en
Join us

Privacy policy

Privacy Policy

Zipa Online Shopping
Email: info@zipaa.app
Address: Kathmandu, Nepal
Phone: +977 986-2349049
Effective Date: January 1, 2026

1. Introduction

Welcome to Zipa Online Shopping ("Zipa," "we," "us," or "our"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your information when you use our mobile application and services (collectively, the "Platform").

By using Zipa, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our practices, please do not use our Platform.

Important Commitment: We do not sell, rent, or share your personal information with third parties for marketing purposes.

2. Information We Collect

We collect different types of information to provide and improve our services to you.

2.1 Information You Provide Directly

Account Registration Information: When you create an account, we collect:

  • Full name
  • Phone number
  • Email address
  • Password (encrypted and stored securely)

Delivery Information:

  • Multiple delivery addresses (street address, city, postal code, landmarks)
  • Recipient name and contact number (if different from your account)

Order and Transaction Information:

  • Products viewed and purchased
  • Order history and preferences
  • Cash on Delivery (COD) payment confirmations
  • Return and refund requests

Communication Data:

  • Messages exchanged with sellers through our chat feature
  • Customer support inquiries and correspondence
  • Feedback and reviews (if applicable)

Guest Checkout Information: When using guest checkout without creating an account, we collect:

  • Name and contact number
  • Delivery address for that specific order
  • Order details

2.2 Information Collected Automatically

Device and Technical Information:

  • Device type, model, and operating system
  • Mobile network information
  • IP address and location data (approximate)
  • App version and usage statistics
  • Device identifiers (for authentication and security)

Usage Information:

  • Pages and products viewed
  • Search queries and browsing behavior
  • Time spent on different sections
  • App features accessed
  • Click patterns and interactions

Cookies and Similar Technologies: We may use cookies, local storage, and similar technologies to:

  • Remember your preferences and settings
  • Analyze usage patterns and improve user experience
  • Maintain session security
  • Provide personalized content

2.3 Information from Third-Party Sources

Delivery Partners:

  • Delivery status updates
  • Delivery confirmation details
  • Failed delivery information

App Store Platforms:

  • Installation and update information
  • Crash reports and performance data (anonymized)

2.4 Information We Do NOT Collect

  • Credit card or banking information (we only accept COD)
  • Social security numbers or government IDs
  • Biometric data
  • Precise GPS location tracking
  • Access to your photo gallery, contacts, or other apps (unless you grant permission for specific features)

3. How We Use Your Information

We use your information for the following purposes:

3.1 Service Provision and Order Fulfillment

  • Process and manage your orders
  • Facilitate communication between buyers and sellers
  • Coordinate delivery of products
  • Process cancellations and refunds
  • Handle customer support inquiries

3.2 Account Management

  • Create and maintain your account
  • Authenticate and verify your identity
  • Save your preferences and settings
  • Manage multiple delivery addresses
  • Process account deletion requests

3.3 Communication

  • Send order confirmations and updates
  • Notify you about delivery status
  • Respond to customer service requests
  • Send important announcements about service changes
  • Provide information about returns and refunds

Marketing Communications:

  • We do NOT send promotional emails or marketing messages unless you explicitly opt-in
  • You can unsubscribe from any promotional communications at any time

3.4 Platform Improvement and Analytics

  • Analyze usage patterns to improve user experience
  • Identify and fix technical issues
  • Develop new features and services
  • Conduct research and analysis
  • Optimize app performance

3.5 Security and Fraud Prevention

  • Detect and prevent fraudulent activities
  • Monitor for suspicious behavior
  • Protect against security threats
  • Enforce our Terms and Conditions
  • Comply with legal obligations

3.6 Legal Compliance

  • Comply with applicable laws and regulations
  • Respond to legal requests and court orders
  • Protect our legal rights and interests
  • Resolve disputes

4. How We Share Your Information

We do not sell, rent, or share your personal information with third parties for their marketing purposes. We only share information in the following limited circumstances:

4.1 With Sellers

When you place an order, we share:

  • Your name and contact number
  • Delivery address
  • Order details

This information is necessary for sellers to fulfill your orders. Sellers are required to use this information only for order fulfillment and are prohibited from using it for any other purpose.

