Privacy & Data Policy

1. Information We Collect

1.1 Information You Provide Directly

• Account Information: Full name, email address, phone number, date of birth, profile photo, and password when you register.
• Identification Documents: Government-issued ID, business registration certificates, and tax identification numbers provided during KYC verification (Sellers and Riders).
• Payment Information: Credit/debit card details, bank account numbers, and mobile money identifiers (processed and tokenized by third-party payment processors; WeMall does not retain full card numbers).
• Delivery Information: Shipping and billing addresses, delivery instructions, and contact details for delivery recipients.
• Communications: Messages sent through the in-app chat, customer support tickets, reviews, and survey responses.

1.2 Information Collected Automatically

• Device Information: Device model, operating system, unique device identifier (UDID/IMEI), advertising identifier (IDFA/GAID), browser type, and app version.
• Usage Data: Pages viewed, features used, clicks, search queries, order history, browsing patterns within the app, and session timestamps.
• Network Information: IP address, network operator, connection type (WiFi/4G/5G), and approximate ISP-derived location.
• Transaction Data: Complete purchase history, cart contents, saved item lists, price comparisons, and payment method metadata.
• Crash & Performance Data: App crash logs, performance metrics, and diagnostic information collected via crash reporting SDKs.

2. GPS & Precise Location Tracking

2.1 Buyer Location Data

The WeMall Buyer App requests "While Using" location permission to: provide nearby store and product listings, calculate accurate delivery fees and ETAs, display real-time delivery tracking of your active orders, and improve local search relevance. We do not track Buyer location while the app is in the background unless you have placed an active delivery order.

2.2 Rider Location Data — Background Tracking

The WeFast Rider App requires "Always On" (background) location permission as a condition of platform access. By using the Rider App, the Rider consents to: (a) continuous, real-time GPS coordinate collection even when the app is closed or running in the background; (b) storage of full route and stop data for every completed delivery; (c) use of location data for safety monitoring, earnings calculation, and dispute resolution; and (d) aggregated and anonymized location data being used for route optimization, traffic analysis, and urban logistics planning shared with third parties.

2.3 Seller Location Data

Seller accounts are associated with the physical address of the registered business. If Sellers use the WeMall Seller App's scan or dispatch features, approximate location data may be collected to facilitate seamless pickup coordination with delivery Riders.

3. In-App Chat & Communication Monitoring

3.1 Chat Storage & Audit Rights

WeMall stores all in-app chat messages and their metadata (timestamps, read receipts, deleted messages) indefinitely. WeMall's Trust & Safety team reserves the right to actively monitor and review any in-app conversation at any time and without notice for the following purposes: fraud detection and prevention, abuse and harassment investigation, dispute resolution and evidence collection, compliance with law enforcement requests, and platform policy enforcement.

3.2 AI Content Scanning

WeMall uses automated artificial intelligence tools to analyze chat content in real time for: detection of prohibited item solicitations, off-platform transaction solicitation (which violates Seller policies), hate speech, abusive language, and potential scam patterns. Flagged conversations are escalated to human review. Users should be aware that all communications are subject to this automated scanning.

3.3 Call Recording

For any in-app voice or video calls facilitated by WeMall, both parties are informed and consent to recording of such calls for quality assurance and safety purposes. Recordings may be reviewed in connection with disputes or safety investigations.

4. How We Use Your Personal Data

WeMall uses collected data for the following purposes:

• Service Delivery: Processing orders, facilitating payments, coordinating deliveries, managing accounts, and providing customer support.
• Personalization: Tailoring product recommendations, promotional offers, and search results to your browsing and purchase history.
• Safety & Fraud Prevention: Verifying identities, detecting fraudulent transactions, preventing account compromise, and investigating suspicious activity.
• Legal Compliance: Complying with applicable laws, regulations, court orders, and lawful government requests.
• Analytics & Improvement: Analyzing usage patterns to improve platform performance, user experience, and service offerings.
• Marketing: Sending promotional communications, push notifications, and targeted advertisements (subject to opt-out rights described in Section 7).
• Dispute Resolution: Using transaction history, chat records, and location data to adjudicate disputes between Buyers, Sellers, and Riders.
• Research: Conducting market research, consumer behavior analysis, and platform performance benchmarking using aggregate, anonymized data.

5. Data Sharing & Third-Party Disclosure

5.1 Service Providers

WeMall shares personal data with trusted third-party service providers who assist in delivering the Services, including: cloud infrastructure providers (AWS, Google Cloud), payment processors (Stripe, PayStack), SMS/push notification providers, email service providers, fraud detection services, analytics platforms, and background screening agencies. All service providers are bound by data processing agreements requiring appropriate data protection standards.

