Expoz
Back to Home

Privacy Policy

Last updated: March 3, 2026

Expoz ("we," "us," or "our") operates the Expoz mobile applications (EXPOZ - Live The Moment! and EXPOZ Business) and the website expoz.app (collectively, the "Service"). This Privacy Policy explains how we collect, use, and protect your information when you use our Service.

1. Information We Collect

Account Information

When you create an account, we collect your name, email address, and phone number. Phone numbers are used for OTP (one-time password) verification via SMS.

Profile Information

Depending on your account type, you may provide additional information such as business name, business type, civil ID, commercial license, and profile photos.

Payment Information

Payments are processed through Hesabe, a PCI-DSS compliant payment gateway. We do not store your credit card or debit card details. We retain transaction records (amount, date, status) for booking and invoicing purposes.

Usage Data

We collect anonymous usage data such as page visits and app interactions to improve our Service. This data is not linked to your identity.

Camera and Photos

The app may request access to your camera or photo library to allow you to upload profile photos, business logos, or exhibition images. Photos are only accessed when you initiate an upload.

2. How We Use Your Information

We use the information we collect to:

  • Create and manage your account
  • Process booth bookings and payments
  • Send booking confirmations, payment receipts, and reminders via SMS and email
  • Verify your identity through OTP
  • Display exhibition and booth information
  • Provide customer support
  • Improve our Service through anonymous analytics

3. Data Sharing

We do not sell, rent, or trade your personal information. We share data only with:

  • Hesabe — for payment processing
  • Twilio — for SMS/WhatsApp OTP delivery
  • Exhibition organizers — your name and contact information are shared with organizers when you book a booth at their exhibition

We do not share your data with advertisers, data brokers, or any third parties for tracking or advertising purposes.

4. Data Storage and Security

Your data is stored on secure servers hosted on DigitalOcean. Files (images, documents) are stored on DigitalOcean Spaces (S3-compatible storage). We use encryption in transit (HTTPS/TLS) and implement access controls to protect your information.

5. Data Retention

We retain your account data for as long as your account is active. If you request account deletion, we will delete your personal data within 30 days, except where we are required to retain records for legal or financial obligations.

6. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and data
  • Withdraw consent for optional communications

To exercise any of these rights, contact us at [email protected].

7. Children's Privacy

Our Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal data, please contact us and we will delete it.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

9. Contact Us

If you have any questions about this Privacy Policy, please contact us at: [email protected]