Zomato’s decision to begin sharing customers’ phone numbers with restaurants, after seeking user consent, marks a significant shift in the long and tense relationship between eateries and food delivery platforms, as reported by TOI. Post this update, Swiggy has also hinted at a similar move. Reports also suggest that Rapido’s delivery vertical, Ownly, has already signed an agreement with NRAI to share customer information with restaurants.
Restaurateurs have long argued that the inability to directly contact customers leaves them functionally disconnected from their own consumer base, despite paying high commissions to delivery apps. As per news reports, being able to reach a customer directly helps the restaurants in building a long-term relationship that will extend beyond a single order.
The new system being tested by Zomato prompts users to grant explicit permission before their phone number is shared with the restaurant. Only if consent is given will the information be transferred, positioning the move as opt-in and choice-driven rather than automatic.
A decade-long battle
As per media reports, restaurants have been accusing platforms like Zomato and Swiggy for not revealing the data. They claimed that this is done with the intention of maintaining a complete control over the user interface. However, the aggregators argue that restricting the data share is in place to safeguard the customer’s privacy.
As restaurants welcomed the decision, the political and public response has been far less enthusiastic. Milind Deora, Member of Rajya Sabha and former Union minister, warned about the wider implications of the move. “So, Zomato & Swiggy plan to share customer mobile numbers with restaurants. This opens the door to privacy risks & further spam under the guise of ‘better service’. We need clear, unambiguous opt-in guidelines, in line with the new DPDP Rules, so consumers’ data is respected,” he said via post on X (formerly Twitter).
Indian Businessman and columnist Suhel Seth posted on X: “Totally bloody unacceptable! I hope the Government doesn’t allow this AT ALL. Next, they will share our food habits with all and sundry!”
Their concerns highlight a central anxiety: that an opt-in system may still result in increased spam, misuse or secondary marketing practices that stretch far beyond the original intention of “better service”.
Consent in theory, complexity in practice
While Zomato’s approach hinges on explicit user permission, questions remain about how meaningful that consent will be in real-world usage. The line between service communication and marketing outreach also remains thin. A phone call to clarify delivery details can quickly tilt into unsolicited promotional messages, loyalty nudges or future campaign outreach, all flowing from a data transaction that many users may not fully contextualise.
This becomes particularly significant as India’s data privacy architecture, under the Digital Personal Data Protection Act, continues to evolve. While consent is legally mandated, the nuance of enforcement, purpose limitation and redress mechanisms is still being defined.
Between better service and deeper surveillance
Supporters of the move argue that it empowers restaurants and improves customer experience. However, this could normalise a future where personal data is routinely exchanged under the umbrella of an ‘I Agree’ moment. The risk is increased intrusion, commercial profiling and erosion of privacy under the banner of convenience.
