Privacy Policy

1. Information We Collect

We collect information that you provide directly to us when you:

• Create an account (name, email address, phone number, WhatsApp number)
• Complete your profile (profile photo, location, service areas, preferred language, household information such as property type and household composition)
• Use our services (booking details, service preferences, addresses, review text and photos)
• Make or receive payments (payment method details processed securely through third-party gateways)
• Communicate through the app (messages, image attachments, reviews, support requests)

For service providers, we additionally collect:

• Government-issued identification documents
• Proof of address documents
• Business registration certificates
• Business contact information (business name, email, phone)

We also automatically collect certain information including:

• Device information (model, operating system, browser)
• Device fingerprint (a hashed identifier for fraud prevention and security)
• Push notification tokens (FCM device identifiers) for delivering real-time notifications
• IP address, usage data, and approximate location
• App interaction data (screen views, search queries, feature usage)

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our services
• Process transactions and send related information
• Connect customers with service providers
• Manage escrow and payment processing
• Send push notifications, booking updates, and promotional messages
• Monitor and analyze trends, usage, and activities
• Detect, investigate, and prevent fraud and abuse
• Comply with legal obligations

3. Payment Data

Fixora processes payments through secure third-party payment gateways including PayNow (EcoCash, OneMoney, bank transfers) and Stripe (card payments). We do not store your full payment card details on our servers or on your device.

Card payment data is never collected on-device — it is processed entirely server-side through Firebase Cloud Functions and Stripe's secure APIs, subject to PCI DSS compliance standards of our payment partners.

For mobile money payments (EcoCash, OneMoney), your phone number is shared with PayNow to initiate the transaction.

Escrow funds are held securely until service completion is confirmed by both parties.

4. Data Sharing

We may share your information with:

• Service providers and customers you interact with on the platform
• Third-party payment processors (PayNow, Stripe) — email and phone number for transaction processing
• Google Firebase services:
  • Authentication (name, email)
  • Analytics (user ID, role, preferred region, usage events, search queries)
  • Crashlytics (crash logs, device information)
  • Performance Monitoring (network traces, screen render times)
  • Cloud Messaging (push notification device tokens)
  • Cloud Storage (profile photos, uploaded documents)
• Law enforcement when required by applicable law

We associate analytics data with your user ID to improve service recommendations and platform experience. We do not sell your personal information to third parties.

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information, including:

• HTTPS encryption for all data in transit
• Firebase Security Rules enforcing least-privilege access
• Role-based access controls (RBAC)
• Encrypted storage for sensitive credentials
• Device fingerprinting (hashed device identifiers) for detecting unauthorized access and new device logins
• Regular security audits and monitoring
• Fraud detection and prevention systems

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Deleted accounts are soft-deleted and personal data is anonymized within 30 days, with financial records retained as required by law.

7. Your Rights

You have the right to:

• Access your personal data through your profile settings
• Correct inaccurate information in your profile
• Delete your account and associated data
• Opt out of promotional communications
• Request a copy of your data

To exercise these rights, use the in-app settings or contact us at contact@novenex.tech.

8. Account Deletion

You can delete your account at any time through the Settings screen in the app. When you delete your account:

• Your profile information is removed
• Active bookings must be completed or cancelled first
• Payment history is retained for legal/financial compliance
• Reviews you have written may be anonymized
• This action is permanent and cannot be undone

9. Children's Privacy

Our service is not directed to children under the age of 18. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will take steps to delete such information.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us:

• Email: contact@novenex.tech
• Company: Novenex (Private) Limited
• Location: Bulawayo, Zimbabwe
• Region: Matabeleland