Multi-Service Platform
Protecting Your Data Across Our Multi-Service Ecosystem
Effective Date: 30 December 2025
Last Updated:30 December 2025
Version: 2.0
Welcome to INMART's Privacy Policy. This document explains how INMART collects, uses, discloses, and safeguards your information when you use our multi-service platform.
This Privacy Policy applies to all services offered by INMART across our platform domains:
INMART is committed to protecting your privacy and ensuring the security of your personal data. We comply with applicable data protection laws including:
| Regulation | Application | Key Compliance |
|---|---|---|
| GDPR (General Data Protection Regulation) |
Users in European Union | Lawful basis for processing, data subject rights, data protection by design |
| CCPA (California Consumer Privacy Act) |
California residents | Right to know, delete, opt-out, non-discrimination |
| HIPAA (Health Insurance Portability and Accountability Act) |
Pharmacy services only | Protected health information safeguards |
INMART collects various types of information to provide and improve our services. The data we collect depends on how you interact with our platform.
| Data Category | Examples | Purpose of Collection |
|---|---|---|
| Account Information | Full name, email address, phone number, password | Account creation, authentication, communication |
| Profile Information | Profile picture, delivery addresses, preferences | Personalized service, delivery coordination |
| Payment Information | Card details, billing address (encrypted) | Transaction processing, fraud prevention |
| Health Information* | Prescriptions, medical conditions (pharmacy services only) | Medical service provision, prescription fulfillment |
| Order Information | Items ordered, quantities, special instructions | Order fulfillment, inventory management |
* Health information is collected only for pharmacy services with explicit consent and is handled with additional security measures.
Device type, operating system, browser type, IP address, unique device identifiers
GPS data, Wi-Fi access points, cell towers (with your permission) for delivery services
Pages visited, features used, time spent, search queries, clickstream data
Session cookies, persistent cookies, pixel tags, web beacons for functionality and analytics
INMART uses your information for various purposes to provide, maintain, and improve our services.
Processing orders, arranging deliveries, providing customer support, and maintaining your account
Tailoring content, recommendations, and offers based on your preferences and usage patterns
Detecting and preventing fraud, abuse, security incidents, and verifying accounts
Understanding how our services are used to improve functionality, features, and user experience
For users in the European Union, we process your personal data under the following legal bases:
| Legal Basis | Application Examples |
|---|---|
| Contractual Necessity | Processing orders, delivering products, providing customer support, managing your account |
| Legitimate Interests | Fraud prevention, service improvement, marketing (where applicable), network security |
| Consent | Marketing communications, health data processing, precise location tracking, cookies |
| Legal Obligation | Tax compliance, responding to legal requests, regulatory reporting |
INMART may share your information in specific circumstances as described below. We do not sell your personal data to third parties.
| Provider Category | Data Shared | Purpose |
|---|---|---|
| Delivery Partners | Name, address, phone number, order details | Order delivery coordination and tracking |
| Store Partners | Order details, contact information | Order fulfillment and customer service |
| Payment Processors | Payment information (encrypted) | Secure transaction processing |
| Cloud Services | All data (encrypted) | Data storage, backup, and processing infrastructure |
Pharmacy-related health information is never shared with marketing partners, advertisers, or any third party not directly involved in your healthcare service provision, except as required by law or with your explicit consent.
We may disclose your information if required to do so by law or in response to valid requests, including:
INMART employs comprehensive security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction.
All data transmissions encrypted with TLS/SSL. Sensitive data encrypted at rest using AES-256 encryption.
Strict role-based access controls limit employee access to personal data based on job requirements.
Firewalls, intrusion detection/prevention systems, regular security audits, and vulnerability assessments.
Regular audits ensure compliance with security standards (ISO 27001, SOC 2) and data protection regulations.
| Data Type | Additional Security Measures |
|---|---|
| Payment Information | PCI DSS compliance, tokenization, never stored on our servers, regular security audits |
| Health Information | HIPAA-compliant storage, additional encryption layer, restricted access, audit logging |
| Account Credentials | Hashed passwords (bcrypt), multi-factor authentication, failed login attempt monitoring |
| Location Data | Geofencing, data anonymization where possible, time-limited retention |
While we implement strong security measures, you also play a role in protecting your information:
Depending on your location, you may have certain rights regarding your personal information.
Request copies of your personal data that we hold and information about how we use it.
Request correction of inaccurate or incomplete personal data.
Request deletion of your personal data under certain conditions (right to be forgotten).
Request restriction of processing your personal data in specific circumstances.
Request transfer of your data to another organization in a structured, commonly used format.
Object to processing of your personal data based on legitimate interests or for direct marketing.
If you are a California resident, you have additional rights under the California Consumer Privacy Act:
| Right | Description |
|---|---|
| Right to Know | Request information about personal data collected, used, shared, or sold in the past 12 months |
| Right to Delete | Request deletion of personal information collected (with certain exceptions) |
| Right to Opt-Out | Opt-out of the sale of personal information (INMART does not sell personal data) |
| Right to Correct | Request correction of inaccurate personal information |
| Right to Non-Discrimination | Not receive discriminatory treatment for exercising privacy rights |
To exercise any of these rights, please contact us at datarequest@inmart.cloud or through your account settings. We will respond to your request within 30 days.
Note: For security purposes, we may need to verify your identity before processing certain requests. We may ask for additional information to confirm you are the account owner.
INMART operates globally, and your personal data may be transferred to, stored, and processed in countries other than your country of residence.
When we transfer your personal data to other countries, we implement appropriate safeguards including:
INMART stores data in secure data centers located in:
Data is typically stored in the region closest to your primary location to ensure optimal performance and compliance with local regulations.
INMART services are not directed to individuals under the age of 16 (or under 13 in some jurisdictions).
Parents or guardians who register accounts for family use are responsible for:
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.
| Change Type | Notice Period | Notification Method |
|---|---|---|
| Minor Changes (typos, clarifications) |
7 days notice | Website update date, in-app notification for active users |
| Material Changes (new data uses, sharing) |
30 days notice | Email notification, prominent website notice, in-app banner |
| Regulatory Changes (required by law) |
Immediate implementation | Notification + explanation of changes, option to accept updated terms |
| Version | Date | Key Changes |
|---|---|---|
| 2.0 | 30 December 2025 | Added Food Delivery service data practices, enhanced CCPA compliance, updated contact information |
By continuing to use INMART services after updates to this Privacy Policy, you acknowledge and agree to the updated terms. If you do not agree with the updated policy, you may close your account and discontinue use of our services.
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us using the information below.
Email: privacy@inmart.cloud
Phone: 1-800-INMART-PRIVACY
Hours: 9 AM - 6 PM, Monday-Friday
Surya M, DPO
Email: dpo@inmart.cloud
Phone: 1-800-INMART-DPO
Email: security@inmart.cloud
24/7 Emergency Line: 1-800-INMART-SEC
For suspected data breaches or security incidents
INMART Privacy Office
Building No./Flat No.: NMC 62E
Name Of Premises/Building: PERUMAL BUILDING
Road/Street: PWD Road
Locality/Sub Locality: agasteeswaram
City/Town/Village: Nagercoil
District: Kanniyakumari
State: Tamil Nadu
Pin Code : 629001
If you have concerns about how we handle your personal data and are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority: