Skip to main content
Verified partner stores
SupportHelpStore owner login
OPTOKART

Privacy policy

Last updated: May 2026

This policy describes how OPTOKART ("we", "us") handles personal data when you use optokart.com, our consumer Android app (package com.optokart.app), and related partner or admin tools. By using our services you agree to this policy.

1. Who we are

OPTOKART operates a hyperlocal optical marketplace connecting shoppers with independent partner optical stores. For privacy requests contact support@optokart.com or use Contact.

2. What we collect

  • Account & profile — name, email, phone, delivery addresses, saved preferences, referral codes, and order history when you sign in (including via Google) or complete checkout.
  • Prescription & clinical inputs — prescription values you enter, photos you upload for OCR assist, lens configuration choices, and vision-screening responses where you use those features. You are responsible for verifying clinical values before ordering.
  • Orders & payments — cart contents, order ids, payment status, Razorpay transaction references, GST/invoice fields, delivery OTP events, and escrow/payout timestamps processed on our servers (we do not store full card or UPI PIN data; payments are handled by Razorpay).
  • Store & trial bookings — store selected for in-store trial, home-trial requests, eye-test bookings, and related contact details.
  • Partner & staff accounts — partner store email, password authentication metadata, custom role claims, billing and walk-in records for store owners using the partner portal.
  • Device & app permissions — with your permission: camera (prescription capture, virtual try-on), location (nearby stores, delivery regions), network status, and push notification tokens if you enable alerts. Standard device, browser, and app diagnostics (IP address, OS version, crash logs).
  • Support & communications — messages you send via contact forms, support tickets, email, or WhatsApp hand-offs initiated from the app.
  • Cookies & similar technologies — on the website: session, analytics, and marketing tags where enabled. The Android app uses local storage and Firebase services instead of browser cookies for core auth.

3. How we use data

We use personal data to:

  • Provide shopping, checkout, order tracking, prescriptions, trials, and partner fulfilment.
  • Authenticate users (Google sign-in for customers; email/password for partners and staff).
  • Process payments, prevent fraud, and operate escrow-style payout rules for partner stores.
  • Send transactional email (order updates, password resets) via our email providers.
  • Improve products, fix errors, and measure campaign performance where analytics are enabled.
  • Comply with law, respond to disputes, and enforce our terms.

We do not sell your personal data. We share data only with service providers under contract, partner stores fulfilling your order, payment processors, or when required by law.

4. Service providers

Depending on the feature you use, data may be processed by:

  • Google Firebase (authentication, database, cloud functions, hosting)
  • Google Sign-In (customer identity, when you choose it)
  • Razorpay (payments)
  • Brevo and Firebase email (transactional messages)
  • Google reCAPTCHA (abuse prevention on web forms)
  • Analytics or marketing tools configured on the website (e.g. GA4) where enabled

Partner stores receive the information needed to prepare, verify, and deliver your order (including prescription details you submit).

5. Legal basis

Where applicable we rely on: contract (fulfilling your order or partner agreement); consent (optional marketing, certain permissions); legitimate interests (security, fraud prevention, product improvement); and legal obligation (tax, accounting, regulatory requests). India's Digital Personal Data Protection framework may apply to processing of personal data in India.

6. Retention

We keep data only as long as needed for the purposes above — for example, order and invoice records for statutory periods, account data while your account is active, and support tickets until resolved plus a reasonable archive. Anonymous guest sessions may be merged when you link a Google account.

7. Your choices & rights

  • Access or update profile and delivery details in Account / Profile (when signed in).
  • Revoke app permissions in Android Settings (camera, location, notifications).
  • Request access, correction, or deletion by emailing support@optokart.com.
  • Opt out of non-essential marketing where offered.

You may lodge a complaint with the relevant data protection authority in your jurisdiction.

8. Children

Our services are not directed at children under 13. Prescription orders for minors should be placed by a parent or guardian. Contact us if you believe we collected a child's data without appropriate consent.

9. Security

We use encryption in transit (HTTPS), role-based access, server-side validation for payments and order status, and industry-standard cloud infrastructure. No method of transmission or storage is 100% secure.

10. International transfers

Our primary infrastructure is in India (e.g. Firebase asia-south1). Some subprocessors may process data in other countries under their standard contractual safeguards.

11. Changes

We may update this policy and will post the new version here with an updated date. Material changes may also be notified in-app or by email where appropriate.

12. Related documents

See also Terms of use, Refund policy, and Purchase terms.