Privacy Policy

Last Updated: February 12, 2026

This Privacy Policy explains how DOTKO ("Company", "we", "our", "us") collects, uses, stores, protects, and shares personal information of users ("User", "you", "your") who access or use our mobile application, website, platform, or services ("Platform"). We are committed to protecting your privacy and ensuring transparency about our data practices.

                By using the Platform, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree, please discontinue use of our services.
            

1. Information We Collect

We collect various types of information to provide and improve our services:

Personal Identification Information

Full name and business name
Email address
Mobile/WhatsApp number
Business GST number (GSTIN)
PAN card details
Udyam registration number
Business address and pin code
Account login credentials (encrypted)

Business Verification Documents

GST certificate
PAN card copy
Udyam certificate
Factory/Shop license
Company incorporation certificate
Invoice copies and delivery proofs
Signed documents and acknowledgments
Communication proofs (WhatsApp/Email screenshots)
Photos captured via camera for document verification

Note: All documents are encrypted and stored securely on Firebase Cloud Storage.

Transaction & Report Data

Customer/supplier business details
Invoice numbers and dates
Transaction amounts and payment details
Business relationship duration
Customer ratings and reviews
Report status and resolution history
Communication records between parties

Device & Technical Information

Device model, manufacturer, and operating system
IP address and geolocation data
App version and SDK version
Push notification tokens (FCM/Expo)
Camera and photo library access permissions
Network connectivity status
App usage analytics and crash reports (via Firebase Crashlytics)

Analytics & Performance Data

Screen views and navigation patterns
Feature usage statistics
App performance metrics
Error logs and crash reports
Session duration and frequency

2. How We Use Your Information

We use the collected information for the following purposes:

Account Management: Create, maintain, and secure your user account
Identity Verification: Verify business authenticity using GST, PAN, and other documents
Trust Score Calculation: Calculate and update your DOTKO Trust Score based on verification status and activity
Report Processing: Enable filing, viewing, and managing reports against customers
Dispute Resolution: Facilitate communication and resolution between suppliers and customers
Notifications: Send push notifications about report updates, appeals, and resolutions
Platform Security: Prevent fraud, abuse, and unauthorized access
Analytics & Improvement: Analyze usage patterns to improve features and user experience
Crash Reporting: Monitor and fix technical issues to ensure app stability
Customer Support: Respond to inquiries and provide technical assistance
Legal Compliance: Comply with applicable laws, regulations, and legal processes

3. Data Storage & Security

We implement industry-standard security measures to protect your data:

Our Security Measures

Firebase Cloud Infrastructure: All data is stored on Google Firebase's secure cloud servers
Encryption: Data is encrypted in transit (HTTPS/TLS) and at rest
Access Controls: Strict role-based access controls limit data access to authorized personnel
Authentication: Secure Firebase Authentication with encrypted passwords
Document Security: All uploaded documents are private and only accessible to involved parties
Regular Monitoring: Continuous security monitoring via Firebase Crashlytics and App Distribution
Backup & Recovery: Regular automated backups to prevent data loss

Important Security Notice While we implement robust security measures, no system is 100% secure. We cannot guarantee absolute protection against unauthorized access, data breaches, or cyber attacks. You are responsible for maintaining the confidentiality of your login credentials.

4. Sharing of Information

We DO NOT sell your personal data to third parties.

We may share your information only in the following circumstances:

Between Involved Parties: Report details are shared between suppliers and customers involved in a dispute
Service Providers: Google Firebase (hosting, storage, analytics), Expo (push notifications), payment gateways
Legal Authorities: When required by law, court orders, or to protect our legal rights
Business Transfers: In case of merger, acquisition, or sale of business assets
With Your Consent: Any other sharing will be done only with your explicit consent

5. Data Retention

We retain your data for different periods depending on its purpose:

Account Data: Retained until you request account deletion
Reports & Documents: Retained for 7 years to comply with business record-keeping requirements
Analytics Data: Anonymized and retained for up to 26 months
Crash Logs: Retained for 90 days for debugging purposes

6. Your Rights & Choices

You have the following rights regarding your personal data:

Access: Request a copy of your personal data
Correction: Update or correct inaccurate information
Deletion: Request deletion of your account and data (subject to legal obligations)
Data Portability: Export your data in a structured format
Withdraw Consent: Opt-out of non-essential data collection
Restrict Processing: Limit how we use your data
Object: Object to certain processing activities
Push Notifications: Disable notifications in app settings

To exercise any of these rights, please contact us using the details below.

7. Cookies & Tracking Technologies

Our mobile app does not use cookies. However, we use the following tracking technologies:

Google Analytics for Firebase: Track app usage and user behavior
Firebase Crashlytics: Monitor crashes and errors
Expo Push Tokens: Enable push notifications
AsyncStorage: Store app preferences locally on your device

You can limit tracking by disabling analytics in your app settings (if available) or using device-level privacy controls.

8. Third-Party Services

Our Platform integrates with the following third-party services:

Google Firebase: Cloud storage, authentication, database, analytics, and crash reporting
Expo: Push notifications and app updates
Google Play Services: App distribution and in-app updates
WhatsApp Business API: Send transactional notifications

These services have their own privacy policies. We recommend reviewing them.

9. Children's Privacy

DOTKO is a business-to-business (B2B) platform and is not intended for individuals under 18 years of age. We do not knowingly collect personal data from minors. If you believe we have inadvertently collected data from a minor, please contact us immediately.

10. International Data Transfers

Your data may be transferred to and processed in countries outside India, including the United States (where Firebase servers are located). We ensure that appropriate safeguards are in place to protect your data during such transfers.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations. We will notify you of significant changes through:

In-app notifications
Email notifications (to registered email addresses)
Updated "Last Modified" date at the top of this policy

Continued use of the Platform after changes constitutes acceptance of the revised Policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Get in Touch

support@dotko.in We respond within 48 hours

Company

DOTKO A platform for business trust and transparency

Location

Bangalore, Karnataka, India Registered business entity

Your privacy and trust are paramount to us. We are committed to protecting your personal information, being transparent about our data practices, and giving you control over your data. DOTKO is built on the foundation of trust, transparency, and security.