1. Introduction

Welcome to Ebibaaha operated by Bihe Wari Pvt. LTD ("we," "us," "our"). We are committed to protecting your privacy and ensuring that your personal information is handled in a safe and responsible manner. This Privacy Policy outlines how we collect, use, share, and protect your personal information when you use our App.

2. Information We Collect

2.1 Personal Information

When you register for and use the App, we may collect the following personal information:

• Name, age, gender, marital status, and caste (if applicable).
• Email address, phone number, and address.
• Information you provide about yourself, including preferences, interests, photos, and other details relevant to matchmaking.
• Information about how you use the App, including access logs, interactions with other users, and preferences.
• We request camera access for users to upload profile pictures, conduct identity verification, and enable video-based interactions (if applicable). Camera access is strictly for user-initiated actions, and no background recording is performed.
• Payment information if you purchase any services through the App.

2.2 Non-Personal Information

We may also collect non-personal information that does not identify you individually, such as:

• Information about your mobile device, including IP address, operating system, and browser type.

• Approximate location data derived from your IP address or device settings.

3. How We Use Your Information

We use your information for the following purposes:

• To create and manage your user account.

• To provide personalized matchmaking services based on your preferences.

• To communicate with you about your account, matches, and promotional offers.

• To provide assistance and respond to your inquiries.

• To analyze usage patterns and improve the App's functionality and user experience.

• To comply with legal obligations, such as record-keeping and reporting requirements.

4. Sharing Your Information

We may share your personal information with third parties in the following circumstances:

• We may share your information with third-party service providers who assist us in operating the App, such as payment processors, cloud storage providers, and customer support.

• We may disclose your information if required by law, court order, or government regulations.

• In the event of a merger, acquisition, or sale of all or part of our business, your information may be transferred to the new owner.

5. Security Measures

5.1 Data Encryption

• All data transmitted between the App and our servers is encrypted using industry-standard encryption protocols to protect against interception by unauthorized parties.

• Sensitive data stored on our servers is encrypted using strong encryption algorithms to protect against unauthorized access, even in the event of a physical breach.

5.2 Access Control

• Users must create strong passwords during account registration for proper protection of the account. 

• Access to sensitive data within our organization is restricted to authorized personnel based on their roles and responsibilities. Regular reviews of access rights are conducted to ensure compliance.

5.3 Data Minimization and Anonymization

• We collect only the minimum amount of personal information necessary to provide our services. Unnecessary data is not collected, stored, or processed.

• Where possible, we anonymize personal data to prevent identification of individuals, especially in the context of data analysis and reporting.

5.4 Regular Security Audits and Monitoring

• Regular security audits are conducted to identify and address potential vulnerabilities in our systems and processes. These audits include penetration testing, code reviews, and system architecture assessments.

• We continuously monitor our systems for unusual activity or potential security threats. Logs are maintained and reviewed to detect and respond to incidents promptly.

5.5 Data Backup and Recovery

• We perform regular backups of critical data to ensure data integrity and availability in the event of a system failure, data corruption, or other incidents.

• We have a disaster recovery plan in place to ensure the continuity of services and the protection of user data in case of a significant incident. Regular testing of this plan is conducted to ensure its effectiveness.

5.6 Incident Response

• We have procedures in place for detecting, reporting, and responding to security incidents. Any breaches or suspected breaches are investigated promptly, and affected users are notified in compliance with applicable laws.

• In the event of a security breach, we take immediate steps to mitigate the impact, including isolating affected systems, conducting a thorough investigation, and implementing corrective measures.

5.7 Employee Training and Awareness

• All employees receive regular training on data security best practices, phishing prevention, and how to handle personal data securely.

• Employees with access to sensitive data are required to sign confidentiality agreements and are subject to regular compliance checks.

6. Third-Party Security

6.1 Third-Party Service Providers

• We conduct thorough security assessments of third-party service providers who have access to our users' data, ensuring they adhere to high-security standards.

• We ensure that any data shared with third-party service providers is encrypted and only shared with those who require access to perform specific services on our behalf.

7. Camera Permissions & Data Usage

Our app requires camera permissions for the following purposes:

• Profile Picture Uploads: Users can take and upload their photos to improve matchmaking accuracy.
• Identity Verification: To ensure authenticity, users may be asked to submit a live photo or ID scan.
• Video Interactions (if applicable): Users may engage in video communication with verified matches.

Camera access is strictly user-controlled, and the app does not record, store, or use camera data without explicit consent. Users can disable camera access via device settings.

8. User Responsibilities

8.1 Account Security

• Users are responsible for creating and maintaining strong, unique passwords for their accounts. We recommend using a combination of letters, numbers, and special characters.

• Users should monitor their accounts for any suspicious activity and notify us immediately if they suspect unauthorized access.

8.2 Reporting Vulnerabilities

• We encourage users and third parties to report any security vulnerabilities they discover. Reports can be sent to info@ebibaaha.com. We are committed to addressing reported vulnerabilities promptly and transparently.

9. Compliance with Local Laws

We comply with all applicable data protection and privacy laws in Nepal, including the Electronic Transaction Act (ETA) and any other relevant regulations. Our security practices are designed to meet or exceed the requirements of these laws.

10. Data Security

We take the security of your personal information seriously and implement appropriate technical and organizational measures to protect it from unauthorized access, alteration, disclosure, or destruction. However, please note that no method of transmission over the internet or electronic storage is 100% secure.

11. Your Rights

You have the following rights regarding your personal information:

• You can request a copy of the personal information we hold about you.

• You can request correction of inaccurate or incomplete information.

• You can request the deletion of your personal information, subject to certain exceptions.

• If you have provided consent for the processing of your personal information, you can withdraw that consent at any time.

12. Data Retention

We will retain your personal information for as long as necessary to fulfill the purposes for which it was collected and to comply with legal obligations. If you request the deletion of your data, we will delete it in accordance with our data retention policy and applicable laws.

13. Children's Privacy

The App is not intended for children under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that a child under 18 has provided us with personal information, we will take steps to delete such information.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any significant changes by posting the new policy on this page and updating the "Last Updated" date.

15. Contact Us

If you have any questions or concerns about this Privacy Policy or how we handle your personal information, please contact us at info@ebibaaha.com