5.2 Sellers & Riders

To fulfill orders, WeMall shares Buyer delivery information (name, delivery address, phone number) with the relevant Seller and assigned Rider. Sellers and Riders are prohibited from using such information for any purpose other than order fulfillment and are bound by their respective agreement confidentiality obligations.

5.3 Law Enforcement & Legal Requests

WeMall will disclose personal data to government authorities, law enforcement agencies, courts, or regulatory bodies in response to: lawful subpoenas, court orders, search warrants, regulatory investigations, or when disclosure is required to prevent imminent harm to a person or to protect WeMall's legal rights. WeMall will make reasonable efforts to notify affected users of such disclosures except where prohibited by law or where notification would impede an ongoing investigation.

5.4 Business Transfers

In the event of a merger, acquisition, asset sale, or other business combination involving WeMall, user data may be transferred to the acquiring entity. Users will be notified of any such transfer and provided an opportunity to opt out if data processing will change materially.

5.5 Aggregated & Anonymized Data

WeMall may freely share aggregated, anonymized data (which cannot reasonably be used to identify any individual) with partners, researchers, advertisers, and the public for analytical, commercial, and research purposes without restriction.

6. Cookies, Pixel Tags & Tracking Technologies

WeMall's web platform uses cookies, pixel tags, web beacons, local storage objects, and similar tracking technologies to recognize users, maintain session state, measure advertising effectiveness, and enhance site performance. Cookies are categorized as: (a) Essential Cookies (required for core functionality — cannot be disabled); (b) Analytics Cookies (measure site usage — can be opted out); (c) Marketing Cookies (enable personalized advertising — can be opted out). You may manage cookie preferences through our Cookie Consent Manager or through your browser settings. Disabling essential cookies may render parts of the Platform non-functional.

7. Your Privacy Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Right of Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete data.
• Right to Erasure ("Right to be Forgotten"): Request deletion of your data, subject to legal retention obligations.
• Right to Data Portability: Receive your data in a structured, machine-readable format.
• Right to Object: Object to processing of your data for marketing or profiling purposes.
• Right to Restrict Processing: Request restriction of data processing pending a dispute resolution.
• CCPA Rights (California residents): Right to know, delete, and opt out of the sale of personal information.

To exercise any of these rights, submit a request to privacy@wemall.com. WeMall will respond within 30 days. Note that some rights may be limited by our legal obligations or legitimate interests.

8. Children's Privacy

The WeMall Platform is intended for users aged 18 years and older. We do not knowingly collect personal data from children under the age of 18. If we discover that we have inadvertently collected data from a minor, we will promptly delete such information and terminate the associated account. Parents or guardians who believe their child has provided personal information to WeMall should contact privacy@wemall.com immediately.

9. International Data Transfers

WeMall operates globally. Your personal data may be transferred to, stored, and processed in countries other than your country of residence, including countries that may have different data protection laws than your own (including the United States). Where required, WeMall implements appropriate safeguards such as Standard Contractual Clauses (SCCs), Binding Corporate Rules, or transfers to countries with an adequacy decision from the relevant regulatory authority. By using our Services, you consent to such international data transfers.

10. Data Retention

WeMall retains personal data for as long as necessary to fulfill the purposes outlined in this Policy, comply with legal obligations, resolve disputes, and enforce agreements. Specific retention periods:

• Account Data: Retained for the duration of account activity plus 5 years post-closure for legal and audit purposes.
• Transaction Records: Retained for 7 years for tax and regulatory compliance.
• Chat Logs: Retained for 3 years from the date of last message.
• GPS & Location History (Riders): Retained for 2 years for dispute resolution and safety investigations.
• Marketing Data: Retained until opt-out or 2 years from last interaction, whichever is sooner.

11. Data Security & Breach Liability

11.1 Security Measures

WeMall implements industry-standard technical and organizational security measures including: TLS/SSL encryption for data in transit, AES-256 encryption for sensitive data at rest, role-based access controls, multi-factor authentication for administrative systems, regular penetration testing and security audits, and SOC 2 Type II compliant cloud infrastructure.

11.2 Limitation of Data Breach Liability

11.3 Breach Notification

In the event of a data breach that is likely to result in a high risk to affected individuals, WeMall will notify relevant supervisory authorities within 72 hours of discovery (where legally required) and will notify affected users without undue delay via email or in-app notification, describing the nature of the breach and recommended protective actions.

12. Contact & Data Protection Officer

For all privacy-related inquiries, data subject requests, or complaints regarding WeMall's data processing activities, please contact:

This Policy was last reviewed and updated on June 16, 2026. Changes to this Policy will be effective upon posting. Continued use of the Services after any change constitutes your acceptance.