Protecting your personal data is a priority for PRIVYA DZ. This policy explains how we collect, use, and protect your information.
PRIVYA DZ, an online private sales platform, is the data controller responsible for processing your personal data. Headquarters: Algiers, Algeria Email: contact@bayya-digital.com
We collect the following categories of data: Identification data: β First and last name β Email address β Phone number β Profile picture (optional) Delivery data: β Postal address β Wilaya and commune β Postal code Order data: β Order history β Chosen payment method β Products viewed and favourites Technical data: β IP address β Device type and operating system β In-app browsing data
Your data is processed for the following purposes: β Managing your user account β Processing and tracking your orders β Delivering ordered products β Sending order-related notifications β Sending commercial notifications (private sales, promotions) β Improving our services and user experience β Fraud prevention and platform security β Compliance with our legal obligations
The processing of your data is based on: β Your consent (registration, notifications) β Performance of the sales contract (orders, delivery) β Our legal obligations (accounting, invoicing) β Our legitimate interest (security, service improvement) In accordance with Law No. 18-07 of 10 June 2018 on the protection of individuals in the processing of personal data, we are committed to protecting your personal information.
Your data may be shared with: Delivery partners: β Carriers for shipping your orders (name, address, phone number) Technical providers: β Supabase (hosting and database, EU servers) β OneSignal (push notifications) β Sentry (technical error monitoring) β PostHog (anonymised usage analytics) Your data is never sold to third parties for advertising purposes.
β Account data: retained as long as your account is active, then 3 years after your last login β Order data: 5 years from the date of purchase (accounting obligations) β Browsing data: 13 months maximum β If you delete your account, your personal data will be erased within 30 days, except for data required by law.
We implement the following technical and organisational measures: β Encrypted communications (HTTPS/TLS) β Role-based access control (Row Level Security) β Secure authentication with JWT tokens β Hashed passwords (bcrypt) β Regular security audits β Hosting on certified infrastructure (SOC 2)
In accordance with Law No. 18-07, you have the following rights: Right of access: obtain confirmation of data processing and receive a copy. Right of rectification: correct inaccurate or incomplete data. Right of erasure: request deletion of your data in cases provided by law. Right to object: object to the processing of your data for marketing purposes. Right to withdraw consent: withdraw your consent at any time for consent-based processing. To exercise your rights, contact us at: contact@bayya-digital.com
The application uses the following technologies: PostHog (usage analytics): β Anonymised collection of in-app interactions β Purpose: improving user experience OneSignal (push notifications): β Device identifier for sending notifications β Purpose: order and promotional notifications Firebase Cloud Messaging: β Delivery of push notifications on Android You can disable push notifications from your device settings.
We reserve the right to modify this privacy policy at any time. Any significant changes will be notified through the application. The last update date is shown at the top of this document.
For any questions regarding your personal data or to exercise your rights: Email: contact@bayya-digital.com Subject: "Data protection β [your request]"