Privacy Notice / Notis Privasi
Last updated / Dikemas kini: 13 June 2026
English
This notice explains Kedaiflow's current processing. It will be reviewed again before commercial launch and whenever processing materially changes.
1. Data collected
- Merchant identity, contact, account, business, tax, and storefront data.
- Customer names, phone numbers, delivery addresses, order items, notes, status, and invoice data supplied to a merchant through Kedaiflow.
- Payment references and uploaded payment-receipt screenshots, which may contain financial information and unrelated screen content.
- Photos, voice, pasted chats, screenshots, bank-notification text, and other inputs submitted to optional AI features, plus generated results and corrections.
- Device, security, usage, support, email-delivery, and analytics events.
2. Purposes
We use data to provide accounts, storefronts, orders, payment evidence, fulfilment, invoicing, notifications, support, security, abuse prevention, optional AI assistance, product operation, and legal/tax submissions that a merchant instructs us to perform. We use limited usage information to understand reliability and improve the service.
3. Merchant and Kedaiflow roles
A merchant controls its customer relationship and the purposes for which order, fulfilment, payment-evidence, and invoice data is used. Kedaiflow processes that data to provide the merchant's contracted service. Kedaiflow separately controls account, subscription, security, support, analytics, abuse-prevention, and legal-compliance data for its own purposes. See the Merchant Data Terms.
4. Recipients and providers
Data may be disclosed as needed to the merchant receiving an order; Supabase and Vercel for hosting; OpenRouter and selected downstream model providers for optional AI functions; Resend or Gmail for email and Expo for mobile push; HERE or OpenStreetMap/Nominatim for optional address lookup; payment providers; LHDN or other authorities when instructed or legally required; and professional advisers. We do not sell or rent personal data. OpenRouter's commercial terms incorporate its Data Processing Agreement; downstream model provider terms and data policies may also apply.
5. AI and payment evidence
AI may parse order content, prepare suggestions, match payment information, or review a payment receipt. These results are advisory and may be wrong; the merchant remains responsible for final payment and business decisions. Each OpenRouter request is configured to use only downstream endpoints that declare both no data collection and zero data retention. If no eligible endpoint is available, the request fails instead of relaxing those controls. OpenRouter and the selected endpoint still process the request to produce the result. Do not upload information that is unnecessary for the requested task. A manual path should be used when an optional AI feature is not wanted.
6. Public pages and bearer links
A direct merchant storefront is public. Public directory listing is off unless the merchant enables it. When enabled, declared business fields and available products may appear publicly. Receipt and acknowledgement links use hard-to-guess tokens, but anyone holding a link may be able to view its contents; share them carefully.
7. Retention and deletion
We retain data only for operational, security, dispute, contractual, and legal/accounting needs, using category-specific periods. Cancelling a paid plan is different from deleting an account. Self-service deletion removes the account and related database records, subject to records that must lawfully be retained and to third-party/backup deletion cycles. Payment-receipt images are accessed only through short-lived links generated on demand (never a permanent link); the images are kept for a limited period after an order concludes to support verification and disputes, then deleted. Please keep your own copy of any records you need for your statutory accounting obligations.
8. Cross-border processing
Providers may process data in Singapore and other countries, including global cloud, model, email, and analytics infrastructure. Kedaiflow uses provider contracts, access controls, encryption in transit, and other safeguards appropriate to the service and transfer.
9. Choices and requests
You may ask to access or correct personal data, withdraw consent for optional processing, object or limit processing where applicable, request account deletion, or ask how data is handled. Some records may be retained where required by law or for legitimate dispute/security needs. Contact hello@kedaiflow.com. This inbox is the current privacy contact; it is not represented as a formally appointed DPO.
Bahasa Malaysia
Notis ini menerangkan pemprosesan semasa Kedaiflow. Notis ini akan disemak semula sebelum pelancaran komersial dan apabila pemprosesan berubah secara material.
1. Data yang dikumpul
- Maklumat identiti, hubungan, akaun, perniagaan, cukai, dan kedai milik peniaga.
- Nama, nombor telefon, alamat penghantaran, item pesanan, nota, status, dan data invois pelanggan.
- Rujukan pembayaran dan tangkap layar bukti pembayaran yang mungkin mengandungi maklumat kewangan atau kandungan skrin lain.
- Foto, suara, perbualan, tangkap layar, notifikasi bank, input AI pilihan, hasil AI, dan pembetulan.
