methods of Communication Used by DMFU

DMFU uses the following channels for communication with mess providers:

1. Email Communications:

• Used for service announcements, payment confirmations, and marketing updates.

2. In-App Notifications:

• Displayed directly in the Mess Dashboard for important alerts like:
  • Service interruptions.
  • Policy changes.

3. SMS and Mobile Alerts:

• Used for urgent updates, such as:
  • Payment failures.
  • Security alerts.

4. Phone Calls (Rare Use):

• Used only for critical issues like:
  • Payment verification problems.
  • Legal compliance clarifications.

5. Social Media Notifications:

• Optional promotional offers and updates may be shared via:
  • WhatsApp Business Notifications.
  • Official DMFU Social Media Pages.

D. Consent Management and Opt-In Mechanism

DMFU follows a strict opt-in policy for non-essential communications:

1. How Consent is Collected:

• Consent is obtained during account registration through a checkbox for marketing preferences.
• Mess providers can manage communication preferences anytime via:
  • Mess Dashboard → Privacy Settings → Marketing Preferences.

2. Express Consent for Marketing:

• Mess providers must provide clear consent before receiving:
  • Promotional offers.
  • Non-transactional newsletters.

3. Opting Out of Marketing Communications:

• Mess providers can opt out of promotional content anytime through:
  • Mess Dashboard → Privacy Settings → Opt Out of Marketing.
  • Unsubscribe Link at the bottom of marketing emails.

Effectiveness of Opt-Out: Opt-out requests will take effect within 7 working days.

E. Mess Owner Rights Regarding Communications

• Receive Only Essential Communications: Decline non-essential marketing messages while receiving service notifications.
• Withdraw Consent: Withdraw marketing consent at any time.
• Request Communication Logs: Request a summary of past communications received from DMFU.
• Restrict Certain Channels: Customize which channels they receive communications on (e.g., disable SMS marketing).

F. How DMFU Protects Communication Data

• Encryption: Emails and communication logs are protected using TLS 1.3 encryption.
• Third-Party Compliance: Marketing tools used comply with Indian Data Protection Laws.
• Data Minimization: Only essential communication data is retained.

G. Third-Party Tools Used for Marketing Communications

H. Data Retention for Communication Records

• Transactional Messages: Retained for 7 years (as required for financial audits).
• Marketing Messages: Retained for 12 months for performance analysis.
• Opt-Out Records: Retained permanently to ensure non-resend after withdrawal of consent.

I. How Mess Providers Can Raise Communication Concerns

If mess providers experience issues such as:

• Receiving unwanted messages after opting out.
• Failure to receive critical service alerts.
• Suspected misuse of communication channels.

They can raise concerns through:

• Support Email: dailymessforu@gmail.com
• Legal Compliance: dailymessforu@gmail.com
• In-App Help Center: Mess Dashboard → Help Center → Raise a Complaint.

J. Consequences of Declining All Communications

• Limited Service Awareness: No updates about policy changes or new features.
• Restricted Support Access: Some critical alerts (e.g., payment confirmations) may be missed.

K. Compliance with Communication Regulations

• Information Technology Act, 2000.
• DPDP Bill, 2023 (India).
• TRAI (Telecom Regulatory Authority of India) Rules.

DMFU ensures all marketing communications include:

• Clear Consent Requirements.
• Unsubscribe Options.
• Data Minimization Practices.

L. Contact Information for Communication Preferences Management

• Support Team: dailymessforu@gmail.com
• Privacy Compliance: dailymessforu@gmail.com
• Phone: +91-8484837340

✅ Key Takeaways for Marketing and Communication Preferences:

• Consent-Based Marketing: DMFU requires explicit consent for promotional messages.
• Multiple Communication Channels: Email, SMS, in-app alerts, and phone support.
• Full Control: Mess providers can opt out anytime via the Mess Dashboard.
• Secure Data Handling: Communication data is encrypted and stored securely.

M. Mess Provider Acknowledgment and Agreement:

• By continuing to use the DMFU platform, you confirm that:
• You understand and consent to DMFU’s communication practices.
• You can control your communication preferences anytime.
• You agree to receive essential service notifications required for platform functionality.

14. Refund and Payment Dispute Policies

This section outlines DMFU’s policies on refunds, cancellations, and payment disputes for mess providers, ensuring transparency and compliance with financial standards. It covers the conditions under which refunds are processed, timelines, and dispute resolution mechanisms.

A. Overview of Refund and Payment Handling Policy

DMFU provides a structured refund policy designed to ensure fair handling of financial transactions between:

• Mess Providers.
• Users (Subscribers).
• DMFU Platform Charges.

Key Highlights:

• Refunds are processed based on subscription meal usage, not time-based calculations.
• Payment disputes must be resolved through the platform’s official channels.

B. Types of Refund Scenarios Covered by DMFU

DMFU provides refunds under the following scenarios:

1. Subscription Cancellation by the User (Before Minimum Usage)

• If a user cancels a meal subscription before completing 7 meals, the refund is processed as:
  • 75% of the unused meal balance.
  • 25% withheld as an early termination fee.

2. Subscription Cancellation by the User (After Minimum Usage)

• If a user cancels a meal subscription after completing 7 meals, the refund will be processed as:
  • 100% refund of the remaining meal balance.

3. Service Closure by the Mess Provider

• If a mess provider closes their services permanently or temporarily:
  • Users will receive a full refund of the unused meal balance.
  • DMFU may charge a service disruption penalty on the mess provider.

