Privacy Policy
Last updated: March 2026
Important: The ZiniPay mobile application (the “App”) is intended only for registered ZiniPay customers who already have a ZiniPay account and an API Key. It is not a consumer app and has no standalone use for the public. The App does not provide banking, lending, wallet, or consumer financial services. Its sole function is to forward valid Mobile Financial Services (MFS) transactional SMS (e.g., bKash, Nagad, Rocket) to the ZiniPay server (api.zinipay.com).
1. What Information the App Processes
A. SMS (MFS Transactional Messages Only)
- The App requests READ_SMS and RECEIVE_SMS permissions solely to read Mobile Financial Services (MFS) transactional messages.
- Only messages from supported, whitelisted senders are processed. Personal, promotional, or unrelated messages are ignored.
- Processed transaction messages are transmitted securely to the ZiniPay server (api.zinipay.com) and then appear in your dashboard.
- We do not use SMS data for advertising or analytics, and we do not sell or share SMS content with third parties.
B. Notifications
On Android 13+ the App requests the POST_NOTIFICATIONS permission to inform you when background syncing is active or paused, and to alert you to important sync results and errors. Notifications are local to your device. We do not collect notification content for analytics or advertising.
C. Account & Authentication
To use the App, you connect using your ZiniPay API Key. This key is used strictly to authenticate you with the ZiniPay server (api.zinipay.com) and to enable secure syncing.
D. Technical Log Data & Crashlytics
We may collect limited technical information (device model, OS version, IP address) and use Firebase Crashlytics to monitor app stability and diagnose crashes. This is used strictly for troubleshooting and improving the App. We do not use Crashlytics for advertising.
2. Permissions Summary
| Permission | Purpose |
|---|---|
| INTERNET | Securely communicate with the ZiniPay server (api.zinipay.com). |
| POST_NOTIFICATIONS | Display operational status and sync results. |
| READ_SMS / RECEIVE_SMS | Read and receive MFS transaction SMS to sync to your dashboard. |
| FOREGROUND_SERVICE | Run a background service to reliably sync data. |
3. Local Storage & Deletion Controls
You can choose a retention period for SMS cleaning or delete all locally stored ZiniPay SMS entries at any time from the App. Deleting locally does not automatically delete records synced to your ZiniPay dashboard.
4. Data Processing & Security
Data is transmitted over encrypted channels (e.g., HTTPS/TLS) to the ZiniPay server (api.zinipay.com). Access to data within the server is governed by your account permissions. We apply industry-standard safeguards designed to protect information during transmission.
5. Your Choices & Controls
- Revoke SMS or Notifications permissions at any time from device settings.
- Enable/disable particular whitelisted senders from the Filters tab.
- Use SMS Cleaning Settings to remove local data.
- Disconnect your API Key from the App at any time.
6. Contact Us
If you have questions about this Privacy Policy or our data practices, please contact our support team.