Privacy Policy

For Website and Mobile Applications (iOS & Android)

Effective Date: April 17, 2026  |  Last Updated: April 17, 2026

Welcome to ERTH (erth-gcc.com). We are a multivendor e-commerce marketplace serving customers across the Gulf Cooperation Council (GCC) region through our website and mobile applications available on the Apple App Store (iOS) and Google Play Store (Android).

This Privacy Policy explains how ERTH (“we”, “us”, or “our”) collects, uses, stores, shares, and protects your personal information when you use our Platform. It also describes your rights regarding your data and how to contact us.

By downloading, installing, or using the ERTH App or erth-gcc.com website, you agree to the practices described in this Privacy Policy.

1. Information We Collect

1.1 Information You Provide Directly

When you register, shop, or interact with our Platform, we may collect:

  • Full name and contact information (email address, phone number, mailing address)
  • Account credentials (username, password — stored in encrypted form)
  • Billing and payment information (processed securely via Apple Pay, Google Pay, and K-NET; we do not store full card or wallet details)
  • Profile photo (optional)
  • Communications with our support team or vendors
  • Vendor registration details (if you register as a seller on our marketplace)

1.2 Information Collected Automatically

When you use our app or website, we automatically collect:

  • Device information: device type, model, operating system version, unique device identifiers (IDFA/IDFV on iOS)
  • App usage data: pages viewed, products browsed, searches performed, features used
  • Log data: IP address, browser type, referring URLs, date and time of access
  • Location data: approximate location (if you grant permission) to show relevant vendors, offers, and delivery estimates
  • Crash reports and performance diagnostics to improve app stability

1.3 Information from Third Parties

  • Social login data if you sign in via Google or Apple (name and email only)
  • Payment verification data from our payment gateway partners
  • Analytics data from Apple App Store Connect and Google Firebase

2. How We Use Your Information

We use the information we collect for the following purposes:

  • To create and manage your account and profile
  • To process orders, payments, and facilitate delivery of products
  • To connect buyers with vendors on our multivendor marketplace
  • To send order confirmations, shipping updates, and customer support responses
  • To personalise your shopping experience and show relevant products
  • To send promotional emails, offers, and newsletters (you may opt out at any time)
  • To detect, prevent, and investigate fraud, abuse, or security incidents
  • To comply with legal obligations under applicable GCC and international laws
  • To improve our website, app, and services through analytics and user feedback
  • To respond to legal requests from authorities where required by law

3. Legal Basis for Processing

We process your personal data on the following legal bases:

  • Contract performance: to fulfil your orders and provide our services
  • Legitimate interests: to improve our platform, prevent fraud, and communicate with users
  • Consent: for marketing communications and location access (you may withdraw consent at any time)
  • Legal obligation: to comply with applicable laws and regulations in the GCC region

4. Sharing of Your Information

We do not sell your personal data. We may share your information with:

  • Vendors on our marketplace: to fulfil your orders (name, shipping address, contact number)
  • Payment processors: Apple Pay, Google Pay, and K-NET — to securely process transactions. Each operates under its own privacy and security standards
  • Delivery and logistics partners: to arrange shipment of purchased items
  • Cloud hosting and IT service providers: operating under strict data processing agreements
  • Analytics and crash reporting tools: such as Firebase Analytics and Apple Analytics
  • Legal and regulatory authorities: when required by law or court order

All third parties are contractually obligated to handle your data securely and only for the purposes we specify.

5. iOS-Specific Privacy Disclosures

As required by Apple App Store guidelines, we specifically disclose the following data practices for our iOS application:

5.1 Data Used to Track You

We do not use your data to track you across third-party apps or websites for advertising purposes.

5.2 Data Linked to You

The following data categories are collected and linked to your identity:

  • Contact information (name, email, phone, address)
  • Purchase history and order details
  • Payment information (processed via Apple Pay, Google Pay, or K-NET — not stored directly on our servers)
  • User content (product reviews, support messages)
  • App usage and browsing history within the ERTH app
  • Device identifiers for account security

5.3 Data Not Linked to You

Crash data and diagnostic information are collected but not linked to your personal identity.

