Vendor Privacy Policy

Last Updated: December 10, 2025

Welcome to the FlipStore Vendor Admin Panel. This Vendor Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our vendor/seller application and dashboard. This policy applies specifically to vendors, sellers, and merchants who use our platform to sell products.

1. Information We Collect from Vendors

1.1 Vendor Registration Information

When you register as a vendor, we collect:

Business Information: Shop name, business type, business registration number, GST number, PAN details
Personal Information: Owner/contact person name, email address, phone number
Bank Account Details: Bank name, account number, IFSC code, UPI ID (for payment settlements)
Business Address: Shop/warehouse address, pickup location, pin code
Identity Verification: Government-issued ID, business licenses, tax certificates
Login Credentials: Email, password, authentication tokens

1.2 Product Information

Product names, descriptions, and specifications
Product images and videos
Pricing, inventory levels, and SKU details
Product categories and tags
Shipping dimensions and weight

1.3 Transaction and Order Data

Order details and customer shipping addresses
Payment and commission information
Sales analytics and revenue reports
Return and refund requests
Customer reviews and ratings for your products

1.4 Usage and Technical Data

Device Information: Device type, operating system, app version
Login Activity: Login times, IP addresses, session duration
Dashboard Activity: Features used, pages viewed, actions performed
Performance Data: App crashes, errors, response times

1.5 Communication Data

Support tickets and customer service interactions
Email correspondence with FlipStore team
Notifications and alerts sent to you
Feedback and survey responses

2. How We Use Vendor Information

We use your information to:

Onboard and Verify Vendors: Process registration, verify identity, and approve seller accounts
Facilitate Sales: List your products, process orders, and manage transactions
Process Payments: Calculate commissions, process payouts, and generate invoices
Manage Orders: Notify you of new orders, returns, and cancellations
Provide Dashboard Access: Enable you to manage products, inventory, and analytics
Customer Support: Respond to inquiries and resolve issues
Platform Improvement: Analyze usage patterns and optimize vendor experience
Compliance and Legal: Maintain tax records, comply with regulations, prevent fraud
Communication: Send order notifications, policy updates, and promotional opportunities
Performance Monitoring: Track seller metrics like delivery time, ratings, and customer satisfaction

3. How We Share Vendor Information

3.1 With Customers

We share limited vendor information with customers:

Shop name and logo
Product listings and descriptions
Seller ratings and reviews
Business address (for pickup orders if applicable)

Note: Personal contact details (email, phone) are NOT shared with customers unless required for order fulfillment.

3.2 With Service Providers

Payment Processors: Razorpay, PayU, or other gateways for commission deductions and payouts
Cloud Services: Firebase, Google Cloud for data storage and authentication
Analytics Providers: Firebase Analytics, Google Analytics for platform insights
Shipping Partners: Courier companies for order fulfillment (if applicable)
Tax Compliance Services: For GST filing and tax reporting

3.3 With Other FlipStore Services

Your vendor data may be accessed by:

FlipStore customer support team to resolve disputes
FlipStore compliance team for fraud prevention and verification
FlipStore finance team for payment processing

3.4 Legal and Regulatory Authorities

We may disclose your information to:

Comply with legal obligations (tax authorities, court orders)
Enforce our Vendor Agreement and policies
Protect rights, property, or safety of FlipStore, customers, or others
Investigate fraud, security breaches, or policy violations

4. Data Security for Vendors

We implement robust security measures to protect your vendor data:

Encryption: SSL/TLS encryption for data in transit, AES encryption for data at rest
Secure Authentication: Firebase Authentication with multi-account support
Access Controls: Role-based access, vendor-specific data isolation
Payment Security: PCI-DSS compliant payment processing
Regular Audits: Security assessments and vulnerability testing
Data Backups: Regular backups stored securely in Firebase/Firestore
Account Security: Password encryption, session management, logout functionality

Vendor Responsibility: You must secure your login credentials, use strong passwords, and not share account access.

5. Vendor Data Rights

As a vendor, you have the following rights:

Access: Request a copy of all data we hold about your vendor account
Correction: Update business information, bank details, and shop settings
Deletion: Request account closure and data deletion (subject to legal retention requirements)
Data Portability: Export your product listings, order history, and analytics
Opt-Out: Unsubscribe from promotional emails (transactional emails will continue)
Object: Object to certain data processing activities
Restrict Processing: Limit how we use your data in specific circumstances

To exercise these rights, contact us at info@itkhidma.com.

