UpDash Technologies Ltd
UpDash is a technology company building a next-generation food delivery platform in Mauritius. We are currently preparing for public launch.
Contact: support@updash.mu | © 2026 UpDash Technologies Ltd. All rights reserved.
This Privacy Policy explains how UpDash collects, uses, processes, stores, discloses, and protects personal data in Mauritius.
Effective Date: 26 February 2026
Jurisdiction: Republic of Mauritius
UpDash ("UpDash", "we", "us", "our") is committed to protecting your personal data in accordance with the Data Protection Act 2017 of Mauritius.
This Privacy Policy explains how we collect, use, process, store, disclose, and protect personal data when you use our website, mobile applications, and related services (the "Platform").
Contact: legal@updash.mu
UpDash Technologies Ltd Republic of Mauritius Email: legal@updash.mu
UpDash acts as Data Controller for customer and driver personal data processed through the Platform.
UpDash does not store card numbers or bank account details. Payments are processed via Peach Payments secure embedded checkout (PCI DSS Level 1 compliant).
UpDash may store limited payment metadata such as:
For restricted goods (e.g., alcohol/tobacco), government-issued ID copies may be temporarily collected and stored for age verification and compliance purposes.
UpDash processes personal data for the following purposes and lawful bases:
| Data Category | Purpose | Lawful Basis |
|---|---|---|
| Account data | Create/manage account; provide Platform access | Contract |
| Order & delivery data | Fulfil Orders; provide delivery services | Contract |
| Payment metadata | Process payments/refunds; manage disputes | Contract |
| Security logs (IP/session/user agent) | Security monitoring; fraud prevention; abuse detection; rate limiting | Legitimate Interests |
| Complaint & support data | Investigate issues/disputes; customer service | Legitimate Interests |
| Driver onboarding documents | Verify eligibility; regulatory compliance; safety controls | Legal Obligation / Legitimate Interests |
| Marketing communications | Offers and promotions | Consent |
| Fraud profiling | Detect/refuse abuse; protect Platform integrity | Legitimate Interests |
UpDash may use automated analysis and profiling to detect fraudulent or abusive behavior, including repeated refund abuse, suspicious complaint patterns, or other activity that may indicate misuse of the Platform.
Where fraud or serious abuse is confirmed following investigation, UpDash may permanently restrict an account.
Users may contact UpDash Support to request review of a restriction decision.
UpDash retains personal data only as long as necessary for the purposes described in this Policy, and as required for compliance, tax, audit, and fraud prevention.
| Data Type | Retention Period |
|---|---|
| Customer account data | Until deletion request |
| Customer PII after deletion request | Anonymized within 5 days |
| Order records | Retained for legal/tax/audit/fraud purposes (anonymized if account deleted) |
| Wallet records | Retained for financial audit and fraud prevention (anonymized if account deleted) |
| IP/security logs stored in databases | Up to 6 months |
| Session metadata stored in Redis | Temporary (session/audit purposes) |
| Support chat records | Deleted 30 days after resolution |
| Complaint photos | Archived for dispute handling and audit, then retained as required for legitimate purposes |
| Age-verification ID copies (restricted goods) | 30 days, then permanently deleted |
| Driver onboarding/compliance documents | 1 year after termination, then permanently deleted |
Upon a verified account deletion request:
Anonymization is intended to be irreversible.
UpDash does not track live customer GPS location. We store delivery addresses that you manually add to your profile for delivery purposes.
UpDash tracks driver GPS location during active delivery and dispatch operations to provide accurate order tracking and to assign Orders efficiently. UpDash does not store driver historical GPS trails. UpDash stores only the driver's last active location and deletes it when the driver goes offline/logs out.
UpDash uses secure cloud infrastructure providers, including Microsoft Azure (Central India region) and Firebase services, to host and operate parts of the Platform.
Accordingly, personal data may be processed outside Mauritius in jurisdictions where these providers (or their subprocessors) operate.
Where cross-border processing occurs, UpDash implements appropriate technical and contractual safeguards intended to protect personal data in accordance with applicable data protection laws.
UpDash implements industry-standard safeguards, which may include:
No system can guarantee absolute security. You are responsible for keeping your credentials confidential.
UpDash may disclose personal data:
We share limited personal data (first name, last initial, phone number, and delivery address) with the assigned Vendor and Driver solely for the purpose of preparing and delivering your Order. Vendors and Drivers are required to use this data strictly for operational purposes and not for marketing or independent use.
UpDash does not sell personal data.
UpDash may use cookies and similar technologies on the web Platform for functionality, security, analytics, and performance. You can control cookies via your browser settings. Some features may not function properly if cookies are disabled.
Under the Data Protection Act 2017 (Mauritius), you may have rights to:
Requests may be sent to: legal@updash.mu. UpDash may verify your identity before processing requests.
UpDash sends promotional communications (email and push notifications) only where you have enabled/consented to such communications. You may opt out at any time via unsubscribe links or device settings.
Transactional communications (e.g., order confirmations, cancellations, refunds) may be sent as required to provide the service.
If restricted goods are offered in the future:
Driver personal data is processed for:
Driver license and vehicle registration documents are retained for one (1) year after termination, then permanently deleted.
UpDash may update this Privacy Policy from time to time. The most current version will be made available on the Platform. Material changes may be communicated through the Platform.
For privacy-related inquiries:
Email: legal@updash.mu Republic of Mauritius