Flashcart

Privacy Policy

For Omni-Channel Messaging Services

Last Updated: February 15, 2026Effective Date: February 15, 2026

1Introduction

Flashcart Pvt. Ltd. ("Flashcart", "we", "our", "us") operates omni-channel messaging services that enable businesses and users to communicate across multiple platforms. We are committed to protecting your privacy and ensuring transparency in how we collect, use, store, and protect your personal information.

This Privacy Policy applies to all interactions through our messaging services and complies with:

  • Meta Platform Policies (WhatsApp Business, Facebook Messenger, Instagram)
  • General Data Protection Regulation (GDPR)
  • California Consumer Privacy Act (CCPA)
  • Personal Data Protection Act 2023 (Nepal)
  • Other applicable data protection laws

By using our services, you acknowledge that you have read and understood this Privacy Policy.

2Information We Collect

Information You Provide

  • Identity: Full name, Phone number, Email, Business name
  • Communication: Message content, timestamps, history, files shared
  • Transactions: Order numbers, purchase history, delivery addresses

Collected Automatically

  • Technical: IP address, Device info, Platform used, Session data
  • Usage: Message frequency, Response times, Error logs
  • Third-Party: Limited Meta platform data (User IDs, Profile pics)

3Messaging Channels Covered

WhatsApp Business

Cloud API, Business & User messages

Facebook Messenger

Page messaging, Automated responses

Instagram Direct

Business DMs, Story replies

4How We Use Your Information

Service Delivery

Responding to inquiries, processing orders, sending notifications, and facilitating returns.

Communication

sending announcements, product info, feedback requests, and satisfaction surveys.

Business Operations

Improving service quality, training, analyzing patterns, and preventing fraud.

Legal Compliance

Complying with laws, enforcing terms, and protecting rights.

Marketing Communications (Opt-In Only)

We only send promotional offers with explicit consent. You can opt-out anytime by replying "STOP" or contacting us.

5. Legal Basis (GDPR)

  • Consent: For specific purposes like marketing.
  • Contract: To fulfill service obligations.
  • Legitimate Interests: Business improvement, fraud prevention.

6. Data Retention

  • Active ConversationsDuration + 90 days
  • Order Data7 years
  • Marketing Consent3 years
  • Technical Logs12 months

7-9Data Handling & Security

We Do NOT Sell Your Data

We never sell, rent, or trade your personal info to third parties for marketing.

Service Providers

We share data only with necessary partners (Meta, Cloud Providers, etc.) who are contractually obligated to protect it.

Security Measures

  • End-to-end encryption (WhatsApp)
  • TLS/SSL encryption in transit
  • AES-256 encryption at rest
  • Access controls & MFA
  • Regular security audits
  • 24/7 monitoring

10Your Privacy Rights

GDPR (EU)

  • Access & Rectification
  • Erasure (Right to be Forgotten)
  • Data Portability
  • Withdraw Consent

CCPA (California)

  • Right to Know
  • Right to Delete
  • Right to Opt-Out
  • Non-Discrimination

Exercise Your Rights

Contact us at privacy@flashcart.app with "Privacy Rights Request" in the subject.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact our Data Protection Officer.

Emailprivacy@flashcart.app
AddressFlashcart Pvt. Ltd.
Kathmandu, Nepal
Chat on WhatsApp