Privacy Policy

Effective date: January 19, 2026

Welcome to AiMall!

This Privacy Policy explains how AiMall ("we", "us", or "our") collects, uses, discloses, and protects your information when you use our mobile application (the "App") and related enterprise services ("Services").

AiMall is an internal enterprise tool designed for supermarket staff to assist with inventory management, risk monitoring, and store operations. This App is not intended for public use and requires an authorized employee account to access.

By accessing or using the App, you agree to the terms of this Privacy Policy.

1. Information We Collect

1.1 Information Provided by Your Organization

Your account is created and managed by your employer or the system administrator. We may process the following information associated with your account:

• Identity Information: Name, Employee ID, Role/Position.
• Login Credentials: Username, Password (encrypted), and authentication tokens.

1.2 Information Collected Automatically

When you use the App, we automatically collect certain device and usage information:

• Device Information: Device model, operating system version, unique device identifiers (e.g., for Firebase Cloud Messaging), and IP address. This helps us ensure the security of the App and deliver push notifications.
• Usage Logs: Information about your interactions with the App, such as features used, timestamps of actions (e.g., acknowledging an alert), and crash reports.

1.3 Surveillance and Face Data

Source of Data: The App provides insights derived from the store's fixed CCTV surveillance systems. The App itself does not use your mobile device's camera for facial recognition.

Facial Analysis: Our Service analyzes CCTV footage to identify store events, such as potential theft risks, safety incidents, or crowd density.

• Purpose: To improve store security, monitor stock levels, and ensure staff and customer safety.
• Biometric Data: While the system may detect human presence and analyze behaviors, any processing of facial data for identification purposes is strictly limited to security and risk management contexts authorized by your organization.
• Retention: Video footage and derived data are stored on secure servers. The retention period is determined by your organization's internal policies and local regulations.

2. How We Use Your Information

We use the collected information for the following purposes:

• Service Operation: To provide real-time alerts for out-of-stock items, security risks, or operational tasks.
• Notifications: We use Firebase Cloud Messaging (FCM) to send instant push notifications about urgent store events to your device.
• Security & Compliance: To verify your identity as an authorized employee, prevent unauthorized access, and maintain an audit trail of actions taken within the App.
• Improvement: To analyze App performance and fix technical issues.

3. Permissions We Request

To provide full functionality, the App may request the following permissions on your device:

• Notifications: Required to receive real-time alerts for risk events or tasks.
• Network Access: Required to connect to the central server to fetch data and submit reports.
• Camera (Optional): May be requested if the App includes features for scanning barcodes (Search SKU) or documenting shelf conditions, though this is not the primary source of video analysis.
• Storage (Optional): To save reports or cache images locally for performance.

4. Data Sharing and Disclosure

We do not sell your personal information. We share data only in the following circumstances:

4.1 Internal Use

Data is shared internally within your organization (e.g., store managers, security teams) for operational purposes.

4.2 Service Providers

We use trusted third-party service providers to help us operate the App:

• Firebase (Google): Used for secure authentication and delivering push notifications (Cloud Messaging).

4.3 Legal Compliance

We may disclose information if required by law, regulation, or legal process, or to protect the safety, rights, or property of our users or the public.

5. Data Retention

App Data: Logs and local data on your device are retained only as long as necessary for the App's function or until you log out/uninstall the App.

Server Data: Surveillance data, incident reports, and associated metadata are retained on the server according to the retention policy defined by the system administrator (your employer), ranging from temporary processing to archival for security audits.

6. Data Security

We implement industry-standard security measures to protect your data, including encryption in transit (HTTPS/TLS) and strict access controls. Only authorized personnel can access sensitive surveillance data.

7. Your Rights

As an internal employee user:

• Access & Correction: You may request access to or correction of your account profile through your system administrator.
• Account Deletion: Since accounts are managed by the enterprise, account deletion requests should be directed to your manager or IT department.

8. Contact Us

If you have questions about this Privacy Policy or the App's data practices, please contact us at:

Email: support@mall-ai.com