Privacy Policy

1. Introduction

ServHub ("we," "our," "us," or the "Platform") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and related services (collectively, the "Services").

Please read this Privacy Policy carefully. By using our Services, you consent to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide

Account Information:

• Name (first and last)
• Email address
• Phone number
• Profile photo (optional)
• Password (stored securely using industry-standard hashing)

For Service Vendors (additional):

• Business name and description
• Service categories and offerings
• Business address and service area
• Business registration and licensing information
• Logo and branding images
• Banking/payment information for payouts
• Tax identification numbers

Booking Information:

• Service bookings and appointments
• Service history and timestamps
• Payment transactions
• Reviews and ratings

2.2 Information Collected Automatically

Device Information:

• Device type, model, and operating system
• Unique device identifiers
• Mobile network information
• Time zone and language settings

Usage Information:

• App features used and frequency
• Search queries and filters
• Screens viewed and navigation patterns
• Error logs and crash reports
• Performance metrics

Location Information:

• With your consent, we collect location data for vendor discovery
• Location is used to match you with nearby service providers
• Geospatial data for travel buffer calculations
• You can disable location services in your device settings

2.3 Information from Third Parties

Authentication Providers:

• If you sign in using third-party authentication, we receive basic profile information as authorized by you

Payment Processors:

• Transaction status and payment confirmation (we do not store full payment card details)
• Payment gateway transaction records

3. How We Use Your Information

3.1 Provide and Maintain Services

• Create and manage your account
• Process service bookings and appointments
• Facilitate payments and split payment processing
• Enable vendor discovery and matching
• Manage multi-tenant access and permissions

3.2 Improve Our Services

• Analyze usage patterns to improve features
• Debug and fix technical issues
• Develop new features and services
• Conduct research and analytics
• Optimize geospatial algorithms

3.3 Communicate With You

• Send booking confirmations and reminders
• Send service-related notifications via SMS and push
• Respond to your inquiries and support requests
• Send promotional communications (with your consent)
• Notify you of policy changes

3.4 Ensure Security and Compliance

• Detect and prevent fraud
• Verify user identity
• Protect against unauthorized access
• Process tax compliance and reporting
• Enforce our Terms of Service

3.5 Legal Compliance

• Comply with applicable laws and regulations
• Respond to legal requests and court orders
• Protect our legal rights

4. How We Share Your Information

4.1 With Service Vendors (for Customers)

When you book a service, we share:

• Your name and contact information
• Booking details and appointment time
• Your profile information as necessary for service delivery
• Location information for service appointment

4.2 With Customers (for Vendors)

Customers can see:

• Your business name and description
• Your service offerings and pricing
• Your business location and service area
• Your ratings and reviews
• Your availability calendar

4.3 Service Providers

We may share information with third-party service providers who perform services on our behalf:

• Cloud hosting and database services
• Payment processors
• SMS and push notification services
• Analytics providers
• Tax compliance services

These providers are contractually bound to protect your information and use it only for the purposes we specify.

4.4 Legal Requirements

We may disclose information if required to comply with applicable laws or regulations, respond to valid legal processes, protect the rights, property, or safety of ServHub, our users, or others, or enforce our Terms of Service.

4.5 Business Transfers

If ServHub is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

5. Data Retention

We retain your information for as long as your account is active, needed to provide you services, required by law, or necessary for legitimate business purposes.

Retention Periods:

After Account Deletion:

• Data deletion requests are processed within 30 days
• Active files are marked for deletion and removed from all storage tiers
• Transaction records required for legal compliance may be retained in anonymized form
• Audit logs are retained for the full 7-year period as required by law
• You will receive confirmation when deletion is complete

6. Data Security

We implement industry-standard security measures to protect your information:

6.1 Technical Safeguards

• Encryption: AES-256-GCM encryption for sensitive data at rest
• Transport Security: TLS 1.2+ for all data in transit
• Encrypted Events: Event payloads encrypted with AES-256-GCM
• Secure Authentication: JWT tokens with short expiration
• Password Security: Argon2 hashing with salt
• Database Security: Row-level security policies for multi-tenancy

6.2 Organizational Safeguards

• Limited access to personal data on need-to-know basis
• Regular security audits and assessments
• Employee training on data protection
• Incident response procedures
• OWASP compliance for application security

6.3 Your Responsibilities

• Keep your login credentials confidential
• Use strong, unique passwords
• Enable biometric authentication when available
• Report suspicious activity immediately

7. Your Rights and Choices

7.1 Account Information

You can:

• Access your account information through the app
• Update or correct your information at any time
• Download a copy of your data (data portability)
• Delete your account and associated data

7.2 Communication Preferences

You can:

• Opt out of promotional emails and SMS
• Manage push notification settings
• Control notification frequency and types

7.3 Location Data

You can:

• Enable or disable location services
• Control location accuracy (precise vs. approximate)
• Revoke location permissions at any time

7.4 Data Deletion

To request deletion of your data:

1. Use the account deletion feature in the app
2. Email us at privacy@mitikasha.com

Note: Some data may be retained for legal compliance even after deletion.

8. Children's Privacy

Our Services are not intended for users under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected information from a child under 18, we will take steps to delete that information.

If you believe we have inadvertently collected information from a child, please contact us at privacy@mitikasha.com.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.

When we transfer data internationally, we use standard contractual clauses, ensure adequate data protection measures, and comply with applicable data transfer regulations.

10. Region-Specific Rights

10.1 European Union (GDPR)

If you are in the EU, you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate personal data
• Erasure: Request deletion of your personal data
• Restriction: Limit how we use your data
• Portability: Receive your data in a portable format
• Object: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent at any time

Data Protection Officer: dpo@mitikasha.com

Supervisory Authority: You have the right to lodge a complaint with your local data protection authority.

10.2 California (CCPA/CPRA)

If you are a California resident, you have the right to:

• Know: What personal information we collect and how it's used
• Delete: Request deletion of your personal information
• Opt-Out: Opt out of the sale of personal information (we do not sell data)
• Non-Discrimination: Not be discriminated against for exercising your rights
• Correct: Request correction of inaccurate personal information
• Limit Use: Limit use of sensitive personal information

Do Not Sell My Personal Information: We do not sell personal information. To exercise your rights, contact privacy@mitikasha.com.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do:

• We will update the "Last Updated" date
• We will notify you of material changes via email or in-app notification
• Continued use after changes constitutes acceptance

We encourage you to review this Privacy Policy periodically.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us: