Privacy Policy

1. Introduction

TopupFI ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and web platform.

2. Information We Collect

2.1 Personal Information (Firestore user_profiles collection)

• Full name and unique username
• Email address (from Firebase Authentication)
• Account creation and last login timestamps
• Account status and activity information
• Email verification status

2.2 Technical and Device Information

• Device model and operating system version
• App version and build number
• IP address (for security and fraud prevention)
• Firebase authentication tokens
• FCM device token for push notifications (when granted)
• Last active timestamps and session information
• App performance and crash data

2.3 Usage Analytics (Firebase Analytics)

• App usage patterns and screen views
• Feature usage statistics
• Error reports and app stability data
• User interaction patterns (wallet actions, shop actions, order actions)
• In-app messaging engagement data
• Achievement and milestone tracking
• Performance monitoring data

3. How We Use Your Information

3.1 Service Delivery

• Process mobile top-ups, recharges, and digital purchases
• Provide customer support for top-up and recharge services

3.2 Security and Compliance

• Prevent fraud and unauthorized access
• Monitor for suspicious activities and security threats
• Track device information for account security

3.3 App Improvement and Analytics

• Analyze app usage to improve features and user experience
• Monitor app performance and fix bugs
• Develop new services and products
• Conduct market research and user behavior analysis
• Personalize your experience within the app

3.4 Communication and Notifications

• Send push notifications about account activity and transactions
• Provide customer support responses
• Deliver important service announcements
• Send security alerts and account notifications

4. Information Sharing and Disclosure

5. Data Security Measures

We implement industry-standard security measures:

• End-to-end encryption for sensitive data
• Secure HTTPS connections for all communications
• Firebase Authentication for secure user management
• Regular security audits and monitoring
• Secure cloud storage with access controls
• Fraud detection and prevention systems

However, no system is 100% secure. We cannot guarantee absolute security but continuously work to protect your data.

6. Data Retention

• Account information: Retained while your account is active and for 1 year after closure
• Account records: Automatically deleted after 90 days of inactivity
• Analytics data: 26 months (Firebase Analytics default retention)

You can request deletion of your personal data, subject to legal and regulatory requirements.

7. Your Privacy Rights

8. Location and International Transfers

TopupFI operates primarily in Bangladesh. Your data is processed in:

• Bangladesh (primary operations and compliance)
• Singapore (Firebase/Google Cloud servers in asia-southeast1 region)
• United States (some Google services and analytics)

We ensure appropriate safeguards are in place for international data transfers, including standard contractual clauses and Google's adequate security measures.

9. Contact Information