Privacy Policy

Effective Date: January 1, 2026

1. Introduction

1.1 About This Policy

This Supplier Privacy Policy ("Policy") describes how Kipgo Pvt. Ltd ("Kipgo", "we", "us", or "our") collects, uses, stores, shares, and protects the personal information of individuals and businesses who register as service providers on our platform ("Suppliers", "you", or "your").

This Policy applies specifically to Supplier accounts and the data collected during the supplier registration, verification, and ongoing platform use. For information about how we handle Customer data, please refer to our Customer Privacy Policy.

1.2 Our Commitment

Kipgo is committed to protecting your privacy and handling your personal information responsibly. We collect only the information necessary to operate our platform, verify supplier credentials, process transactions, and comply with legal requirements.

1.3 Agreement to This Policy

By registering as a Supplier, submitting verification documents, creating listings, or otherwise using the Kipgo platform, you acknowledge that you have read, understood, and agree to the collection and use of your information as described in this Policy.

2. Information We Collect

2.1 Account Information

When you register as a Supplier, we collect:

  • Full name and contact person name
  • Email address
  • Phone number
  • Business name and type
  • Business address and location
  • Password (stored in encrypted form)

2.2 Verification Documents

To verify your identity and business legitimacy, we may collect documentation such as:

  • CNIC number (for identity verification)
  • Company registration certificate and number (for registered businesses)
  • National Tax Number (NTN) (if applicable)
  • DTS License or relevant tourism permits
  • Other documents as may be required for verification

2.3 Service Details

Depending on your supplier category, we collect additional details about your services:

  • Stays: Property type, number of rooms, available facilities, property photos
  • Tour Operators: Service types offered, whether you serve international tourists
  • Tour Guides: Specialities, years of experience, whether you serve international tourists
  • Activity Providers: Activity type, operational days and hours
  • Rentals: Rental type (car/bike), number of vehicles, security deposit requirements, operational days and hours

2.4 Financial Information

To process payouts, we collect:

  • Bank name
  • Account holder name
  • Bank account number
  • IBAN (International Bank Account Number)

2.5 Listing Content

When you create listings, we collect the content you provide, which may include service titles and descriptions, photographs and media files, pricing and availability information, location details, itineraries, inclusions and exclusions, FAQs, and other listing-specific details relevant to your service type.

2.6 Transaction Data

Through your use of the platform, we collect:

  • Booking history and details
  • Earnings and payout records
  • Commission calculations
  • Coupon usage and discounts applied
  • Cancellation and refund history

2.7 Communications

We collect and store:

  • Messages exchanged with Customers through our messaging system
  • Files and attachments shared in conversations
  • Support ticket communications
  • Responses to Customer questions on listings
  • Review responses

2.8 Automatically Collected Data

When you access the platform, we automatically collect:

  • IP address
  • Browser type and version
  • Device information
  • Operating system
  • Access timestamps and session duration
  • Pages visited and actions taken

3. How We Use Your Information

3.1 Platform Operations

We use your information to create and manage your Supplier account, display your listings to potential Customers, process bookings and facilitate transactions, calculate and process payouts to your bank account, enable communication with Customers, and provide customer support.

3.2 Verification and Trust

We use your documents and information to verify your identity and business legitimacy, confirm ownership or authorization for listed services, prevent fraud and protect platform integrity, ensure compliance with tourism regulations, and maintain quality standards on the platform.

3.3 Communication

We use your contact information to send booking confirmations and updates, notify you of new bookings, cancellations, and Customer messages, inform you of listing approval status, send payout confirmations and statements, communicate important platform updates and policy changes, and respond to support inquiries.

3.4 Platform Improvement

We use aggregated and anonymized data to analyze platform usage patterns, improve platform features and user experience, develop new services and functionality, and generate market insights and trends.

3.5 Legal and Compliance

We may use your information to comply with applicable laws and regulations, respond to legal requests from authorities, enforce our Terms and Conditions, protect our rights and property, and prevent illegal activities.

4. Information Sharing

4.1 Information Shared with Customers

When Customers view your listings or make bookings, they can see:

  • Business name and logo
  • Business location (city/area level)
  • Listing content (descriptions, photos, prices, etc.)
  • Ratings and reviews
  • Your responses to reviews and questions
  • Verification badges (e.g., "Verified Business")

After booking confirmation, Customers can communicate with you through the Platform's messaging system. Your personal phone number and email are not shared directly with Customers.

4.2 Service Providers

We share limited information with trusted service providers who assist in operating our platform:

  • Email service providers: Email address for transactional communications
  • Cloud hosting providers: Data storage and infrastructure
  • Analytics providers: Anonymized usage data

All service providers are contractually bound to protect your information and use it only for specified purposes.

4.3 Legal Disclosures

We may disclose your information when required by law, in response to valid legal requests from government authorities, to protect the safety of users or the public, to investigate potential violations of our policies, or to protect our legal rights.

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such transfer and any changes to this Privacy Policy.