4. Service Quality Disputes (User-Initiated)

• If a user raises a complaint regarding:
  • Poor meal quality.
  • Unavailability of promised meals.
• DMFU will:
  • Investigate the complaint and mediate between the user and the mess provider.
  • If the complaint is valid, the user may receive a partial refund from the mess provider’s balance.

C. Refund Eligibility Criteria and Restrictions

• Refunds will be processed only if the following conditions are met:
  • Valid Subscription: The user must have a valid, active subscription on the platform.
  • Payment Through DMFU: Refunds apply only if payments were made directly via the DMFU platform (not cash or third-party transfers).
  • Non-Refundable Payments:
    • Coupons already redeemed.
    • Platform service charges and GST deductions.

D. Payment Methods and Refund Process Flow

Refunds are issued based on the original payment method used by the user:

1. Payments Made Using Coupons (Mess Pocket)

• If the user paid via Mess Pocket Coupons:
  • Unused coupons will be returned to the user’s Mess Pocket within 7 working days.

2. Payments Made Using UPI or Bank Transfers (Future Update)

• Currently, direct UPI payments are not supported on the DMFU platform.
• For manual UPI transactions, users must contact the mess provider directly for refunds.

3. Refund Processing Timeframes

• Mess Pocket Refunds: 7 working days.
• Bank Transfers (once supported): 10-25 working days due to banking regulations.

E. Refund Calculations for Partial Usage (Meal-Based)

Refunds are calculated based on remaining meals, not time elapsed:

Example Calculation:

• Subscription: 30 meals for ₹2200.
• Meals Consumed: 10 meals.
• Cancellation before 7 meals completed:
  • Refund = (20 meals x ₹73.33) × 75% = ₹1099.5.
• Cancellation after 7 meals completed:
  • Refund = 20 meals × ₹73.33 = ₹1466.6 (100% refund).

F. Payment Dispute Scenarios Covered

DMFU allows payment disputes for the following scenarios:

1. Unauthorized Transactions:

• If a payment is deducted from the user’s account without initiating a subscription.
  • Action: DMFU will investigate and issue a full refund if unauthorized activity is confirmed.

2. Duplicate Payments:

• If a user is charged twice for the same subscription.
  • Action: The duplicate charge will be refunded in 7 working days.

3. Refund Delays:

• If the refund processing time exceeds the promised timeline.
  • Action: DMFU will prioritize the refund and may offer a service credit as compensation.

4. Service Non-Delivery:

• If a mess provider fails to deliver the agreed meal plan after payment confirmation.
  • Action: DMFU will freeze the mess provider’s account and refund the user after validation.

G. Payment Dispute Resolution Process (Step-by-Step)

If a mess provider faces a payment dispute, the following steps will apply:

Step 1: Raise a Payment Dispute

• Mess provider or user can initiate a dispute via:
  • Mess Dashboard → Payments Section → Raise Dispute.
  • Email: dailymessforu@gmail.com.

Step 2: Investigation (Within 5 Working Days)

• DMFU’s Finance Team will:
  • Review the transaction history.
  • Contact both the user and mess provider for supporting documents (e.g., receipts).

Step 3: Temporary Payment Hold (If Necessary)

• For complex disputes, DMFU may place a temporary hold on coupon withdrawals until the dispute is resolved.

Step 4: Resolution and Refund Processing

• If the dispute is resolved in favor of the:
  • User: A refund will be processed to the original payment method.
  • Mess Provider: The payment hold will be lifted, and no further action is taken.

Resolution Timeline: 7-10 working days.

H. Consequences of Non-Compliance in Refund Handling

• If a mess provider fails to comply with DMFU’s refund policies:
  • Account Suspension: The mess provider’s account may be temporarily restricted.
  • Service Listing Removal: Meal plans may be delisted from the platform.
  • Legal Action: If non-compliance violates Indian financial regulations.

I. Mess Provider Responsibilities in Refund and Payment Management

• Mess providers must:
  • Clearly List Meal Plans and Pricing: Ensure accurate pricing and meal count listings.
  • Maintain Transparent Refund Policies: Abide by the refund policies set by DMFU.
  • Cooperate During Disputes: Respond to dispute investigations promptly.

J. Limitations and Exclusions of Refund Policies

• Refunds will not be provided in the following cases:
  • Third-Party Payments: Payments made outside the DMFU platform (e.g., cash payments).
  • Unutilized Coupons Beyond Expiry: Coupons with expired validity.
  • Minor Service Inconveniences: Slight delays in service delivery without major disruption.

K. Compliance with Indian Financial Laws

• DMFU’s refund policies comply with:
  • Income Tax Act, 1961.
  • RBI Guidelines on Digital Transactions.
  • Consumer Protection Act, 2019.

L. Contact Information for Refund and Payment Disputes

• Mess providers can reach out for payment-related concerns through:
  • Support Email: dailymessforu@gmail.com
  • Finance Department: dailymessforu@gmail.com
  • Phone Support: +91-8484837340

✅ Key Takeaways for Refund and Payment Dispute Policies:

• Meal-Based Refunds: Refunds are based on remaining meals, not subscription days.
• Strict Compliance: Mess providers must adhere to DMFU’s refund structure.
• Dispute Handling: DMFU provides a structured dispute resolution process.
• Limited Liability: Refunds apply only for transactions made directly via the DMFU platform.

M. Mess Provider Acknowledgment and Agreement:

By continuing to use the DMFU platform, you confirm that:

• You understand and agree to DMFU’s refund policies.
• You acknowledge that refunds are calculated based on meal usage.
• You consent to cooperate with DMFU during payment disputes.

