Flash-Drop

Privacy Policy

Effective date: May 15, 2026

Aqentra ("we", "us", "our") operates Flash-Drop at getflashdrop.co. This Privacy Policy explains how we collect, use, and protect information when you use our platform and driver application.

1. Information We Collect

Account information

Name, email address, phone number, and password (hashed) when you create an account.

Business information

Restaurant or pharmacy name, address, and operational details provided during onboarding.

Driver information

Name, phone, vehicle type, license plate, and PIN (stored as a bcrypt hash). Drivers are added by restaurant administrators, not through self-registration.

Location data

GPS coordinates (latitude, longitude, speed, heading) collected from the Flash-Drop Driver app during active delivery shifts. Location updates are transmitted in real-time to our servers and displayed to authorized dashboard users.

Order data

Customer names, delivery addresses, and order details entered by restaurant staff.

Usage data

Log data including IP addresses, browser type, pages visited, and timestamps.

2. How We Use Your Information

  • Providing and improving the Flash-Drop platform
  • Enabling real-time delivery tracking for restaurants
  • Calculating driver payroll and performance analytics
  • Sending service-related notifications and updates
  • Responding to support requests
  • Complying with legal obligations

We do not sell your personal data to third parties.

3. Location Data

Location data is collected only when a driver is marked "Available" or on an active delivery. Drivers can stop sharing their location at any time by going offline in the app. Location history is retained for analytics and payroll verification purposes for a maximum of 12 months.

4. Data Sharing

We share data only with:

  • Hosting providers — Railway (infrastructure), who process data on our behalf under data processing agreements.
  • Your restaurant / business — Restaurant admins can see their drivers' locations, order status, and performance data.
  • Law enforcement — When required by applicable Egyptian law.

5. Data Security

We implement industry-standard security measures including TLS encryption in transit, bcrypt password hashing, JWT authentication with short expiry, and role-based access controls. No method of transmission or storage is 100% secure.

6. Data Retention

Account data is retained for the lifetime of your subscription plus 90 days after cancellation. Order and delivery records are retained for 2 years for accounting purposes. Location data is retained for 12 months. You may request earlier deletion by contacting us.

7. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Request deletion of your data (subject to legal retention requirements)
  • Export your data in a portable format
  • Withdraw consent for optional data processing

To exercise these rights, email [email protected]

8. Cookies

The Flash-Drop dashboard uses cookies and localStorage for authentication token storage and user preferences (language, theme). We do not use third-party advertising cookies.

9. Children's Privacy

Flash-Drop is a B2B platform not directed at individuals under 18. We do not knowingly collect data from minors.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you by email 14 days before material changes take effect. The "Effective date" at the top of this page reflects the latest revision.

11. Contact

Privacy enquiries: [email protected]
General support: [email protected]