EASTERNBASKET
PRIVACY POLICY
Effective Date: May 11, 2026
Last Updated: May 11, 2026
================================================================
INTRODUCTION
Welcome to the EasternBasket mobile application ("Application," "App," or
"Service"), operated by EasternBasket, Inc., a company incorporated in the
State of Texas, United States of America ("Company," "we," "our," or "us").
EasternBasket is an online grocery delivery platform that offers a curated
selection of fresh produce, packaged groceries, household essentials, and
other consumer goods ("Products" or "Items") sourced from local suppliers,
farmers, wholesalers, and authorized distributors. We currently provide
delivery services within the greater Houston, Texas metropolitan area
("Service Area") with a delivery commitment of within twenty-four (24) hours
of order placement.
This Privacy Policy explains how we collect, use, share, store, and protect
the personal information of individuals who access or use our Application
("Customer," "User," or "you"). It also describes the choices and rights
available to you regarding your personal information. By creating an
account, placing an order, or otherwise using our Application, you
acknowledge that you have read and understood this Privacy Policy.
This Policy is designed to comply with applicable U.S. federal and state
privacy laws, including but not limited to the Federal Trade Commission Act,
the Children's Online Privacy Protection Act (COPPA), the Texas Data
Privacy and Security Act (TDPSA), and other applicable state consumer
privacy laws.
================================================================
1. INFORMATION WE COLLECT
We collect the following categories of information when you interact with
our Application:
1.1 Information You Provide Directly
a) Account Information
- Full Name: Used to personalize your shopping experience, address
you appropriately during deliveries, and verify your identity for
customer support.
- Mobile Phone Number: Required for account verification, order
updates, delivery coordination, and two-factor authentication.
- Email Address: Used for sending order confirmations, receipts,
account notifications, and (with your consent) promotional offers.
- Password: Stored using industry-standard encryption (hashed and
salted); we never store passwords in plain text.
b) Delivery Information
- Home and Work Addresses: Used to deliver your orders accurately
within Houston and surrounding service areas.
- Delivery Instructions: Optional notes you provide (e.g., gate
codes, drop-off preferences).
c) Optional Profile Information
- Dietary Preferences (e.g., vegetarian, vegan, gluten-free)
- Cuisine Preferences
- Household Size
- Favorite Brands or Product Categories
These details help us personalize product recommendations. Providing
this information is entirely optional, and you may skip or dismiss
these prompts at any time without affecting your ability to use
the Service.
d) Customer Support Communications
Information you share when contacting us by chat, email, or phone,
including the content of your messages and any attachments.
1.2 Information Collected Automatically
a) Device and Usage Information
- Device model, operating system, unique device identifiers
- App version, browser type, IP address
- Pages visited, features used, time spent, click patterns
- Crash reports and performance data
b) Cookies and Similar Technologies
We use cookies, SDKs, and similar tracking technologies to maintain
sessions, remember preferences, analyze traffic, and improve our
Service. You may control cookies through your device settings.
1.3 Permissions Requested by the Application
a) SMS Verification (One-Time-Password Auto-Read)
During sign-up or login, with your consent, we may request permission
to automatically read the OTP (One-Time-Password) SMS message sent by
us to your device. This is solely to streamline the verification
process. We will NOT access, read, or store any other SMS messages
on your device. If you decline this permission, you can manually
enter the OTP instead.
b) Camera Access
Requested when you choose to upload product review photos, scan
barcodes, or take a picture for your profile. Camera access is used
only when you actively initiate such actions.
c) Location Access
Requested to:
- Confirm your delivery address falls within our Houston service area
- Provide accurate delivery time estimates
- Show locally available products and promotions
- Enable real-time order tracking
You may choose between "While Using the App," "Always," or "Never"
through your device settings. Denying location access may limit
certain features such as delivery to your current location.
d) Storage / Photo Library Access
Used when you upload profile photos, review images, or save receipts.
e) Notifications
With your permission, we send push notifications for order updates,
delivery alerts, and (optionally) promotions.
