Privacy Policy & Data Protection

1. Overview

This Privacy Policy describes how MiniLab Nex Ltd (“Platform,” “we,” “us”) collects, uses, shares, and protects Seller personal data when you use our marketplace. By continuing to use our services, you consent to this policy.

2. Data We Collect

2.1 KYC & Identity Data: Business registration documents, government-issued ID (passport/ID card), proof of address (utility bill/bank statement), and bank account details to verify identity and process payouts.

2.2 Contact & Account Data: Email address, phone number, shipping addresses, profile info, and correspondence.

2.3 Usage & Device Data: Device type, OS, IP address, browser user-agent, and usage logs (pages visited, duration) for security, analytics, and UX improvements.

3. How We Use Your Data

3.1 Verification & Compliance: KYC documents are used to verify identity, comply with Mauritian regulations (e.g., AML), and enable payouts.

3.2 Operations: Contact details for notifications (orders, updates); usage data to debug, optimize performance, and enhance features.

3.3 Marketing & Analytics: With consent, promotional emails/SMS; aggregated data analysis for market insights without exposing individual data.

4. Data Sharing & Disclosure

4.1 Third-Party Processors:

• Firebase (Google Cloud) for database, auth, and storage in asia-south1.
• MCB Juice for payment processing (limited account details as needed).
• External KYC vendors for document verification.
• Analytics providers (Google/Firebase Analytics) on anonymized data.

4.2 Legal Compliance: Disclosure when required by law (subpoena, court order) or to prevent fraud.

4.3 Sale of Business: Data may transfer to an acquiring entity under similar privacy terms.

5. Data Retention & Deletion

We retain data while your account is active plus 12 months after closure. KYC documents retained 5 years for AML compliance. On deletion request, data is removed within 30 days except where legally required.

6. Security & Safeguards

We implement:

• Encryption at rest (Cloud Storage) and in transit (HTTPS/TLS).
• Strict access controls—only authorized personnel.
• Routine security audits and vulnerability scans.

If you suspect a breach, contact us at support@minilab.mu.

7. Your Rights

Under the Mauritius Data Protection Act 2017, you may:

• Access: Copy of your data.
• Rectify: Correct inaccuracies.
• Erase: Delete data per legal retention.
• Restrict: Limit processing.
• Portability: Receive data in common format.

To exercise rights, email support@minilab.mu. We respond within 30 days.

8. Cookies & Tracking

We use cookies to remember sessions, preferences, and analyze usage. Disabling cookies may affect functionality.

9. Children’s Privacy

Not intended for under 18. We don't collect data knowingly from minors. If discovered, contact support@minilab.mu for removal.

10. Policy Updates

Updates posted here and notified 30 days prior. Continued use implies acceptance.