Last Updated: 20 July 2017

Privacy policy: The Application-


  1. This Privacy Policy (“Policy”) provides information about how MasterKey, collects, uses, stores, archives and transfers information/data (used interchangeably hereafter) from you, through your use of the mobile application MasterKey (the “Application”), website or any other product or service offered by Merchant to you (“ Services”).

  2. This Privacy Policy was written to help you better understand how we collect, use and store your information. It mentions the permissions we seek during your registration with the Application. Since technology and privacy laws are always changing, we may occasionally update this policy. If you continue to use the Services after these changes are posted, you agree to the revised policy. It is your responsibility to check the policy periodically.

  3. By signing up for any of the products or services offered by the Merchant (together, the “Services”) you are agreeing to the terms of this Privacy Policy and, as applicable, the Merchant Terms and Conditions agreement. This Privacy Policy is a legally binding agreement between you as the user of the Services (referred to in this Terms and Conditions Agreement as “you” or “your”) and MasterKey and its affiliates (referred to in this Terms and Conditions Agreement as “we”, “our”, “us” or “Merchant”). If we add any new features or tools to our Services, they will also be subject to this policy. When we use the term “Personal Information” in this policy, it means any information related to an identifiable individual.


  1. By continuing to use the Application, you acknowledge and agree to grant us:

    1. Permission to access your personally identifiable information which you voluntarily provide through forms while transacting with businesses and may include mobile phone number, name, address, email ID, demographic information, government identity proof, address proof or any other information about you, and grant permission to transmit it over the network. This will aid us in creating and authenticating your account wherever applicable and providing an enhanced user experience.

    2. Permission to read accounts information stored on the device to prepopulate email address in the form during registration. Email address is required for us to be able to send details of the payments done using the application, new features and other relevant information.

    3. Permission to read and receive sms for the purpose of one time password verification. This is done to improve user experience by pre populating the one time password.

    4. Permission to read phone status and identity to aid transactions done via Services.

    5. Permission to periodically access and transmit your geo-location to help you transact. Geo-location is used to present relevant content. Geo-location can be used by us for facilitating delivery of goods and services. If you do not consent to sharing of your geo-location, you can still use most of the functions on Services. You may turn off the geo-location tracking off at the device level. A GPS icon will be displayed on your phone when geolocation is being accessed by Services.

    6. Permission to contact you via SMS, email, telephone, interactive voice response (IVR) and/or any other communication mediums for the purpose of notification about your transaction, update about the Services, new feature, risk management, information verification, to seek information or update about any of the order or transaction, training about the Services.

    7. Permission to send and store personal information voluntarily submitted in the profile form. This feature is help you obtain relevant services without having to repeatedly share same information.

    8. Permission to access Transaction Information as per the authorized payment processor guidelines (approved and as per norms of Reserve Bank of India) wherever applicable including the bank details, date and time of transaction, transaction numbers, payment time, complaints, etc. We would try to ensure the best possible security standards for the same. We also use services that are PCI DSS compliant for storage of credit card details done voluntarily by you for smooth payment process. You will be transferred to your respective bank's secure payment page where you may have to enter your banking details like credit/debit card number, etc. as required by the bank for processing the payment. We don't store or access any such detail at our end.

    9. Permission to create logs to help us improve your experience with the Services. This might include data collection of device IP address, access dates and times, network state, screen state, phone state, messaging related activity and any other system activity. This may be transmitted over the network to our servers. Adequate and reasonable measures will be taken to ensure that the data is sent over authenticated means and stored securely.

    10. Permission to access and transmit your geo location to present relevant recommendations to you via in app message, notification, email, sms, etc.

    11. Permission to read contacts in order to, but not limited to recommend relevant users with whom you might already be connected.

    12. Permission to send sms from your phone which is mandatory requirement to enable payment via certain payment methods such as Unified Payments Interface.

    13. Permission to create an alert for the purpose of order fulfillment. This is a permission required by ReactNative library which is used by the Application to enhance user experience. The permission is known as SYSTEM_ALERT_WINDOW on Android platform.

    14. Permission to perform authentication or identification of the device based on Bluetooth. This permission is required by Unified Payments Interface(UPI). UPI offers superior payment experience to users. This permission is known as BLUETOOTH.

    15. Permission to perform authentication or identification of the device based on Wifi. This permission is required by Unified Payments Interface(UPI). UPI offers superior payment experience to users. This permission is known as ACCESS_WIFI_STATE.

  2. We do not sell or lease any of your personal information.

  3. To get more details about the permissions asked and information collected, please refer to the detailed sections listed below in the Privacy Policy. If you don't agree to any of the terms associated with the Services you may not use the Service.You may uninstall the Application and stop using the Services. We will continue to store archived copies of your Personal Information & other data related to your account for legitimate business purposes and to comply with the law.

  4. We reserve the right to suspend or withdraw the Services, at any time, without notice in case of violation of our terms.


  1. This Policy covers only data collected through the Services and not any other data collection or processing, including, without limitation, data collection practices of other mobile applications or web pages that are linked to the Services or data that is collected offline or through web sites, products, or services offered or belonging to third parties. Occasionally, reference would be made to this Policy in notices and consent requests related to specific surveys, ratings or other modalities present on the Services.