6. Data Retention for Vendors

We retain vendor data for the following periods:

Active Accounts: Data retained as long as your account is active
Closed Accounts: Data retained for 90 days after closure for pending orders/disputes
Financial Records: Transaction data retained for 7 years per Indian tax laws
Dispute Records: Retained until dispute resolution and 1 year thereafter
Legal Compliance: Data retained as required by law (GST, Income Tax Act, etc.)

After retention periods expire, data is securely deleted or anonymized.

7. Multi-Account Switching Feature

Our vendor app supports multiple account management:

Vendors can add and switch between multiple shop accounts
Each account's data is stored securely and isolated
Account credentials are encrypted using AES-256
Switching accounts does not share data between shops
Vendors can logout from individual accounts or all accounts at once

8. Product Listings and Customer Data

8.1 Product Information

You own the intellectual property rights to your product images and descriptions
By uploading products, you grant FlipStore a license to display and promote them
Product data is visible to all FlipStore customers

8.2 Customer Data Access

You receive customer shipping addresses to fulfill orders
You must NOT use customer data for purposes other than order fulfillment
You must NOT share customer data with third parties
You must comply with data protection laws when handling customer information

9. Cookies and Tracking

The vendor app uses cookies and tracking technologies for:

Authentication and session management
Remembering dashboard preferences
Analytics and performance monitoring
Security and fraud prevention

You can control cookies through your device settings.

10. Third-Party Integrations

The vendor app integrates with:

Firebase: Authentication, database (Firestore), cloud functions, analytics
Payment Gateways: For commission processing and payouts
Cloud Storage: For product images and documents
Notification Services: FCM (Firebase Cloud Messaging) for push notifications

These third parties have their own privacy policies, which we encourage you to review.

11. Vendor Performance Monitoring

We track vendor performance metrics including:

Order fulfillment rate and delivery time
Customer ratings and reviews
Return and cancellation rates
Response time to customer inquiries
Product quality and compliance

This data is used to maintain marketplace quality and may affect your account status.

12. Compliance and Fraud Prevention

We monitor vendor activities to:

Detect fraudulent listings or transactions
Ensure compliance with product guidelines
Prevent counterfeit or prohibited items
Protect customer safety and rights
Maintain platform integrity

Suspicious activity may result in account suspension or termination.

13. International Data Transfers

Vendor data may be transferred to and processed in countries outside India, including:

Cloud servers operated by Google (Firebase, GCP)
Payment processing services
Analytics and support tools

We ensure appropriate safeguards are in place to protect your data during international transfers.

14. Children's Privacy

The FlipStore Vendor App is intended for business use by individuals 18 years or older. We do not knowingly collect information from minors.

15. Changes to Vendor Privacy Policy

We may update this policy from time to time. We will notify you of changes by:

In-app notification
Email to your registered vendor email
Updating the "Last Updated" date

Continued use after changes constitutes acceptance of the updated policy.

16. GDPR Compliance (For EU Vendors)

If you are located in the European Economic Area (EEA), we process your data based on:

Contract Performance: To enable you to sell on our platform
Consent: For marketing and optional features
Legitimate Interests: Fraud prevention, platform improvement
Legal Obligations: Tax compliance, regulatory requirements

17. Indian Data Protection Laws

We comply with Indian data protection regulations including:

Information Technology Act, 2000
Information Technology (Reasonable Security Practices) Rules, 2011
GST and Income Tax Act data retention requirements

18. Contact Information

For questions, concerns, or requests regarding this Vendor Privacy Policy or your vendor data, please contact us:

Vendor Support Email: info@itkhidma.com

Subject Line: Vendor Privacy Inquiry - [Your Shop Name]

Response Time: We will respond within 48 business hours.

19. Data Protection Officer

For privacy-related inquiries specific to vendor data protection, contact our Data Protection Officer at: info@itkhidma.com

By using the FlipStore Vendor Admin Panel, you acknowledge that you have read and understood this Vendor Privacy Policy and agree to its terms. You also agree to handle customer data responsibly and in compliance with applicable data protection laws.