Privacy Policy

1. Introduction

WasabiApp ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

2. Information We Collect

2.1 Information You Provide

When you register for WasabiApp, we collect:

• Email Address: Used for account authentication, notifications, and communication
• Phone Number: Used for WhatsApp order notifications and account verification
• Password: Stored in encrypted format using bcrypt hashing
• Business Information: Shop names, product details, and descriptions you create

2.2 Information We Collect Automatically

• Usage Data: Pages visited, features used, time spent on the platform
• Device Information: Browser type, operating system, IP address
• Session Data: Login times, session duration, actions performed
• Analytics: Shop views, product views, order statistics (when using Pro or Analytics Pro tiers)

2.3 Payment Information

Payment processing is handled by third-party payment gateways:

• ToyyibPay: We do not store your banking credentials
• Bayarcash: We do not store your payment card details
• What We Store: Transaction IDs, payment status, subscription tier, and billing history

3. How We Use Your Information

3.1 To Provide Our Service

• Create and manage your account
• Process your shop and product data
• Generate QR codes for your shops
• Send order notifications to your customers via WhatsApp
• Provide customer support

3.2 To Improve Our Service

• Analyze usage patterns to improve features
• Monitor system performance and uptime
• Identify and fix bugs
• Develop new features based on user needs

3.3 To Communicate With You

• Send subscription expiry notifications
• Notify you of system updates or maintenance
• Respond to your support requests
• Send service announcements (rare, important only)

4. How We Share Your Information

4.1 Third-Party Services

We share limited data with these service providers:

• Payment Gateways: ToyyibPay and Bayarcash for payment processing
• Email Service: SendGrid/Gmail for sending transactional emails
• Hosting Provider: Cloud hosting service for data storage and processing
• Telegram: For sending support notifications (internal use only)

4.2 We Do NOT Share With

• Marketing companies or advertisers
• Data brokers or analytics companies
• Social media platforms (unless you explicitly connect them)
• Any third party for their own marketing purposes

4.3 Legal Requirements

We may disclose your information if required by law, court order, or government regulation, or to protect the rights and safety of WasabiApp and its users.

5. Data Security

5.1 Security Measures

• Encryption: All data transmitted between your browser and our servers is encrypted using SSL/TLS
• Password Protection: Passwords are hashed using bcrypt with salt
• Access Control: Strict access controls limit who can access user data
• Monitoring: Security monitoring for unauthorized access attempts

5.2 Your Responsibility

• Keep your password secure and confidential
• Use a strong, unique password
• Log out from shared devices
• Report any unauthorized access immediately

6. Data Retention

6.1 Active Accounts

We retain your data for as long as your account is active and for 90 days after subscription expiry.

6.2 Deleted Accounts

When you delete your account:

• Data is deleted within 5 days
• Shop and product data is permanently deleted

6.3 Expired Subscriptions

• Data retained for maximum 30 days after expiry
• After 30 days (maximum), data may be permanently deleted
• Renew within 30 days to restore access

7. Your Rights

7.1 Access and Portability

• Access: You can view all your data through your dashboard
• Export: Analytics Pro users can export data to CSV format
• Request: Contact us to request a complete copy of your data

7.2 Correction and Deletion

• Update: You can update your email, phone, and business information anytime
• Delete: You can delete shops, products, or your entire account
• Request: Contact us to request data deletion

7.3 Objection and Restriction

• You can opt out of non-essential communications
• You can request restriction of data processing (may limit service functionality)

8. Cookies and Tracking

8.1 Essential Cookies

We use session cookies to:

• Keep you logged in
• Remember your preferences
• Prevent CSRF attacks

8.2 No Tracking Cookies

We do NOT use:

• Advertising cookies
• Third-party tracking pixels
• Analytics cookies from Google or Facebook
• Cross-site tracking mechanisms

9. Children's Privacy

WasabiApp is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

10. International Data Transfers

Your data is stored and processed in Malaysia. If you access our service from outside Malaysia, please be aware that your information may be transferred to, stored, and processed in Malaysia where our servers are located.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes via:

• Email notification to your registered email address
• Prominent notice on our website
• In-app notification when you log in

Your continued use of WasabiApp after changes indicates acceptance of the updated policy.

12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us through:

• Contact Form (support): Available on our website
• Response Time: We aim to respond within 48 hours