Sign In

Privacy Policy

Last updated: March 18, 2025

This policy explains how Holisar (operated by Holisar Pvt. Ltd., registered in Nepal) collects, uses, and protects your personal information.

Table of Contents

  1. 1. Information We Collect
  2. 2. How We Use Your Information
  3. 3. Sharing of Information
  4. 4. Data Security
  5. 5. Your Rights
  6. 6. Cookies
  7. 7. Children's Privacy
  8. 8. Changes to This Policy
  9. 9. Contact Us

1. Information We Collect

1.1 Account Information

When you register on Holisar, we collect your full name, email address, phone number, and chosen password (stored as a cryptographic hash). Sellers additionally provide business name, registration number, PAN/VAT number, and business address.

1.2 Transactional Data

We record details of all orders, payments, quotes, offers, and RFQs processed through the platform. Payment card data is never stored on our servers β€” all card transactions are processed by our certified payment partners (eSewa, Khalti, ConnectIPS).

1.3 Communications

Messages sent between buyers and sellers via our chat system are stored to enable dispute resolution and provide customer support. We do not read private messages except when required for dispute investigation or legal compliance.

1.4 Usage Data

We collect technical data including IP address, browser type, pages visited, search queries, and click patterns. This data is used to improve the platform and personalize your experience.

1.5 Device & Location Data

With your permission, we may collect approximate location data to show relevant local suppliers. Precise GPS data is never required or collected.

2. How We Use Your Information

2.1 Service Delivery

To facilitate transactions, process payments, send order confirmations, connect buyers with sellers, and provide customer support.

2.2 Verification

To verify the identity of sellers and the authenticity of business registrations. Verified status is displayed publicly on business profiles.

2.3 Communications

To send transactional emails (order updates, payment confirmations), platform notifications, and β€” with your consent β€” marketing communications about relevant products and promotions.

2.4 Safety & Fraud Prevention

To detect and prevent fraudulent transactions, spam, abuse, and other activities that violate our Terms of Service.

2.5 Analytics & Improvement

To understand how the platform is used, identify bugs, and develop new features that better serve our community.

3. Sharing of Information

3.1 With Other Users

Seller business profiles (including business name, location, verified status, and product listings) are publicly visible. Buyer identity is not shared with sellers beyond what is necessary to fulfill an order (shipping name and address).

3.2 Service Providers

We share data with trusted service providers who help us operate the platform β€” including payment processors, email service providers, cloud storage, and analytics services β€” under strict data processing agreements.

3.3 Legal Requirements

We may disclose information if required by Nepal law, court order, or governmental authority, or where necessary to protect the rights, property, or safety of Holisar, our users, or the public.

3.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, user data may be transferred. We will notify affected users before such a transfer.

3.5 We Do Not Sell Your Data

Holisar does not sell, rent, or trade personal data to third parties for their own marketing purposes.

4. Data Security

4.1 Technical Measures

All data transmission is encrypted via TLS/HTTPS. Passwords are hashed using bcrypt. Our servers are hosted on ISO 27001-certified infrastructure with regular security audits.

4.2 Access Controls

Only authorized Holisar employees with a legitimate business need can access user data. All internal access is logged and audited.

4.3 Breach Notification

In the event of a data breach that affects your personal data, we will notify you within 72 hours of becoming aware of the breach, in accordance with applicable law.

5. Your Rights

5.1 Access & Portability

You can request a complete export of all personal data we hold about you via Settings β†’ Privacy β†’ Export My Data. The data is provided in JSON format within 48 hours.

5.2 Correction

You can update your profile information at any time from your account settings.

5.3 Deletion

You may request deletion of your account and associated personal data via Settings β†’ Privacy β†’ Delete My Account. Note that certain transactional records must be retained for legal and tax compliance for up to 7 years.

5.4 Marketing Opt-Out

You can unsubscribe from marketing emails at any time via the unsubscribe link in any email, or via Settings β†’ Notifications.

6. Cookies

6.1 Essential Cookies

We use cookies to maintain your login session and remember your preferences. These are strictly necessary for the platform to function.

6.2 Analytics Cookies

With your consent, we use analytics cookies to understand how visitors use the platform. You can opt out via your browser settings.

7. Children's Privacy

Holisar is a business-to-business platform intended for persons aged 18 and above. We do not knowingly collect personal data from minors. If you believe a minor has created an account, please contact us immediately.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or via a platform notification at least 14 days before the changes take effect. Your continued use of the platform after the effective date constitutes acceptance of the updated policy.

9. Contact Us

For privacy-related questions, data access requests, or concerns, contact our Data Protection Officer at: [email protected] or write to: Holisar Pvt. Ltd., Lazimpat, Kathmandu, Bagmati Province, Nepal.

By using Holisar, you acknowledge that you have read and understood this Privacy Policy. If you have any questions, please contact us.