15. Legal Liabilities and Indemnification

This section outlines the legal liabilities of DMFU and mess providers, specifying the responsibilities, limitations, and indemnification requirements for both parties using the DMFU platform.

A. Scope of Legal Liabilities in DMFU Services

DMFU acts as a service platform facilitating connections between mess providers and users but does not directly provide meal services. Therefore, legal liabilities are categorized as:

• Mess Provider Liabilities: Responsibilities directly related to meal quality, service commitments, and subscription management.
• DMFU Platform Liabilities: Responsibilities concerning data handling, secure payment management, and platform performance.

B. Mess Provider Liabilities and Responsibilities

Mess providers using DMFU agree to:

• 1. Service Quality and Meal Delivery: Mess providers are entirely responsible for the quality and delivery of meals. DMFU holds no liability for:
  • Poor-quality meals.
  • Delayed meal service.
  • Foodborne illnesses or health issues.
• 2. Accuracy of Business Information: Mess providers must ensure that:
  • All listed meal plans and pricing are accurate.
  • Business licenses (e.g., FSSAI certificates) are valid.
  DMFU is not liable for inaccuracies in mess provider listings.
• 3. Compliance with Food Safety Regulations: Mess providers must comply with all applicable Indian food safety standards, including:
  • FSSAI (Food Safety and Standards Authority of India) regulations.
  • Hygiene and sanitation laws.
  Failure to comply is the sole responsibility of the mess provider.
• 4. Taxation and Financial Reporting: Mess providers are responsible for:
  • Declaring income generated from DMFU services.
  • Paying applicable taxes as per Income Tax Act, 1961.
  DMFU provides transaction summaries but is not responsible for mess provider tax filings.
• 5. Misuse of Coupons or Subscriptions: Mess providers agree not to:
  • Sell coupons outside the DMFU platform.
  • Manipulate coupon usage records.
  Violation Consequences:
  • Account Suspension.
  • Termination of Services.
  • Legal Action for Fraudulent Behavior.

C. DMFU’s Liabilities and Responsibilities

DMFU assumes limited liability for the following areas:

• 1. Platform Security and Data Protection: DMFU is responsible for:
  • Securing personal and financial data using AES-256 encryption.
  • Preventing unauthorized access through role-based access controls.
  Exclusions:
  • DMFU is not liable for data breaches caused by:
    • Mess provider negligence (e.g., sharing login credentials).
    • Third-party services outside DMFU’s control.
• 2. Payment Processing and Refund Management: DMFU is responsible for:
  • Secure coupon transactions within the platform.
  • Facilitating refunds based on the meal usage system.
  Exclusions:
  • Payments made outside the DMFU platform (e.g., direct UPI transfers) are not covered.
• 3. Platform Availability and Uptime: DMFU strives to ensure 99.9% uptime for the platform. Exclusions:
  • Internet failures.
  • Service outages due to force majeure events.
• 4. Limitation of Liability Amount: DMFU’s financial liability is limited to:
  • The total service fee paid by the mess provider in the last 3 months.
  • No liability for indirect losses, such as loss of business reputation.

D. Indemnification by Mess Providers

Mess providers agree to indemnify and hold harmless DMFU from any losses, claims, or damages arising due to:

• 1. Violations of Food Safety Laws: Failure to meet FSSAI compliance standards.
• 2. Misrepresentation of Services: Providing inaccurate information about meal plans, pricing, or service quality.
• 3. Third-Party Claims: Legal claims arising from:
  • User health issues due to meal consumption.
  • Unauthorized use of copyrighted images or content in meal listings.
• 4. Non-Compliance with DMFU Policies: Breach of DMFU’s terms of service, such as:
  • Misusing coupons.
  • Failing to issue refunds.

E. Indemnification by DMFU

DMFU agrees to indemnify mess providers in the following cases:

• 1. Platform Security Failures: If a data breach occurs due to a system vulnerability.
• 2. Payment Gateway Errors: If a technical issue prevents the transfer of funds through the DMFU system.
• 3. Non-Compliance with Data Protection Laws: If DMFU fails to comply with:
  • DPDP Bill, 2023 (India).
  • Information Technology Act, 2000.

F. Legal Dispute Handling and Resolution Process

In case of a legal dispute between DMFU and a mess provider:

• Step 1: Internal Resolution (Within 7 Days): The dispute must first be reported through:
  • Mess Dashboard → Dispute Center.
  • Email: dailymessforu@gmail.com.
  DMFU will respond within 7 working days.
• Step 2: Mediation Process (Within 14 Days): If unresolved, both parties agree to enter a formal mediation process. Mediation Body: A neutral third-party arbitrator compliant with the Arbitration and Conciliation Act, 1996.
• Step 3: Legal Arbitration (If Mediation Fails): If mediation fails, the matter may be taken to binding arbitration under:
  • The Indian Arbitration and Conciliation Act, 1996.
  Location of Arbitration: Courts of [City, State, India].

G. Exclusions from Liability and Indemnification

DMFU will not be held liable for:

• Third-Party Service Failures: Failures from payment gateways and cloud service providers.
• Non-Compliance by Mess Providers: Including failure to maintain valid licenses or food safety standards.
• Force Majeure Events: Natural disasters, government orders, or technical failures outside DMFU’s control.

H. Governing Law and Jurisdiction

This Legal Liabilities and Indemnification section is governed by:

• Indian Contract Act, 1872.
• Information Technology Act, 2000.
• Consumer Protection Act, 2019.

