FlickMart

Privacy Policy

Last Updated: December 02, 2024

1. Introduction (Comprehensive and Professional Draft)

Welcome to FlickMart (“we,” “our,” or “us”). We are committed to respecting and safeguarding your privacy as you interact with our platform. This Privacy Policy outlines the principles and practices we adopt to manage, protect, and responsibly use the data of all users (“you,” “your”), whether as buyers, sellers, or visitors.

Our e-commerce platform connects buyers and sellers, facilitating transactions through features such as direct messaging and escrow services to ensure secure and transparent exchanges. We also provide premium features and services aimed at enhancing your experience. In doing so, we are dedicated to complying with internationally recognized data protection standards, ensuring that your personal information is processed fairly, lawfully, and transparently.

Our Commitment to Compliance

We adhere to the following data protection regulations:

1. General Data Protection Regulation (GDPR): Protects the rights of individuals in the European Union by ensuring transparency in the collection and use of their personal data, granting users rights such as access, correction, deletion, and objection to processing.
2. California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA): Protect California residents by granting control over their personal data, including rights to know what is collected, request deletion, and opt out of the sale of personal information.

Purpose of this Privacy Policy

This Privacy Policy aims to:

• Explain what personal data we collect, how we collect it, and for what purposes.
• Describe your rights and choices regarding the use of your personal data.
• Outline our measures to protect your data and ensure compliance with GDPR, CCPA, and CPRA.
• Foster transparency, trust, and accountability in the use of our services.

By using FlickMart. You acknowledge that you have read, understood, and agreed to the practices described in this policy. This document is designed to provide clarity and assurance to all our users. If you have any concerns or require further information, please contact our Data Protection Officer or Support Team using the details provided at the end of this policy.

Interpretation and Definitions

Interpretation

The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or plural.

Definitions

For the purposes of this Privacy Policy:

• Account means a unique account created for You to access our Service or parts of our Service.
• Affiliate means an entity that controls, is controlled by or is under common control with a party, where "control" means ownership of 50% or more of the shares, equity interest, or other securities entitled to vote for the election of directors or other managing authority.
• Application refers to FlickMart, the software program provided by the Company.
• Company (referred to as "the Company," "We," "Us," or "Our") refers to FlickMart, Lion Science Park, University Of Nigeria, Nsukka, Enugu, Nigeria.
• Cookies are small files that are placed on Your computer, mobile device, or any other device by a website, containing the details of Your browsing history on that website, among its many uses.
• Country refers to: Nigeria.
• Device means any device that can access the Service such as a computer, cellphone, or digital tablet.
• Personal Data is any information that relates to an identified or identifiable individual.
• Service refers to the Application or the Website or both.
• Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service, or to assist the Company in analyzing how the Service is used.
• Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
• Website refers to FlickMart, accessible from https://www.flickmart.app.
• You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.

2. Data Collection

Types of Data Collected

We collect and process different categories of data to facilitate the services offered on our platform. These include:

1. Personal Information:
   • Name, email address, phone number, and physical address.
   • Payment information (e.g., bank account details for sellers, or payment card details for buyers).
2. Transactional Data:
   • Details of purchases, sales, and payment confirmations.
   • Order history, including product descriptions, prices, and delivery details.
3. Behavioral Data:
   • User interactions on the platform, including browsing history, preferences, and clicks.
   • Communication logs from direct messaging between buyers and sellers (where permitted by law).
4. Technical Data:
   • IP address, device identifiers, browser type, operating system, and session activity.
   • Cookies and similar technologies to enhance user experience and collect analytics.
5. Location Data (if applicable):
   • Precise location for logistics, delivery, or regional preferences when enabled by users.

Collection Methods

We gather information through the following mechanisms:

1. Account Creation and Profile Management:
   • When users create an account, we collect personal details such as their name, email, and phone number.
   • Sellers may provide additional details like bank account information for payment purposes.
2. Order Placement and Payment Processing:
   • Buyers submit payment information and address details during checkout.
   • Escrow payments and transaction confirmations involve collecting relevant financial data.
3. Messaging Features:
   • Communication data between buyers and sellers is collected for dispute resolution and service improvement.
4. Cookies and Tracking Technologies:
   • Cookies are used to gather information about site navigation, preferences, and behavior.
   • Users can manage cookie settings through their browser preferences.
5. Surveys and Feedback:
   • Occasionally, we collect additional data through voluntary surveys, reviews, or feedback forms.
6. Third-Party Integrations:
   • When interacting with integrated services like payment gateways or couriers,
   • data is shared securely and only for necessary purposes.

3. Purpose of Data Usage

We collect and use your data to operate, enhance, and secure the functionality of our platform. The purposes for which we use your data include, but are not limited to, the following:

Core Service Operations

1. Order Processing:
   • Facilitate transactions between buyers and sellers, including handling payments through our escrow service.
   • Ensure timely updates on order status, delivery, and transaction completion.
2. Escrow and Transaction Security:
   • Use personal and transactional data to process payments securely and release funds only after buyer confirmation of product receipt.
   • Minimize fraud risks and provide accountability in disputes.
3. User Support and Dispute Resolution:
   • Use communication records and transaction logs to assist users with inquiries, resolve complaints, and mediate disputes.

Platform Personalization

1. Enhanced User Experience:
   • Analyze user interactions and behavioral data to recommend relevant products, sellers, or events.
   • Customize features and layouts based on user preferences or prior activity.
2. Marketing and Personalized Offers:
   • Send promotions, newsletters, or exclusive offers tailored to user interests.
   • Provide optional marketing communications, subject to user consent under GDPR and CCPA regulations.

Administrative and Legal Compliance

1. Account and Platform Management:
   • Use user data to verify identities during account setup and secure access through features like two-factor authentication.
   • Maintain platform security by monitoring for and addressing suspicious activity.
2. Regulatory Compliance:
   • Process and retain data to fulfill legal obligations, such as tax reporting, financial auditing, or regulatory disclosures.

Advanced Platform Features

1. Messaging Functionality:
   • Enable communication between buyers and sellers, ensuring messages are securely stored and accessible for relevant transactions.
   • Monitor messaging patterns to detect and mitigate inappropriate use or abuse.
2. Escrow-Focused Services:
   • Facilitate trust between buyers and sellers by securely holding payments until product delivery is confirmed.
   • Support post-sale claims, including refunds or product damage resolutions, ensuring fairness.
3. Event Management:
   • Use provided data to coordinate event participation, scheduling, and billing for limited event slots.

4. User Rights

We respect and uphold the data privacy rights granted to users under the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the California Privacy Rights Act (CPRA). Below is an overview of the rights available to users:

Under GDPR (Applicable to EU Residents)

1. Right to Access:
   • You have the right to request and obtain confirmation on whether your personal data is being processed.
   • Access a copy of your personal data in a clear and understandable format.
2. Right to Rectification:
   • Request corrections to inaccurate or incomplete personal information stored by us.
3. Right to Erasure ("Right to Be Forgotten"):
   • Request the deletion of your personal data when it is no longer needed for the purposes for which it was collected or when you withdraw consent.
   • Exceptions include compliance with legal obligations or the establishment of legal claims.
4. Right to Data Portability:
   • Receive your personal data in a commonly used, machine-readable format and request its transfer to another service provider where feasible.
5. Right to Object:
   • Object to the processing of your personal data for purposes such as direct marketing, or where processing is based on legitimate interests.
6. Right to Restriction of Processing:
   • Request limited use of your data under specific circumstances, such as while verifying its accuracy or legality of processing.
7. Right to Withdraw Consent:
   • Revoke your consent at any time, where data processing is based solely on consent.

Under CCPA/CPRA (Applicable to California Residents)

1. Right to Know:
   • Understand what categories of personal data are collected, the purposes for collection, and whether it is shared or sold.
   • Request specific details about your data in a user-friendly format.
2. Right to Delete:
   • Request the deletion of your personal information, subject to exceptions such as completing a transaction or complying with legal obligations.
3. Right to Opt-Out:
   • If applicable, opt out of the "sale" of your personal data. Note: [Your E-commerce Site Name] does not sell personal data.
   • Use designated tools, such as a "Do Not Sell My Information" link on our website.
4. Right to Correct Inaccurate Data (Under CPRA):
   • Request correction of any inaccurate personal information maintained by us.
5. Right to Limit Sensitive Data Use:
   • Limit the use of sensitive personal information, such as financial or location data, to what is necessary for service fulfillment.
6. Non-Discrimination:
   • Exercise your rights without experiencing discriminatory treatment or a reduction in the quality of services.

Exercising Your Rights

• Submission of Requests: You can exercise your rights by contacting us at [privacy@flickmart.ng].
• Verification: For security, we may need to verify your identity before processing your request.
• Response Timeline: We aim to respond to all verified requests within 30 days, as required by applicable laws.