1.4 Payment Information
EasternBasket uses third-party payment processors, including but not
limited to Stripe, Inc. and PayPal Holdings, Inc., to handle all payment
transactions. We do NOT store your full credit card number, debit card
number, or CVV on our servers. When you make a payment, you are securely
redirected to the payment processor's environment.
We may retain limited transaction-related details such as the last four
digits of your card, card brand, transaction ID, and billing ZIP code
for receipt, refund, and fraud-prevention purposes.
For details on how Stripe handles your payment information, please review
Stripe's Privacy Policy at: https://stripe.com/privacy
================================================================
2. HOW WE USE YOUR INFORMATION
We use the information we collect for the following purposes:
a) Service Delivery
- Process and fulfill your grocery orders within 24 hours
- Coordinate delivery logistics with our drivers and partners
- Send order confirmations, receipts, and delivery updates
b) Account Management
- Create and maintain your user account
- Authenticate logins and prevent unauthorized access
- Provide customer support
c) Personalization
- Recommend products based on your preferences and order history
- Display relevant offers and discounts available in your area
d) Communication
- Send transactional messages (required for service)
- Send promotional emails or SMS only with your prior consent;
you can opt out at any time
e) Improvement and Analytics
- Analyze aggregated, de-identified usage data to improve the App,
optimize inventory, and enhance the customer experience
f) Safety, Security, and Fraud Prevention
- Detect and prevent fraudulent transactions, abuse, or violations
of our Terms of Service
- Protect the rights, property, and safety of EasternBasket, our
customers, employees, and the public
g) Legal Compliance
- Comply with applicable U.S. federal, state, and local laws,
including tax, accounting, and consumer protection regulations
================================================================
3. HOW WE SHARE YOUR INFORMATION
We do NOT sell your personal information to third parties for monetary
consideration. We may share information in the following limited
circumstances:
a) Service Providers and Partners
- Delivery drivers and logistics partners (name, delivery address,
contact number, order details)
- Payment processors (e.g., Stripe) for transaction processing
- Cloud hosting providers (e.g., AWS) for secure data storage
- SMS, email, and push-notification providers
- Analytics providers (e.g., Google Analytics for Firebase) for
aggregated usage analysis
All such partners are contractually obligated to handle your data
securely and use it only for the purposes we authorize.
b) Suppliers and Vendors
We may share limited, order-specific information with the supplier
fulfilling your order (e.g., a local grocer in Houston) when
necessary to process the order. We do not share your full contact
details unless required for fulfillment.
c) Legal and Regulatory Requirements
We may disclose information when required by law, subpoena, court
order, or other governmental request, or when we believe in good
faith that disclosure is necessary to protect our rights, comply
with judicial proceedings, or protect the safety of any person.
d) Business Transfers
In the event of a merger, acquisition, financing, or sale of
assets, your information may be transferred as part of that
transaction. We will notify you and provide choices before your
information becomes subject to a different privacy policy.
e) With Your Consent
We may share information in other ways with your explicit consent.
================================================================
4. DATA RETENTION
We retain your personal information for as long as your account remains
active or as needed to provide you the Service. Specifically:
- Account data: Retained until you request deletion
- Order history and transaction records: Retained for at least 7 years
to comply with U.S. tax, accounting, and consumer protection laws
- Customer support communications: Retained for up to 3 years
- Marketing preferences: Retained until you opt out
After the applicable retention period, we will securely delete or
anonymize your information.
================================================================
5. YOUR PRIVACY RIGHTS AND CHOICES
Depending on your state of residence, you may have the following rights
under applicable U.S. privacy laws (including the Texas Data Privacy
and Security Act for Texas residents):
a) Right to Access: Request a copy of the personal information we hold
about you.
b) Right to Correct: Request that we correct inaccurate information.
c) Right to Delete: Request that we delete your personal information,
subject to legal retention obligations.
d) Right to Data Portability: Request your data in a portable format.
e) Right to Opt Out of Targeted Advertising: We do not currently sell
personal data or engage in targeted advertising involving the sale
of data, but you may opt out of any future such activities.
f) Right to Withdraw Consent: Withdraw consent previously granted for
specific data processing activities.
g) Right to Non-Discrimination: We will not discriminate against you
for exercising any of your privacy rights.
