Privacy Policy

1.1 Personal Information

• Full name and chosen username
• Email address (signup)
• Phone number (SMS one-time code verification)
• Date of birth (age-gate for cash games — must be 18+)
• Profile photo and banner (optional)
• OAuth provider identifier when you sign in with Google or Apple

1.2 Authentication & Security

• Hashed account password (bcrypt; we never see your plaintext)
• Hashed 4-digit transaction PIN (bcrypt) used to authorise withdrawals
• Device biometric capability flag (Face ID / Touch ID / fingerprint) — biometric data itself stays on your device and is never transmitted
• TOTP shared secret if you enable two-factor authentication

1.3 Financial Information

• Payment card details (collected and tokenised by Stripe; we never see or store the full card number)
• Transaction history and wallet balances (USD, USDC, USDT)
• Stablecoin wallet addresses (via Circle); on-chain transfers are public on the Polygon blockchain by design
• Gift purchases, game stakes and payouts

1.4 Communications & Content

• Direct messages and group chat messages — end-to-end encrypted with libsodium nacl.box; we cannot read the plaintext
• Public room messages, posts, comments, reactions, and stories you publish
• Photos, videos, voice recordings, and stickers you upload
• Voice and video calls — peer-to-peer WebRTC with DTLS-SRTP encryption; not recorded or stored on our servers

1.5 Device & Usage Data

• Device model, OS version, app version and build number
• Push-notification token (Apple APNs / Google FCM via Expo Push)
• Device fingerprint (used for rate-limiting and abuse prevention)
• IP address and approximate (city-level) location for fraud screening, sanctions compliance, and the geo-gate on cash games
• Online / away / busy / offline presence state
• App usage patterns, in-app search queries, screen interactions, and crash reports (via Sentry)

• Provide and maintain our services
• Process financial transactions
• Comply with applicable regulations
• Prevent fraud and unauthorized access
• Send transaction notifications
• Comply with legal and regulatory obligations

We share specific data with the following processors and only to the extent each one needs to do its job:

• Stripe — card payments. Receives your card details, email, name, and the deposit amount.
• Circle — USDC custody and on-chain transfers. Receives your wallet address, transfer amounts, and (for higher-value withdrawals) KYC information you submit directly to them.
• SMS provider — receives your phone number to deliver the one-time-code SMS during verification.
• Apple Push Notification service / Google Firebase Cloud Messaging (via Expo Push) — receives your device push token and the notification payload.
• Public blockchain (Polygon) — every USDC transfer to or from an external wallet is permanently recorded on a public ledger by design.
• Sentry — receives anonymised crash logs, performance metrics, and breadcrumbs. PII is scrubbed before transmission.
• OFAC / Chainalysis sanctions lists — destination addresses are screened on every withdrawal; no personal data is sent.
• Law enforcement — only when required by valid legal process.

We never sell your personal data to third parties.

• All data transmitted via TLS 1.2+
• Authentication tokens stored in device secure storage
• Row-level security on all database tables
• PII scrubbed from error reports
• Biometric and two-factor authentication available

Depending on your jurisdiction, you may:

• Access, correct, or delete your personal data
• Export your data in a portable format
• Withdraw consent for data processing
• Lodge a complaint with a supervisory authority

Contact: privacy@nepalipay.com

For privacy inquiries: privacy@nepalipay.com