Privacy Statement

In Brief
  • Our core interest is keeping our customers safe with our services.
  • To do that, we need to process data on you and on your devices.
  • We have a culture of respecting your privacy.
This privacy statement is given by Apni Dukan, a ——— with Business ID 12345 (“Apni Dukan”, “AD”, “we”, “our”, “us”). All our subsidiaries also apply this policy. Our data collection can be grouped as follows:
  • Client relationship data; the data that we need to manage our relationship with our clients and to market and sell our services to you or to the legal entity that you represent.
  • Service data; the data that we automatically process to provide you with the services that you have requested. This also includes the data that you actively submit to us when requesting to subscribe/subscribing to our services.
  • Security data; the data that we need to collect to keep you secure.
  • Analytics data; additional anonymous or pseudonymous data that we collect to learn when and how our services are found and used.
This privacy statement describes Apni Dukan’s common practices for processing all of our customers’ personal data. If there is no specific policy for a specific interaction, this privacy statement shall apply as such.
This is what we mean when we make certain references within this policy. “Client”, “you”, refers to a private or corporate user or any other data subjects who buy, register for use, or use our services, whose devices and data traffic are protected by our services, or who may have submitted personally identifiable information to us. This information may have been submitted through the use of our services, website, telephone, email, registration forms, or other similar channels. “Personal data” refers to any information on private individuals that is identifiable to them or their family or household members. This information may include names, email and mailing addresses, telephone numbers, billing and account information, and other, more technical information that can be linked to you, your device, or the behavior of either, that we process while providing our services. “Services” refer to any services or products that are manufactured or distributed by Apni Dukan, including software, web solutions, tools, and related support services. “Website” refers to the Apni Dukan website, including subsites.
What do we collect?
The service and interaction-specific policies set out the personal data collected per service type and interaction. The interaction and service-specific privacy policies and notices set out the specific purposes for using the personal data collected by each service or processed in such activity. In addition to such specific purposes, the following general purposes of personal data use apply across all of our services: To deliver our services to you, we process the data for the following purposes:
  • Customer journey. Tracking consumer journey throughout the website to implement acquired data to improve the overall website flow
  • Deliver, fix, and enhance. Delivering, maintaining, and developing our services and website, and to provide help and support for the services.
  • Analyze. To track that our services are taken into use and how they are used so that we can improve the services, manage your customer relationship, and approach you with relevant messages.
  • Communicate. To send you information relating to the services, conduct customer surveys, and market our services to you. The actual communication may be handled either by Apni Dukan or by our partners.
  • Regulatory. To prevent fraudulent, illegal, or infringing activities and to comply with legal or regulatory requirements.

Other uses and disclosures

There are circumstances not covered by this privacy policy where the use or disclosure of personal data may be justified or permitted, or where we may be obligated by applicable laws to disclose information without acquiring your consent or independent of service provisioning. One example includes complying with a court order or a warrant issued by the authorities in the relevant jurisdiction to compel the production of information. Similarly, there may be other circumstances where there is a justifiable legitimate interest to disclose limited sets of information to a third party. Examples of such disclosures include cases where we need to protect ourselves against liability or to prevent fraudulent activity, where we analyze your use of our services to ensure that our services are working the way you would expect them to and that we are able to react to adverse experiences, where it is necessary to solve or contain an ongoing problem, or where we need to meet the legitimate information requirements of our insurers or governmental regulatory agencies. In any such action, we will act according to the applicable laws. We weigh each disclosure requirement carefully and take the possibility of such disclosure requests into account when deciding where and how we store your personal data.
While we collect the majority of the above-mentioned data directly from you or your device, we also receive data from our affiliates, distribution partners (such as operators and retailers), and corporate entities through whom you have used our services. We do this to create a seamless customer experience and to have the necessary information for solving support cases. Typical examples of third-party sources are:
  • we acquire your credentials from previous sign-in data from our operator reseller partner, so that we can provide our service to you directly,
  • we acquire your contact data from corporate decision-maker registries for marketing purposes, and
  • when you use your social media account to register to our services, we collect the email address from your account to enable us to authenticate your registration and to contact you.

Third Parties

Our services are provided in conjunction with our partners and our services and websites may embed or interoperate with third-party services. This privacy document only applies to personal data as long as that data is within AD’s realm of influence. Where your personal data is processed by other entities for their independent purposes, such other party is responsible for processing your personal data in a justified manner in accordance to their policies as well as for fulfilling your rights under data protection laws.
Data Retention
This text complements the service-specific retention times. The default rule under the law is that personal data should be deleted or anonymized once it is no longer needed for its purpose. However, some personal data needs to be nonetheless stored for longer periods of varying lengths due to varying reasons. Typical reasons why we deviate from the primary retention times include the following examples:
  • grace periods and backups (e.g. keeping your personal data stored for a designated time after the end of your subscription, so that we can safeguard the data against erroneous deletion);
  • applicable laws require us to store the data
  • to pursue available remedies or to limit any damages that we may sustain (e.g. due to an ongoing dispute or investigation);
  • to solve or contain a recurring problem or to have enough information to respond to future issues
  • other similar circumstances, where there continues to be a legitimate need for the ongoing storage of personal data.
If we have received your information when providing you with technical support, the information is stored as long as the respective support case remains unsolved. Once solved, the information is gradually deleted or anonymized within two years from closing the case.
We apply strict security measures to protect the confidentiality, integrity, and availability of your personal data when transferring, storing, or processing it. We use physical, administrative, and technical security measures to reduce the risk of loss, misuse, or unauthorized access, disclosure, or modification of your personal data. All personal data is stored on secure servers with access limited to authorized personnel only.
This version of the policy clarifies, updates, and replaces the previous version. To continue keeping this document up to date, we will make changes and additions to this from time to time also in the future. We will publish the changed policy document on our website or at another interaction point where it has previously been made available. If the changes are significant, we may also notify you by other means. Any changes will apply starting from the date that we publish the revised policy document.
Contact information
If you have any questions or concerns about the matters discussed in our privacy policies, please contact:


Become a part of Pakistan’s most trusted network of dukandaars and enjoy exclusive rewards and benefits.

Product Requirement / مصنوعات کی ضرورت