To exercise any of these rights, contact us at support@easternbasket.com
or via in-app chat. We will respond within 45 days as required by law.
We may need to verify your identity before fulfilling certain requests.
App Permissions: You can grant or revoke camera, location, SMS, storage,
and notification permissions at any time through your device's settings.
Marketing Communications: You can unsubscribe from promotional emails
using the unsubscribe link in any email, or by replying STOP to
promotional SMS messages.
================================================================
6. DATA SECURITY
We implement reasonable administrative, technical, and physical safeguards
designed to protect your personal information, including:
- TLS/SSL encryption for data in transit
- Encryption at rest for sensitive data
- Hashed and salted password storage
- Role-based access controls limiting employee access
- Regular security audits and vulnerability assessments
- PCI-DSS compliance through our payment processors
However, no method of transmission over the internet or electronic
storage is 100% secure. While we strive to use commercially acceptable
means to protect your information, we cannot guarantee absolute security.
We encourage you to use a strong, unique password and to keep your
login credentials confidential.
In the event of a data breach affecting your personal information, we
will notify you in accordance with applicable state and federal law.
================================================================
7. CHILDREN'S PRIVACY
EasternBasket is not directed to children under the age of 13. In
compliance with the Children's Online Privacy Protection Act (COPPA),
we do not knowingly collect personal information from children under 13.
If you are a parent or guardian and believe your child has provided us
with personal information, please contact us immediately at
privacy@easternbasket.com. We will promptly delete such information
from our records.
Users between 13 and 18 should use the App only under the supervision
of a parent or legal guardian.
================================================================
8. THIRD-PARTY LINKS AND SERVICES
Our Application may contain links to third-party websites, apps, or
services (such as Stripe for payments). This Privacy Policy does not
apply to those third-party services. We encourage you to review the
privacy policies of any third-party services you interact with.
================================================================
9. INTERNATIONAL USERS
EasternBasket is operated from and intended for use within the United
States, currently serving the Houston, Texas metropolitan area. If you
access the Service from outside the United States, please be aware that
your information may be transferred to, stored, and processed in the
United States, which may have data protection laws different from those
of your country.
================================================================
10. CALIFORNIA, COLORADO, AND OTHER STATE-SPECIFIC RIGHTS
Although our current service area is limited to Houston, Texas,
residents of other U.S. states with comprehensive privacy laws
(California, Colorado, Connecticut, Utah, Virginia, etc.) who access
our App may exercise rights under their respective state laws. Please
contact us using the details below to make such requests.
We do not "sell" personal information in the traditional sense, and we
do not engage in "sharing" for cross-context behavioral advertising as
defined by the California Consumer Privacy Act (CCPA/CPRA).
================================================================
11. CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy from time to time to reflect changes
in our practices, technology, legal requirements, or other factors.
When we make material changes, we will:
- Update the "Last Updated" date at the top of this Policy
- Notify you through the App or via email (for significant changes)
- Where required by law, request your renewed consent
You can always review the current version of this Privacy Policy within
your Profile section in the App. Your continued use of the Service
after the effective date of any changes constitutes acceptance of the
updated Policy.
================================================================
12. CONTACT US
If you have any questions, concerns, complaints, or requests regarding
this Privacy Policy or our data practices, please reach out:
EasternBasket, Inc.
[Company Mailing Address]
Houston, Texas, USA
General Support: support@easternbasket.com
Privacy Inquiries: privacy@easternbasket.com
In-App Support: Use the in-app chat utility
We are committed to working with you to obtain a fair resolution of any
privacy concern.
================================================================
By using the EasternBasket Application, you acknowledge that you have
read, understood, and agree to this Privacy Policy.
Thank you for choosing EasternBasket — fresh groceries, delivered to
your door in Houston within 24 hours.
================================================================