XENIOSHOSPITALITY MANAGEMENT OS
Legal

Privacy Policy

Last updated: 14 May 2026

This Privacy Policy explains how GIZMOIOT INNOVATIONS LLP ("XENIOS", "we", "us") collects, uses, discloses and protects information about visitors to xenios.in and operators who use the XENIOS Hospitality Management OS ("the Service"). We are committed to compliance with India's Digital Personal Data Protection Act, 2023 (DPDP Act).

1. Information we collect

We collect only what we need to deliver and improve the Service:

  • Contact information you submit via the demo form (name, restaurant name, phone, email, number of outlets).
  • Operational data generated by your use of the Service: menu items, orders, payments, inventory, staff PIN hashes. This data belongs to your business.
  • Anonymised usage metrics (page views, feature usage) to improve the product.
  • Customer data of your patrons, only where you have configured the Service to collect it (e.g., phone number for QR ordering, feedback).

2. How we use information

  • To respond to your demo requests and provide customer support.
  • To deliver, maintain and improve the Service.
  • To send transactional emails (account-related, billing, security).
  • To meet legal, tax and accounting obligations under Indian law.

We do not sell your data. We do not share patron data with third parties for marketing.

3. Where your data lives

Operational data is stored locally on the in-cafe laptop you operate, with encrypted backups synchronised to our private servers hosted in India. Marketing-site data (demo enquiries) is stored in our CRM and email systems.

4. Your rights (DPDP Act)

You have the right to:

  • Access information we hold about you.
  • Correct inaccurate information.
  • Erase your information (subject to legal retention obligations).
  • Withdraw consent at any time.
  • File a grievance with our Data Protection Officer.

To exercise any of these rights, email info@xenios.in with the subject line "DPDP request". We respond within 30 days.

5. Security

We use industry-standard practices: encryption at rest, encryption in transit (TLS/HTTPS), bcrypt-hashed credentials, role-gated access, daily backups, and isolation between customer environments. No system is perfectly secure. We notify affected operators of any incident in line with DPDP Act requirements.

6. Cookies

xenios.in uses only first-party cookies required to remember your session and preferences. We do not use third-party advertising cookies.

7. Changes to this policy

We update this policy as the Service evolves. The "Last updated" date at the top of this page reflects the most recent change. Material changes will be communicated to active customers by email.

8. Contact

GIZMOIOT INNOVATIONS LLP
S.No 13/2, G No 5, Prem Kunj, Sagar Society, Bavdhan, Haveli, Pune, Maharashtra 411021
GSTIN: 27ABAFG9551D1ZG
Email: info@xenios.in
Phone: +91 78880 03666