- Maklumat peranti, keselamatan, penggunaan, sokongan, penghantaran e-mel, dan analitik.
2. Tujuan
Data digunakan untuk akaun, kedai, pesanan, bukti pembayaran, pemenuhan pesanan, invois, notifikasi, sokongan, keselamatan, pencegahan penyalahgunaan, bantuan AI pilihan, operasi produk, dan penyerahan cukai/undang-undang yang diarahkan oleh peniaga.
3. Peranan peniaga dan Kedaiflow
Peniaga mengawal hubungan pelanggan serta tujuan penggunaan data pesanan, pemenuhan, bukti pembayaran, dan invois. Kedaiflow memproses data tersebut untuk menyediakan perkhidmatan kepada peniaga. Kedaiflow mengawal data akaun, langganan, keselamatan, sokongan, analitik, pencegahan penyalahgunaan, dan pematuhan bagi tujuannya sendiri. Lihat Terma Data Peniaga.
4. Penerima dan penyedia
Data boleh diberikan kepada peniaga yang menerima pesanan; Supabase dan Vercel untuk hosting; OpenRouter serta penyedia model terpilih; Resend atau Gmail untuk e-mel dan Expo untuk push mudah alih; HERE atau OpenStreetMap/Nominatim untuk carian alamat pilihan; penyedia pembayaran; LHDN atau pihak berkuasa apabila diarahkan atau diwajibkan; dan penasihat profesional. Kami tidak menjual atau menyewakan data peribadi. Terma komersial OpenRouter merangkumi Perjanjian Pemprosesan Datanya; terma dan dasar data penyedia model hiliran juga mungkin terpakai.
5. AI dan bukti pembayaran
AI boleh membaca kandungan pesanan, menyediakan cadangan, memadankan maklumat pembayaran, atau menyemak resit. Hasilnya hanya nasihat dan mungkin salah; peniaga membuat keputusan akhir. Setiap permintaan OpenRouter dikonfigurasi supaya hanya menggunakan titik akhir hiliran yang mengisytiharkan tiada pengumpulan data dan tiada penyimpanan data. Jika tiada titik akhir yang layak, permintaan akan gagal dan kawalan ini tidak dilonggarkan. OpenRouter dan titik akhir terpilih masih memproses permintaan untuk menghasilkan jawapan. Jangan muat naik data yang tidak diperlukan. Gunakan proses manual jika tidak mahu menggunakan ciri AI pilihan.
6. Halaman awam dan pautan
Kedai terus peniaga ialah halaman awam. Senarai direktori tidak aktif melainkan peniaga mengaktifkannya. Pautan resit menggunakan token yang sukar diteka, tetapi sesiapa yang memiliki pautan mungkin dapat melihat kandungannya.
7. Penyimpanan dan pemadaman
Data disimpan mengikut keperluan operasi, keselamatan, pertikaian, kontrak, perakaunan, dan undang-undang, mengikut tempoh khusus kategori. Membatalkan pelan berbayar berbeza daripada memadam akaun. Pemadaman kendiri memadam akaun dan rekod pangkalan data berkaitan, tertakluk kepada rekod yang wajib disimpan serta kitaran pemadaman penyedia dan sandaran. Imej bukti pembayaran hanya diakses melalui pautan jangka pendek yang dijana atas permintaan (bukan pautan kekal); imej itu disimpan untuk tempoh terhad selepas pesanan selesai bagi tujuan pengesahan dan pertikaian, kemudian dipadam. Sila simpan salinan sendiri bagi rekod yang anda perlukan untuk kewajipan perakaunan berkanun anda.
8. Pemprosesan rentas sempadan
Penyedia mungkin memproses data di Singapura dan negara lain, termasuk infrastruktur awan, model, e-mel, dan analitik global. Kedaiflow menggunakan kontrak penyedia, kawalan akses, penyulitan semasa penghantaran, dan perlindungan lain yang sesuai dengan perkhidmatan dan pemindahan.
9. Pilihan dan permintaan
Anda boleh meminta akses atau pembetulan, menarik balik persetujuan bagi pemprosesan pilihan, meminta had pemprosesan yang berkenaan, meminta pemadaman akaun, atau bertanya cara data dikendalikan. Hubungi hello@kedaiflow.com. Alamat ini ialah hubungan privasi semasa dan bukan DPO yang telah dilantik secara rasmi.