LEGAL

Privacy Policy

Last updated: 29 May 2026

1. Introduction

This Privacy Policy explains how NayaSports (SMC-Private) Limited ("NayaSports", "we", "us", "our") collects, uses, shares, and protects your information when you use the NayaSports mobile application, web application, and related services (collectively, the "Service").

NayaSports is a sports venue booking platform serving Pakistan. By using the Service, you agree to the practices described in this Policy. If you do not agree, please do not use the Service.

2. Information We Collect

2.1 Information you provide directly

  • Account information: full name, email address, phone number, password (stored as a one-way hash), profile photo, preferred sports, and city.
  • Venue owner information: business name, venue details, court information, pricing, operating hours, banking details for payouts, KYC documents (CNIC, business registration).
  • Bookings and activity: bookings you create, ratings and reviews you submit, favorite venues, match invitations, chat messages, photos you upload.
  • Communications: messages you send to other users, venue owners, or our support team.

2.2 Information collected automatically

  • Device and usage data: device model, operating system version, app version, language preference, time zone, crash logs.
  • Location data: approximate or precise GPS location, used only to find sports venues near you. Location is requested with your permission and only when relevant features are in use.
  • Push notification tokens: a device token issued by Apple (APNs) or Google (FCM) so we can deliver booking, chat, and match notifications.
  • Log data: IP address, request timestamps, and pages or screens viewed.

2.3 Information from third parties

  • Google Sign-In: if you sign in with Google, we receive your name, email, and profile photo from your Google account.
  • Payment processors: when you pay through Safepay or similar gateways, we receive a transaction confirmation. We do not store full card numbers or CVVs on our servers.

3. How We Use Your Information

  • Create and maintain your account, including identity verification via OTP.
  • Show you sports venues near your location and let you browse, book, and pay for courts.
  • Send transactional notifications such as booking confirmations, reminders, chat messages, and match invites.
  • Enable venue owners to manage their venues, courts, bookings, finances, and staff.
  • Process payments and route payouts to venue owners.
  • Provide customer support and respond to your inquiries.
  • Detect, prevent, and address fraud, abuse, or violations of our terms.
  • Analyze app performance and diagnose crashes to improve the Service.
  • Comply with applicable laws and respond to lawful government requests.

4. Third-Party Services We Use

We rely on the following third-party providers to operate the Service. Each operates under its own privacy policy.

ProviderPurpose
Google FirebasePush notifications (FCM), crash reporting (Crashlytics), and Google sign-in.
Google MapsDisplay venue locations and provide map tiles.
SupabaseReal-time chat and presence (self-hosted in Pakistan).
SafepayCredit and debit card payment processing.
ResendDelivery of transactional emails (OTPs, password resets, receipts).
CloudflareContent delivery and DDoS protection.

5. How We Share Your Information

We do not sell your personal information. We share data only in the following limited circumstances:

  • With venue owners: when you book a court, we share your name, phone number, and booking details with the venue owner so they can fulfil the booking.
  • With other users in matches and chats: when you join a public match or send a message, your display name and profile photo are visible to other participants.
  • With service providers: the third parties listed in Section 4 process data on our behalf under contractual obligations to protect it.
  • For legal reasons: if required by law, court order, or to protect the rights, safety, and property of NayaSports, our users, or the public.
  • Business transfers: in the event of a merger, acquisition, or sale of assets, your information may be transferred subject to this Policy.

6. Permissions on Your Device

The NayaSports app requests the following device permissions when needed. You may decline or revoke any of these at any time in your device settings; some features may stop working as a result.

  • Location (when in use): to find sports venues near you.
  • Camera: to scan booking QR codes for check-in and to upload profile or venue photos.
  • Photo library: to attach images to venue listings or chats, and to save booking tickets you choose to download.
  • Notifications: to alert you about bookings, chats, and match updates.
  • Face ID / Touch ID: to keep your account secure when accessing sensitive settings.

7. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. After account deletion, we delete or anonymise your personal data within 30 days, except where retention is required for:

  • Tax, accounting, or other legal obligations (typically up to 6 years for financial records).
  • Resolving disputes or enforcing our agreements.
  • Fraud prevention and security investigations.

8. Your Rights and Choices

You have the right to:

  • Access: request a copy of the personal information we hold about you.
  • Correction: update inaccurate or incomplete information via the app or by contacting us.
  • Deletion: request deletion of your account and associated personal data.
  • Withdraw consent: revoke device permissions or unsubscribe from non-essential communications.
  • Data portability: request a machine-readable export of your data.

To exercise any of these rights, email us at support@nayasports.com. We will respond within 30 days.

9. Data Security

We use industry-standard safeguards to protect your information, including encrypted connections (HTTPS/TLS), encrypted storage of sensitive data, bcrypt-hashed passwords, and access controls. No method of transmission or storage is 100% secure; we cannot guarantee absolute security but work continuously to protect your data.

10. Children's Privacy

The Service is not directed to children under 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it.

11. International Data Transfers

Your data is primarily stored and processed in Pakistan. Some third-party providers (Google Firebase, Cloudflare) may process data in regions outside Pakistan. Those providers maintain industry-standard safeguards for international transfers.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be announced in the app or by email at least 7 days before they take effect. The "Last updated" date at the top of this page reflects the most recent revision. Continued use of the Service after changes take effect means you accept the revised Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please reach out:

NayaSports (SMC-Private) Limited

Email: support@nayasports.com

Website: https://nayasports.com