Privacy Policy

The 24by7 Print Promise

What We Collect

We collect the minimum information necessary to provide our printing and delivery service.

We do not collect or store full payment card details. All card processing is handled by our payment provider (Ziina) in compliance with PCI-DSS standards.

How We Use Your Data

We use your information strictly to provide, maintain, and improve our service:

• Processing and fulfilling your print orders
• Coordinating delivery between riders and your location
• Sending order status notifications (printing, ready, on the way, delivered)
• Processing payments and managing your wallet balance
• Responding to your support queries and claims
• Preventing fraud and ensuring platform security
• Complying with UAE legal and regulatory obligations

Your Uploaded Files

This section is particularly important. Here is exactly what happens to your documents:

• Upload: Files are encrypted in transit using TLS and stored securely in our cloud storage (Supabase/AWS)
• Access: Only the assigned printer staff can access your file, for the sole purpose of printing it
• No reading: We do not read, analyse, or process the content of your documents
• No AI training: Your files are never used to train machine learning models
• Deletion: Files are permanently deleted within 24 hours of your order being marked as delivered
• No backups: Once deleted, files cannot be recovered. We do not retain copies.

For guest users, files are temporarily stored under an anonymous session token and migrated to your account (if you sign up) or deleted after order completion.

Data Sharing

We do not sell your personal data. We share information only in the following limited circumstances:

• Riders: Your delivery address, building details, and contact number are shared with the assigned rider solely for delivery purposes
• Printers: Your order specifications and file access are provided to our print staff to fulfil your order
• Payment provider: Transaction data is shared with Ziina for payment processing
• Infrastructure: We use Supabase (database and storage) and Google Maps (delivery routing). These providers operate under their own privacy policies and data processing agreements
• Legal requirements: We may disclose data when required by UAE law, court order, or regulatory authority

All third-party service providers are contractually bound to process your data only for the specified purpose and to maintain appropriate security standards.

Data Retention

• Uploaded files: Deleted within 24 hours of delivery
• Order records: Retained for 3 years for accounting and legal compliance
• Account data: Retained while your account is active; deleted within 30 days of account deletion request
• Payment transactions: Retained for 5 years as required by UAE financial regulations
• Support communications: Retained for 1 year from the date of resolution

Security

We implement industry-standard security measures to protect your data:

• All data transmissions are encrypted using TLS 1.3
• Passwords are hashed using bcrypt — we never store plaintext passwords
• Database access is restricted by role-based access control
• File storage uses time-limited signed URLs — files cannot be accessed without a valid, short-lived token
• We conduct regular security reviews of our systems and code

While we take all reasonable precautions, no system is completely immune to security threats. If you suspect your account has been compromised, please contact us immediately.

Your Rights

Under applicable UAE privacy principles, you have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you
• Correction: Update or correct inaccurate information through the app or by contacting us
• Deletion: Request deletion of your account and associated personal data
• Portability: Request your order history and account data in a structured format
• Opt-out: Withdraw consent for marketing communications at any time

Please note that certain data may need to be retained for legal or accounting compliance even after an account deletion request.

Cookies & Local Storage

We use minimal browser storage to make our app work properly:

• Authentication token: Stored in localStorage to keep you logged in. Cleared on sign-out.
• Session preferences: Alert sound choice, printer location preference — stored in localStorage for convenience. No personal data.
• No tracking cookies: We do not use third-party analytics or advertising cookies
• No cross-site tracking: We do not track you across other websites

Children's Privacy

Our service is not directed at children under the age of 18. We do not knowingly collect personal information from minors. If you believe a child has provided us with personal information, please contact us immediately and we will delete that information.

Changes to This Policy

We may update this Privacy Policy periodically. When we make significant changes, we will notify registered users via the app or email, and update the "Last updated" date at the top of this page.

We encourage you to review this Policy periodically. Continued use of our service after changes are posted constitutes acceptance of the updated Policy.

Contact & Data Controller

24by7 Print Solutions is the data controller for personal information collected through our platform. For any privacy-related questions, requests, or concerns: