Legal

Privacy Policy

Effective Date: April 25, 2026

NepaliPay (“we”, “us”, “our”) operates the NepaliPay mobile application and the marketing website at nepalipay.com. This Privacy Policy explains how we collect, use, disclose, and safeguard your information.

1. Information we collect

1.1 Personal information

• Full name and chosen username
• Email address (signup)
• Phone number (SMS one-time-code verification)
• Date of birth (age-gate for cash games — must be 18 or older)
• Profile photo and banner (optional)
• OAuth provider identifier when you sign in with Google or Apple

1.2 Authentication & security

• Hashed account password (bcrypt; we never see your plaintext)
• Hashed 4-digit transaction PIN (bcrypt) used to authorise withdrawals
• Device biometric capability flag (Face ID / Touch ID / fingerprint) — biometric data itself stays on your device and is never transmitted
• TOTP shared secret if you enable two-factor authentication

1.3 Financial information

• Payment card details (collected and tokenised by Stripe; we never see or store the full card number)
• Transaction history and wallet balances (USD, USDC, USDT)
• Stablecoin wallet addresses (via Circle); on-chain transfers are public on the Polygon blockchain by design
• Gift purchases, game stakes and payouts

1.4 Communications & content

• Direct messages and group chat messages — end-to-end encrypted with libsodium nacl.box; we cannot read the plaintext
• Public room messages, posts, comments, reactions, and stories you publish
• Photos, videos, voice recordings, and stickers you upload
• Voice and video calls — peer-to-peer WebRTC with DTLS-SRTP encryption; not recorded or stored on our servers

1.5 Device & usage data

• Device model, OS version, app version and build number
• Push-notification token (Apple APNs / Google FCM via Expo Push)
• Device fingerprint (used for rate-limiting and abuse prevention)
• IP address and approximate (city-level) location for fraud screening, sanctions compliance, and the geo-gate on cash games
• Online / away / busy / offline presence state
• App usage patterns, in-app search queries, screen interactions, and crash reports (via Sentry)

2. How we use your information

• Provide and maintain our services
• Process financial transactions, refunds, and chargebacks
• Verify your identity and prevent fraud and unauthorised access
• Comply with applicable financial-services and AML regulations
• Send transaction notifications, security alerts, and product updates
• Improve product reliability via aggregated, anonymised analytics
• Comply with valid legal and regulatory obligations

3. Data sharing

We share specific data with the following processors and only to the extent each one needs to do its job:

• Stripe — card payments. Receives your card details, email, name, and the deposit amount.
• Circle — USDC custody and on-chain transfers. Receives your wallet address, transfer amounts, and (for higher-value withdrawals) KYC information you submit directly to them.
• SMS provider — receives your phone number to deliver the one-time-code SMS during verification.
• Apple Push Notification service / Google Firebase Cloud Messaging (via Expo Push) — receives your device push token and the notification payload.
• Public blockchain (Polygon) — every USDC transfer to or from an external wallet is permanently recorded on a public ledger by design.
• Sentry — receives anonymised crash logs, performance metrics, and breadcrumbs. PII is scrubbed before transmission.
• OFAC / Chainalysis sanctions lists — destination addresses are screened on every withdrawal; no personal data is sent.
• Law enforcement — only when required by valid legal process.

We never sell your personal data to third parties.

4. Data security

• All data transmitted via TLS 1.2 or higher
• Authentication tokens stored in device secure storage (Keychain / Keystore)
• Row-level security on every database table
• PII scrubbed from error reports and analytics events
• Biometric and two-factor authentication available for account login
• 4-digit transaction PIN required for every external USDC withdrawal
• Sanctions screening on every withdrawal destination address

5. Your rights

Depending on your jurisdiction, you may:

• Access, correct, or delete your personal data
• Export your data in a portable format (in-app: Settings → Privacy → Export my data)
• Withdraw consent for non-essential data processing
• Lodge a complaint with a supervisory authority

Account-level deletion is available in-app: Me → Delete Account. See nepalipay.com/deleteaccount for the full deletion path, retained data, and timelines.

6. Contact

For privacy inquiries, data-subject requests, or to exercise your rights: privacy@nepalipay.com.