Legal
Privacy Policy
1. Introduction
Magau (मगाऊ) is a Nepal-first, on-demand delivery app that connects you with nearby restaurants, home kitchens and neighbourhood stores, with independent delivery partners ("riders") bringing your order to your door. Magau is operated by Bricks Education, a company based in Nepal. In this policy, "Magau", "we", "us" and "our" refer to that operator.
This Privacy Policy explains what information we collect, how we use it, when we share it, and the choices and rights you have. It applies to the Magau customer, Magau Vendor and Magau Rider apps, and to our website at https://magau.app.
Magau operates as a marketplace and intermediary: vendors prepare and sell the goods, and riders deliver them. Please read this policy alongside our Terms of Service. If you have questions, contact us at contact@magau.app.
2. Information we collect
We collect only what we need to run the service, keep it safe, and improve it. The table below summarises the categories of information we collect and why.
| Category | Examples | Why we collect it |
|---|---|---|
| Account & contact | Mobile phone number, name, optional profile photo | To create and secure your account, verify sign-in by SMS code, and let vendors and riders identify your order |
| Location | Precise device location (GPS latitude/longitude) and the delivery addresses you save | To show nearby stores, capture your delivery pin, and enable live order tracking |
| Orders & transactions | Order history and items, amounts, delivery details, ratings & reviews you submit, Magau Wallet balance & transactions, support messages | To process and deliver your orders, handle payments and refunds, and provide customer support |
| Device & technical | Device model, OS version, app version, language, IP address, push-notification token, diagnostic/crash logs | To deliver notifications, keep the app stable and secure, and diagnose problems |
| Usage & analytics | In-app activity such as screens viewed and features used | To understand how the app is used and improve the experience |
You can browse Magau anonymously with a manual or approximate pin. We ask you to sign in with your phone number only when you place an order or use account features.
3. How we use your information
We use the information above to:
- Fulfil your orders and pass the necessary details to the vendor and rider handling them.
- Show you nearby stores and menus based on your location or chosen pin.
- Enable live order tracking between you, the store and the rider.
- Process payments (Cash on Delivery and the Magau Wallet) and issue any refunds to your Magau Wallet.
- Send you notifications about your orders, account and, where you allow it, offers.
- Keep the service safe - detecting, preventing and investigating fraud, abuse and misuse.
- Provide customer support and respond to your requests.
- Improve, personalise and develop the service using usage and analytics data.
- Meet our legal, tax and regulatory obligations.
4. Legal bases
Where the law requires a legal basis for processing your personal data, we rely on the following:
- Performance of a contract - to create your account and fulfil the orders you place through Magau.
- Consent - for precise device location and push notifications, which you can grant or withdraw through your device and app settings.
- Legitimate interests - to secure the service, prevent fraud, understand usage and improve Magau, balanced against your rights.
- Legal obligation - to keep transaction and financial records and comply with applicable law.
5. How we share information
We do not sell your personal data. We share it only with the service providers ("processors") that help us run Magau, with the vendor and rider fulfilling your order, and where required by law. Our processors are bound to use your data only to provide their service to us.
| Provider | What it does | Privacy policy |
|---|---|---|
| Supabase | Backend database, authentication and file-storage hosting | supabase.com/privacy |
| Google (Firebase) | Cloud Messaging for push notifications and App Distribution for pre-release testing | policies.google.com/privacy |
| Google Maps Platform | Maps and live location/tracking | policies.google.com/privacy |
| AakashSMS | Delivery of one-time SMS verification codes (receives your phone number) | aakashsms.com |
| PostHog | Product and usage analytics | posthog.com/privacy |
| Sentry | Crash and error diagnostics | sentry.io/privacy |
| Shorebird | Over-the-air app updates | shorebird.dev/privacy |
Vendors & riders. To complete an order, we share the details needed to fulfil it - your name, delivery pin/address, contact number and the items ordered - with the vendor preparing the order and the rider delivering it.
Legal & authority disclosures. We may disclose information where required by law, court order or a valid request from a public authority, or to protect the rights, safety and property of Magau, our users and the public.
Magau does not sell your personal data and does not share it for third-party advertising.
6. Location data
Location is central to how Magau works. With your permission, we use your device's precise location (GPS latitude/longitude) to determine which stores can deliver to you (serviceability), to capture your delivery pin accurately, and to enable live tracking while your order is on the way. Maps and live tracking are powered by Google Maps Platform.
You can browse with a manual or approximate pin instead of sharing precise location. You control location access at any time through your device's operating-system settings and the app's permission settings - turning it off may limit features such as nearby-store discovery and live tracking.
7. Cookies & local storage
To keep the app fast and convenient, the Magau app stores some data on your device - for example your cart, search history, cached menus, language and preferences, and your sign-in session. This on-device data stays on your device and is cleared when you clear the app's data or uninstall it.
Our website uses only essential cookies needed for it to function. We do not use advertising cookies or third-party ad trackers on the website.
8. Data retention
We keep your personal data for as long as your account is active and for as long as we need it to provide the service. When it is no longer needed, we delete or anonymise it.
We may retain transaction and financial records for longer where necessary to meet our legal, tax and accounting obligations, and to resolve disputes and enforce our agreements.
9. Security
We apply reasonable technical and organisational safeguards to protect your information. Sign-in uses a one-time SMS code (OTP) rather than a stored password, and data is encrypted in transit. We limit access to personal data to those who need it to operate the service.
No method of transmission or storage is completely secure, so we cannot guarantee absolute security. Please help protect your account by keeping your phone and verification codes private and contacting us if you notice anything suspicious.
10. Your rights & choices
Depending on applicable law, you have the right to:
- Access the personal data we hold about you.
- Correct information that is inaccurate or out of date.
- Delete your data and request account deletion.
- Withdraw consent you have given, such as for precise location or notifications.
- Manage notifications and device permissions through your device and app settings.
To exercise any of these rights, contact us at contact@magau.app. We may need to verify your identity before acting on a request.
11. Account & data deletion
You can request deletion of your account and associated personal data at any time. Some records - such as transaction and financial history - may be retained where the law requires. For full details and step-by-step instructions, see our Account & Data Deletion page.
12. Children's privacy
Magau is intended for users aged 16 and above who can form a binding contract under Nepali law. It is not directed to children under 16, and we do not knowingly collect personal data from them. If you believe a child has provided us data, contact contact@magau.app and we will take appropriate steps.
13. International processing
Some of our service providers may store or process personal data on servers located outside Nepal. Where this happens, we take steps to ensure your information continues to be protected in line with this policy and applicable law.
14. Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in the service, our practices or the law. When we do, we will post the updated policy on this page with a new effective date. Significant changes may also be communicated through the app. Please review this page periodically.
15. Contact us
If you have questions, concerns or requests about this policy or your personal data, contact us:
- Email: contact@magau.app
- Operator: Bricks Education, Nepal
- Website: https://magau.app
This Privacy Policy is governed by the laws of Nepal, and any disputes are subject to the courts of Nepal.