This Privacy Policy explains how NextLanka ("we", "us", "our") collects, uses, stores, and protects information when you use our website and platform (the "Platform"). By using NextLanka, you agree to the practices described here.
1. Information we collect
We collect the following types of information:
- Account information: name, email address, phone number, business name, and password (stored securely using industry-standard hashing)
- Business details: for sellers, business registration details and bank/payout information collected via our payment processor (Stripe Connect)
- Transaction information: orders, quotes, messages between buyers and sellers, and delivery addresses
- Technical information: IP address, browser type, device information, and usage data collected automatically for security and analytics purposes
- Cookies: used to keep you signed in and remember preferences such as cart contents
2. How we use your information
- To create and manage your account
- To facilitate orders, quotes, and communication between buyers and sellers
- To process subscription payments for sellers
- To send transactional emails (order confirmations, OTP verification, password resets)
- To detect and prevent fraud, abuse, and security incidents
- To improve and maintain the Platform
- To comply with legal obligations
3. How we share your information
We do not sell your personal information. We share information only:
- Between buyers and sellers as necessary to complete a transaction (e.g. delivery address shared with the seller fulfilling an order)
- With payment processors (Stripe) to process payments and subscriptions
- With email service providers (Resend) to deliver transactional emails
- With cloud infrastructure providers (Supabase, Upstash, Vercel, Cloudinary) who host and process data on our behalf under appropriate data protection terms
- When required by law, court order, or to protect the rights and safety of NextLanka or its users
4. Data security
We use industry-standard security measures to protect your information, including encrypted password storage (Argon2id), rate limiting, brute-force login protection, and audit logging of sensitive actions. While we take reasonable steps to protect your data, no method of transmission or storage is 100% secure.
5. Data retention
We retain your account and transaction information for as long as your account is active and as needed to comply with legal, accounting, or reporting obligations. You may request deletion of your account, subject to retention requirements for completed transactions.
6. Your rights
You may:
- Access and update your account information at any time via your dashboard
- Request a copy of the personal data we hold about you
- Request deletion of your account and associated personal data
- Opt out of non-essential marketing communications
To exercise any of these rights, contact us at support@nextlanka.com.
7. Cookies
We use cookies and similar technologies to keep you logged in, remember your cart, and understand how the Platform is used. You can control cookies through your browser settings, though disabling them may affect Platform functionality.
8. Children's privacy
NextLanka is a B2B platform intended for business use and is not directed at individuals under 18. We do not knowingly collect information from minors.
9. Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email or a notice on the Platform.
10. Contact us
For questions about this Privacy Policy or how your data is handled, contact us at support@nextlanka.com.