pt
Join us

Privacy policy

Privacy Policy — Folo Foods

Privacy Policy — Folo Foods

Effective date: August 31, 2025

Company: NEXAR GLOBAL

Contact email: info@folofoods.com

Address:

Rua Costa Ferreira, nº 326, 1º andar, Escritório nº 5

Trofa Bougado,4785 298 TROFA

This Privacy Policy explains how NEXAR GLOBAL (“Folo Foods”, “we”, “us”, “our”) collects, uses, discloses, and protects your information when you use our mobile applications and related services:

  • Folo Foods – Customer (ordering and delivery tracking)
  • Folo Foods – Store Manager (vendor app)
  • Folo Foods – Delivery Partner (courier app)

By using our apps, you agree to the practices described here.

1) Who we are (Controller)

For users in the EEA/UK, NEXAR GLOBAL UNIPESSOAL LDA  is the data controller for processing your personal data under GDPR/UK GDPR.

2) What we collect

A. Information you provide

  • Account & profile: name, email, phone, password (hashed), profile photo and Tax Number
  • Addresses: delivery addresses, contact instructions.
  • Order details: items ordered, notes, payment method (tokenized—no raw card data stored by us).
  • Vendor data (Store Manager): store name, business documents , bank/payout details.
  • Courier data (Delivery Partner): identity docs, vehicle type/details, availability, payout details.
  • Support: messages, attachments you send to support.

B. Information collected automatically

  • Device & usage: app version, device model, OS, IP, language, crash/diagnostic logs.
  • Location:
    • Customer app: precise location (while using) for nearby stores, delivery ETA, and live order tracking.
    • Delivery Partner app: precise location while using the app and (if enabled) in the background to receive jobs, navigate, and provide live tracking/proof of delivery—even when the app is not open. You can change this in device settings; certain features may stop working.
  • Cookies/SDKs: analytics and performance measurement (no third‑party advertising SDKs unless disclosed below).

C. Information from third parties

  • Payments: tokenized payment information and transaction status from payment providers.
  • Sign‑in providers: if you log in with Apple/Google/Facebook, we receive profile identifiers as permitted by their policies.

3) Why we use your data (Legal bases)

Purpose Examples Legal basis (GDPR)
Provide the service Account creation, processing orders, and delivery tracking Contract
Safety & prevention Fraud prevention, secure authentication, abuse detection Legitimate interests / Legal obligation
Payments & payouts Charge customers, pay vendors/couriers Contract / Legal obligation
Customer support Resolve issues, respond to requests Contract / Legitimate interests
Improve & debug Analytics, performance, crash logs Legitimate interests
Marketing (optional) Push promos, email offers (where permitted) Consent / Legitimate interests
Compliance Tax, accounting, regulatory responses Legal obligation

Where we rely on consent (e.g., marketing notifications in some regions, background location on Android), you can withdraw it at any time in the app or device settings.

4) How we share information

  • Vendors & couriers: customers’ delivery first name, address, phone (masked where supported), order notes.
  • Payment processors: to process charges/payouts (we don’t store full card numbers).
  • Service providers (processors): cloud hosting, analytics, crash reporting, SMS/email gateways, identity verification.
  • Legal & safety: to comply with law, enforce terms, or protect rights, property, and safety.
  • Business transfers: as part of a merger, acquisition, or asset sale (with notice where required).

We do not sell personal data.

5) International transfers

Your data may be processed outside your country. Where required, we use safeguards such as Standard Contractual Clauses to protect your information.

6) Data retention

  • Accounts & orders: for the life of the account and to meet tax/legal obligations (typically 6–10 years for financial records, depending on jurisdiction).
  • Location (Delivery Partner): operational and dispute windows (e.g., up to 12–24 months), then aggregated/anonymized.
  • Support files/logs: typically maintained for 24 months, unless required for longer periods for investigations or legal claims.

We may anonymize data for analytics after these periods.

7) Your rights (EEA/UK and similar jurisdictions)

Subject to local law, you can request: access, correction, deletion, restriction, portability, and objection to certain processing. You may also lodge a complaint with your local supervisory authority.

To exercise rights or ask questions: info@folofoods.com. We may verify your identity before responding.

8) Account deletion (in-app)

You can initiate account deletion directly from:

  • Customer app: Profile → Account → Delete Account
  • Store Manager app: Profile → Account → Delete Account
  • Delivery Partner app: Profile → Account → Delete Account

Or email info@folofoods.com from your registered email. Some information (e.g., invoices, tax records) may be retained where legally required.

9) Children

Our services are not intended for children under the age required by local law to consent to processing (e.g., 16 in parts of the EU). We do not knowingly collect data from children. If you believe a child has provided data, contact us to delete it.

10) Security

We use administrative, technical, and organizational measures (encryption in transit, access controls, logging). No system is 100% secure; please keep your credentials confidential and update apps regularly.

11) App-specific notes

Customer app

  • Uses location while using for store discovery, pricing by zone/distance, and live tracking.
  • Push notifications for order status and promotions (opt-out any time).

Store Manager (Vendor) app

  • Collects data and payout details to verify and pay store partners.
  • Sends operational notifications for new orders, settlements, and support.

Delivery Partner app

  • May request background location to dispatch nearby orders, show accurate ETAs, route navigation, and proof of delivery, even when the app is closed. You can disable this in settings; core delivery features may be limited.
  • Collects data and payout details to verify and pay partners.

12) Third‑party services (examples)

Depending on your region, we may use: cloud hosting, first‑party analytics/Crashlytics, maps/navigation intents, payment gateways, SMS/email providers, identity verification tools. Each third party processes data under its own privacy terms as a processor or independent controller where applicable.

13) Changes to this Policy

We may update this Policy to reflect changes in laws or our services. The “Effective date” will show the latest version. Significant changes will be notified in‑app or by email where required.

14) Contact us

NEXAR GLOBAL

Rua Costa Ferreira, nº 326, 1º andar, Escritório nº 5

Trofa Bougado,4785 298 TROFA 

Info@nexarglobal.pt

© 2025 NEXAR GLOBAL UNIPESSOAL LDA. All rights reserved.