Compliance

MenuQR is committed to operating in accordance with applicable laws and regulations. This page outlines our compliance posture across key regulatory areas.

We comply with the Information Technology Act, 2000 and the IT (Amendment) Act, 2008, including provisions relating to electronic contracts, data protection, and intermediary guidelines.

MenuQR processes personal data in accordance with the Digital Personal Data Protection Act, 2023. This includes:

• Collecting only data necessary for providing services (data minimisation) • Obtaining meaningful consent before processing • Enabling data principals to access, correct, and erase their data • Reporting significant data breaches to the Data Protection Board within prescribed timelines

MenuQR is a registered GST taxpayer. Applicable GST is charged on subscription invoices. GST invoices are available for download from your billing dashboard and can be used for input tax credit claims.

All payment processing is handled by Razorpay, a PCI-DSS Level 1 certified payment gateway. MenuQR does not store raw card numbers or payment credentials on our servers.

Customer data is stored on servers located within India (Neon Database / AWS regions compliant with applicable data residency requirements) unless an explicit cross-border transfer agreement is in place.

In accordance with the IT Act and DPDP Act, we have designated a Grievance Officer. To raise a compliance concern:

Name: [To be designated] Email: grievance@menuqr.in Response Time: Within 30 days of receipt