  1. The following instances are when data might be collected by us: when you (i) request information; (ii) use or participate in or subscribe to any of the products or services offered by the Merchant; (iii) submit any content on the Services; (iv) register as a user; or (vi) otherwise actively send data through/using the Services.

  2. We will collect, use, store and archive information about you in the following general categories mentioned below.

  3. Information You Provide to Us

  1. Personal Information: We access personal information (if any) provided by you, such as information provided at the time of (i) registration or in relation to use or modification of your account, (ii) request for on-demand services, customer support, or (iii) which is otherwise communicated to us which may include your name, gender, email address(es), mobile number, mailing address(es) and pictures you may upload to (a) resolve any complaints/feedback in relation to the use of the Services, (b) enhance your experience of the Services; and (c) provide you with customized content on the Services.

  1. Information we collect through your use of the Application

    1. Location Information: We access precise location data of your mobile device when the Application is running in the foreground. We may also derive your approximate location from your IP address to fine tune search of the relevant vendors through the Application in order to enhance the experience of the Services. We collect location information and store it on the server to identify if there is relevant service that can be recommended to you.

  1. Transaction Information: We may access transaction details related to your use of the Services including, but not limited to the type of goods/services requested, date and time of the request, merchants from whom the goods/services have been sourced, number of transactions conducted, fulfilment of the transactions, complaints against the goods/services sourced and other related transaction details to (i) provide you with customized content on the Services (ii) monitor the usage of the Services; and (iii) improve the content and services provided on the Services.

  2. Usage and Preference Information: We may access information about your interactions with the Services using Google Analytics services or any other third party analytics services including but not limited to date and time you use the Services, the areas or pages of the Services or internet resources that you visit (through the Application), the content you view; and the settings you have chosen. We may use cookies, device fingerprinting, open device identifier number or similar technologies to collect the information under this category.

  3. Device Information: We may access information about your mobile device, including but not limited to, the hardware model, operating system and version, preferred language, unique device identifier, advertising identifiers, device booting status, mobile mode and state (including the silent mode, sleep mode, screen saver function, call function, etc) and mobile network information to facilitate the provision and resumption of services and functions related to the Services, as well as software updates, and product support. We may also access the vibrator and accounts on your mobile device for the purposes of pushing notifications using GCM Id of the Application and connected devices or users. Additionally, we may access the device internal and external storage to seamlessly store in such storage, any pictures you create, receive or download during the course of usage of the Services.

  4. Internet: We will access the internet or wifi network or any changes in the internet or wifi network of your mobile device for running the Services.

  5. Log Information: When you interact with the Services, we collect server logs, which may include information like device IP address, access dates and times, and other system activity and will be stored in a secure manner and to be processed in a manner compliant with other parts of this privacy policy.

  6. Location information: Maps API has been implemented within the Services which allows you to enjoy certain location based features. Google Maps API service has been used for this purpose and hence you will be bound by Google’s Terms of Service whilst using the Maps API. All Google’s Terms of Service shall apply as they are to you. Your location will be accessed during the usage of the Maps API, subject to your approval. We don’t create a telemarketing list or a business directory out of the information obtained by Maps API.

  7. Interactive Features/Forums Information: We will store any information you share using the interactive features (such as messaging, contact sharing, etc.) of the Services.

  1. Note: The Application uses certain third party applications and services which may collect, use, store or transmit information of the nature set out in the categories above. Details of such third party applications/services can be found on the 'About' page in the Application along with their respective privacy policies.

  2. The collection, storage, use and sharing (if any) of this data will be in accordance with this Privacy Policy.


  1. We use cookies, device fingerprinting, open device identifier number or similar technologies to collect the information described above. A cookie is a small text file that may be stored on the hard drive of your device when you use the Services. We may also use the above mentioned technologies to: (i) provide you with customized content on the Application; (ii) monitor the usage of the Services; and (iii) conduct research to improve the content and services provided on the Services.

  2. We also allow other companies such as web/mobile analytics tool providers to set or access their cookies or web beacons or similar technologies on the Application. For example, we may use third party mobile analytics tool provider to analyze big-data on our behalf. These third-party analytics providers employ cookies, web beacons and other similar technologies to measure and analyze the big-data. To do so, these tools may use information about your use of the Application which information will be anonymized such that it cannot reasonably be used to identify you. Information such as name, phone, email, location, device information, network carrier can be shared with with analytics and marketing partners used by us for the purpose of personalizing your experience on the Services, behavioural analysis, relaying relevant communication to you about new information, features, offers, feedback and more. This data can also be used for online marketing purposes by us. Details of such web/mobile analytics partners can be found in the 'About' page in the Application or website along with their respective privacy policies.


