Last Updated: February 19, 2026
Welcome to Bookr ("we," "our," "us," or the "Company"). Bookr operates as a digital aggregator and marketplace connecting users with independent venue owners (Turfs, Farmhouses, Events, Clubs, and Restaurants).
This Privacy Policy ("Policy") is published in strict compliance with the Information Technology Act, 2000, the Digital Personal Data Protection (DPDP) Act, 2023, and the developer program policies of the Google Play Store. It exhaustively details how we collect, store, process, protect, and share your personal data. By accessing or using the Bookr mobile application, you explicitly consent to the practices described in this document.
To provide a secure and functioning marketplace, we adhere to the principle of data minimization but collect the following necessary categories of data:
A. Account & Identity Data
What we collect: Full name, mobile phone number, email address, and an optional profile picture.
Source: Provided directly by you during registration and authenticated via our secure backend (Supabase).
B. Transactional & Booking Data
What we collect: Booking history, venue selections, time slots, guest counts, pricing, discount usage, and QR code redemption statuses.
Source: Generated automatically as you interact with the Bookr marketplace.
C. Financial & Payment Data
What we collect: Transaction IDs, payment status (Success/Failed), and amounts paid.
What we DO NOT collect: Bookr does not capture, store, or process complete credit/debit card numbers, CVVs, or UPI PINs on our servers. All financial data is encrypted and processed directly by our PCI-DSS compliant third-party payment gateway, Razorpay.
D. Device & Technical Data
What we collect: Device manufacturer and model, Operating System (OS) version, IP Address, App version, and Firebase Cloud Messaging (FCM) Tokens.
Purpose: Required to deliver push notifications (e.g., booking confirmations), ensure app stability, and detect fraudulent or unauthorized account access.
E. Device Permissions (Foreground Data) Bookr requires certain device permissions to function. We only access these with your explicit, in-app consent:
Location Data (Coarse/Approximate): Collected only when the app is actively in use (foreground). Purpose: To display geographically relevant venues, sort turfs by proximity, and calculate travel distances. We do not track your location in the background.
Camera & Photo Library: Accessed only when explicitly triggered by the user. Purpose: To allow venue owners and staff to scan user QR code entry passes for arrival verification and booking confirmation. We do not access your camera in the background or record video.
We utilize your data exclusively for the following operations:
To authenticate your identity via One-Time Passwords (OTPs) and prevent account hijacking.
To facilitate venue discovery, process bookings, and generate digital QR Codes for gate entry.
To communicate critical transactional updates (confirmations, cancellations, receipts) via email or push notifications.
To calculate platform commissions (3.5% - 5%) and manage payouts to venue owners.
To provide customer support and mediate disputes between users and venue owners.
We strictly do not sell, rent, or trade your personal data to third-party advertising networks. Information is only shared under these specific conditions:
Venue Owners (Vendors): When a booking is confirmed, we share your Name, Phone Number, and Booking Details with the specific Turf, Event, or Farmhouse owner. This is strictly required for QR code verification, security, and communication regarding your specific arrival.
Service Providers: We share encrypted data with our trusted infrastructure partners, including Supabase (Database & Authentication), Google Firebase (Push Notifications), and Razorpay (Payment Processing).
Legal Authorities: We will disclose your information if legally required to do so by a valid court order, government mandate, or law enforcement agency request to protect the safety and rights of Bookr, our users, or the public.
Bookr allows venue owners to upload images and descriptions, and users to submit reviews. We are committed to a safe platform:
Zero Tolerance: We strictly prohibit content that is illegal, offensive, sexually explicit, discriminatory, or misleading.
Reporting Mechanism: Users can flag any inappropriate listing or review directly within the app via the "Report a Grievance" button located in the Support & Settings menu.
Action & Moderation: Our moderation team investigates all reports within 24 hours. Violating content is immediately removed, and repeat offenders (users or owners) will face permanent account bans.
We deploy enterprise-grade security protocols:
Data in Transit: All communications between the Bookr app and our servers are secured using SSL/TLS encryption.
Data at Rest: User profiles and booking databases are hosted on secure, encrypted Supabase servers.
Active Accounts: We retain your profile data as long as your account remains active.
Deleted Accounts: Upon account deletion, personal identifiers (Name, Email, Phone) and tracking tokens are instantly scrubbed or anonymized.
Financial Compliance: Regardless of account deletion, we are legally mandated by Indian accounting and tax laws to retain transactional ledger data (Booking IDs, payment statuses, and venue details) for a period of up to 7 years.
8. User Rights and Account Deletion As a Data Principal, you maintain absolute control over your personal data. Because Bookr operates a multi-role marketplace, the account deletion process varies depending on your account type:
Right to Access & Rectify: You may view and edit your profile information at any time within the app.
Right to Withdraw Consent: You may revoke Location or Camera permissions via your device’s OS settings at any time.
Account Deletion Process by Role:
For User and Staff Members:
In-App Deletion: You can permanently delete your account and associated personal data instantly by navigating to Profile > Settings > Delete Account within the mobile app. This logs you out and anonymizes your profile.
Web-Based Request: If you no longer have the app installed, you can request permanent data deletion by emailing support@thebookr.in with the subject line "Account Deletion Request."
For Venue Owners (Clients):
Deletion by Request Only: Because venue owner accounts are legally tied to active business ledgers, upcoming customer bookings, and pending financial payouts, Venue Owners cannot instantly delete their accounts via the app. To initiate permanent account and data deletion, Venue Owners must email support@thebookr.in from their registered business email address. Requests are processed and executed once all pending bookings are fulfilled and final financial settlements are cleared.
Bookr is a financial booking platform and is strictly restricted to individuals 18 years of age and older. We do not knowingly collect personal data from minors. If we become aware that a minor has registered and provided personal data, we will immediately terminate the account and purge the data.
Our application may contain links to external websites (e.g., Google Maps for venue directions or artist social media pages). We do not control and are not responsible for the privacy practices of these third-party platforms.
We reserve the right to amend this Privacy Policy to reflect evolving legal or technological standards. Significant changes will be communicated via prominent in-app notifications. Continued use of Bookr constitutes acceptance of the updated policy.
In strict accordance with the Information Technology Act, 2000, and the DPDP Act, 2023, if you have any grievances, data privacy concerns, or wish to report a platform violation, please contact our designated Grievance Officer:
Name of Grievance Officer: Prasad Magdum, Co-Founder & Grievance Officer
Email Address: support@thebookr.in
Physical Address: Bookr Headquarters, Dange Galli, Juna Budhwar Peth, Kolhapur, Maharashtra, India.
Resolution Timeline: We will acknowledge your grievance within 24 hours and provide a resolution within 15 business days.