XENIOSINTELLIGENT OPERATIONS OS
Legal

Privacy Policy

Last updated: 22 June 2026

This Privacy Policy explains how GIZMOIOT INNOVATIONS LLP ("XENIOS", "we", "us") collects, uses, discloses and protects information about visitors to xenios.in and operators who use the XENIOS Hospitality Management OS ("the Service"). We are committed to compliance with India's Digital Personal Data Protection Act, 2023 (DPDP Act).

1. Information we collect

We collect only what we need to deliver and improve the Service:

  • Contact information you submit via the demo form (name, restaurant name, phone, email, number of outlets).
  • Operational data generated by your use of the Service: menu items, orders, payments, inventory, staff PIN hashes. This data belongs to your business.
  • Anonymised usage metrics (page views, feature usage) to improve the product.
  • Customer data of your patrons, only where you have configured the Service to collect it (e.g., phone number for QR ordering, feedback).

2. How we use information

  • To respond to your demo requests and provide customer support.
  • To deliver, maintain and improve the Service.
  • To send transactional emails (account-related, billing, security).
  • To meet legal, tax and accounting obligations under Indian law.

We do not sell your data. We do not share patron data with third parties for marketing.

3. Where your data lives

Operational data is stored locally on the in-cafe laptop you operate, with encrypted backups synchronised to our private servers hosted in India. Marketing-site data (demo enquiries) is stored in our CRM and email systems.

4. Your rights (DPDP Act)

You have the right to:

  • Access information we hold about you.
  • Correct inaccurate information.
  • Erase your information (subject to legal retention obligations).
  • Withdraw consent at any time.
  • File a grievance with our Data Protection Officer.

To exercise any of these rights, email info@xenios.in with the subject line "DPDP request". We respond within 30 days.

5. Security

We use industry-standard practices: encryption at rest, encryption in transit (TLS/HTTPS), bcrypt-hashed credentials, role-gated access, daily backups, and isolation between customer environments. No system is perfectly secure. We notify affected operators of any incident in line with DPDP Act requirements.

6. Cookies

xenios.in uses only first-party cookies required to remember your session and preferences. We do not use third-party advertising cookies.

7. Changes to this policy

We update this policy as the Service evolves. The "Last updated" date at the top of this page reflects the most recent change. Material changes will be communicated to active customers by email.

8. XENIOS Owner mobile app

The XENIOS Owner app (iOS and Android) lets restaurant owners, managers, investors and partners view performance data for the outlets they are authorised to access. In addition to the above, the app processes:

  • Account & sign-in — your name, email and (optionally) phone, used to authenticate you and scope you to only the outlets and financial detail your role permits. Investor and partner accounts are read-only.
  • Business data you view — your outlet's sales, tables, expenses and related metrics, shown to you through the app. This is your business's own data.
  • Push notification token — a device token via Google Firebase Cloud Messaging, used only to deliver the alerts you opt into (e.g. cash-discrepancy or unbilled-table alerts). You control which alerts you receive in the app's settings.

The app contains no advertising and does not sell personal information. Connections use HTTPS and passwords are stored as bcrypt hashes. You may request access to, correction of, or deletion of your account at the contact below.

9. Contact

GIZMOIOT INNOVATIONS LLP
S.No 13/2, G No 5, Prem Kunj, Sagar Society, Bavdhan, Haveli, Pune, Maharashtra 411021
GSTIN: 27ABAFG9551D1ZG
Email: info@xenios.in
Phone: +91 78880 03666