Privacy Policy

1. Introduction

TopupFI ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and web platform.

2. Information We Collect

2.1 Personal Information (Firestore user_profiles collection)

• Full name and unique username
• Email address (from Firebase Authentication and Google Sign-In)
• Profile picture/avatar (when using Google Sign-In or uploading custom images)
• Account creation and last login timestamps
• Account status and activity information
• Email verification status

2.2 Technical and Device Information

• Device model, manufacturer, and operating system version
• App version and build number
• IP address (for security and fraud prevention)
• Firebase authentication tokens
• FCM device token for push notifications (when granted)
• Google Advertising ID (for ad personalization and analytics)
• Last active timestamps and session information
• App performance and crash data
• Device identifiers for fraud prevention and security
• Network connection type and quality metrics

2.3 Usage Analytics (Firebase Analytics)

• App usage patterns and screen views
• Feature usage statistics
• Error reports and app stability data
• User interaction patterns (wallet actions, shop actions, order actions)
• In-app messaging engagement data
• Achievement and milestone tracking
• Performance monitoring data

2.4 Advertising and Monetization Data (Google AdMob)

• Ad viewing history and interaction data
• Ad impressions, clicks, and conversion tracking
• Rewarded ad completion status (for coin rewards)
• Ad personalization preferences
• Advertising ID for targeted advertising
• Third-party ad network data sharing
• Ad performance metrics and analytics

2.5 Referral and Deep Link Data

• Referral codes and referrer relationships
• Deep link sources and campaign parameters
• Referral earnings and redemption history
• App installation source tracking

2.6 User-Generated Content

• Task completion screenshots (uploaded to ImgBB)
• Custom avatar images (uploaded to ImgBB)
• Review and feedback submissions

3. How We Use Your Information

3.1 Service Delivery

• Process mobile top-ups, recharges, and digital purchases
• Provide customer support for top-up and recharge services

3.2 Security and Compliance

• Prevent fraud and unauthorized access
• Monitor for suspicious activities and security threats
• Track device information for account security

3.3 App Improvement and Analytics

• Analyze app usage to improve features and user experience
• Monitor app performance and fix bugs
• Develop new services and products
• Conduct market research and user behavior analysis
• Personalize your experience within the app

3.4 Communication and Notifications

• Send push notifications about account activity and transactions
• Provide customer support responses
• Deliver important service announcements
• Send security alerts and account notifications

3.5 Advertising and Monetization

• Display personalized and non-personalized advertisements
• Deliver rewarded video ads for earning in-app coins
• Track ad performance and optimize ad delivery
• Measure advertising campaign effectiveness
• Provide ad-free experiences based on user preferences

3.6 Referral Program Management

• Track referral relationships and earnings
• Process deep link attribution for app installations
• Calculate and distribute referral rewards
• Prevent referral fraud and abuse

4. Information Sharing and Disclosure

5. Data Security Measures

We implement industry-standard security measures:

• Secure data encryption in transit and at rest
• Secure HTTPS connections for all communications
• Firebase Authentication for secure user management
• Security monitoring and protection measures
• Secure cloud storage with access controls
• Security monitoring and fraud prevention measures

However, no system is 100% secure. We cannot guarantee absolute security but continuously work to protect your data.

6. Data Retention

• Account information: Retained while your account is active and for 1 year after closure
• Inactive accounts: Accounts with no activity for 90 consecutive days may be flagged for review, but data is retained unless you request deletion
• Transaction records: 7 years (regulatory requirement for financial services)
• Analytics data: 26 months (Firebase Analytics default retention)
• Advertising data: Per Google AdMob policy (typically 18-24 months)
• Support communications: 3 years after last interaction
• User-generated content: Until account deletion or manual removal

You can request deletion of your personal data at any time, subject to legal and regulatory requirements. Note that some data may be retained for fraud prevention and legal compliance.

7. Your Privacy Rights

8. Children's Privacy and Age Requirements

9. Analytics and Tracking Technologies

10. Advertising and Monetization (Google AdMob)

11. Push Notifications and Messaging

12. App Store Compliance and Financial Services Disclaimer

13. Changes to This Policy

We may update this Privacy Policy to reflect:

• Changes in our services or data practices
• Legal or regulatory requirements
• Industry best practices and security improvements
• User feedback and operational needs

When we make significant changes, we will:

• Notify you through the app or email
• Update the "Last updated" date
• Provide clear explanation of changes
• Give you options to review and accept updated terms

14. Location and International Transfers

TopupFI operates primarily in Bangladesh. Your data is processed in:

• Bangladesh (primary operations and compliance)
• Singapore (Firebase/Google Cloud servers in asia-southeast1 region)
• United States (some Google services and analytics)

We ensure appropriate safeguards are in place for international data transfers, including standard contractual clauses and Google's adequate security measures.

15. Contact Information