Privacy Policy

1 Information We Collect

a) Information You Provide

• Account Information: Phone number, name, and email address used during registration and authentication.
• Delivery Addresses: Addresses you save for order deliveries.
• Order Information: Details of products ordered, payment method selected, order notes, and transaction history.
• Reviews and Feedback: Ratings and reviews you submit for stores and products.

b) Information Collected Automatically

• Location Data: We collect your device's location (with your permission) to show nearby stores, calculate delivery distances, and provide accurate delivery services.
• Device Information: Device type (Android/iOS), device ID, and operating system version.
• Push Notification Tokens: Firebase Cloud Messaging (FCM) tokens to send you order updates and notifications.

c) Camera Access

We request camera permission solely for the purpose of scanning product barcodes within the app. We do not capture, store, or transmit photos or videos from your camera.

2 How We Use Your Information

• To create and manage your account
• To process and deliver your orders
• To send order status updates via push notifications and SMS
• To display nearby stores based on your location
• To enable barcode scanning for product lookup
• To send OTP verification codes for authentication
• To improve our services and user experience
• To communicate important updates about our services

3 Sharing of Information

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following cases:

• Store Owners: Your delivery address and order details are shared with the store(s) fulfilling your order.
• Service Providers: We use third-party services for SMS delivery (2Factor.in), push notifications (Firebase Cloud Messaging), and cloud hosting (Microsoft Azure). These providers process data on our behalf and are bound by their respective privacy policies.
• Legal Requirements: We may disclose information if required by law or in response to valid legal requests.

4 Data Storage and Security

Your data is stored on secure servers hosted on Microsoft Azure. We implement industry-standard security measures including:

• Encrypted data transmission (HTTPS/TLS)
• Secure password hashing (bcrypt)
• JWT-based authentication with token expiration
• Role-based access controls

While we strive to protect your data, no method of electronic transmission or storage is 100% secure.

5 Data Retention

We retain your personal information for as long as your account is active or as needed to provide services. Inactive push notification tokens are automatically cleaned up after 30 days. You may request deletion of your account and associated data at any time by contacting us.

6 Your Rights

You have the right to:

• Access your personal data stored with us
• Update your account information through the app
• Delete your account and all associated data
• Opt-out of push notifications through your device settings
• Revoke location and camera permissions through your device settings

7 Children's Privacy

Our services are not directed to individuals under the age of 13. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal data, please contact us so we can take appropriate action.

8 Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last Updated" date. Continued use of the app after changes constitutes acceptance of the updated policy.

9 Contact Us

If you have questions or concerns about this Privacy Policy, please contact us: