MILODI NAV
Back to Home
App StoreGoogle Play

Tojiron Sellers — Privacy Policy

This Privacy Policy describes how the Tojiron Sellers mobile application ("the App") collects, uses, and protects information about suppliers ("you") on iOS and Android. The App is operated by MILODI NAV, JDMM ("we", "us").

Effective date: May 19, 2026 · Version 1.0

Summary in plain language

  • We only collect what we need to identify your supplier account and let you receive order alerts.
  • We never sell your data and never share it with advertisers.
  • You can delete your account at any time by writing to our Telegram support.

1. Who we are

Tojiron Sellers is the official mobile application for suppliers of the Tojiron marketplace (tojiron.tj). It lets a supplier review their catalog, sales, settlements, payments, and submit warehouse return requests. The App is operated by:

MILODI NAV, JDMM

Dushanbe, Republic of Tajikistan

support@tojiron.ru

2. Data we collect

We deliberately keep the collected data set as small as possible. Concretely:

Phone number

Used as your login identifier. We send a one-time SMS code to it to verify the device.

Supplier profile data

Name, email, business address, supplier ID. These are entered by our administrator when your account is created — the App only displays them and lets you read them.

Authentication token (JWT)

Issued by our server after OTP verification and stored locally in the device Keychain (iOS) or EncryptedSharedPreferences (Android). It is only sent to admin.tojiron.ru to identify your session.

Push notification token

If you allow notifications, we receive a Firebase Cloud Messaging (FCM) token tied to your device. It is used solely to deliver alerts about new orders, settlements, payments, and return decisions.

Device information

Device type (iOS or Android) and app version — used for crash diagnostics and to send push notifications to the right platform. No advertising identifiers (IDFA / AAID) are collected.

What we do NOT collect

  • Geolocation, GPS or background location
  • Contacts, calendar, photos, camera, microphone
  • Health, biometric, payment or financial card data
  • Advertising identifiers and tracking data
  • Browsing history outside the App

3. Why we use this data

  • To verify that the person logging in is the rightful owner of the supplier account (phone + SMS code).
  • To show you your own orders, products, settlements, payments, and return requests on Tojiron.
  • To deliver push notifications about new sales, settlements, payments, return decisions, and low-stock warnings.
  • To keep the service secure (protect against unauthorized access and abuse).
  • To comply with applicable law and respond to lawful requests.

4. Sharing with third parties

We do not sell your personal data. We share data only with the following processors strictly to operate the App:

Google Firebase Cloud Messaging

Delivers push notifications to your device. Receives FCM token and notification payload.

policies.google.com

SMS gateway provider

Receives your phone number to deliver the one-time login code.

Operator in Tajikistan

Data may also be disclosed if required by law, court order, or a lawful request from a government authority.

5. Device permissions

Notifications

Optional. Used to deliver push alerts about sales, settlements, payments and returns. You can decline this and the App will still work — you simply won't get push.

Internet

Required. The App talks to admin.tojiron.ru to fetch and display your data.

6. Storage and security

All traffic between the App and our servers is transmitted over HTTPS (TLS). The session token is stored on the device using the platform's secure keystore (Keychain on iOS, EncryptedSharedPreferences on Android). Backend data is stored on protected servers operated by MILODI NAV, JDMM. We retain supplier data for as long as your account is active. After account closure, data is removed within 90 days, except where retention is required by law.

7. Your rights

You may at any time:

  • Request a copy of the personal data we hold about you.
  • Ask us to correct inaccurate data.
  • Ask us to delete your account and associated data.
  • Withdraw consent for push notifications via system settings.
  • Lodge a complaint with the competent supervisory authority in the Republic of Tajikistan.

8. Account deletion

You can delete your account directly from the App, without contacting support. In the App: Profile → "Удалить аккаунт". The flow is two-step:

  1. Confirm the consequences and tap "Continue" — we send a 6-digit SMS code to the phone linked to your account.
  2. Enter the code on the next screen. The server immediately marks the account as deleted and invalidates the JWT session — the App signs you out and returns you to the login screen.

The deletion is a soft-delete: the supplier record and related historical data (products, orders, settlements) remain in the database for reporting integrity, but you can no longer sign in by that phone number. Re-registration by the same phone is blocked. If you need to come back, contact our administrator — accounts can be restored from the admin panel.

Limits: up to 5 deletion-OTP requests per phone per day. The code is 6 digits and lives for 5 minutes.

Need help with deletion?@Tojirontj

9. Children

The App is intended for legal-entity and individual-entrepreneur suppliers. It is not directed at children under 18. We do not knowingly collect data from minors. If you believe a minor has provided us data, contact us at support@tojiron.ru and we will remove it.

10. Changes to this policy

We may update this Privacy Policy from time to time, for example when we add new features or when the law changes. The latest version is always available at this page. If changes are material, we will notify you via the App or by email.

11. Contact us

For any privacy-related question, write to:

Email

support@tojiron.ru

Telegram

@Tojirontj

Last updated: May 19, 2026

© 2026 MILODI NAV, JDMM. All rights reserved.