4.5 What We Never Share

We do not sell your personal information to third parties. We do not share your verification documents (CNIC, registration certificates) with Customers or other Suppliers. We do not share your bank account details with anyone except payment processors necessary for payouts.

5. Data Storage and Security

5.1 Data Storage Location

Your data is stored on secure cloud infrastructure. We use industry-standard data centers with appropriate physical, technical, and administrative security measures.

5.2 Security Measures

We implement comprehensive security measures to protect your information. All data is encrypted in transit using TLS/SSL protocols. Passwords are hashed using industry-standard algorithms and never stored in plain text. Access to sensitive data is restricted to authorized personnel only, and we conduct periodic security assessments and vulnerability testing.

5.3 Document Storage

Sensitive verification documents (such as CNIC numbers, registration certificates, and other identity documents) are stored in secure, private storage with restricted access. These documents are accessible only to authorized Kipgo personnel for verification purposes and are protected by strict access controls and audit logging.

5.4 Data Breach Response

In the event of a data breach affecting your personal information, we will notify you promptly via email and Dashboard notification, describe the nature of the breach and data affected, outline steps we are taking to address the situation, and provide guidance on protective measures you can take.

6. Data Retention

6.1 Active Account Data

While your account remains active, we retain all information necessary for platform operations, including account details, listings, transaction history, communications, and verification documents.

6.2 Retention After Account Closure

Upon account closure or termination:

  • Transaction records: Retained for seven (7) years for legal and tax compliance
  • Verification documents: Retained for three (3) years, then permanently deleted
  • Communication logs: Retained for two (2) years for dispute resolution purposes
  • Listing content: Removed from public view immediately; archived data retained for one (1) year
  • Reviews: Reviews from Customers remain visible as they reflect genuine Customer experiences
  • Questions and Answers: Published Q&A may remain visible as they provide value to future Customers

6.3 Legal Holds

We may retain data beyond standard retention periods if required for ongoing legal proceedings, regulatory investigations, or dispute resolution. Once the legal hold is released, standard retention policies apply.

7. Your Rights and Choices

7.1 Access Your Data

You have the right to access the personal information we hold about you. Most of your information is directly accessible through your Dashboard, including profile information, listings, bookings, payouts, and communications.

7.2 Correct Your Data

You can update most of your account information directly through the Dashboard. For changes to verified information (such as business name or bank details), please submit a request through the support system for verification.

7.3 Delete Your Data

You may request deletion of your account and associated data by contacting support. Please note that certain data must be retained for legal compliance as outlined in Section 6, data deletion may not be possible if you have pending bookings or unresolved disputes, and once deleted, your account cannot be recovered.

7.4 Withdraw Consent

Where we process data based on consent, you may withdraw consent at any time. However, withdrawing consent for essential data processing may result in inability to use certain platform features or termination of your Supplier account.

8. Cookies and Tracking

8.1 Essential Cookies

We use essential cookies to maintain your session and authentication state, remember your preferences, ensure platform security, and enable core functionality.

8.2 Analytics Cookies

We may use analytics cookies to understand how you use the platform, identify areas for improvement, measure feature effectiveness, and generate aggregate usage statistics.

8.3 Cookie Management

You can manage cookie preferences through your browser settings. Disabling essential cookies may impact platform functionality. Analytics cookies can be disabled without affecting core features.

9. Third-Party Links

The Platform may contain links to third-party websites or services. This Privacy Policy applies only to the Kipgo platform. We are not responsible for the privacy practices of third-party websites or services. We encourage you to review the privacy policies of any third-party services before providing them with your information.

10. International Data Considerations

Kipgo primarily operates within Pakistan and is subject to Pakistani data protection laws and regulations. If you are accessing the platform from outside Pakistan, please be aware that your information may be transferred to and processed in Pakistan. By using the platform, you consent to such transfers.

We comply with applicable data protection requirements and take reasonable steps to ensure your data receives appropriate protection regardless of where it is processed.

11. Children's Privacy

Supplier accounts are intended for individuals who are at least 18 years of age. We do not knowingly collect personal information from individuals under 18 for Supplier registration purposes. If we become aware that a Supplier account has been created by someone under 18, we will take steps to terminate the account and delete associated information.

12. Policy Updates

12.1 Notification of Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you via email to your registered address, Dashboard notification, and update the "Effective Date" at the top of this Policy.

12.2 Continued Use

Your continued use of the Platform after any changes to this Policy constitutes acceptance of those changes. If you do not agree with the updated Policy, you should discontinue use and contact us regarding account closure.

13. Contact Us

If you have questions about this Privacy Policy, wish to exercise your data rights, or have concerns about how your information is handled, please contact us:

Kipgo Pvt. Ltd
Karachi, Pakistan

Email: privacy@gokipgo.com
Support: support@gokipgo.com
Website: www.gokipgo.com

For data-related requests, please use the subject line "Privacy Request" to ensure prompt handling.

By registering as a Supplier on the Kipgo Platform, you acknowledge that you have read, understood, and agree to this Supplier Privacy Policy.

Document ID: WYY-SUPPLIER-PP-2025-001
Last Updated: January 1, 2026