5. Data Sharing and Disclosure

We value your privacy and strive to ensure transparency in how your data is shared and disclosed. Below are the scenarios and third-party integrations where your data might be shared, and the safeguards we implement to protect your information:

Third-Party Integrations

1. Payment Processors:
   • To process payments securely, your financial data may be shared with trusted third-party payment gateways.
   • These services adhere to strict data protection regulations, including GDPR and PCI-DSS standards, ensuring your information remains secure.
   • Payment details are encrypted and never stored directly by our platform.
2. Courier Services:
   • Your name, contact information, and delivery address are shared with third-party couriers to facilitate the delivery of purchased items.
   • These couriers are contractually obligated to use your data solely for the purpose of fulfilling the delivery.
3. Escrow Services:
   • Funds paid for transactions are securely held in our escrow system until delivery is confirmed by the buyer.
   • Escrow data (e.g., payment details, confirmation of delivery) is handled in compliance with financial and data protection laws, ensuring both buyer and seller are protected.
4. Analytics Providers:
   • Behavioral data (e.g., browsing patterns, clicks) may be shared with analytics providers to enhance our platform's functionality and user experience.
   • This data is anonymized and aggregated to ensure it cannot identify individual users.
5. Messaging Platform:
   • Messaging data between buyers and sellers may be stored and monitored to facilitate transactions and ensure compliance with our policies.
   • These records are retained only as long as necessary for dispute resolution or legal compliance.

Data Security and Restrictions

• Restricted Use: Third parties are contractually bound to use your data solely for the services they provide to us.
• No Unauthorized Sharing: Your data will never be sold or shared with advertisers or other entities without your explicit consent.

Escrow Security

To ensure buyer and seller trust, all funds are held securely in an escrow system managed by our platform. The process works as follows:

1. Payment Holding:
   • Buyer funds are collected and held in a secure escrow account when a purchase is initiated.
2. Release on Delivery:
   • Funds are only released to the seller after the buyer confirms the receipt of the purchased item in satisfactory condition.
3. Dispute Resolution:
   • In the event of a dispute, escrow funds are retained until the issue is resolved, providing accountability and protection for both parties.

6. Data Protection Measures

We prioritize the protection of your personal information and have implemented robust security measures to ensure its confidentiality, integrity, and availability. These measures are designed to safeguard against unauthorized access, breaches, and data misuse.

1. Encryption

• Data in Transit: All data transmitted between your device and our servers is encrypted using TLS (Transport Layer Security) to prevent interception by unauthorized parties.
• Data at Rest: Sensitive information, including personal and financial details, is encrypted using AES-256 or equivalent encryption standards when stored on our servers.

2. Secure Payment Gateways

• We integrate with PCI-DSS compliant payment gateways to ensure that your financial data is processed and stored securely.
• Payment details are transmitted directly to the payment processor via encrypted connections and are not stored on our platform.

3. Access Control

• Role-Based Access: Only authorized personnel with clearly defined roles can access sensitive data. Access levels are granted based on the principle of least privilege.
• Multi-Factor Authentication (MFA): Admin access to sensitive data and platform management requires MFA to mitigate unauthorized access.

4. Regular Security Audits and Updates

• Our platform undergoes regular penetration testing and vulnerability assessments to identify and address potential security gaps.
• Software and security patches are applied promptly to protect against known vulnerabilities.

5. Data Minimization

• We collect and retain only the data necessary to fulfill our services.
• Unnecessary or outdated data is securely deleted in compliance with GDPR, CCPA, and CPRA requirements.

6. Monitoring and Incident Response

• Real-Time Monitoring: Our systems are continuously monitored for unusual activity or potential threats.
• Incident Response Plan: In the event of a breach, we have a comprehensive incident response plan to mitigate harm, notify affected users promptly, and comply with legal reporting obligations.

7. Backup and Recovery

• Daily Backups: Regular, encrypted backups of user data are stored in secure locations to ensure data recovery in case of loss or corruption.
• Disaster Recovery Plan: A robust disaster recovery plan ensures the continuity of services during unforeseen events.

8. Privacy by Design

• From the outset, our systems are designed with privacy and security as foundational principles, ensuring compliance with global privacy regulations.

7. Cookies and Tracking

Cookies are small text files placed on your device when you visit our website. They help improve your user experience, enable certain features, and provide us with valuable insights into how our platform is used. Below is a breakdown of how we use cookies and tracking technologies, and your choices regarding them:

Types of Cookies We Use

1. Essential Cookies:
   • These cookies are necessary for the operation of our platform and enable basic functionalities like account login, shopping cart management, and secure transaction processing.
   • They are always active and cannot be disabled without affecting the site's performance.
2. Analytics Cookies:
   • We use cookies to collect data on how visitors interact with our site, including which pages are visited most often and how users navigate the platform.
   • This helps us improve the user experience and optimize our services. For example, we may use Google Analytics or similar tools to gather insights.
3. Advertising Cookies:
   • These cookies track your browsing habits across different sites, helping us provide personalized advertisements that match your interests.
   • For example, cookies from third-party advertisers (e.g., Google Ads) may be used to display relevant ads based on your prior interactions with our platform.
4. Functional Cookies:
   • These cookies allow us to remember your preferences (e.g., language, region) and enhance the functionality of our platform.
   • They ensure a more personalized experience but are not essential for core site functions.

Managing Cookies and Tracking Preferences

1. Opt-In for Non-Essential Cookies:
   • We ask for your consent before placing non-essential cookies on your device. When you first visit our site, you will be prompted to accept or decline cookies other than those that are strictly necessary for the platform to function.
   • You can customize your cookie preferences by adjusting the settings in the cookie consent banner that appears when you visit the site.
2. Opt-Out Mechanism:
   • You can choose to opt-out of non-essential cookies at any time. You can manage your preferences by visiting our Cookie Settings page, where you can update your consent choices.
   • Most web browsers also allow you to control cookies through their settings. You can block or delete cookies, though this may affect certain site functionalities.

Third-Party Cookies

• Our platform may allow third-party vendors, such as advertisers or analytics providers, to set cookies on your device.
• These third parties may use cookies to collect information about your browsing activity across different websites to display relevant ads or analyze trends.

Your Rights and Choices Regarding Cookies

• GDPR: Under the GDPR, you have the right to withdraw consent for non-essential cookies at any time. This does not affect the legality of processing based on consent before its withdrawal.
• CCPA/CPRA: You can opt-out of the sale of personal data related to cookies, if applicable. You also have the right to request the deletion of your data and to be informed about the categories of cookies and tracking technologies used.

8. Refunds and Damages

In our marketplace, the responsibility for handling refunds, product returns, and damages is divided between the seller and the courier service provider, as outlined below:

Seller Responsibilities:

1. Refunds:
   • Sellers are responsible for processing refunds if the product is not as described or does not meet the buyer’s expectations. This includes cases where the buyer returns the product due to dissatisfaction or defects that fall within the seller's return policy.
   • Sellers must initiate refunds promptly upon agreement with the buyer or once the product is returned, in accordance with the platform’s refund policy.
2. Product Quality and Description:
   • Sellers are responsible for ensuring that the product description is accurate and the item is in good condition before shipment. They must provide clear, truthful descriptions, including any known defects or issues, and ensure that the product meets the description provided.

Courier Responsibilities:

1. Damages During Shipping:
   • If a product is damaged during the shipping or delivery process, it is the responsibility of the courier service provider to address the issue. Couriers are independent of the platform and sellers and must ensure safe handling and delivery of products.
   • In the case of damage during transit, the buyer must immediately report the issue to the courier and file a claim. The courier service will assess the damage and handle the claim resolution, including compensation or replacement, if applicable.
2. Insurance and Claims:
   • The courier service provider is responsible for providing adequate insurance for shipped products. Buyers are advised to check the courier's terms and conditions regarding insurance coverage for product damage during transit.
   • If the product was damaged during delivery, the buyer must follow the courier’s claim process to ensure compensation.

Buyer Responsibilities:

1. Inspecting Products:
   • Buyers should inspect products upon delivery. If any damage is found, it should be reported immediately to the courier service provider within the time frame specified by the courier's policies (typically 48-72 hours).
   • Photos or videos of the damaged product are often required to process the claim.
2. Product Returns:
   • If a buyer wishes to return a product due to dissatisfaction, the buyer must follow the seller’s return policy. The seller will issue a refund based on the return terms.
   • In cases where the issue is related to delivery damage, buyers should contact the courier service to initiate a claim.

Escrow Service:

• The platform’s escrow service holds the buyer’s funds securely until the product is delivered, and the buyer confirms receipt. If the product is damaged upon delivery, the buyer must first report it to the courier service provider for resolution, and then to the seller if needed. The funds will only be released to the seller after the delivery is confirmed and any claims have been resolved.

Dispute Resolution:

• In the event of a dispute regarding a refund or product damage, both the buyer and seller are encouraged to communicate directly through the platform’s messaging system.
• If the issue concerns shipping damage, the buyer should contact the courier service for assistance. If a resolution is not reached, the platform’s support team can mediate between the buyer and the seller.
• The platform will not be responsible for resolving disputes related to damages incurred during shipping, as these fall under the responsibility of the courier service provider.

9. Messaging Features

The messaging feature on the platform facilitates communication between buyers and sellers. Here's how messaging is handled:

Message Storage:

1. Data Retention:
   • Messages exchanged between buyers and sellers are stored on the platform without a defined time frame. This means that messages are kept indefinitely unless a user decides to delete them or unless otherwise required by legal or platform-related obligations.
2. Access to Messages:
   • Both buyers and sellers can access their message history at any time through their accounts. Platform administrators may access and review messages if necessary for dispute resolution, policy enforcement, or ensuring compliance with platform guidelines. This may also occur if there is suspicion of abuse or violation of the platform’s terms.

Message Usage:

1. Dispute Resolution:
   • Messages are an essential part of resolving disputes. In case of any disagreement between a buyer and a seller, the message exchange will be used to understand both parties' positions and resolve the issue effectively. The platform's support team may use these messages as evidence during the dispute resolution process.
2. Platform Improvement:
   • The platform may review message data in aggregate (anonymized) to identify patterns or common issues. This helps to improve platform features, user experience, and communication tools. Insights gathered may lead to improvements in policies or technical updates.

User Consent:

• By using the messaging feature, users consent to the storage and use of their messages as described in this policy. Users should be aware that messages are stored without a specific time limit unless deleted by the user.

Security:

• Although messages are stored without encryption, the platform strives to protect user data through general security measures. However, users should exercise caution when exchanging sensitive information through the messaging system, as it is not encrypted.

10. Policy Updates

Our privacy policy is subject to updates and revisions to ensure compliance with changing regulations and to reflect any changes in how we handle user data. Here’s how we will notify users about any updates:

1. Notification of Changes:
   • Website Notification: Users will be notified of significant updates to the privacy policy via a prominent notice on our website, typically displayed at the top of the homepage or in the user's account section. This notice will appear when the updated policy is published.
   • Email Notification: Registered users may receive an email notification with a summary of the key changes and a link to the updated privacy policy.
2. Effective Date:
   • The updated privacy policy will indicate the effective date of the changes. The policy’s effective date will also be revised to reflect when the changes are applied, ensuring transparency.
3. Consent:
   • If the changes are significant, users may be asked to review and accept the new privacy policy through a prompt when they log in to their accounts or place an order. Continued use of the platform after the effective date signifies agreement to the updated terms.
4. Access to Old Versions:
   • Users can access previous versions of the privacy policy, which will be archived and available for review. This ensures that users can reference how the policy has evolved over time.

11. Contact Information

If you have any questions, concerns, or requests regarding your personal data, this privacy policy, or how your data is handled, please contact us using the following methods:

1. Email:
   You can reach us at [privacy@flickmart.ng]. Please include "Privacy Inquiry" in the subject line for quicker processing.
2. Support Portal:
   Visit our Support Portal, where you can submit a privacy-related request, track inquiries, and access FAQs.
3. Mail:
   You can send written privacy-related inquiries to the following address:
   FlickMart
   Lion Science Park, University Of Nigeria, Nsukka
   Enugu, State
   Nigeria.
4. Phone:
   For urgent matters, you may also contact us at [07049157034].
5. Data Protection Officer (DPO):
   If you would like to contact our Data Protection Officer (DPO), please email [privacy@flickmart.app].

11. Contact Information

If you have any questions, concerns, or requests regarding your personal data, this privacy policy, or how your data is handled, please contact us using the following methods:

1. Email:
   You can reach us at [privacy@flickmart.app]. Please include "Privacy Inquiry" in the subject line for quicker processing.
2. Support Portal:
   Visit support@flickmart.app, where you can submit a privacy-related request, track inquiries, and access FAQs.
3. Mail:
   You can send written privacy-related inquiries to the following address:
   FlickMart
   Lion Science Park, University Of Nigeria, Nsukka
   Enugu, State
   Nigeria
4. Phone:
   For urgent matters, you may also contact us at [07049157034].
5. Data Protection Officer (DPO):
   If you would like to contact our Data Protection Officer (DPO), please email [privacy@flickmart.app].