  1. We use the data (account usage and technical information) that is collected for the following general purposes:

    1. To deliver the services made available through as part of the Services

    2. To respond to the request that you sent us such as your request for information, or your request to subscribe to a service;

    3. To administer, protect and improve the Services;

    4. To facilitate processing of payments via your authorised payment processor;

    5. To better understand the preferences of users of the Services

    6. To track the performance of the Services;

    7. To compile aggregated statistics about usage of the Services;

    8. To help personalize your experience of the Services;

    9. To improve services offered to you and;

    10. To help us with internal business functioning;

    11. To provide you with information about technologies, training content, analytics, reports, product or service releases, news, and other communications;

    12. To recommend relevant merchants,products, or other services to you in the form of an in app message, app notification, email, SMS, mobile application page, website page or any other form of communication;

    13. To verify or assess information for the purpose of risk management and to ensure safety & security of both your and our accounts;

    14. To the extent permitted by applicable law, we may combine various types of data that is collected to achieve above mentioned purposes; we will always ask for your consent before sharing your Personal Information with third parties for purposes other than those described in this section.


  1. We may share or transfer information you disclose on or is collected through the Services only for the following purposes: (i) to third parties who process the data on our behalf for the purposes set forth in this Policy; (ii) to the approved payment processing provider(s), to facilitate the processing, fulfilment and delivery of any orders placed by you; (iii) as required by law or in the interest of protecting or exercising the Merchant’s or others' legal rights, e.g., without limitation, in connection with requests from law enforcement officials and in connection with court proceedings; (iv) to partners who specialize in Big Data analytics, marketing and advertising, for use of the data in their businesses, on an anonymized basis such that it cannot reasonably be used to identify you. (v) to 3rd party logistics partners and their employees, affiliates, staff, etc. of the Merchant for the purpose of delivery and fulfilment of any of the order placed by you; (vi) to analytics and marketing partners for the purpose of personalizing your experience on the app, behavioural analysis, relaying relevant communication to you about new information, merchant, application features, offers, feedback and more.


  1. If personal information you have submitted through the Services is no longer accurate, current, or complete, you are allowed to update these changes using the Services , but we reserve the right to use information obtained previously to verify your identity or take other actions that it believes is appropriate.


  1. The Services are intended for adults. We do not intentionally or knowingly collect personally-identifiable information from minors (under the age of 18) and requests that minors (under the age of 18) do not submit any personal information on the Services . We will deactivate an account if the account is found to belong to a minor.


  1. Transmissions over the Internet are never 100% secure or error-free. However, we take reasonable steps to protect your personal information from loss, misuse, and unauthorized access, disclosure, alteration, and destruction.

  2. Commercially reasonable physical, managerial, operational and technical security measures are employed by us to protect the loss, misuse and alteration and to preserve the security of the Personally Identifiable Information in our care.

  3. We employ standard access control methods, encryption, etc. to ensure safety of your data. We will notify you of any breach in security through notifications on the app and other means where possible in case of any breach in security.


  1. Merchant or authorized 3rd party partner of the Merchant has right to to verify information about you for the purpose of risk management or also get it verified by sharing the information with the 3rd party verification agencies. The information thus shared will be protected by confidentiality agreements with the 3rd party verification agencies such that the same level of protection of data as the Merchant, is employed by the 3rd party agencies.

  2. The Merchant or 3rd party entity may contact you via email, SMS, message on the Services, physical visit to your premise or via any other means available, for further information with respect to your transaction on the Services, for verification for internal risk management purpose, to meet a regulatory requirement.

  3. You agree to cooperate with us and share further information for the purpose of verification and safety and security of you & us, & to meet regulatory requirements imposed by banks or government where you, or we are located. Failure to cooperate with us in any such verification can lead to deactivation of your account and discontinuation of the Services. Final decision shall lie with us.


  1. We reserve the right to change, modify, add or remove portions of this Policy at any time, but will alert you that changes have been made by indicating on the Policy the date it was last updated. When you use the Services, you are accepting the current version of this Policy as posted at that time. It is recommended that you revisit this Policy occasionally to learn of any changes.


  1. If you have any questions, or concerns about this Policy or any complaints about the manner in which we handle your personal information or the use of your personal information (in doing so acknowledging that we may be unable to provide you all or some of the services), please feel free to contact us at +91 9042422122




  1. We don't sell or rent your personal information to third parties for their marketing purposes without your explicit consent. We may disclose personal information to respond to legal requirements, enforce our policies, respond to claims that a posting or other content violates other's rights, or protect anyone's rights, property, or safety. Such information will be disclosed in accordance with applicable laws and regulations. We may also share personal information with service providers who help with our business operations, and with members of our corporate family, who may provide joint content and services and help detect and prevent potentially illegal acts. Should we plan to merge or be acquired by another business entity, we may share personal information with the other company and will require that the new combined entity follow this privacy policy with respect to your personal information.


  1. Tsepak technologies Pvt. Ltd. (“Goodbox”) is our technology partner, powering the Services offered to you. The data captured and stored during your usage of the Services is securely stored by Goodbox. Goodbox is bound by the terms of this policy with respect to the usage and protection of your data.


  1. To offer superior experience to you, your usage data of the Services is synced with your account on Goodbox Mega App, in case you have registered on Goodbox Mega app ( or Goodbox website ( Your usage data of the Goodbox Mega app or Goodbox website similarly would be synced with the Services and made available to offer superior experience.