Jurisdiction: All disputes will be handled in the Courts of [City, State, India].

I. Contact Information for Legal Liability Queries

Mess providers can contact DMFU for legal matters through:

• Legal Compliance Team: dailymessforu@gmail.com
• Support Team: dailymessforu@gmail.com

✅ Key Takeaways from Legal Liabilities and Indemnification:

• Mess Provider Liability: Mess providers are fully responsible for meal quality, service delivery, and regulatory compliance.
• DMFU Liability: DMFU is responsible for platform security, payment management, and data handling.
• Indemnification: Mess providers must cover any losses caused by service non-compliance.
• Limited Platform Liability: DMFU’s liability is capped to 3 months' service fees.

J. Mess Provider Acknowledgment and Agreement:

By continuing to use the DMFU platform, you confirm that:

• You understand DMFU’s legal liability limits.
• You agree to indemnify DMFU for service-related issues under your control.
• You acknowledge the binding dispute resolution process outlined above.

16. Termination and Suspension Policies

This section explains DMFU's policies for the termination and suspension of mess provider accounts, including the conditions under which an account can be suspended or terminated, the procedures followed, and the consequences associated with such actions.

A. Definition of Termination and Suspension

• Account Suspension: A temporary restriction placed on a mess provider's account, partially or fully disabling access to services until the issue is resolved.
• Account Termination: Permanent removal of a mess provider’s account from the DMFU platform, leading to loss of access to all features and data.

B. Grounds for Account Suspension

An account may be suspended under the following conditions:

• 1. Violations of DMFU Policies:
  • Breaching any clauses in the Mess Owner Privacy Policy or Terms and Conditions.
  • Repeated failure to meet refund obligations.
• 2. Non-Compliance with Legal Requirements:
  • Operating without a valid FSSAI license (if applicable).
  • Failure to submit or maintain KYC documents such as PAN details.
• 3. Payment Irregularities:
  • Delayed coupon withdrawals without valid reasons.
  • Suspicious financial activity, including unauthorized coupon usage.
• 4. Platform Misuse:
  • Attempting to manipulate coupon systems or ratings.
  • Sharing login credentials with unauthorized individuals.
• 5. Technical Violations and Security Threats:
  • Multiple failed login attempts, indicating a potential security breach.
  • Detection of automated scripts attempting to access DMFU systems.

C. Grounds for Account Termination

DMFU reserves the right to terminate a mess provider’s account permanently under the following conditions:

• 1. Repeated Policy Violations:
  • Repeated violations even after suspension warnings.
  • Multiple unresolved complaints from users about service quality.
• 2. Fraudulent Activities:
  • Engaging in fraudulent coupon redemptions.
  • Providing false information during the registration process.
• 3. Legal Non-Compliance:
  • Providing invalid business documents.
  • Violating Indian tax regulations or food safety laws.
• 4. Permanent Service Discontinuation:
  • If the mess provider voluntarily stops providing services.
  • If the mess provider fails to respond to platform notifications for 6 consecutive months.

D. Consequences of Account Suspension

During an account suspension, the following restrictions will apply:

• 1. Service Access Limitations:
  • Restricted access to the Mess Dashboard.
  • Suspension of coupon withdrawals and new subscriptions.
• 2. Notification to Users:
  • DMFU may notify subscribed users of the suspension if it affects active subscriptions.
• 3. Data Retention:
  • Data will be retained during the suspension but will not be accessible to the mess provider.

E. Consequences of Account Termination

Upon account termination, the following will apply:

• 1. Permanent Loss of Access:
  • The mess provider's DMFU account will be permanently disabled.
  • All meal listings and services will be removed from the platform.
• 2. Forfeiture of Coupons and Balances:
  • Remaining coupons in the mess provider's account will be forfeited.
  • Pending withdrawals will not be processed unless legally required.
• 3. Data Deletion and Retention:
  • Personal and business data will be deleted within 90 days, except data required for:
    • Tax compliance (retained for 7 years).
    • Dispute resolution (retained for 180 days).
• 4. Legal Action for Non-Compliance:
  • If termination occurs due to fraud or legal violations, DMFU reserves the right to:
    • Report the activity to Indian regulatory authorities.
    • Seek legal compensation for damages caused to the platform.

F. Appeal and Reinstatement Process for Suspended Accounts

Mess providers can appeal a suspension if they believe it was imposed incorrectly:

• 1. How to Submit an Appeal:
  • Access the Mess Dashboard → Suspension Notice → Submit Appeal.
  • Alternatively, submit an appeal via dailymessforu@gmail.com with the subject "Account Suspension Appeal".
• 2. Required Information for Appeals:
  • Explanation of the issue.
  • Proof of compliance (e.g., updated FSSAI license or corrected bank details).
• 3. Review Timeline:
  • DMFU will respond within 7 working days.
  • If the issue is resolved, the suspension will be lifted.
  • If the issue is unresolved, the account may move to termination.

G. Reinstatement Conditions After Termination (Exception Cases)

Terminated accounts are generally permanent, but DMFU may allow reinstatement under specific conditions:

• The mess provider can prove compliance with the policies violated.
• DMFU determines the violation was accidental and not malicious.

How to Apply for Reinstatement: Send a formal request to dailymessforu@gmail.com explaining the corrective actions taken.

Final Decision Authority: DMFU reserves the right to deny reinstatement without further appeal if violations are severe.

H. Mess Provider Responsibilities for Preventing Suspension or Termination

• Maintain Accurate Information: Ensure all business details, licenses, and pricing are up to date.
• Deliver Quality Services: Consistently provide meals as advertised.
• Respond to User Complaints: Resolve user concerns promptly through the Mess Dashboard.
• Comply with Financial Regulations: Follow all tax filing and reporting requirements.

I. DMFU’s Responsibilities During Suspension and Termination Processes

• Transparency: Clear communication of the reasons for suspension or termination.
• Fair Appeals Process: Opportunity for mess providers to clarify their position.
• Secure Data Handling: Mess provider data remains secure even during suspension.

J. Consequences of Non-Compliance with Suspension Policies

Mess providers who attempt to bypass suspensions (e.g., by creating duplicate accounts) may face:

• IP Blocking.
• Permanent Ban from the DMFU platform.
• Legal Action for policy violations.

K. Contact Information for Suspension and Termination Queries

• Support Team: dailymessforu@gmail.com
• Legal Compliance: dailymessforu@gmail.com

✅ Key Takeaways for Termination and Suspension Policies:

• Suspension: Temporary account restrictions due to policy violations or pending issues.
• Termination: Permanent removal for severe violations or legal non-compliance.
• Appeal Process: Mess providers can appeal suspensions but not fraud-related terminations.
• Data Handling: Data is retained only for legal compliance after termination.

L. Mess Provider Acknowledgment and Agreement:

By continuing to use the DMFU platform, you confirm that:

• You understand the suspension and termination policies outlined above.
• You agree to comply with DMFU's service standards.
• You acknowledge your right to appeal suspensions under valid circumstances.

17. Governing Laws and Jurisdiction

This section explains the legal framework under which DMFU operates, including the laws governing the platform’s operations, the jurisdiction for dispute resolution, and the rights and obligations of mess providers under applicable Indian laws.

A. Legal Framework Governing DMFU Operations

DMFU operates under the legal jurisdiction of India and adheres to the following laws and regulations:

1. Information Technology Act, 2000 (India)

• Governs the handling of digital data and user privacy.
• DMFU complies with:
  • Section 43A (Compensation for failure to protect personal data).
  • Section 72A (Punishment for disclosure of information without consent).

2. Digital Personal Data Protection (DPDP) Bill, 2023

• DMFU ensures compliance with the DPDP Bill, which governs:
  • Lawful data collection and processing practices.
  • User consent mechanisms for data sharing.
  • Rights to data access and deletion.

3. Indian Contract Act, 1872

• Governs the contractual agreements between DMFU and mess providers.
• Ensures:
  • Legally binding service agreements.
  • Clarity in terms and conditions accepted during registration.

4. Income Tax Act, 1961 and GST Compliance

• DMFU complies with financial reporting obligations:
  • Proper documentation of coupon withdrawals and mess payments.
  • GST compliance for platform charges.

5. Food Safety and Standards Authority of India (FSSAI)

• Mess providers using DMFU must comply with:
  • FSSAI food safety guidelines.
  • Licensing and certification standards for food handling.

B. Jurisdiction for Legal Disputes

All legal matters concerning:

• Data Privacy Violations
• Financial Disputes
• Policy Breaches

C. Dispute Resolution Mechanism (Step-by-Step Process)

DMFU encourages amicable resolutions before escalating to formal legal proceedings.

Step 1: Internal Complaint Handling (Within 7 Days)

• Mess providers should first raise the dispute using:
  • Mess Dashboard → Help Center → Raise a Complaint.
  • Or via dailymessforu@gmail.com.

Step 2: Formal Review and Investigation (Within 10 Days)

• DMFU will:
  • Investigate the complaint.
  • Gather evidence from both parties.
  • Provide a written resolution within 10 working days.

Step 3: Mediation Process (Optional)

• If unresolved, both parties can enter a voluntary mediation process conducted by a neutral third party.
• DMFU follows standards under the Arbitration and Conciliation Act, 1996.

Step 4: Legal Arbitration (Final Step)

• If mediation fails, the dispute may proceed to binding arbitration in accordance with:
  • The Indian Arbitration and Conciliation Act, 1996.
• Jurisdiction: Courts in [City, State, India].

D. International Use and Cross-Border Regulations (If Applicable)

Since DMFU primarily operates within India, the platform is optimized for compliance with Indian laws. However, if mess providers access the platform from outside India:

• DMFU will still adhere to Indian jurisdiction.
• Cross-border data transfers are limited and governed by:
  • Data localization laws in India.
  • Compliance with international standards where applicable.

E. Legal Liability Limitations Based on Jurisdiction

Mess providers agree that:

• Platform Limitation: DMFU provides technical services only and does not directly manage meal delivery.
• Direct Liability: Mess providers hold full responsibility for:
  • Service quality.
  • Licensing and certifications.
  • Tax compliance.
• DMFU’s liability is limited to:
  • Platform security and data protection obligations.
  • Payment gateway management as specified under refund policies.

F. Consequences of Non-Compliance with Governing Laws

If a mess provider fails to comply with the legal requirements specified under this policy, DMFU may:

• Suspend or Terminate the Mess Provider’s Account.
• Report Violations to regulatory authorities.
• Initiate Legal Proceedings in the jurisdiction mentioned.

G. Amendments to Legal Jurisdiction Policy

DMFU reserves the right to update the jurisdiction and governing laws based on:

• Changes in Indian Regulations.
• New Compliance Standards Introduced.
• Operational Expansion Beyond India.

• Mess providers will be notified via:
  • In-App Notifications.
  • Email Alerts.

