Yawmik
Privacy & Terms
Policy Center
Privacy Policy
This policy explains what information may be collected when using Yawmik, why it may be processed, how it is protected, and which controls are available to users.
Entity
Yawmik Ltd.
Effective Date
March 1, 2026
Last Updated
March 1, 2026
Contact
privacy@yawmik.com
1. Introduction
Welcome to Yawmik, a unified digital platform designed to connect, manage, and execute everyday digital experiences across individuals, professionals, and businesses worldwide. Yawmik operates as a parent platform supporting multiple integrated services including workspace tools, communication systems, business management modules, including Arqify, and cloud-enabled applications.
This Privacy Policy explains how Yawmik Ltd., referred to as Yawmik, we, our, or us, collects, uses, processes, stores, and protects your information when you access Yawmik web applications, desktop applications, mobile applications, sub-platforms and services under the Yawmik ecosystem, and payment-integrated services including Stripe, SSLCommerz, and international gateways.
By using Yawmik services, you agree to the collection and use of information in accordance with this Privacy Policy.
2. Legal Entity and Data Controller
Data Controller: Yawmik Ltd.
Registered Jurisdiction: Bangladesh, with future support for global registration structures as the ecosystem expands.
Official Platform: Yawmik.com. Ecosystem Services: Yawmik, Arqify, and affiliated digital modules.
Yawmik acts as the primary data controller for user data processed within its ecosystem, except where a specific service, partner, or legal arrangement clearly states otherwise.
3. Scope of This Policy
This Privacy Policy applies to users, store owners, businesses using Arqify under the Yawmik ecosystem, visitors of Yawmik websites, API and payment-integrated customers, and global users accessing cloud or offline-sync features.
This policy covers both online and offline-first synchronized data systems and applies across browser-based, installed, mobile, and service-to-service interfaces operated under the Yawmik brand or its affiliated modules.
4. Information We Collect
Yawmik may collect information in several categories depending on the services you use, the type of account you create, and whether you interact as an individual, a store, a professional, or a business customer.
- Personal information such as full name, email address, phone number, account credentials, business or store details, billing and payment information, and profile or identity verification data.
- Business and platform data for services like Arqify, including product listings, sales records, customer records, inventory data, transaction logs, QR verification data, store analytics, and operational metrics.
- Technical and device information including IP address, browser type and version, device identifiers, operating system, session logs, app usage analytics, crash reports, and diagnostics.
- Payment-related information limited to transaction ID, payment status, and non-sensitive billing metadata.
5. Payment Information and Gateway Handling
Yawmik does not store raw card numbers. All sensitive financial data is securely processed by PCI-DSS compliant payment processors, including Stripe for international cards, SSLCommerz for Bangladesh payments, and future supported global gateways.
We only retain operational payment records needed for billing continuity, reconciliation, support, fraud review, accounting, and legal compliance.
- Transaction ID
- Payment status
- Subscription or invoice reference
- Billing metadata that does not expose raw financial credentials
6. Lawful Basis for Processing
Yawmik processes data on one or more lawful bases depending on the context of the service and the relationship with the user or customer.
- User consent
- Contractual necessity for service delivery
- Legal compliance obligations
- Legitimate business interests
- Fraud prevention and platform security
7. How We Use Your Information
Collected information is used to operate and improve Yawmik services across product, security, support, and billing functions.
- Provide and maintain Yawmik platform services
- Enable ecosystem tools including workspace, business, and communication modules
- Process subscriptions and payments securely
- Enable offline-first sync with optional cloud storage
- Improve performance, AI assistance, and product features
- Provide customer support
- Prevent fraud, abuse, and unauthorized access
- Comply with legal and regulatory obligations
8. Payment and Financial Data Protection
Yawmik follows a strict payment security architecture designed to reduce exposure, separate duties, and ensure sensitive payment handling remains with certified processors.
All payment processing is handled by third-party processors such as Stripe and SSLCommerz rather than stored directly on Yawmik systems.
- PCI-DSS compliant gateway integration
- End-to-end encrypted payment sessions
- Tokenized transactions without card storage
- Secure webhook verification
- Fraud detection layers
- Gateway-level authentication such as 3D Secure, OTP, and bank verification where supported
- No direct storage of card numbers, CVV, or full banking credentials
9. Data Storage and Security Infrastructure
Yawmik implements enterprise-grade security controls intended to protect information against unauthorized access, misuse, destruction, or accidental loss.
Security architecture evolves with the platform, but the operating model is built around layered controls rather than a single trust boundary.
- Encrypted cloud databases including PostgreSQL and secure storage layers
- HTTPS and TLS 1.2 or higher for transmission security
- Role-based access control
- Secure server environments across VPS and cloud infrastructure
- Automated backups and audit logs
- Zero-trust internal access policies
- Protection against external cyber threats, misuse, and unauthorized privilege escalation
10. Data Retention Policy
We retain user data only for as long as reasonably necessary to provide active services, comply with legal obligations, maintain financial transaction records, support account recovery, and preserve platform integrity.
Retention periods may vary depending on account type, service tier, unresolved disputes, fraud review status, legal holds, or accounting requirements.
Users may request deletion, subject to legal, financial, fraud-prevention, and operational compliance requirements.
11. Third-Party Services and Integrations
Yawmik may integrate with trusted third-party service providers where those integrations are necessary to operate the platform efficiently and securely.
- Payment processors such as Stripe and SSLCommerz
- Cloud hosting providers
- Analytics systems
- Security monitoring services
- API infrastructure providers
12. Data Sales and Advertising Statement
Yawmik does not sell user data to advertisers or third-party data brokers.
Third-party providers are selected based on security, operational necessity, and compliance considerations, not for resale or advertising monetization of personal information.
13. Cookies and Tracking Technologies
Yawmik uses cookies and similar technologies to maintain secure login sessions, enhance user experience, analyze platform performance, and prevent fraud and abuse.
Users can control cookies through browser settings, although some core service functions may not operate correctly if essential session technologies are disabled.
14. International Data Transfers
As Yawmik expands globally, data may be processed in secure international data centers or by service providers operating across borders.
Where cross-border transfers occur, Yawmik applies industry-standard safeguards including encrypted transmission, secure hosting compliance, and access restriction protocols appropriate to the data category and operational context.
15. User Rights
Depending on your jurisdiction, you may have the right to access your data, correct inaccurate information, request deletion, export data, restrict processing, or withdraw consent where consent is the lawful basis.
Requests can be submitted through official support channels and may require identity verification before action is taken.
16. Children’s Privacy
Yawmik services are not intended for children under 13, or under any higher legal age required by local law. We do not knowingly collect personal data from minors without verified guardian consent.
If we learn that protected minor data has been collected in violation of applicable requirements, we will take appropriate steps to remove or restrict it as required.
17. Compliance and Regulatory Alignment
This Privacy Policy is structured to be compatible with GDPR-style privacy principles, PCI-DSS payment security standards, international SaaS platform policies, payment gateway verification requirements, and the compliance expectations commonly associated with Stripe and SSLCommerz integrations.
18. Updates, Contact, and Legal Notice
We may update this Privacy Policy periodically to reflect legal changes, platform upgrades, new payment integrations, and ecosystem expansion across Yawmik and Arqify services. Users may be notified through website notices, email where applicable, or platform announcements.
Official Entity: Yawmik Ltd. Privacy and Legal Department. Email: privacy@yawmik.com. Website: www.yawmik.com. For legal, compliance, or data-related inquiries, please contact our Data Protection Team.
Copyright notice: Yawmik, Arqify, and all ecosystem services, logos, systems, and technologies are protected intellectual property assets of Yawmik Ltd. Unauthorized copying, reproduction, distribution, or misuse of platform content, architecture, or legal documents may result in action under applicable law.