4.2 With Delivery Partners

We share necessary information with our delivery partners:

  • Recipient name and contact number
  • Delivery address
  • Order details (for delivery confirmation)

Delivery partners are contractually obligated to protect your information and use it only for delivery purposes.

4.3 Service Providers

We may share information with trusted service providers who assist us with:

  • Cloud hosting and data storage
  • Analytics and performance monitoring
  • Customer support tools
  • Security and fraud prevention

These service providers are bound by confidentiality agreements and are not permitted to use your information for any purpose other than providing services to Zipa.

4.4 Legal Requirements

We may disclose information when required by law or in response to:

  • Court orders or legal processes
  • Government or regulatory requests
  • Protection of our rights and property
  • Investigation of fraud or security issues
  • Emergency situations involving safety

4.5 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. You will be notified of any such change via email or prominent notice on our Platform.

4.6 With Your Consent

We may share your information with other third parties when you provide explicit consent.

5. Data Security

We take the security of your personal information seriously and implement comprehensive security measures:

5.1 Technical Security Measures

  • Encryption: All data transmission is encrypted using industry-standard SSL/TLS protocols
  • Secure Storage: Data is stored on secure servers with encryption at rest
  • Access Controls: Strict authentication and authorization mechanisms
  • Firewalls: Advanced firewall protection against unauthorized access
  • Regular Monitoring: Continuous monitoring for security threats and vulnerabilities

5.2 Operational Security Measures

  • Limited Access: Only authorized personnel have access to personal data
  • Employee Training: Regular security awareness training for all team members
  • Confidentiality Agreements: All employees and contractors sign confidentiality agreements
  • Secure Development: Security-first approach in app development
  • Regular Audits: Periodic security assessments and vulnerability testing

5.3 Data Breach Response

In the unlikely event of a data breach:

  • We will investigate immediately and take corrective action
  • Affected users will be notified within 72 hours
  • We will report the breach to relevant authorities as required by law
  • We will provide guidance on protective measures you can take

5.4 Your Responsibility

While we implement robust security measures, you also play a role in protecting your information:

  • Keep your password confidential and use a strong password
  • Do not share your account credentials with others
  • Log out after using shared devices
  • Report any suspicious activity immediately
  • Keep your app updated to the latest version

Important: Despite our best efforts, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

6.1 Active Accounts

We retain your personal information for as long as your account is active or as needed to provide services to you.

Specific Retention Periods:

  • Account Information: Retained while your account is active
  • Order History: Retained for 3 years for warranty, returns, and legal compliance
  • Chat Messages: Retained for 1 year
  • Guest Checkout Data: Retained for 90 days after order completion
  • Analytics Data: Anonymized and aggregated data retained indefinitely

6.2 Account Deletion

When you delete your account:

  • Immediate Removal: Account credentials and profile information are deleted within 30 days
  • Order History: Anonymized for legal and business records (personally identifiable information removed)
  • Payment Records: COD confirmations are anonymized and retained for accounting purposes
  • Legal Compliance: Some data may be retained longer if required by law

6.3 Inactive Accounts

Accounts inactive for 3 years may be automatically deleted after email notification.

6.4 Legal Obligations

We may retain certain information longer if required to:

  • Comply with legal, tax, or accounting requirements
  • Resolve disputes and enforce agreements
  • Prevent fraud and ensure platform security

7. Your Privacy Rights and Choices

You have control over your personal information. We respect your rights and provide you with the following options:

7.1 Access and Portability

Right to Access:

  • View your account information and settings
  • Access your order history
  • Review saved delivery addresses
  • Request a copy of your personal data

Data Portability:

  • Request your data in a commonly used, machine-readable format
  • Contact us at info@zipaa.app for data export requests

7.2 Correction and Update

  • Update your profile information anytime through account settings
  • Modify or delete saved delivery addresses
  • Correct inaccurate information
  • Contact customer support for assistance with updates

7.3 Account Deletion

Complete Account Deletion:

  • Delete your account directly from the app settings
  • All personal data will be permanently removed within 30 days
  • You will receive confirmation once deletion is complete

How to Delete Your Account:

  1. Go to Settings in the app
  2. Select "Account Management"
  3. Choose "Delete Account"
  4. Confirm your decision
  5. Your data will be removed within 30 days

Important: Account deletion is irreversible. Active orders will be processed, but you will lose access to order history and saved preferences.

