Privacy Policy

Last updated: December 10, 2025

At COOWIK, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our mobile application. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the application.

1. Information We Collect

We collect information that allows us to provide and improve our service. This includes:

  • Account Information: Username, email address, and password (passwords are stored encrypted via Firebase Authentication; never stored in plain text).
  • User-Generated Content: Product details (title, description, price), product images, profile images, and chat messages exchanged between users.
  • Payment Details Provided by Sellers: Sellers may provide their UPI ID (UPI handle), and an optional UPI QR code or other payment info to receive payments from buyers. COOWIK stores these UPI identifiers and QR images when sellers add them to their listings or profile. We do not collect or store payment credentials such as UPI PINs or banking passwords.
  • Device & Usage Data: Device information, app performance metrics, crash logs, and analytics events collected by Firebase for diagnostics and improvements.

2. How We Use Your Information

We use collected data for the following purposes:

  • To create, authenticate and manage user accounts.
  • To allow sellers to upload, manage and display product listings, including showing UPI IDs / QR codes to buyers for payment.
  • To enable in-app chat communications between buyers and sellers.
  • To provide customer support and respond to inquiries submitted via the app's contact/help pages.
  • To analyze and improve app performance, reliability, and user experience.

3. UPI Payments — Important Notes

COOWIK facilitates peer-to-peer payments by allowing sellers to share their UPI ID and QR code with buyers. Important points:

  • Peer-to-peer payments: Payments occur between buyer and seller using the buyer’s chosen UPI app (Google Pay, PhonePe, BHIM, etc.). COOWIK is not a payment processor and does not handle the transfer of funds.
  • What we store: UPI IDs (handles) and QR code images that sellers voluntarily provide to receive payments. These are stored in Firebase Storage / Firestore as part of the seller’s profile or product listing.
  • What we don’t store: UPI PINs, bank account passwords, OTPs, or any other sensitive banking credentials. Do not share PINs or OTPs with anyone — COOWIK will never ask for them.
  • Transaction responsibility: All payment authorization and settlement are handled by the UPI network and the buyer’s/payment app. COOWIK is not responsible for payment disputes, failed transfers, or fraudulent transactions that occur off-app. Buyers and sellers should confirm successful receipt of funds before shipping goods or confirming service completion.
  • Security: UPI IDs and QR images are stored with access controls and Firebase Security Rules. Sellers should ensure the UPI information they provide is correct. COOWIK is not liable for losses resulting from incorrect UPI details entered by sellers.

4. Third-Party Services (Firebase)

COOWIK uses Firebase (Google) to provide core functionality, including authentication, database (Firestore), storage (for images and QR codes), analytics, and crash reporting. Firebase may independently collect, store, and process data as part of those services. By using COOWIK, you agree that Firebase may process your information in accordance with Google's privacy policies.

5. Image & File Storage

Product images, profile images, and QR code images uploaded by users and sellers are stored in Firebase Storage. Users should only upload images and files they have the right to share; do not upload copyrighted, illegal, or sensitive material.

6. Data Security

We store data using Firebase Firestore and Firebase Storage and apply reasonable administrative, technical, and physical safeguards, including Firebase security rules and server-side authorization checks. UPI IDs and QR images are treated as personal contact/payment identifiers — encrypted in transit and protected at rest per Firebase defaults and your app's security rules. While we take steps to protect your information, no system is 100% secure and we cannot guarantee absolute security.

7. Data Retention

We retain personal information for as long as your account is active or as needed to provide services. If you delete your account, we will remove or anonymize your personal data from active systems. UPI IDs and QR images provided by sellers will be removed when the seller deletes their profile or listing; backups and logs may persist for a limited time for troubleshooting and legal compliance.

8. Sharing & Disclosure

We do not sell your personal data. We may share information with:

  • Firebase / Google, to provide hosting, authentication, storage, analytics, and crash reporting.
  • Service providers who perform services on our behalf (under contract and confidentiality obligations).
  • Law enforcement or regulators when required by law, legal process, or to protect rights and safety.

9. Your Rights

Subject to local law, you may have rights including:

  • Accessing the personal data we hold about you.
  • Correcting or updating inaccurate information (including UPI IDs/QR images).
  • Requesting deletion of your account and personal data.
  • Requesting a copy of your data (data portability).

Many account actions can be performed inside the app. For other requests, contact us at the email below and include details so we can verify your identity and fulfill the request.

10. Children’s Privacy

COOWIK is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided personal information, contact us to request removal.

11. Child Safety and Protection Against Child Sexual Abuse and Exploitation (CSAE)

COOWIK has zero tolerance for child sexual abuse and exploitation (CSAE). We are committed to protecting children and maintaining a safe environment for all users.

Our CSAE Standards:

  • Zero Tolerance: Any content, communication, or activity related to child sexual abuse and exploitation is strictly prohibited and will result in immediate account termination and reporting to law enforcement.
  • Age Restrictions: Users must be at least 13 years old to use COOWIK. We do not knowingly allow children under 13 to create accounts or use our services.
  • Content Moderation: We actively monitor user-generated content, including product listings, images, chat messages, and profile information for CSAE material. Suspected CSAE content is immediately removed and reported.
  • Reporting Mechanism: Users can report inappropriate content or behavior by contacting us at risalea.22@gmail.com with the subject line "Safety Report". Reports are reviewed within 24 hours.
  • Law Enforcement Cooperation: We cooperate fully with law enforcement agencies and report suspected CSAE activity to the National Center for Missing & Exploited Children (NCMEC) and other appropriate authorities as required by law.
  • User Education: We prohibit and take action against:
    • Sharing, soliciting, or distributing child sexual abuse material (CSAM)
    • Grooming or attempting to exploit minors
    • Any sexualized content involving minors
    • Facilitating or promoting child exploitation in any form
  • Prevention Measures: We implement technical and operational measures including automated detection, manual review processes, and Firebase security rules to prevent CSAE content from being uploaded or shared on our platform.

How to Report CSAE:

If you encounter any content or behavior that involves child sexual abuse or exploitation:

  • Report immediately via email to risalea.22@gmail.com with subject "URGENT: CSAE Report"
  • Include screenshots, usernames, and any relevant details (your identity will be kept confidential)
  • You may also report directly to local law enforcement or NCMEC at CyberTipline

Last Updated: December 10, 2025

12. International Transfers

Your information may be stored and processed in countries where Firebase and our service providers operate. By using COOWIK, you consent to transfer and processing of your information in those locations.

13. Changes to This Privacy Policy

We may update this Privacy Policy occasionally to reflect changes in our practices or legal requirements. We'll post the updated policy with a new "Last updated" date. Continued use of the app after changes means you accept the updated policy.

14. Contact Us

If you have questions, requests, or concerns about this Privacy Policy or your personal data, contact us:

Developer: Risal EA
Email: risalea.22@gmail.com

15. Payment Safety Tips

To protect yourself when using UPI for payments via COOWIK:

  • Verify the seller’s UPI ID or scan the QR code and confirm the beneficiary name before sending payment.
  • Do not share UPI PINs, OTPs, or passwords with anyone.
  • Confirm the payment is successful in your UPI app and the seller confirms receipt before shipping goods.
  • If a dispute occurs, keep screenshots of the payment and chat messages to assist with resolution.

16. Additional Notices

- If you are in the European Economic Area (EEA), UK or other regions with data protection laws, you may have additional rights under local laws (e.g., GDPR).
- If you are a California resident, you may have rights under the California Consumer Privacy Act (CCPA). To exercise rights, contact us at the email above.