privacy policy

mrigAI ("we", "our", or "us") operates the mrigAI mobile application (the "app"). this privacy policy explains how we collect, use, disclose, and safeguard your information when you use our app.

by using the app, you agree to the collection and use of information in accordance with this policy.

1. information we collect

1.1 information you provide

• platform login sessions: when you log into third-party platforms (zepto, blinkit, swiggy instamart) through our app's embedded browser, we access your session data with your explicit permission to enable price comparison and cart automation features.
• explicit permissions: before accessing any platform data, we request your explicit consent to:
  • use your logged-in sessions for automation purposes
  • retrieve data from localstorage and platform apis
  • act on your behalf to compare prices and manage carts

1.2 information collected automatically

• device information: we generate and store a pseudonymous device identifier to provide a consistent experience across sessions. if you choose to use third-party platform features in the app, this device identifier may be associated with the platform account data you authorize us to access (e.g., phone number, address data, cart state).
• location data: with your permission, we collect approximate location data to show nearby store availability and delivery options. you can deny or revoke this permission at any time.
• usage analytics: we use posthog to collect pseudonymous usage data including:
  • app navigation patterns
  • feature usage statistics
  • session recordings (with text inputs and images masked for privacy)
  • network telemetry from within the app to help diagnose performance and reliability issues
  • performance metrics
• error logs: we use sentry to collect crash reports and error logs to improve app stability. these logs may include device type, os version, and app state at the time of error.

1.3 information from third-party platforms

when you grant explicit permission, we access and may store the following data from platforms you log into:

zepto

• mobile number: your registered phone number
• user profile: account information including name and preferences
• user position: your saved delivery location coordinates
• user addresses: your saved delivery addresses
• cart data: products, quantities, prices in your shopping cart
• session data: device id, session id, store id, and authentication tokens required for api calls
• search headers: technical headers needed to perform product searches on your behalf

blinkit

• phone number: your registered phone number
• user profile: account information including user id
• search history: your previous search queries on the platform
• location data: your saved delivery location
• addresses: your saved delivery addresses (addressesv2)
• cart data: products, quantities, prices in your shopping cart

swiggy instamart

• mobile number: your registered phone number
• user profile: account information from the platform's initial state
• user location: your saved delivery location
• cart data: products, quantities, prices in your shopping cart

how this data is used

• session tokens and headers are used to make api calls on your behalf for searching products and managing carts
• location and address data ensures you see accurate pricing and availability for your delivery area
• cart data enables cross-platform price comparison
• phone numbers are used to identify your account across sessions and prevent duplicate entries

important: we do not store your platform passwords. authentication is handled directly by the respective platforms through their web interfaces. we access your data through localstorage and intercepted api responses while you use the platforms within our app.

important: session artifacts such as api headers/tokens used to perform actions on third-party platforms are handled on your device within the embedded browser. we do not intend to store your third-party platform passwords or full session cookies on our backend.

important: the app performs automation only when you choose to use automation features. the app does not attempt to bypass security measures of third-party platforms.

2. how we use your information

we use the collected information to:

• provide core features: compare prices across zepto, blinkit, and swiggy instamart
• cart synchronization: help you replicate your cart across platforms for comparison
• improve the app: analyze usage patterns to enhance features and fix bugs
• customer support: diagnose issues and respond to your inquiries

3. data storage and security

3.1 where data is stored

• on-device: session data and preferences are stored locally on your device
• cloud services: analytics and error data are stored on secure third-party services (posthog, sentry)
• backend servers: we store a user record keyed by your device identifier and may store platform account metadata you authorize us to capture (for example: phone number and certain profile/location/address fields) to support the app experience across sessions.

3.2 security measures

• all data transmission uses https encryption
• api communications are secured with authentication keys
• session-related data may be stored locally on your device to enable app functionality across navigation and sessions, and can be cleared by logging out, clearing app storage, or uninstalling the app
• we do not sell or share your personal data with third parties for marketing purposes

please note that no method of transmission over the internet or electronic storage is 100% secure.

3.3 data retention

• on-device data: some session-related data may remain on your device until you log out of the underlying platform(s), clear app storage, or uninstall the app.
• server-side data: we retain the device record and related platform account metadata for as long as reasonably necessary to operate the app, comply with legal obligations, resolve disputes, and enforce agreements. you may request deletion as described below.

3.4 consent and acceptance records

we may record that you accepted our terms of service and privacy policy (including timestamps and version/date) and that you provided consent for certain app features, in order to demonstrate your authorization and to help prevent fraud and abuse.

4. third-party services

our app uses the following third-party services that have their own privacy policies:

4.1 international data transfers

some third-party service providers and cloud infrastructure we use (including analytics, crash reporting, and hosting providers) may process or store information on servers located outside india. by using the app, you consent to such transfers to the extent permitted by applicable law.

5. your rights and choices

5.1 access and control

• location: you can enable/disable location access in your device settings
• platform sessions: you can log out of any platform at any time through the app
• analytics: session recordings mask all text inputs and images by default

5.2 data deletion

to request deletion of your data, contact us at aniket@mrigai.com. we will:

• clear any server-side data associated with your device identifier
• guide you on clearing local app data

5.3 opt-out

you can stop all data collection by uninstalling the app.

6. children's privacy

our app is not intended for children under 13 years of age. we do not knowingly collect personal information from children under 13. if you believe we have collected information from a child under 13, please contact us immediately.

7. changes to this policy

we may update this privacy policy from time to time. we will notify you of any changes by updating the "last updated" date at the top of this policy. continued use of the app after changes constitutes acceptance of the updated policy.

8. contact us

if you have questions about this privacy policy, please contact us:

email: aniket@mrigai.com

this privacy policy is effective as of the date stated above.