Legal

Privacy Policy

What we collect when you use Petu, why we use it, and your choices.

Last updated: May 12, 2026

1. Who we are

This Privacy Policy describes how the Petu Service collects, uses, and shares personal information.

Controller / operator: Nodalstack Technologies, operating the Petu brand, with registered office at 302, Tukaram Apartment, Plot G30-31, Sector 19, 20, Belapur, Navi Mumbai, Maharashtra, India. No company identification number is listed here at this time. For how to reach us (including privacy requests), see the Support and Contact sections at the end of this policy.

We do not appoint a Data Protection Officer or an EU/UK representative. If our processing scale or applicable law later requires one, we will update this policy and contact details.

2. Scope

This policy applies to information processed through our websites, mobile web, and related Creator and Fan experiences. It does not apply to third-party sites linked from the Service (for example external video platforms).

3. Categories of information we collect

Depending on how you use Petu, we may process:

  • Account and profile data: name, username, email, password hash, profile photo, bio, cuisine tags, and similar fields you choose to provide.
  • Creator and recipe data: structured recipe fields, ingredient lines, steps, cover images, free/paid flags, and pricing you configure.
  • Transaction and billing support data: purchase records, subscription status, payout-related identifiers, and correspondence about payments. Card and bank details are typically collected directly by our payment processors, not stored on our servers in full.
  • Technical and usage data: IP address, device type, browser, approximate location derived from IP, log timestamps, pages viewed, and diagnostic events used to secure and improve the Service.
  • Support communications: messages you send us and metadata needed to respond.

4. Sources of information

We collect information from you when you register, edit your profile, publish recipes, complete purchases, or contact us. We also collect certain information automatically when you use the Service. We may receive limited information from payment processors about transaction outcomes.

5. Why we use information (purposes)

We use personal information to provide and personalize the Service, authenticate users, process purchases and Creator payouts, prevent fraud and abuse, comply with law, communicate service and policy updates, analyze aggregate usage to improve product performance, and protect the rights and safety of users and the public.

Where data-protection law in the EEA, UK, or comparable regions applies to our processing, we rely on performance of a contract, legitimate interests (such as security and service improvement, balanced against your rights), consent where the law requires it, and legal obligation where applicable—each as it fits the specific processing activity.

6. Cookies and similar technologies

We use cookies and similar technologies for session management, security, preferences, and analytics as implemented in the product. You may control some cookies through browser settings. If we use non-essential advertising cookies, we will describe them here and, where required, obtain consent.

7. How we share information

We share personal information with service providers who assist our operations, such as hosting and storage (for example object storage for recipe images), authentication providers if used, payment processors (such as Razorpay and potentially Stripe or others by region), email delivery, analytics, and customer support tools. They process data on our instructions and must protect it appropriately.

We may disclose information if required by law, legal process, or to protect rights, safety, and security. We may share information in connection with a merger, financing, or sale of company assets, subject to appropriate confidentiality and notice practices where required.

We do not sell personal information as defined under typical U.S. state “sale” concepts; if our practices change, we will update this policy and notices as required.

8. International transfers

We use Cloudflare, Inc. and related Cloudflare services (for example compute, networking, and object storage) to host and deliver the Service. Data may be processed on Cloudflare’s global network, which can include locations outside India. Where personal data is transferred from jurisdictions that require safeguards, we use mechanisms recognised under applicable law (for example Standard Contractual Clauses or equivalent measures).

Primary infrastructure and storage are provided through Cloudflare’s platform; subprocessors (such as payment processors) may process data in accordance with their own locations and terms.

9. Retention

We retain information for as long as your account is active and as needed to provide the Service, comply with law, resolve disputes, and enforce agreements. After you delete your account or we delete it, we aim to remove personal information from production systems within a reasonable period; residual copies in backups and logs are retained for up to one (1) year and then overwritten or deleted according to our technical practices. Recipe and transaction records needed for accounting, tax, and dispute resolution are retained for up to five (5) years from the date of the relevant transaction or closure of the matter, unless a longer period is required by law.

10. Security

We implement technical and organizational measures designed to protect personal information, including encryption in transit where standard for the product, access controls, and vendor diligence. No method of transmission or storage is completely secure.

11. Your rights and choices

Depending on your location, you may have rights to access, correct, delete, or export your personal information, to object to or restrict certain processing, and to withdraw consent where processing is consent-based. You may also have the right to lodge a complaint with a supervisory authority.

United States residents

Petu is operated from India and is not marketed primarily to residents of the United States. If you believe a U.S. state privacy law applies to you and you wish to exercise a right, email support@petu.club and we will respond in good faith. If we begin targeted offering in specific U.S. states, we will update this section as required.

12. Children

The Service is not directed to children under 13 (or the higher age required in your jurisdiction for valid consent). We do not knowingly collect personal information from children. If you believe we have, contact us and we will take appropriate steps to delete it.

13. Automated decision-making

We do not make decisions about you based solely on automated processing that produces legal or similarly significant effects for you under applicable law. We may use automated tools to help detect fraud; where a decision could materially affect you, we use human review when appropriate.

14. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version and revise the “Last updated” date. Where required, we will provide additional notice (for example by email or prominent banner).

15. Support

General help, account access, billing, and privacy rights requests (access, correction, deletion, export, or objection where applicable) may be sent to support@petu.club. We handle support by email; include enough detail for us to verify your identity where the law or good practice requires it.

16. Contact

Postal address for formal correspondence: Nodalstack Technologies, 302, Tukaram Apartment, Plot G30-31, Sector 19, 20, Belapur, Navi Mumbai, Maharashtra, India. For the fastest response on privacy matters, email support@petu.club first.