Vendor Privacy Policy

JAvia ("we," "us," or "our") is committed to the responsible and transparent handling of all data collected from vendors ("you" or "your") who use the Jayple Vendor application and related services (the "Vendor Platform").

This Vendor Privacy Policy explains what data we collect from you as a registered vendor, how we use it to operate and improve the Vendor Platform, and the safeguards we have in place to protect your information. This policy applies in addition to JAvia's general Privacy Policy and, in case of any conflict specific to vendor data, this Vendor Privacy Policy shall prevail.

By registering as a vendor and using the Jayple Vendor Platform, you consent to the data practices described herein. If you do not agree with this policy, you should not register as a vendor or use the Vendor Platform.

Business Information

• Legal business name, trading name, registered address, and type of business entity.
• GSTIN, PAN, and other applicable tax identification numbers.
• Business registration certificates, trade licenses, and FSSAI license (if applicable).
• Authorized representative's name, designation, and contact information.

Financial Data

• Bank account details (account number, IFSC code, and bank name) for payout processing.
• Transaction history, commission records, and payout statements.
• Any TDS-related documentation as required by Indian tax law.

Product & Operational Data

• Product listings, descriptions, pricing, images, and inventory data.
• Order data, fulfilment records, and customer interaction logs within the platform.
• Vendor performance metrics, including order acceptance rates, cancellation rates, and customer ratings.

Device & Usage Data

• Device identifiers, operating system, and application version.
• App usage patterns, feature interactions, and session data.
• IP address and approximate geographic location of platform access.

We use the data collected from vendors for the following purposes:

• To onboard, verify, and maintain your vendor account on the Jayple platform.
• To display your product and service listings to customers on the Jayple consumer app.
• To process order transactions, calculate platform commissions, and facilitate payout disbursements to your bank account.
• To fulfill tax obligations, including generation of TDS certificates and compliance with applicable GST reporting requirements.
• To provide vendor support, including resolution of order disputes and technical assistance.
• To monitor and enforce compliance with JAvia's Vendor Terms & Conditions and applicable laws.
• To analyze platform performance, vendor metrics, and marketplace trends to improve our services.
• To send operational communications, including order notifications, payout confirmations, and policy updates.
• To detect and prevent fraud, money laundering, and other unlawful activities on the platform.

We do not sell your business data or personal information to third parties for marketing or commercial purposes.

We may share your vendor data with the following categories of third parties:

• Customers: Your business name, store description, product listings, and aggregate ratings are visible to customers on the Jayple consumer app.
• Payment Processors: Your bank account details are shared with our payment processing partners solely for the purpose of facilitating payout disbursements.
• Logistics Partners: Order and delivery details may be shared with logistics service providers for the purpose of facilitating delivery of your products to customers.
• Tax Authorities: We may share transaction data and tax-related information with the Income Tax Department of India, GST authorities, or other regulatory bodies as required by applicable law.
• Legal and Regulatory Authorities: We may disclose vendor data to law enforcement agencies or courts in response to valid legal process or court orders.
• Professional Advisors: Our legal counsel, auditors, and accountants may have access to vendor data to the extent necessary to provide their professional services to JAvia.

All third-party service providers are bound by confidentiality obligations and data processing agreements and are prohibited from using your data for any purpose beyond what is required to provide their services to JAvia.

We implement industry-standard technical and organizational security measures to protect your vendor data, with particular attention to the sensitivity of financial and business information:

• All data transmitted between your device and our servers is encrypted using TLS 1.2 or higher.
• Bank account details and financial data are stored in encrypted form using AES-256 encryption and are accessible only to authorized payment processing systems.
• Access to vendor data within JAvia is strictly controlled on a need-to-know basis through role-based access controls and audit logging.
• We conduct regular security assessments and penetration testing of our systems.
• Our servers are hosted in secure, ISO 27001-certified data centers.

Despite our best efforts, no data transmission or storage system can be guaranteed to be 100% secure. In the event of a data breach that affects your vendor data, we will notify you and relevant regulatory authorities as required by applicable law.

We retain your vendor data for as long as your vendor account is active and for a period thereafter as required for legal, tax, and regulatory compliance purposes. Specifically:

• Account & Business Data: Retained for the duration of your vendor relationship with JAvia and for 7 years following account closure, as required by Indian accounting and tax laws.
• Transaction & Financial Records: Retained for a minimum of 8 years to comply with GST record-keeping requirements and other applicable financial regulations.
• Operational Data: Order and fulfilment data is retained for 3 years following the completion of each transaction.
• Compliance Records: Documentation related to vendor verification, KYC, and compliance investigations may be retained indefinitely where required by law.

Upon the expiry of applicable retention periods, your data will be securely deleted or anonymized.

Subject to applicable legal and regulatory limitations, you have the following rights with respect to your vendor data:

• Right to Access: You may request a summary of the personal and business data we hold about you and your vendor account.
• Right to Correction: You may update or correct your business information directly within the Vendor application or by contacting our support team.
• Right to Deletion: You may request deletion of your vendor account and associated data. Please note that certain data may be retained as required by applicable law.
• Right to Data Portability: You may request an export of your transaction history and earnings data in a machine-readable format.
• Right to Withdraw Consent: Where our processing of your data is based on consent, you may withdraw that consent at any time, subject to any contractual obligations.

To exercise any of these rights, please contact us at legal@javia.in. We will respond to all verified data rights requests within 30 days.

The Jayple Vendor application uses cookies and similar technologies to maintain your session, remember your preferences, and improve platform performance. The cookies used include:

• Session Cookies: Required to keep you authenticated while using the Vendor Platform. These expire when you close the application.
• Persistent Cookies: Used to remember your settings and preferences across sessions, such as your preferred language and notification settings.
• Analytics Cookies: Used to collect anonymous information about how vendors interact with the platform to help us identify areas for improvement.

You can control cookie settings through your device settings. Disabling essential session cookies will prevent you from using the Vendor Platform.

We may update this Vendor Privacy Policy from time to time to reflect changes in our data practices, technology, or applicable legal requirements. When we make material changes to this policy, we will:

• Update the "Last Updated" date at the top of this page.
• Provide notification through the Jayple Vendor application.
• Send an email notification to your registered business email address where material changes to data processing are involved.

Your continued use of the Vendor Platform after any such updates constitutes your acceptance of the revised policy. We recommend reviewing this policy periodically to stay informed of how we protect your data.