Privacy Policy

Last Updated: February 28, 2025

ShopnoLink ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, services, firmware, and related applications (the "Service"). Please read this policy carefully.

1. Information We Collect

1.1 Information You Provide:

• Account registration data: full name, email address, username, password, address, city, country.
• Router information: router name, model, MAC address.
• Payment information: mobile number, transaction ID, payment method (bKash/Nagad).
• Communications: messages sent through our contact form or support channels.

1.2 Information Collected Automatically:

• Device information: IP address, browser type, operating system, device identifiers.
• Usage data: pages visited, features used, timestamps, session duration.
• Router operational data: heartbeat status, bandwidth usage, connected client MAC addresses and IP addresses, session data.
• Log data: server logs including request URLs, response codes, and timestamps.

1.3 End User Data:

• When End Users connect to hotspots managed by our Service, we collect their device MAC address, IP address, session duration, and bandwidth usage for the purpose of managing network access.
• We do not collect personal identification information from End Users beyond what is technically necessary for hotspot operation.

2. How We Use Your Information

• To provide, maintain, and improve the Service.
• To process your subscription and payments.
• To send you service-related notifications, including firmware updates and system alerts.
• To provide customer support and respond to inquiries.
• To monitor and analyze usage patterns to improve the Service.
• To enforce our Terms & Conditions and protect against unauthorized access.
• To send administrative communications about changes to our Terms or Privacy Policy.
• To comply with legal obligations and law enforcement requests.

3. Information Sharing & Disclosure

We do not sell, rent, or trade your personal information. We may share information in the following circumstances:

• Service Providers: We may share data with third-party service providers who assist us in operating the Service (e.g., cloud hosting, payment processing, notification services such as Telegram).
• Legal Requirements: We may disclose information when required by law, regulation, or legal process.
• Protection of Rights: We may share information to protect our rights, privacy, safety, or property, or that of our users or the public.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.

4. Data Security

We implement industry-standard security measures to protect your data, including:

• Encryption of data in transit using TLS/SSL.
• Hashed and salted password storage using bcrypt.
• JWT-based authentication with token expiration.
• IP-based access controls and device fingerprinting for administrative accounts.
• Regular security monitoring and logging.
• Hardware MAC verification for router authentication.

While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

5. Data Retention

• Account data is retained for as long as your account is active.
• Transaction records are retained for a minimum of 3 years for financial compliance.
• Session and bandwidth data is retained for 90 days and then aggregated or anonymized.
• Used voucher data is automatically purged after 3 days.
• Log data is retained for 30 days.
• Upon account termination, personal data will be deleted within 30 days, except where retention is required by law.

6. Your Rights

You have the following rights regarding your personal data:

• Access: You may request a copy of the personal data we hold about you.
• Correction: You may request correction of inaccurate or incomplete data.
• Deletion: You may request deletion of your personal data, subject to legal retention requirements.
• Portability: You may request your data in a portable, machine-readable format.
• Objection: You may object to certain processing activities.
• Withdrawal of Consent: Where processing is based on consent, you may withdraw consent at any time.

To exercise these rights, please contact us at support@shopnolink.com.

7. Cookies & Local Storage

We use cookies and local storage for:

• Session management and authentication.
• Language preference storage.
• Service functionality and performance.

We do not use cookies for advertising or third-party tracking.

8. Third-Party Services

Our Service may integrate with third-party services including:

• Telegram Bot API: For sending notifications and alerts to administrators.
• Payment Gateways (bKash, Nagad): For processing subscription payments.
• Google Fonts: For typography rendering.

These third parties have their own privacy policies, and we recommend reviewing them.

9. Children's Privacy

The Service is not directed to individuals under 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

10. International Data Transfers

Your data may be processed in countries other than your country of residence. We ensure appropriate safeguards are in place for any cross-border data transfers in compliance with applicable data protection laws.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. Material changes will be communicated via email or platform notification. Continued use of the Service after changes constitutes acceptance.

12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

• Email: support@shopnolink.com
• Website: shopnolink.com