Privacy Policy
Updated: 01.03.2026
1. Introduction
This Privacy Policy explains how Bələdçi (“Bələdçi”, “we”, “our”, or “us”) collects, uses, stores, processes, and protects personal data when you use our platform, including: the Bələdçi website (https://beledci.az), the Bələdçi mobile applications for iOS and Android, any related APIs, services, tools, or features (collectively, the “Service”).
By accessing or using the Service you acknowledge that you have read and understood this Privacy Policy and agree to the processing of personal data as described herein.
This Privacy Policy is designed to comply with applicable data protection laws including, where applicable: EU General Data Protection Regulation (GDPR), Azerbaijan Personal Data Protection legislation, Apple App Store and Google Play privacy requirements.
If you do not agree with this Privacy Policy, you must discontinue use of the Service.
2. Data Controller
The data controller responsible for personal data processing under this Privacy Policy is:
Bələdçi
Website: https://beledci.az
Email: [email protected]
For privacy inquiries please contact the above email.
3. Information We Collect
3.1 Information You Provide
We may collect personal data that you voluntarily provide when using the Service.
Identity Information: display name, username.
Contact Information: phone number (required for registration and account verification via OTP), email address (optional, for support or feedback).
Profile Information: profile photo, cover photo, bio text, language preferences, account settings.
User Generated Content
Content you create or submit through the Service including: reviews, ratings, comments, check-ins, feedback, reports about other users or businesses, uploaded photos or media.
You acknowledge that content you choose to publish may become publicly visible to other users.
3.2 Information Automatically Collected
When you access the Service we automatically collect certain technical information.
Device Information: device UUID or unique device identifier, device model, operating system version, platform type (iOS / Android).
This information is used for: session security, device-level abuse prevention, push notifications, fraud detection.
Connection Information: IP address, network type, browser type and version.
Usage Information: pages or screens viewed, search queries, subscriptions to businesses or users, blocked user lists, interactions with features.
Push Notification Tokens
Tokens generated by: Apple Push Notification Service (APNS), Firebase Cloud Messaging (FCM).
These tokens are used solely for delivering notifications.
3.3 Analytics and Performance Data
We may use third-party analytics services, including: Google Firebase Analytics, Firebase Crashlytics.
These tools collect aggregated and pseudonymous usage data including: screen views, feature usage, application performance, crash diagnostics.
This data helps improve application stability and user experience.
We do not use analytics data to directly identify users.
4. Mobile Device Permissions
Our mobile applications may request specific device permissions.
Permissions are requested only when required by a feature.
Photo Library / Camera
Used to upload: profile images, photos attached to reviews.
Local Content Moderation
Images may be analyzed locally on the user’s device using machine learning technologies (for example TensorFlow Lite) to detect inappropriate content.
Images flagged as violating platform rules may be blocked before upload.
Local scanning occurs entirely on the device and images are not transmitted to our servers unless the user explicitly uploads them.
Contacts (Optional)
Used only if you enable the Find Friends feature.
If permission is granted we may process: contact names, phone numbers.
This information is used only to determine whether your contacts already use the Service.
Contact data: is not stored permanently unless a match occurs, is not sold, is not used for advertising.
Location Services
Location may be used to support features such as: business discovery, check-ins, proximity validation.
Location data is not continuously tracked and is used only while the feature is active.
5. Legal Basis for Processing (GDPR)
Where applicable under GDPR we process personal data under the following legal bases:
Contract Performance
Processing necessary to provide the Service (account creation, reviews, notifications).
Legitimate Interests
Processing required for: fraud prevention, abuse detection, service improvement, platform security.
Consent
Processing that requires explicit permission including: contacts access, optional notifications, location services.
Users may withdraw consent at any time through device or app settings.
Legal Obligations
Processing necessary to comply with applicable laws, legal requests, or regulatory requirements.
6. How We Use Your Information
We use collected information for the following purposes: account creation and authentication, OTP verification via SMS, operating and maintaining the Service, displaying user generated content, content moderation and enforcement of Terms of Service, detecting abuse, spam, and fraudulent activity, device banning and rate-limit enforcement, sending push notifications according to user settings, improving application stability and performance, responding to user inquiries and support requests, complying with legal obligations.
7. User Generated Content Responsibility
Bələdçi: does not guarantee the accuracy of user-submitted content, does not endorse reviews or opinions expressed by users.
However we reserve the right to review, moderate, remove, or restrict content that violates: applicable laws, platform rules, community standards.
Content moderation may be performed using automated systems and human review.
8. Data Sharing and Disclosure
We do not sell personal data.
We may share data only in the following circumstances.
Service Providers
With third-party providers that help operate the Service.
Examples include: SMS delivery providers, hosting and cloud infrastructure providers, Google Firebase services, Apple and Google push notification infrastructure.
These providers process data solely on our behalf and under contractual confidentiality obligations.
Legal Requirements
We may disclose information if required to: comply with applicable law, respond to court orders or subpoenas, protect rights, property, or safety of users or the public, investigate fraud or security incidents.
Public Information
Certain profile data and user generated content may be visible to other users including: display name, username, profile photo, review content, ratings, activity statistics.
9. Data Retention
We retain personal data only for as long as necessary to provide the Service and comply with legal obligations.
Retention periods depend on the type of data and operational needs.
Account Deletion
Users may delete their account via:
Help → Delete Account
When an account is deleted: authentication tokens are immediately revoked, profile information becomes inaccessible to other users, phone numbers and sensitive identifiers may be irreversibly hashed or obfuscated.
Some information may remain in backups or logs for a limited period for security and compliance purposes.
User generated content may be: anonymized, dissociated from the user, removed where technically feasible.
10. Security
We implement industry-standard security safeguards including: HTTPS encryption for all network communications, secure token authentication, encrypted storage of credentials, secure mobile storage (Keychain / EncryptedSharedPreferences), access control and monitoring.
However no online system can guarantee absolute security, and users acknowledge this inherent risk.
11. International Data Transfers
Because our infrastructure providers may operate globally, personal data may be processed or stored in countries outside the user's country of residence.
When transfers occur we take appropriate safeguards to ensure lawful data protection.
12. Your Rights
Depending on applicable law you may have rights including: access to your personal data, correction of inaccurate data, deletion of personal data, restriction of processing, data portability, withdrawal of consent.
Requests may be submitted to:
We may request identity verification before processing requests.
13. Children's Privacy
The Service is not intended for individuals under 13 years of age.
We do not knowingly collect personal data from children under 13.
If we become aware that such data has been collected we will take reasonable steps to delete it.
14. Third-Party Links
The Service may contain links to external websites or services not operated by Bələdçi.
We are not responsible for the privacy practices of third-party services.
Users should review the privacy policies of those services independently.
15. Limitation of Liability
To the fullest extent permitted by law: Bələdçi is not responsible for user generated content posted by third parties, we do not guarantee uninterrupted or error-free operation of the Service, we are not liable for indirect, incidental, or consequential damages resulting from use of the Service.
16. Changes to This Privacy Policy
We may update this Privacy Policy periodically.
If material changes occur we may notify users through: application notifications, website notices, updated policy publication.
Continued use of the Service after updates constitutes acceptance of the revised policy.
17. Contact
If you have questions regarding this Privacy Policy please contact:
Email: [email protected]