5.4 Permissions Requested

Our iOS app may request the following permissions:

  • Camera: to upload product images (vendors) or scan QR codes
  • Photo Library: to upload profile photo or product images
  • Location: to show nearby vendors and accurate delivery estimates (optional)
  • Push Notifications: to send order updates and promotional alerts (optional)
  • Face ID / Touch ID: for secure app login (optional)

All permissions are requested only when relevant and can be managed in your iPhone Settings at any time.

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide our services. Specifically:

  • Account data: retained while your account is active, and for up to 3 years after closure for legal and dispute resolution purposes
  • Transaction records: retained for 7 years to comply with financial regulations
  • Marketing preferences: retained until you withdraw consent
  • Crash logs and analytics: retained for 90 days in aggregated, anonymised form

You may request deletion of your data at any time (see Section 9).

7. Data Security

We implement industry-standard security measures to protect your personal information, including:

  • HTTPS/TLS encryption for all data transmitted between the app/website and our servers
  • Encrypted storage of passwords and sensitive credentials
  • Access controls limiting data access to authorised personnel only
  • Regular security audits and vulnerability assessments
  • Secure payment processing via Apple Pay, Google Pay, and K-NET — all PCI-DSS compliant platforms

While we take every reasonable precaution, no digital transmission or storage system is 100% secure. We encourage you to use a strong password and keep your login credentials confidential.

8. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to:

  • Keep you logged in during your session
  • Remember your shopping cart and preferences
  • Analyse site traffic and user behaviour via analytics tools
  • Serve relevant product recommendations

You can manage cookie preferences through your browser settings. Our mobile apps use equivalent device-based identifiers rather than browser cookies.

9. Your Rights and Choices

Depending on your location and applicable law, you have the following rights regarding your personal data:

  • Access: request a copy of the personal data we hold about you
  • Correction: update or correct inaccurate personal information
  • Deletion: request deletion of your account and personal data
  • Portability: request your data in a machine-readable format
  • Opt-out: unsubscribe from marketing emails using the ‘unsubscribe’ link or contact us directly
  • Withdraw Consent: revoke previously granted permissions (location, notifications) via your device settings

To exercise any of these rights, please contact us at: support@erth-gcc.com

We will respond to all requests within 30 days.

10. Children’s Privacy

ERTH is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us immediately and we will delete it promptly.

Users between 13 and 18 years of age should only use the Platform with the supervision and consent of a parent or legal guardian.

11. International Data Transfers

ERTH operates primarily in the GCC region (Qatar, UAE, Kuwait, Saudi Arabia, Bahrain, Oman). Your data may be stored and processed on servers located in the GCC or in other countries where our cloud service providers operate.

In all cases, we ensure appropriate safeguards are in place to protect your personal data in accordance with this Privacy Policy and applicable data protection laws.

12. Third-Party Links and Services

Our Platform may contain links to third-party websites, social media platforms, or vendor stores. This Privacy Policy applies only to ERTH. We are not responsible for the privacy practices of third-party sites and encourage you to review their privacy policies independently.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we do, we will:

  • Update the “Last Updated” date at the top of this document
  • Notify registered users via email or an in-app notification
  • Post the updated policy at erth-gcc.com/privacy-policy

Your continued use of the Platform after changes are posted constitutes acceptance of the updated Policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please contact us:

ERTH Customer Support

Website: https://erth-gcc.com

Email: support@erth-gcc.com

Contact Page: https://erth-gcc.com/contact/

This Privacy Policy is compliant with Apple App Store Review Guidelines (Guideline 5.1 – Privacy), Google Play Developer Policy, and applicable data protection regulations in the GCC region.in the GCC region.

Main Menu