Privacy Policy
Fimimall Inc.**
Last Updated: Dec 30, 2025
Fimimall Inc. (“Fimimall,” “we,” “us,” or “our”) operates a multi-service commerce platform consisting of the FimiMALL App (For Shopper), FimiDriver (Delivery App for Drivers), FimiStore (Retailer Portal for orders), and websites including fimimall.com and fimistore.com (collectively, the “Services”).
This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use any of our Services. By accessing or using our Services, you agree to the practices described in this Privacy Policy.
We comply with PIPEDA (Canada), Ontario privacy laws, the GDPR (EU/EEA), and the CCPA/CPRA (California).
1. Information We Collect
We collect the following categories of personal and non-personal information.
1.1 Information You Provide to Us
- Account Data: Name, email address, phone number, password.
- Profile Details: Address, birthday, delivery instructions.
- Business Information (Retailers): Business name, corporate information, banking information (processed by Stripe), store images, product listings.
- Payment Information: Card details for customers and banking details for drivers/retailers are sent directly to Stripe. We never store full payment or banking information on our servers.
- Uploaded Content: Images of apparel, shoes, clothing, and fashion items.
1.2 Information Collected Automatically
We use cookies, localStorage, and similar technologies to collect:
- Device information (browser type, OS, model, hardware identifiers)
- IP address
- App usage activity
- Session data
- Authentication tokens
- Preferences
- Crash and performance data (via Firebase Crashlytics)
- Analytics related to feature usage
1.3 Future Location Data (Driver App)
The Driver App will collect location data in the future, but only when:
- The driver is actively on an order or
- Location tracking is required to complete deliveries.
We will update this section before launching the location feature and notify driver users as required by law.
1.4 Information from Third-Party Login (Future Feature)
If you choose to sign in using Google, Apple, or other social providers in the future, we may receive:
- Name
- Email address
- Profile picture
- User ID provided by the platform
We will not access any additional information unless you give us explicit permission.
2. How We Use Your Information
We use personal information to:
- Create and manage user accounts
- Provide marketplace features (browse, purchase, deliver, sell)
- Process payments and payouts (via Stripe)
- Enable driver-related features
- Prevent fraud, abuse, and security threats
- Improve and troubleshoot our Services (using Firebase Crashlytics)
- Send transactional emails and notifications
- Personalize user experience
- Comply with legal and regulatory requirements
3. How We Share Your Information
We may share information with:
3.1 Service Providers
- Stripe for payment processing
- Firebase Crashlytics for diagnostics
- Hosting providers (e.g., AWS, GCP)
- Email and notification services
All service providers are contractually required to protect your information.
3.2 Retailers
Customer delivery information (name, address, order details) is shared with retailers to prepare orders.
3.3 Drivers
Customer delivery information (address, delivery instructions, name) is shared with drivers to complete deliveries.
3.4 Legal & Compliance
We may disclose information to authorities if required by law, court order, or to protect our legal rights.
4. Cookies, LocalStorage & Tracking Technologies
We use:
- Cookies
- LocalStorage
- SessionStorage
- Web beacons
- Analytics tools
- Firebase Crashlytics
You may disable cookies through your browser, but certain features may not work.
5. Data Retention
We retain information only as long as necessary for:
- Operating the Services
- Fulfilling legal obligations
- Resolving disputes
- Enforcing agreements
Users may request deletion at any time (see Section 9).
6. Security
We use administrative, technical, and physical safeguards to protect your data, including:
- Encryption in transit (HTTPS)
- Firewalls
- Access controls
- Secure authentication
- Stripe-certified PCI-compliant payment handling
While we use industry-standard protections, no system is perfectly secure.
7. International Transfers
Your data may be stored or processed in Canada, the United States, or other jurisdictions. We ensure compliance with GDPR requirements for international data transfers.
8. Children’s Privacy
Our Services are not directed to individuals under 13 years old. We do not knowingly collect children’s data. If we discover that we have collected such information, we will delete it promptly.
9. Your Rights
9.1 Canada (PIPEDA) Rights
You may:
- Access your personal information
- Request corrections
- Withdraw consent
- Request deletion of your data
9.2 GDPR (EU/EEA) Rights
You have the right to:
- Access, rectify, or erase your data
- Restrict or object to processing
- Data portability
- Withdraw consent
- Lodge complaints with your local Data Protection Authority
9.3 California (CCPA/CPRA) Rights
California residents may:
- Request what personal information we have collected
- Request deletion
- Opt-out of “sale” or “sharing” (Fimimall does not sell personal data)
- Request correction
- Access information twice per 12-month period
We will not discriminate against users who exercise their rights.
10. Data Shared With Stripe
Stripe stores and processes:
- Credit/debit card information
- Bank account information for payouts
- Billing addresses
- Transaction history
Stripe is PCI-DSS compliant.
See Stripe’s privacy policy: https://stripe.com/privacy
11. Changes to This Privacy Policy
We may update this policy as our Services evolve. When we make material changes, we will notify users by:
- Email,
- App notifications, or
- Banner notices on our website.
12. Contact Us
If you have questions, requests, or concerns regarding this Privacy Policy, you may contact us at:
Fimimall Inc.
Email: support@fimimall.com
Website: https://fimimall.com