Privacy Policy

BuyOnline ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application ("App").

By using BuyOnline, you consent to the data practices described in this Privacy Policy.

1. Information We Collect

1.1 Information You Provide During Registration

When you create an account, we collect basic information:

• Required: Full name, email address
• Authentication: Email address or Google account (for registration)
• Optional: Profile photo, bio, username

1.2 Extended Profile Information (Optional)

You may choose to add additional information to your profile later:

• Professional Info: Work history, education, skills, achievements, experience
• Contact Info: Additional email, phone, website, social media links (LinkedIn, Twitter, GitHub, portfolio)
• Location: City, district, address (for profile display, not tracking)
• Media: Cover image, additional photos
• Privacy Preferences: Whether to show email/phone publicly, allow search visibility

1.3 Content You Create

• Messages: Text, photos, videos, documents shared in chats (private messages are end-to-end encrypted)
• Business Content: Business profiles, product listings, orders (if you create a business)
• Service Bookings: Service bookings and reviews (if you book services)

1.4 Information Collected Automatically

• Device Information: Device type, operating system, unique device identifiers
• Usage Data: Features used, time spent on the App, interaction patterns
• Log Data: IP address, access times, app crashes, and system activity
• Connection Information: Network type and connection status for offline functionality

1.5 Contacts Access (Optional)

With your explicit permission, BuyOnline may access your device contacts to help you find friends on BuyOnline.

• Purpose: To display which of your contacts are on BuyOnline and facilitate connections
• Storage: Contact data is processed locally on your device and is NOT uploaded to our servers
• Control: You can deny or revoke this permission at any time in your device settings

1.6 Location Access (Optional)

With your explicit permission, BuyOnline may access your location for location-based features.

• Purpose: To show nearby businesses and services relevant to your area
• Precision: We only use approximate location (city/region level), not precise GPS coordinates
• Storage: Location data is NOT stored permanently and is only used during active sessions
• Control: You can deny or revoke this permission at any time in your device settings

1.7 Information We Do NOT Collect

• Content of end-to-end encrypted messages (we cannot access these)
• Background location tracking (we do not track your location when the app is closed)
• Contact data on our servers (contacts are processed locally only)
• Financial/payment information (we do not process payments)

2. How We Use Your Information

We use the information we collect for the following purposes:

• Provide Services: To operate, maintain, and improve the App's three main features: Chats, Business, and Services
• Account Management: To create and manage your account
• Communication: To send you service-related notifications and updates
• Personalization: To provide recommendations for products and services
• Security: To detect, prevent, and address fraud, abuse, and security issues
• Analytics: To understand how users interact with the App and improve our services
• Support: To respond to your inquiries and provide customer support

3. Basis for Processing

We process your personal data based on:

• Consent: You have given clear consent for us to process your personal data for specific purposes
• Contract: Processing is necessary for the performance of our services to you
• Legitimate Interests: Processing is necessary for our legitimate interests, such as improving our services and ensuring security

4. Data Sharing and Disclosure

4.1 We May Share Your Information With:

• Other Users: Your profile information and public content are visible to other users as per your privacy settings
• Service Providers: Third-party vendors who assist us in operating the App (e.g., Firebase for cloud hosting and authentication)
• Business Partners: When you interact with businesses on the platform, they receive information necessary for the transaction
• Safety: When necessary to protect the rights and safety of our users

4.2 We Do NOT:

• Sell your personal data to third parties
• Share the content of your encrypted messages with anyone
• Provide your data to advertisers for targeted advertising
• Use third-party tracking or advertising SDKs

5. Data Security

We implement robust security measures to protect your data:

• End-to-End Encryption: Private messages are encrypted so only you and the recipient can read them
• Secure Authentication: We support email verification and Google Sign-In
• App Lock: Optional PIN, pattern, or biometric authentication to protect access to the App
• Secure Infrastructure: We use standard and recommended security practices for data storage and transmission
• Regular Security Audits: We regularly review and update our security practices

While we strive to protect your data, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security.

6. Data Retention

• Account Data: Retained as long as your account is active or as needed to provide you services
• Messages: Encrypted message content is stored on our servers only until delivered. Once delivered, messages are stored locally on devices
• Deleted Accounts: When you delete your account, we will delete or anonymize your personal data within 30 days
• Anonymized Data: We may retain anonymized, aggregated data for analytics purposes

7. Your Rights

You have the following rights regarding your personal data:

• Right to Access: Request a copy of your personal data we hold
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data ("right to be forgotten")
• Right to Restrict Processing: Request limitation of how we use your data
• Right to Data Portability: Request your data in a structured, machine-readable format
• Right to Object: Object to processing of your data for certain purposes
• Right to Withdraw Consent: Withdraw your consent at any time where processing is based on consent

To exercise these rights, please contact us at support@irachat.com or use the "Export Data" and "Delete Account" features in the App settings.

8. Privacy Controls

BuyOnline provides you with extensive privacy controls in Settings:

• Profile Visibility: Control who can see your profile (Everyone, Contacts Only, Nobody, or Everyone Except specific users)
• Last Seen: Control who can see when you were last active
• Profile Photo Visibility: Control who can see your profile photo
• Read Receipts: Control whether others see when you've read their messages
• Blocking: Block users, businesses, or institutions from contacting you
• Screenshot Protection: Prevent screenshots in your chats (Global Chat Privacy)
• Message Sharing Protection: Prevent sharing/forwarding of your messages
• App Lock: Enable PIN, pattern, or biometric lock with auto-lock duration

9. Children's Privacy

9.1. BuyOnline is not intended for children under 13 years of age. We do not knowingly collect personal data from children under 13.

9.2. If we discover that we have collected personal data from a child under 13, we will delete that information promptly.

9.3. Parents or guardians who believe their child has provided us with personal data should contact us at support@irachat.com.

10. International Data Transfers

10.1. BuyOnline is based in Uganda. Your data may be transferred to and processed in countries outside Uganda.

10.2. When we transfer data internationally, we ensure appropriate safeguards are in place to protect your data.

11. Cookies and Tracking

11.1. As a mobile application, BuyOnline does not use browser cookies.

11.2. We use local storage on your device to store preferences, cached data, and authentication tokens.

11.3. We do not use third-party tracking or advertising SDKs.

12. Third-Party Services

BuyOnline uses the following third-party services:

• Firebase (Google): Authentication, database, storage, and analytics
• Google Sign-In: Optional authentication method

These services have their own privacy policies, and we encourage you to review them.

13. Data Breach Notification

13.1. In the event of a data breach that affects your personal data, we will notify you promptly.

13.2. Notification will include the nature of the breach, likely consequences, and measures taken to address it.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the new Privacy Policy in the App
• Updating the "Last Updated" date
• Sending a notification through the App for significant changes

Your continued use of BuyOnline after changes are posted constitutes your acceptance of the updated Privacy Policy.

15. Contact Us

If you have any questions about this Privacy Policy, please contact us: