Privacy Policy
Effective date: September 4, 2025
Welcome to Gofety (“Gofety”, “we”, “us”, “our”). This Privacy Policy describes how we handle your information when you use our Android/iOS app and website to order vegetables and groceries in Morocco (the “Services”).
Key points for users & Google Play reviewers
- Territory: Gofety operates only in Morocco.
- Location: We use approximate and—if you allow—precise location only while the app is in use to show nearby stores and deliver orders. No background location.
- Ads: We do not show third-party ads and do not sell personal data.
- Account/Data deletion: You can delete your account and request deletion of your data inside the app or via email (see Section 10).
1) Who we are (Controller)
Controller: MAGRIOT SARL, registered in Morocco. Email: contact@magriot.com.
If you are a store or courier using Gofety, this Policy also applies to your personal information processed via the Services.
2) Scope & Territory
This Policy applies to personal information we process in connection with the Services used in Morocco. If you access the app from outside Morocco, processing still occurs primarily in Morocco.
3) Data We Collect
A. You provide
- Account: name, email, phone number, password (hashed), preferred language.
- Delivery details: addresses, delivery notes, contact instructions.
- Orders & support: cart contents, order history, messages with support.
- Payment info: processed by our payment partners; we do not store full card numbers.
- Optional: profile photo; promo/referral codes.
B. Automatically collected
- Location: approximate (IP) and, with permission, precise GPS while app is in use for nearby stores, delivery routing, and ETA.
- Device & usage: device/instance IDs, OS/app version, crash logs, performance data, interactions.
- Transaction metadata: timestamps, totals, payment status.
- Cookies/SDKs: identifiers to keep you signed in and measure reliability.
C. From third parties
- Payments: status and tokens from [e.g., CMI, Stripe, PayPal, local gateway].
- Maps & geocoding: [e.g., Google Maps/Apple Maps/OpenStreetMap].
- Analytics & crash reporting: [e.g., Firebase Analytics/Crashlytics, AppCenter].
- Couriers & partner stores: pickup/delivery status and substitutions.
4) How We Use Data
- Provide, personalize, and operate the Services (accounts, saved addresses, order history).
- Process and deliver orders; coordinate with stores and couriers; provide ETAs.
- Process payments; detect and prevent fraud/abuse.
- Provide support and communicate service messages (order status, policy updates).
- Analyze performance, fix crashes, and improve features.
- Send promotions where permitted or with your consent (you can opt out anytime).
5) Legal Bases (as applicable)
- Contract: to provide and deliver your orders.
- Legitimate interests: operate, secure, improve the Services; prevent fraud (balanced against your rights).
- Consent: precise location, certain analytics/marketing; you can withdraw in settings.
- Legal obligation: invoicing, tax, lawful requests.
6) When We Share Data
- Service providers: hosting, payments, analytics, messaging, maps—under confidentiality and data protection terms.
- Stores & couriers: only what’s needed to prepare and deliver orders (first name, items as needed, delivery address, phone for coordination).
- Compliance & safety: to comply with law, enforce terms, or protect users/public.
- Business transfers: part of a merger/acquisition subject to continued protection.
- At your request: when you connect with third-party services.
Advertising: We do not show third-party ads and do not sell personal data.
7) Data Retention
We keep data only as long as needed to provide the Services and for legitimate purposes (e.g., accounting/tax). Typical periods:
- Account & orders: while account is active and up to [e.g., 5 years] after closure for legal/audit requirements.
- Analytics & crash logs: typically [e.g., 14–24 months].
When no longer needed, we delete or irreversibly anonymize data.
8) Security
We use technical/organizational measures to protect data (encryption in transit, access controls, backups). No method is 100% secure—please protect your login and contact us about any suspected unauthorized access.
9) International Transfers
Your information may be processed outside your location (e.g., by global cloud providers). Where required, we use appropriate safeguards (such as contractual clauses) to protect your data.
10) Your Rights (Morocco – Law 09-08)
Under Moroccan Law 09-08, you may request access, correction, deletion, or objection to processing, subject to legal limitations. You can also withdraw consent where processing relies on consent.
A. How to delete your account & request data deletion
- In-app: Profile → Settings → Privacy → Delete Account. This permanently deletes your account and schedules deletion of associated personal data (subject to legal retention e.g., invoices).
- Or by email: send a request to privacy@gofety.com from your account email with subject “Account Deletion – Gofety”. We will verify your identity and process the request.
For other rights requests, contact privacy@gofety.com. You may also contact the Moroccan data protection authority (CNDP – Commission Nationale de contrôle de la protection des Données à caractère Personnel).
11) Children’s Privacy
Gofety is not directed to children and we do not knowingly collect personal information from children under the age required by local law. If you believe a child has provided information, contact us to delete it.
12) Cookies, SDKs & Permissions
- Essential: authentication, checkout, security.
- Analytics/Performance: crash/usage metrics to improve reliability.
- Permissions:
- Location (While in Use): to show nearby stores and route deliveries. No background location.
- Notifications: order status and delivery updates.
- Camera/Photos (optional): only if you choose features like uploading a delivery note/photo or scanning a promo code.
You can manage permissions in your device settings. Disabling essential permissions may limit core features.
13) Google Play Data Safety Summary
The table below maps our practices to Google Play categories. “Processing” includes collection and use as described in this Policy.
| Category | Data | Purpose | Shared? | Optional? |
|---|
| Location |
Approximate, Precise (while in use) |
Service functionality (nearby stores, delivery routing/ETA) |
To maps/courier partners as needed |
Precise is opt-in |
| Personal info |
Name, phone, email, addresses |
Account, fulfillment, support |
To stores/couriers as needed for delivery |
Required to deliver |
| Financial |
Payment tokens/status (no full card) |
Process payments, prevent fraud |
With payment processors |
Required to pay |
| App activity |
Order history, interactions |
Fulfillment, support, improvements |
No sale of data |
Required to operate |
| Device/other IDs |
Instance/device identifiers |
Security, analytics, crash reporting |
With analytics/crash providers |
Required to operate |
Data sharing: We share only with service providers/partners to operate the Services (e.g., payments, maps, analytics, couriers) under protective contracts. We do not sell personal data.
14) Changes to this Policy
We may update this Policy. We will post the new version and update the effective date. If changes are material, we will notify you via the app or email.