Privacy Policy
Effective Date: 2nd September 2025
Prepared by: Ahmad (Engineering Lead, Technobooks Consultants FZCO)
1. Introduction
This Privacy Policy explains how we collect, use, disclose, and protect personal data across our grocery delivery ecosystem, including the Customer Mobile App, Delivery Partner App, Picker/Packer App, and Admin Web Dashboard (collectively, the “Platform”). We are committed to safeguarding user privacy and complying with applicable data protection laws, including GDPR principles and UAE data protection regulations.
2. Information We Collect
We may collect the following categories of information:
● Personal Information: Name, phone number, email address, delivery address, profile details.
● Account & Authentication Data: OTP logs, encrypted passwords, JWT tokens, device identifiers.
● Transaction Data: Orders, payments, refunds, invoices, VAT/TRN information.
● Location Data: Real-time and historical location data for order tracking and delivery optimization (with
user consent).
● Operational Data: App usage logs, error logs, audit trails, and performance metrics.
● KYC Data (Riders): Government-issued ID, driving license, verification documents.
3. How We Use Your Information
We use collected data strictly for legitimate business and operational purposes, including:
• Processing grocery orders, payments, refunds, and deliveries.
• Managing user accounts, authentication, and customer support.
• Assigning orders to pickers, packers, and delivery partners.
• Ensuring compliance with UAE VAT, invoicing, and financial regulations.
• Improving platform performance, security, and user experience.
• Preventing fraud, abuse, and unauthorized access.
4. Data Sharing & Disclosure
We do not sell personal data. Data may be shared only in the following circumstances:
• With delivery partners and pickers/packers solely to fulfill orders.
• With payment gateways (e.g., Stripe) for secure payment processing.
• With cloud service providers (AWS, GCP, Azure) for hosting and infrastructure.
• When required by law, regulation, or lawful government request.
• With authorized personnel under strict role-based access controls (RBAC).
5. Data Security
We implement industry-standard technical and organizational measures to protect data, including:
• Encryption at rest (AES-256) and in transit (TLS 1.2+).
• JWT-based authentication with short-lived tokens and secure refresh mechanisms.
• Role-based access control (RBAC) and audit logging.
• PCI-DSS compliant payment handling.
• Regular backups, monitoring, and incident response procedures.
6. Data Retention
We retain personal data only for as long as necessary to fulfill operational, legal, and regulatory requirements. Transactional and tax-related data may be retained longer as required by UAE law.
7. User Rights
Depending on applicable laws, users may have the right to access, correct, delete, or restrict processing of their personal data. Requests can be made through official support channels.
8. Cookies & Tracking Technologies
The web dashboard may use cookies and similar technologies for authentication, session management, analytics, and security. Users can control cookie preferences via browser settings.
9. Third-Party Services
The Platform integrates third-party services such as payment gateways, maps, notifications, and cloud providers. These services operate under their own privacy policies, and we encourage users to review them.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Material changes will be communicated through the Platform or other appropriate channels. Continued use of the Platform constitutes acceptance of the updated policy.
11. Contact Us
For privacy-related questions or requests, please contact the platform administrator or support team via official communication channels.
