Dunzo

Privacy Policy

Last updated: May 21, 2026

1. Who we are

Dunzo (“Dunzo,” “we,” “us,” “our”) is operated by Dunzo , an individual sole operator based in the State of Ohio, United States. Dunzo is a family chore and rewards management application available on the web at dunzo.rocks and as mobile apps for iOS and Android.

For privacy questions, data requests, or anything else, reach us at support-dunzo@googlegroups.com.

2. What this policy covers

This policy describes what information we collect when you use Dunzo, how we use it, who we share it with, and the choices you have. It applies to the Dunzo website, mobile apps, and APIs.

3. Information we collect

Account information

  • Email address (for adult accounts)
  • Password (stored hashed, never in plain text)
  • Display name
  • Optional username
  • Whether your email has been verified

Sign-in with Google or Apple

When you choose to sign in with Google or Apple, we receive your name, email address, and a stable account identifier from that provider. We use this only to create or authenticate your Dunzo account.

Supervised user accounts (children)

Accounts for children are created and managed by a parent or guardian. We collect a username, a display name, and a hashed password for these accounts. We do not collect an email address for supervised accounts.

Family activity

  • Chores you create, claim, complete, approve, or reject
  • Optional proof notes attached to chore completions
  • Points ledger entries (credits from approved chores, debits from reward redemptions)
  • Rewards you define and redemptions made by family members
  • Streaks and achievements derived from your chore approval history
  • Family invitations you create

Technical information

  • IP address and basic device information
  • Server logs (request paths, status codes, timestamps) for security and debugging

4. How we use your information

We use the information we collect to:

  • Operate Dunzo for you and your family
  • Authenticate you and keep your account secure
  • Sync chores, points, and rewards across the web and mobile apps
  • Send transactional emails (password reset, email verification, family invitations)
  • Prevent fraud, abuse, and unauthorized access
  • Improve the product based on aggregated usage patterns

We do not sell your personal information. We do not run advertising on Dunzo and we do not share your data with advertisers or data brokers.

5. Google user data

When you sign in with Google, Dunzo receives your name, email address, and Google account ID (the stable sub claim). This data is used solely to authenticate you to your Dunzo account. We do not sell, transfer, or share Google user data with any third party for advertising or any purpose other than the user-facing features of Dunzo. We do not use Google user data to train AI or machine-learning models.

Dunzo’s use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

6. Service providers

We use a small number of trusted service providers to run Dunzo. These providers process data on our behalf and are bound by their own privacy commitments.

  • Neon — PostgreSQL database hosting
  • Vercel — web app hosting and edge functions
  • Railway — API hosting
  • Resend — transactional email delivery
  • Google Identity — OAuth sign-in
  • Apple ID — OAuth sign-in
  • Expo — mobile app delivery and (when enabled) push notifications

7. Children’s privacy

Dunzo is designed to be used by families. Accounts for children are created and managed by a parent or guardian within the family. We do not knowingly collect personal information directly from children outside of this parent-supervised flow. We do not collect email addresses for supervised (child) accounts.

Parents and guardians can review, update, or request deletion of a child’s account at any time from within Dunzo or by contacting us at support-dunzo@googlegroups.com.

8. Your rights

You have the right to:

  • Access the personal information we hold about you
  • Correct inaccurate information
  • Request deletion of your account and associated data
  • Request a copy of your data in a portable format

To exercise any of these rights, email us at support-dunzo@googlegroups.com. We’ll respond within a reasonable time, typically within 30 days.

9. Data retention

We retain your account data for as long as your account is active. When you delete your account, we remove your personal data from our active systems within 30 days. Some data may remain in encrypted backups for up to 90 days before being permanently erased.

10. Cookies and tracking

Dunzo uses local browser storage and session cookies to keep you signed in. We do not use third-party analytics, advertising cookies, or cross-site tracking. If we add analytics in the future, we’ll update this policy and use a privacy-respecting tool (no cookies, no PII).

11. Security

We take reasonable measures to protect your data. Passwords are hashed using bcrypt (cost 12). Authentication uses JWT tokens. All traffic is served over HTTPS. We apply rate limiting on our API to prevent abuse.

That said, no system is perfectly secure. We commit to notifying affected users promptly if we ever become aware of a security incident involving their data.

12. International users

Dunzo is operated from the United States. If you access Dunzo from outside the United States, your information will be transferred to, stored, and processed in the United States and other countries where our service providers operate.

13. Changes to this policy

We may update this policy from time to time. When we do, we’ll update the “Last updated” date at the top of this page. For material changes, we’ll notify users by email before the changes take effect.

14. Contact

Questions, complaints, or requests about your data? Email support-dunzo@googlegroups.com. We read every message.