Last updated: June 11, 2026
Apex Swipe ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and safeguard information when you use the Apex Swipe mobile application ("App"). By using the App you consent to the practices described in this policy.
1. Information We Collect
We collect the following categories of information:
Account Information
- Mobile phone number (required for OTP verification)
- Full name and display name
- Email address (optional)
- Profile photo (optional)
- Bio and location (optional)
Financial Information
- Wallet top-up amounts and transaction history
- Offer history and amounts
- KYC documents for Sellers (as required by Indian law)
- Bank account or UPI details for Seller payouts
Camera, Microphone & Live Streams
- Camera and microphone audio/video, captured only while you host or appear in a live sale stream
- Product photos and videos you upload to listings
Device & Usage Information
- Device type, operating system, and app version
- Device identifiers (used for push notification delivery and fraud prevention)
- IP address and approximate location
- Precise or approximate device location, only if you grant the location permission (used to show nearby live sales)
- Push notification token (if notifications are enabled)
- App usage patterns and session activity (screens viewed, offers placed, follows)
- Crash reports and performance diagnostics (collected via Sentry)
Communications
- Support messages and dispute filings you send to us
- In-app chat and live sale activity logs
2. How We Use Your Information
- Account management: creating, verifying, and maintaining your account.
- Live sale processing: facilitating live sales, offer tracking, and settlement.
- Payment processing: facilitating direct UPI settlement between Buyers and Sellers.
- Shipping: sharing delivery details with Shiprocket to fulfil orders.
- Push notifications: sending order updates, offer alerts, and promotional messages (you may opt out in Settings).
- Fraud prevention: detecting and preventing self-offering, fake accounts, and payment fraud.
- Customer support: responding to your queries and resolving disputes.
- Legal compliance: meeting our obligations under Indian tax law, GST regulations, and KYC requirements.
- App improvement: analysing usage patterns to improve features and performance.
3. Data Sharing
We do not sell your personal information. We share data only in the following circumstances:
Service Providers
- Shiprocket (shipping & logistics): Buyer delivery address and order details.
- Agora (video streaming): user identity tokens and audio/video streams for live sale sessions.
- Firebase (authentication & storage): account authentication and avatar storage.
- Sentry (crash reporting): device information, app version, and crash/performance traces.
Legal Requirements
- We may disclose information when required by law, court order, or government authority.
- We may share information to protect the rights, property, or safety of Apex Swipe, our users, or the public.
Business Transfers
- In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
4. Data Retention
- Account data is retained while your account is active. After closure, we may retain it for up to 90 days for fraud prevention purposes.
- Transaction and financial records are retained for 7 years as required by Indian tax law and GST regulations.
- Audit logs are retained for 2 years.
- Push notification tokens are deleted when you log out or revoke permission.
5. Your Rights (DPDP Act, 2023)
As a Data Principal under the Digital Personal Data Protection Act, 2023 you have the following rights:
- Access & portability (§11): request a machine-readable copy of the personal data we hold about you.
- Correction: request correction of inaccurate or incomplete data.
- Erasure (§12): request deletion of your account and associated data (subject to the retention obligations listed in §4 above).
- Withdraw consent (§6): revoke a previously granted consent at any time — withdrawal does not affect the lawfulness of processing before withdrawal.
- Grievance redressal: lodge a complaint with our Grievance Officer or, failing resolution, with the Data Protection Board of India.
Exercise these rights in-app under Profile > Privacy, or programmatically via our public endpoints:
GET /api/compliance/consents — view your current consent state.POST /api/compliance/consents — grant or withdraw consent per purpose.POST /api/compliance/data-export — download a JSON copy of your data (right to portability).POST /api/compliance/data-deletion — request erasure (right to erasure).
You may also email us at contact@apexswipe.com. We will respond within 30 days.
6. Security Measures
- All data in transit is encrypted using TLS/HTTPS.
- Passwords and sensitive tokens are stored using industry-standard hashing.
- Authentication uses JSON Web Tokens (JWT) with short expiry windows.
- Access to production systems is restricted by role-based access controls.
- Wallet operations use row-level database locking to prevent race conditions and double-spend attacks.
- Suspicious activity is flagged by our multi-layer fraud detection system.
Data Breach Notification
If a personal data breach occurs, we report the incident to the Indian Computer Emergency Response Team (CERT-In) within 6 hours of noticing it, notify the Data Protection Board of India, and inform affected users as required by the DPDP Act, 2023 and the CERT-In Directions, 2022.
7. Cookies & Tracking
- Session tokens: stored securely on your device to keep you logged in.
- Device identifiers: used solely for push notification delivery.
We do not use third-party advertising cookies or cross-app tracking. We do not sell or share data with advertising networks.
8. Children's Privacy
Apex Swipe is intended for users who are 18 years of age or older. We do not knowingly collect personal information from anyone under 18. If you are a parent or guardian and believe your child has registered, please contact us immediately at contact@apexswipe.com.
9. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you via an in-app notification and update the "Last updated" date at the top of this policy.
10. Contact for Privacy Concerns
We aim to respond to all privacy-related enquiries within 30 days.
To delete your account, use Settings > Delete Account in the app, or visit our account deletion page.
Legal Entity
The Apex Swipe platform is owned and operated by:
- Entity name: Apex Swipe Private Limited
- Registered address: Bengaluru, Karnataka, India
- CIN: U47912KA2026PTC218481
- GSTIN: 29ABFCA3056M1CN
- Email: contact@apexswipe.com
Grievance Officer
In accordance with the Consumer Protection (E-Commerce) Rules, 2020, the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, and the Digital Personal Data Protection Act, 2023, the contact details of our Grievance Officer are:
- Name: Teja Char
- Designation: Grievance Officer (IT Rules 2021, E-Commerce Rules 2020 & DPDP Act 2023), Apex Swipe Private Limited
- Email: contact@apexswipe.com
- Address: Apex Swipe Private Limited, Bengaluru, Karnataka, India
Every complaint and abuse report receives a ticket reference on submission. The Grievance Officer acknowledges complaints within 48 hours and resolves them within one month of receipt, as required by law. Consumer grievances may also be escalated to the National Consumer Helpline (1800-11-4000) or the Data Protection Board of India for privacy matters.