BRICK | BRICK

1. Introduction

BRICK ("we", "us", or "our") is committed to protecting your personal information. This Privacy Policy explains what data we collect, how we use it, and your rights regarding your data when you use our Platform. By using BRICK, you consent to the practices described in this policy.

2. Information We Collect

We collect the following information when you register and use the Platform:

Identity data: Full name, company name, Commercial Registration (CR) number
Contact data: Mobile number (WhatsApp), email address
Location data: Business/delivery location coordinates (GPS or map pin)
Financial data: Bank name, IBAN, account name (distributors only)
Document data: CR certificate uploads
Transaction data: Orders placed, payment receipts, invoices
Usage data: Pages visited, actions taken on the Platform

3. How We Use Your Information

We use your information to:

Create and manage your account
Verify your identity and business registration
Process orders, payments, and settlements
Send OTP codes and order notifications via WhatsApp
Provide customer support
Improve the Platform and prevent fraud
Comply with legal obligations in Saudi Arabia

4. WhatsApp Communications

We use WhatsApp (via Twilio) to send you one-time passwords (OTPs) for authentication and transactional notifications such as order confirmations, payment reminders, and invoices. By registering, you consent to receive these messages. Message frequency depends on your activity on the Platform.

5. Data Sharing

We do not sell your personal data. We share data only as necessary to operate the Platform:

Supabase: Our database and authentication provider
Twilio: WhatsApp messaging service
Google Maps: Location services for address selection
Inngest: Background job processing for notifications

Order information is shared between developers and distributors as required to fulfill transactions.

6. Data Retention

We retain your data for as long as your account is active. Transaction records (orders, invoices, payments) are retained for a minimum of 5 years as required by Saudi commercial regulations. You may request deletion of your account and associated data, subject to legal retention requirements.

7. Data Security

We implement industry-standard security measures including encrypted data storage, secure HTTPS connections, and role-based access controls. Authentication uses WhatsApp OTP with no passwords stored. However, no system is 100% secure and we cannot guarantee absolute security.

8. Your Rights

You have the right to:

Access the personal data we hold about you
Correct inaccurate data via your account settings
Request deletion of your account (subject to legal requirements)
Opt out of non-essential communications

To exercise these rights, contact us at hello@brick-sa.com.

9. Cookies

The Platform uses session cookies for authentication purposes only. We do not use tracking or advertising cookies. You can control cookies through your browser settings, though disabling session cookies will prevent you from logging in.

10. Governing Law

This Privacy Policy is governed by the laws of the Kingdom of Saudi Arabia, including the Personal Data Protection Law (PDPL). Any disputes shall be resolved in the competent courts of Riyadh, Saudi Arabia.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via WhatsApp. Continued use of the Platform after changes are posted constitutes acceptance.

12. Contact

For privacy-related questions or requests, contact us at hello@brick-sa.com or WhatsApp: +966 5X XXX XXXX. Our offices are located in Riyadh, Saudi Arabia.