H. Mess Provider Responsibilities Under Governing Laws

Mess providers must:

• Adhere to Indian Food and Safety Regulations.
• Maintain Updated Compliance Documents.
• Report Legal Changes: Notify DMFU of any regulatory updates affecting their services.

I. Contact Information for Legal Jurisdiction Queries

Mess providers can raise concerns about legal matters through:

• Support Team: dailymessforu@gmail.com
• Legal Compliance: dailymessforu@gmail.com
• Registered Office: Beginning Solutions Pvt. Ltd., [Office Address, City, PIN Code, India].

✅ Key Takeaways for Governing Laws and Jurisdiction:

• Indian Laws Apply: DMFU operates under Indian jurisdiction and data protection laws.
• Exclusive Courts: All disputes are subject to the courts in [City, State, India].
• Transparent Resolution: DMFU follows a step-by-step dispute handling process.
• Mess Provider Responsibility: Mess providers must comply with food safety and tax regulations.

J. Mess Provider Acknowledgment and Agreement:

By continuing to use the DMFU platform, you confirm that:

• You understand and agree to the legal jurisdiction outlined above.
• You acknowledge that Indian courts have exclusive authority over disputes.
• You consent to DMFU’s dispute resolution process before pursuing legal action.

18. Amendments to the Privacy Policy

This section outlines DMFU's policy regarding how updates and amendments to the Mess Owner Privacy Policy are made, how mess providers will be notified, and their rights regarding these changes.

A. Purpose of Privacy Policy Amendments

DMFU may update its Mess Owner Privacy Policy periodically to:

• Align with new legal requirements under Indian laws (e.g., DPDP Bill, 2023).
• Reflect changes in platform features (e.g., new subscription models).
• Improve clarity and security measures for mess providers.
• Address feedback received from mess providers.

B. Types of Policy Amendments

DMFU distinguishes between major and minor policy amendments:

1. Major Amendments (Substantial Changes)

• Changes in data collection practices.
• Modifications to refund policies or legal liability terms.

Notification Requirement:

• 15 days' advance notice will be provided.
• Explicit consent may be required for continued access.

2. Minor Amendments (Clarifications & Formatting)

• Language adjustments for clarity.
• Reformatting sections without changing legal obligations.

Notification Requirement:

• No prior notice required for minor adjustments.
• Mess providers can view the latest version at any time via the Mess Dashboard.

C. Notification Methods for Policy Changes

DMFU will notify mess providers of policy changes using the following channels:

1. In-App Notifications:

• An alert will appear in the Mess Dashboard upon login.
• A summary of the changes will be provided with a link to the updated policy.

2. Email Notifications:

• An official email will be sent to the registered email address.
• The email will include:
  • Summary of policy changes.
  • Effective date.
  • Instructions for policy review and consent.

3. Platform Announcements:

• The Privacy Policy section on the DMFU website will be updated with a change log detailing the amendments.

D. Timeline for Policy Changes to Take Effect

• Minor Updates: Effective immediately upon publishing.
• Major Updates:
  • 15 days' notice before the effective date.
  • Mess providers will be given time to review the changes and take necessary actions.

E. Mess Provider Rights Regarding Policy Amendments

Mess providers have the following rights when amendments are made:

1. Right to Review Changes:

• Mess providers can access the latest version of the policy at any time in:
  • Mess Dashboard → Privacy Policy Section.

2. Right to Object to Amendments:

• Mess providers can object to significant changes by:
  • Sending a formal request to dailymessforu@gmail.com.
• If the objection is valid, DMFU may:
  • Offer alternative service options.
  • Allow the provider to continue under previous terms if legally permitted.

3. Right to Decline Policy Changes:

• If a mess provider declines consent for essential policy changes (e.g., legal compliance updates):
  • DMFU may restrict or terminate services if the changes are mandatory under law.
  • Mess providers will receive a final notice with a 15-day grace period to review their decision.

F. How Mess Providers Can Track Policy Changes

Mess providers can track historical and current policy versions through:

• Change Log Section: Available in the Mess Dashboard Privacy Center.
• Policy Version Control: Each policy will include:
  • Version Number.
  • Effective Date.
  • Summary of Changes.

G. Consequences of Not Reviewing Policy Amendments

Failure to review or respond to policy updates may result in:

• Automatic Consent: If the mess provider continues using the platform after the effective date.
• Service Restrictions: DMFU may restrict account features until explicit consent is given for major changes.

H. Special Cases for Immediate Policy Amendments

In exceptional cases, DMFU reserves the right to implement immediate policy changes without prior notice:

• Security Breaches: To address urgent vulnerabilities.
• Regulatory Orders: If required under court orders or government mandates.
• Service Integrity Threats: To prevent platform misuse or fraudulent activities.

I. Mess Provider Responsibilities Regarding Policy Amendments

• Regularly Reviewing Policy Changes: Accessing the latest version through the dashboard.
• Keeping Contact Information Updated: To receive policy change notifications without delay.
• Understanding the Changes: Seeking clarification if any policy terms are unclear.

J. DMFU’s Commitment to Transparency in Policy Amendments

• Providing Clear Notices: Every change will be communicated clearly through multiple channels.
• Allowing Time for Review: Adequate time will be provided for major changes.
• Offering Support for Clarifications: Mess providers can seek assistance from the Support Team.

K. Contact Information for Policy Amendments Inquiries

Mess providers can reach out for further clarification or concerns regarding policy updates through:

• Support Team: dailymessforu@gmail.com
• Legal Compliance: dailymessforu@gmail.com
• Registered Office: Beginning Solutions Pvt. Ltd., [Office Address, City, PIN Code, India].

✅ Key Takeaways for Policy Amendments:

• Transparency: DMFU provides advance notice for all major policy updates.
• Consent Management: Mess providers have the right to object or decline non-mandatory changes.
• Regular Review: Mess providers should regularly check policy updates in the Mess Dashboard.
• Immediate Changes: DMFU reserves the right to make urgent changes for security or legal reasons.

L. Mess Provider Acknowledgment and Agreement:

By continuing to use the DMFU platform, you confirm that:

• You understand and accept DMFU’s amendment policies.
• You acknowledge your right to review and object to major policy changes.
• You agree to comply with the latest privacy policies as communicated through official channels.

19. Contact Information and Support Services Recap

This section provides a comprehensive summary of how mess providers can contact DMFU's support services for assistance related to account management, payment issues, data rights, and policy clarifications.

A. Overview of Support Services Available

• Technical Issues: Errors with the Mess Dashboard, subscription management failures, QR code errors.
• Payment and Refunds: Coupon withdrawals, refund delays, and financial disputes.
• Policy Clarifications: Terms of service, privacy policy updates, and consent management.
• Data Protection Rights: Data deletion, access requests, and security inquiries.

B. Available Support Channels for Mess Providers

• 1. In-App Support Chat (Primary Channel):
  • Access: Directly within the Mess Dashboard → Help Center → Live Chat.
  • Availability: Monday to Saturday: 9:00 AM – 7:00 PM (IST). Closed on Sundays and Public Holidays.
  • Response Time: Within 30 minutes for general inquiries.
• 2. Email Support (Official Communication):
  • For detailed issues requiring documentation or escalation:
    • General Support: dailymessforu@gmail.com
    • Payment & Refunds: dailymessforu@gmail.com
    • Legal & Policy Clarifications: dailymessforu@gmail.com
  • Response Time: Within 24-48 hours for general inquiries.
  • Payment-Related Queries: Response within 3-5 working days.
• 3. Phone Support (For Urgent Issues Only):
  • Phone Number: +91-8484837340
  • Hours of Operation: Monday to Saturday: 10:00 AM – 6:00 PM (IST).
  • Use Case: Emergency platform failures, Critical refund delays exceeding standard timelines.
• 4. Support Ticket System (For Tracking Requests):
  • Available Through: Mess Dashboard → Help Center → Raise a Ticket.
  • Key Features:
    • Generate a unique ticket ID for tracking progress.
    • Access ticket history for future reference.
• 5. Self-Help Resources (Knowledge Base):
  • URL: www.dmfu.com/support
  • Resources Include:
    • Frequently Asked Questions (FAQs).
    • Step-by-step guides on using the Mess Dashboard.
    • Troubleshooting instructions for technical issues.

C. Response Time Commitments by DMFU Support

D. Complaint and Dispute Handling Process

Mess providers can file complaints for:

• Payment Delays.
• Data Mismanagement.
• Policy Clarifications.

Steps to Raise a Complaint:

1. Access the Mess Dashboard.
2. Go to: Help Center → Raise a Complaint.
3. Select Issue Type: Payment, Technical, Policy, Data Privacy, etc.
4. Provide Clear Details:
   • Description of the issue.
   • Attach supporting screenshots or documents (if applicable).
5. Submit the Complaint: Receive a Ticket Number for reference.

E. Emergency Support Protocol for Critical Failures

• For critical issues such as:
  • Platform Downtime.
  • Data Breaches.
  • Mass Refund Failures.
• DMFU provides emergency support:
  • Critical Hotline: +91-8484837340
  • Email: emergency@dmfu.com
  • Response Time: Within 2 hours.
  • Resolution Target: Within 24 hours (depending on severity).

F. Mess Provider Responsibilities for Effective Support Communication

• Provide Clear Information: Include relevant details when raising issues.
• Maintain Updated Contact Information: Ensure accurate email and phone details.
• Avoid Misuse: Refrain from raising false or repetitive claims.

G. Data Protection During Support Interactions

• DMFU ensures data protection during all support interactions by:
  • Encrypting support-related data using AES-256 encryption.
  • Restricting data access to authorized personnel only.
  • Complying with the Digital Personal Data Protection Bill, 2023.

H. Consequences of Misusing Support Services

• DMFU reserves the right to:
  • Restrict Support Access: If a mess provider repeatedly submits false complaints.
  • Account Review: In case of misuse that affects platform stability.

I. Mess Provider Rights Regarding Support Services

• Mess providers have the right to:
  • Timely Responses: As per the standard timelines.
  • Transparent Communication: Access to ticket progress updates.
  • Escalation Rights: Raise disputes if support responses are inadequate.

J. Contact Information for Support Services Queries

• Support Team: dailymessforu@gmail.com
• Legal Compliance: dailymessforu@gmail.com
• Phone Support: +91-8484837340
• Website: www.dmfu.com/support

✅ Key Takeaways for Contact Information and Support Services Recap:

• Multiple Channels: DMFU offers in-app chat, email, phone support, and a ticket system.
• Timely Responses: Response times depend on issue severity.
• Escalation Options: Mess providers can escalate unresolved issues.
• Secure Handling: All support interactions follow data security standards.

K. Mess Provider Acknowledgment and Agreement:

By continuing to use the DMFU platform, you confirm that:

• You understand DMFU's support channels and response times.
• You agree to communicate issues using official channels only.
• You acknowledge your right to escalate disputes if initial resolutions are unsatisfactory.

20. Final Acknowledgment and Consent

This section outlines how mess providers using the DMFU platform provide their final consent to the Mess Owner Privacy Policy, ensuring complete understanding and acceptance of the terms outlined.

A. Purpose of the Final Acknowledgment and Consent Section

The purpose of this section is to:

• Confirm that mess providers have read and understood the entire privacy policy.
• Ensure informed consent regarding data collection, processing, and usage practices.
• Establish a legal agreement between the mess provider and DMFU for the use of the platform.

B. Acknowledgment of Policy Review and Understanding

By accepting this Mess Owner Privacy Policy, mess providers:

• Acknowledge Full Review: Confirm they have reviewed the entire policy, including:
  • Data Handling Practices.
  • Refund Policies.
  • Legal Liabilities.
• Understand Data Collection Scope: Accept that DMFU collects, processes, and stores data necessary for:
  • Platform Management.
  • Payment Processing.
  • Legal Compliance.
• Agree to Policy Terms: Confirm they understand and agree to the rights and responsibilities described in the privacy policy.

C. Consent to Data Collection and Processing

Mess providers explicitly consent to:

• Collection of Business Information: Name, contact details, FSSAI licenses, PAN details, and service data.
• Use of Data for Service Delivery: Including payment processing and service optimization.
• Data Retention Practices: As described under data retention policies.
• Secure Data Sharing: When required for:
  • Third-party payment gateways.
  • Regulatory audits.

D. Consent for Marketing Communications (Optional)

Mess providers may choose to consent to non-essential communications, such as:

• Marketing Emails: New service promotions, feature updates, and offers.
• Feedback Requests: Voluntary participation in service improvement surveys.

Opt-In Mechanism:

• Mess providers can enable marketing preferences via:
  • Mess Dashboard → Privacy Settings → Marketing Preferences.
• Opt-Out Rights: Providers can withdraw consent anytime via:
  • Unsubscribe links in emails.
  • Dashboard settings.

E. Consent for Payment and Refund Policies

Mess providers agree to comply with DMFU's payment and refund policies, including:

• Meal-Based Refunds: Refunds based on unused meals instead of duration.
• Coupon-Based Transactions: Consent to the platform’s 1:1 coupon-to-INR ratio and refund deductions as per policies.
• Refund Timeframes: Acceptance of refund timelines (7 working days for coupons, 10-25 working days for direct payments when introduced).

F. Consent for Legal Compliance and Platform Usage

Mess providers consent to the following legal obligations:

• Indian Jurisdiction: Accept that all disputes will be governed by Indian laws and resolved in the courts of [City, State, India].
• Service Quality Compliance: Agree to provide accurate service listings and meet food safety standards.
• License Requirements: Acknowledge the responsibility for maintaining a valid FSSAI license where applicable.

G. Right to Withdraw Consent and Policy Opt-Out

Mess providers have the right to withdraw consent at any time.

1. How to Withdraw Consent:

• Access the Mess Dashboard → Privacy Settings → Withdraw Consent.
• Send a formal request to dailymessforu@gmail.com.

2. Consequences of Consent Withdrawal:

• Account Suspension: Withdrawal of consent may result in restricted access to core platform services.
• Data Deletion: DMFU will delete all non-essential data within 90 days, except:
  • Data retained for tax compliance.
  • Transaction history retained for audit purposes.

H. Consequences of Non-Compliance with the Privacy Policy

Failure to comply with the terms outlined in this policy may result in:

• Service Restrictions: Temporary account suspension until compliance is restored.
• Permanent Termination: Repeated policy violations or legal non-compliance.
• Legal Action: For intentional misuse or data handling violations.

I. Amendments and Updates Consent

Mess providers acknowledge and consent to:

• Periodic Policy Updates: DMFU reserves the right to update the privacy policy with advance notice for major changes.
• Continued Use Implies Consent: Continuing to use the platform after policy updates constitutes implied consent.

J. Final Steps for Providing Consent

Mess providers must:

1. Check the Consent Box: A mandatory consent box will be presented during account registration and when updates are made.
2. Click "I Agree": Mess providers must click "I Agree" to confirm consent before accessing the platform.
3. Consent Confirmation: A confirmation email will be sent upon successful consent submission.

K. Mess Provider Responsibilities Under This Policy

Mess providers agree to:

• Stay Informed: Regularly review the privacy policy for updates.
• Maintain Compliance: Ensure accurate information and valid certifications.
• Seek Clarifications: Contact DMFU for clarifications if any terms are unclear.

L. Contact Information for Consent Management Queries

For any concerns or clarifications regarding policy consent, mess providers can reach out through:

• Support Team: dailymessforu@gmail.com
• Legal Compliance Team: dailymessforu@gmail.com
• Phone Support: +91-8484837340

✅ Key Takeaways for Final Acknowledgment and Consent:

• Informed Consent: Mess providers confirm they have reviewed the entire privacy policy.
• Right to Withdraw: Providers can withdraw consent but may face service restrictions.
• Marketing Opt-Out: Providers can control their marketing preferences anytime.
• Legally Binding: Consent is legally binding under Indian Contract Law.

M. Mess Provider Acknowledgment and Agreement:

By continuing to use the DMFU platform, you confirm that:

• You have read and understood the DMFU Mess Owner Privacy Policy.
• You provide explicit consent for data collection and usage as outlined.
• You understand your rights and responsibilities regarding consent and withdrawal.
• You acknowledge that non-compliance with this policy may result in service restrictions or termination.