This Privacy Policy explains how Rizq collects, uses, shares, and protects personal data when you use our Android and iOS apps and related services. "Rizq", "we", "us", and "our" refer to the Rizq mobile application, website, and related grocery delivery services. Rizq is currently operated as an independent service. By using Rizq, you acknowledge this Privacy Policy. If you do not agree, please do not use the App.
1. Who We Are
Rizq is a quick-commerce grocery delivery platform operating in Egypt. We connect customers with supermarkets and stores to enable fast home delivery of groceries and everyday essentials.
For any privacy-related questions, contact us at: [email protected]
2. Information We Collect
We may collect the following categories of information:
| Category | Examples |
|---|---|
| Account and identity data | First name (optional), phone number |
| Authentication data | OTP verification status, session tokens stored securely on your device |
| Delivery data | Saved addresses (including map coordinates and delivery notes), location if permitted |
| Order and commerce data | Cart contents, order history, transaction status, item prices at time of order |
| Payment-related data | Payment method selection, payment status, transaction references |
| Device and technical data | Device model, OS version, app version, push notification token, network signals |
| Usage analytics | Screens viewed, actions taken, feature usage events (via Firebase Analytics) |
| Support data | Messages or complaints you send to us via WhatsApp or other channels |
We do not collect your email address, full legal name, or any social profile data as part of account registration or normal app use.
We collect information directly from you, from your device and app activity, and from third-party services involved in payments, mapping, analytics, and notifications.
3. How We Use Information
We use data to:
- Create and manage your account
- Verify your identity via phone number and OTP during login
- Process orders and coordinate delivery
- Provide order status updates via push notifications
- Determine nearby stores and delivery service areas based on your location
- Capture and store delivery addresses including geographic coordinates
- Manage payments and prevent fraud
- Improve app performance, reliability, and user experience
- Analyze app usage for product and business decisions (via Firebase Analytics)
- Comply with legal obligations and enforce our Terms
4. Legal Basis / Consent
Depending on your jurisdiction and applicable law, we process personal data based on one or more of the following:
- Performance of a contract (providing the service you request)
- Legitimate interests (service improvement, security, fraud prevention)
- Compliance with legal obligations
- Your consent (for example, optional permissions like precise location or marketing notifications where required)
You may withdraw permissions or certain consents in device/app settings, but some features may not function properly.
5. Location Data
If you grant location permission, we use your device location to:
- Show nearby stores and check whether delivery is available in your area
- Apply distance-based logic and warnings for stores that are far from your location
- Pre-fill or assist with address capture using the map address picker
- Perform reverse geocoding to convert coordinates into a readable address
Location access is optional. If you deny location permission, the App may fall back to a default location (Cairo) for store discovery purposes. You can still manually enter or select a delivery address at any time. You can manage location permissions in your device settings.
6. OTP Verification and Communications
We verify your identity using a one-time password (OTP) sent via SMS to the phone number you provide. We do not use WhatsApp for authentication purposes.
WhatsApp may be available as a customer support channel through which you can contact us, but it is not used for login or account verification.
We also send you:
- Push notifications for order status updates (via Firebase Cloud Messaging)
- In-app notifications for service messages
You can manage push notification preferences in your device settings at any time. Message and data rates from your telecom provider may apply to SMS messages.
7. Payments
The primary payment method currently available is Cash on Delivery. InstaPay may be shown in the payment interface as an option grouped with cash payment.
Online card payment may be introduced in a future update. At that time, payment processing will be handled by a third-party payment provider. We do not store full card numbers, CVV, or sensitive payment credentials on our systems.
The in-app wallet feature is not currently active for checkout.
9. Third-Party Services
The App currently integrates the following third-party services:
| Service | Purpose |
|---|---|
| Firebase Analytics (Google) | App usage analytics and event tracking |
| Firebase Cloud Messaging (Google) | Push notifications for order updates |
| Google Maps SDK | Map display, address picker, distance calculation |
| Geolocator / Geocoding | Device location access and reverse geocoding |
| Flutter Secure Storage | Secure on-device storage of authentication tokens |
| Shared Preferences | Non-sensitive local app state storage |
| WebView | In-app web content display (e.g. payment redirects) |
Each of these services may process data according to their own privacy policies. We recommend reviewing the relevant policies, particularly those of Google, for services that involve usage analytics and location data.
10. Data Retention
We retain personal data only as long as necessary for:
- Service delivery and account management
- Legal, accounting, tax, fraud prevention, and dispute requirements
- Internal analytics and security purposes within reasonable limits
Retention periods may differ by data type and legal obligation.
11. Data Security
We implement technical and organizational safeguards designed to protect personal data, including:
- HTTPS/TLS encryption for all data transmitted between the App and our servers
- Secure on-device storage of authentication tokens (Flutter Secure Storage)
- Access controls and role-based permissions on backend systems
- Regular security reviews and least-privilege principles
No method of transmission or storage is completely secure. We work to protect your data but cannot guarantee absolute security.
12. International Transfers
Your data may be processed in countries other than your own, including where our vendors host systems. Where required, we apply appropriate safeguards and contractual protections for cross-border transfers.
13. Your Rights
Depending on applicable law, you may have rights to:
- Access your personal data
- Correct inaccurate data
- Request deletion
- Object to or restrict certain processing
- Withdraw consent where processing is consent-based
- Request a copy/portability of certain data
To submit a request, contact [email protected]. We may need to verify your identity before processing requests.
14. Account Deletion
You can delete your account directly from within the App: Account screen → Delete Account
When you initiate deletion:
- Your push notification token is revoked
- Your account and associated personal data are deleted or anonymized on our servers
- Your locally stored authentication tokens are cleared
- You are signed out and returned to the login screen
On valid deletion, we will delete or anonymize your personal data unless retention is required by law, fraud prevention, security, unresolved disputes, or legitimate operational needs.
You may also request deletion by emailing [email protected].
15. Permissions We Request
Android
- ACCESS_FINE_LOCATION / ACCESS_COARSE_LOCATION — to detect nearby stores and assist with address capture
- POST_NOTIFICATIONS — to send order status updates via push notification
- INTERNET — required for all App functionality
iOS
- Location usage permission — for nearby store discovery and address picking
- Notification permission — for order status updates
We do not request access to your camera, photos, microphone, or contacts. Location and notification permissions are optional; you can deny or revoke them in your device settings at any time, though some features may be limited.
16. Children's Privacy
Rizq is not intended for children under the age required by applicable local law to provide valid consent independently. We do not knowingly collect personal data from children in violation of applicable law.
If you believe a child provided personal data improperly, contact us at [email protected] so we can review and take appropriate action.
17. Compliance With Local Laws
Rizq operates primarily for users in Egypt. Local laws in other jurisdictions may also apply depending on where you use the App. Where mandatory local consumer or data protection rules apply, those rules will prevail over conflicting terms in this Policy.
18. Changes to This Privacy Policy
We may update this Privacy Policy periodically. Updates will be posted at quickrizq.com/privacy and/or in the App with a revised "Last Updated" date. Continued use after the effective date means you accept the updated version.
19. Contact Us
For privacy questions, complaints, or rights requests:
- Email: [email protected]
- Website: quickrizq.com
Also see our Terms & Conditions.