7.4 Communication Preferences

  • Opt-out of promotional communications (if enrolled)
  • Manage notification settings in the app
  • Unsubscribe from emails via the link provided in each email

Transactional Communications: You cannot opt-out of essential service communications (order confirmations, delivery updates, security alerts) while using the Platform.

7.5 Location Data

  • Control location permissions through your device settings
  • We only collect approximate location for delivery purposes
  • You can deny location access, but this may limit certain features

7.6 Cookies and Tracking

  • Clear cookies and app data through device settings
  • Note that clearing data may affect app functionality and require re-login

8. Children's Privacy

8.1 Age Restrictions

Zipa is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16.

8.2 Parental Notice

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at info@zipaa.app. We will take steps to delete such information from our systems.

8.3 Verification

We may request age verification if we suspect a user is under 16 years of age.

9. Guest Checkout Privacy

9.1 Information Collection

When you use guest checkout without creating an account:

  • We collect only information necessary to process your order
  • Name, contact number, and delivery address
  • Order details and preferences for that transaction

9.2 Limited Functionality

Guest checkout users have limited access to:

  • Order tracking (via order confirmation link only)
  • No order history after 90 days
  • No saved preferences or addresses
  • Limited customer support options

9.3 Data Retention

Guest checkout information is:

  • Retained for 90 days after order completion
  • Automatically deleted after the retention period
  • Not linked to any user profile

9.4 Same Privacy Standards

All privacy and security protections apply equally to guest checkout users and registered users.

10. International Data Transfers

10.1 Data Location

Your information is primarily stored on servers located in Nepal or in secure cloud infrastructure.

10.2 Cross-Border Transfers

If we transfer data outside Nepal:

  • We ensure adequate data protection measures are in place
  • We comply with applicable data protection laws
  • We use standard contractual clauses or other legal mechanisms

10.3 Your Rights

Regardless of where your data is stored, you retain all privacy rights outlined in this policy.

11. Third-Party Links and Services

11.1 External Links

Our Platform may contain links to third-party websites or services (e.g., seller websites, payment information pages). We are not responsible for:

  • Privacy practices of third-party sites
  • Content on external websites
  • Security of third-party services

11.2 Third-Party Services

When you interact with third-party services:

  • Their privacy policies govern their use of your information
  • We encourage you to review their privacy policies
  • We are not liable for their data practices

11.3 Social Media

If we add social media features in the future:

  • You choose what information to share
  • Social media platforms have their own privacy policies
  • We do not control how they use your information

12. App Store Compliance

12.1 Google Play Store

We comply with Google Play's privacy and security requirements:

  • Prominent privacy policy disclosure
  • Transparent data collection practices
  • Secure data handling and storage
  • User data deletion capabilities
  • No unauthorized data access

12.2 Apple App Store

We comply with Apple's App Store privacy guidelines:

  • Privacy nutrition labels accurately reflect our practices
  • Adherence to App Tracking Transparency framework
  • Secure data collection and storage
  • Clear user consent mechanisms
  • Data minimization principles

12.3 Permissions

Our app requests only necessary permissions:

  • Camera: For uploading product images (optional)
  • Storage: For saving images and app data
  • Location: For delivery address suggestions (optional)
  • Notifications: For order updates

You can manage permissions through your device settings.

13. Cookies and Tracking Technologies

13.1 Types of Cookies We Use

  • Essential Cookies: Required for basic app functionality and security
  • Performance Cookies: Help us understand how users interact with the app
  • Functional Cookies: Remember your preferences and settings

13.2 How We Use Tracking Technologies

  • Maintain your login session
  • Remember your preferences
  • Analyze app performance
  • Improve user experience
  • Detect and prevent fraud

13.3 Your Cookie Choices

  • Clear cookies through app settings or device settings
  • Disable certain tracking features in settings
  • Note that disabling cookies may affect app functionality

13.4 Do Not Track

Currently, our app does not respond to "Do Not Track" signals as there is no universal standard.

14. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

14.1 Right to Know

  • Request information about data collected in the past 12 months
  • Know the categories and sources of information
  • Understand how we use and share information

14.2 Right to Delete

  • Request deletion of your personal information
  • Exceptions apply for legal compliance and business needs

14.3 Right to Opt-Out

  • We do not sell personal information, so opt-out is not applicable

14.4 Right to Non-Discrimination

  • We will not discriminate against you for exercising your privacy rights

14.5 Exercising Your Rights

Contact us at info@zipaa.app to exercise your CCPA rights.

15. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

15.1 Legal Basis for Processing

We process your data based on:

  • Contract performance (to provide services)
  • Legitimate interests (to improve our services)
  • Legal compliance
  • Your consent (where applicable)

15.2 Your Rights

  • Right to access your data
  • Right to rectification
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent

15.3 Data Protection Officer

For GDPR-related inquiries, contact: info@zipaa.app

15.4 Supervisory Authority

You have the right to lodge a complaint with your local data protection authority.

16. Changes to This Privacy Policy

16.1 Policy Updates

We may update this Privacy Policy from time to time to reflect:

  • Changes in our practices
  • New legal requirements
  • User feedback
  • Platform enhancements

16.2 Notification of Changes

Material Changes:

  • We will notify you via email or prominent notice in the app
  • You will be asked to review and accept updated terms
  • Effective date will be updated

Minor Changes:

  • Posted on our Platform with updated effective date
  • Continued use constitutes acceptance

16.3 Review Recommendation

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

17. Contact Us

We are committed to addressing your privacy concerns and questions.

17.1 Privacy Inquiries

For questions about this Privacy Policy or our privacy practices:

Email: info@zipaa.app
Phone: +977 986-2349049
Address: Kathmandu, Nepal

17.2 Data Subject Requests

To exercise your privacy rights (access, correction, deletion):

  • Email us at info@zipaa.app with "Privacy Request" in the subject line
  • Provide your account information for verification
  • Specify the nature of your request

We will respond to verified requests within 30 days.

17.3 Security Concerns

If you notice any security vulnerabilities or suspicious activity:

  • Report immediately to info@zipaa.app
  • Include detailed information about the issue
  • Do not exploit or share vulnerabilities publicly

17.4 Customer Support Hours

Sunday - Friday: 10:00 AM - 6:00 PM (Nepal Time)

18. Additional Information

18.1 Language

This Privacy Policy is written in English. In case of any conflict between English and translated versions, the English version prevails.

18.2 Severability

If any provision of this Privacy Policy is found to be invalid or unenforceable, the remaining provisions continue in full effect.

18.3 Entire Agreement

This Privacy Policy, together with our Terms and Conditions, constitutes the entire agreement regarding privacy practices.

19. Your Consent

By using Zipa Online Shopping, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and sharing of your information as described herein.

Last Updated: January 1, 2026

Quick Privacy Summary

What We Collect:

  • Account info (name, phone, email)
  • Delivery addresses
  • Order history
  • Chat messages with sellers
  • Device and usage data

How We Use It:

  • Process your orders
  • Coordinate delivery
  • Improve our services
  • Provide customer support

Who We Share With:

  • Sellers (for order fulfillment)
  • Delivery partners (for delivery)
  • Service providers (for platform operation)
  • We NEVER sell your data to third parties

Your Rights:

  • Access your data anytime
  • Update or correct information
  • Delete your account completely
  • Opt-out of promotional communications

Security:

  • Encrypted data transmission
  • Secure server storage
  • Regular security monitoring
  • Strict access controls

Questions? Contact us at info@zipaa.app

Thank you for trusting Zipa Online Shopping with your personal information. Your privacy is our priority.