FLiKKA

Privacy Policy

Effective:

FLiKKA respects your privacy. This policy explains what we collect, how we use it, and your choices.

Information we collect

  • Account Information: Phone number (required for Twilio SMS verification), name, optional email, gender, birthdate, profile preferences.
  • Location Data: Precise GPS coordinates for serviceability checks, delivery accuracy, and real-time order tracking. Cached for performance optimization.
  • Address Information: Multiple delivery addresses with labels (home/work/other), landmarks, delivery instructions, receiver details, exact coordinates.
  • Order & Payment Data: Purchase history, cart contents, payment methods, Razorpay transaction IDs, order status, delivery feedback and ratings.
  • Device & App Data: FCM push notification tokens, device identifiers, app version, crash reports, performance analytics, network connectivity status.
  • SMS Access: Auto-OTP detection reads SMS messages containing Twilio verification codes (with explicit permission). No other SMS content is accessed or stored.
  • Usage Analytics: App interactions, feature usage, search queries, banner clicks, coupon usage, return requests for service improvement. Website analytics via Google Analytics (anonymized).

How we use information

  • Service Delivery: Account management via Twilio phone verification, serviceability verification, order processing, real-time delivery tracking, secure payment processing via Razorpay.
  • Communication: Push notifications for order updates, promotional offers, Twilio SMS OTPs for authentication, customer support via Socket.io real-time messaging.
  • Security & Compliance: Fraud prevention, payment verification, order cancellation validation, return request processing, GST compliance.
  • Service Improvement: App performance analytics, crash reporting, feature usage statistics, delivery time optimization, inventory management.
  • Personalization: Loyalty points tracking, referral program management, coupon recommendations, order history analysis, address suggestions.

Sharing

We do not sell your personal data. We share limited data with trusted service providers under strict data protection agreements:

  • Twilio: SMS-based phone number verification and OTP delivery
  • Razorpay: Secure payment processing and transaction verification
  • Firebase (Google): Push notifications, app analytics, and crash reporting
  • Google Analytics: Website traffic analysis and user behavior insights (anonymized data)
  • Cloudflare: Content delivery network and DDoS protection for our website
  • Delivery Partners: Order details and delivery addresses for fulfillment

App Permissions

📍 Location Access (Required)

Used for serviceability checks, accurate delivery, and real-time order tracking. You can disable location access, but the app will require manual address entry.

📱 SMS Reading (Optional)

Auto-fills OTP codes during phone verification. Only OTP messages are read. You can deny this permission and enter OTPs manually.

🔔 Push Notifications (Optional)

Sends order updates, delivery notifications, and promotional offers. Can be disabled in app settings or device settings.

📶 Network Access (Required)

Essential for app functionality including orders, payments, and real-time updates via secure HTTPS connections.

Retention

We retain account and order data for as long as your account is active and as required by law (e.g., tax and accounting). You may request deletion of your account subject to legal obligations.

Your choices

  • Notifications: you can enable/disable push notifications in-app or device settings.
  • Access & correction: contact us to access or correct your information.
  • Account deletion: request deletion via support; we will process within a reasonable time and retain only as required by law.

Security

We implement industry-standard security practices including HTTPS encryption, secure token-based authentication, and strict access controls. While no method is 100% secure, we continually improve our safeguards.

Security Measures:

  • Data Encryption: All data transmission uses HTTPS/TLS encryption
  • Authentication: Secure Twilio-based phone verification with OTP
  • Payment Security: PCI DSS compliant Razorpay integration
  • Access Controls: Role-based permissions and secure API endpoints

Google Play Store Compliance

Data Safety: This app complies with Google Play's Data Safety requirements. We are transparent about data collection, usage, and sharing practices.

Sensitive Permissions:

  • SMS Permission: Used only for auto-OTP detection during phone verification. No SMS content is stored or shared.
  • Location Permission: Used for serviceability checks and accurate delivery. Location data is not shared with third parties except delivery partners for order fulfillment.
  • Phone Permission: Used only for Twilio-based phone number verification. No call logs or contacts are accessed.

User Control: All sensitive permissions can be revoked through Android settings. The app provides alternative methods (manual entry) when permissions are denied.

Children

FLiKKA is not directed to children under 13. We do not knowingly collect data from children.

Contact

For privacy questions or requests, email: flikka.delivery@gmail.com

Last updated: