Eslami Electric

Quality electrical supplies

Privacy Policy

Last updated: 26 May 2026

1. Who we are

Eslami Electric (“we”, “us”) operates an electrical supplies shop in Zahedan, Sistan and Baluchestan, Iran. We provide this website at eslamielectric.com and a customer Android app. Both connect to the same backend services.

Address: Azadi Avenue, Zahedan, Sistan and Baluchestan, Iran.

2. What data we collect

We collect only what is needed to run the shop, process orders, and maintain your account.

  • Account & profile — name, email, password (hashed), date of birth (optional), mobile, landline (optional), delivery address, bank details (optional). Company accounts may include company name, registration number, and contact details.
  • Contact email — if you sign in with Telegram or Google, we may ask for a separate contact email for receipts and checkout.
  • Orders — products, quantities, prices, fulfillment type (delivery or collection), shipping address, order status, Stripe session reference, and for guests: name, email, phone (optional), and a secure tracking token.
  • Payment — card and billing details are entered on Stripe Checkout (web or Android Custom Tab). We do not store full card numbers on our servers; Stripe processes payment and shares session/status data with us.
  • Sign-in methods (web) — email/password; optional Google OAuth (name and email from Google); optional Telegram Login (Telegram user id, first/last name, username). Telegram users receive a synthetic login email in our auth system.
  • Device & browser storage — language preference, basket contents, session token (JWT), locale/currency display settings in localStorage on the website; JWT in encrypted storage and basket in app storage on Android.
  • Technical & analytics — when you visit the website we use Vercel Web Analytics and Speed Insights (page views and performance metrics). On first visit we may call /api/locale-hint, which sends your IP to ipapi.co to guess country for default language/currency; we do not persist that IP lookup in our database.
  • Emails — order receipts, password reset links, and account-related messages sent via Resend to addresses you provide.
  • Internal shop notifications — new sign-ups and orders may trigger messages to our Telegram channel (business use only; not marketing to you).

We do not sell your personal data. Admin catalog and order management tools are available on the website to authorised staff only; the Android app does not include admin features.

3. Why we use your data (legal bases)

  • Contract — to create your account, fulfil orders, deliver or prepare collection, and provide order tracking.
  • Legitimate interests — fraud prevention, security, improving the shop, and limited analytics to keep the site fast and reliable.
  • Consent — where required for optional sign-in providers (Google, Telegram) you choose on the web login page.
  • Legal obligation — retaining order records where required for tax, accounting, or dispute resolution.

4. How long we keep data

  • Active account profile data is kept while your account exists.
  • Order records (including line items and amounts) are kept for business and legal needs even after personal details are removed.
  • If you request account deletion (when self-service deletion is enabled on the website), we promptly remove personal identifiers from your profile and linked orders, delete your sign-in credentials, and schedule permanent removal of the profile row after a retention period (default 365 days, configurable on our servers).
  • Session tokens expire after 7 days; you may log out or clear app storage to remove them sooner.

5. Third-party services

  • Supabase — authentication and database hosting.
  • Stripe — payment processing (Stripe Privacy Policy).
  • Resend — transactional email delivery.
  • Google — OAuth sign-in on the website (if you choose it).
  • Telegram — optional login on the website; our bot may receive login verification data from Telegram.
  • Vercel — website hosting, Web Analytics, and Speed Insights.
  • ipapi.co — country lookup from IP for locale defaults (website only).

These providers process data under their own policies and may store data outside Iran. We share only what is necessary for each service.

6. Android app

The Eslami Electric Android app uses the same API at https://www.eslamielectric.com. It stores your basket locally, keeps your login token in encrypted device storage, and opens Stripe Checkout in a browser tab for payment. Guest checkout, order tracking, and profile data follow the same rules as the website. Google and Telegram sign-in are not included in the current Android app version. This privacy policy URL applies to both the website and the app.

7. Your rights & choices

  • View and update profile fields in My Profile (website or app).
  • Log out to clear your session token; clear browser storage to remove basket and preferences on the web.
  • Request account deletion on the website when the delete-account option is enabled (requires password confirmation).
  • Contact us to ask about your data, correct information, or raise a privacy concern (see below).

8. Children

Our shop and apps are intended for adults placing business or household orders. We do not knowingly collect personal data from children under 13. If you believe a child has provided us data, contact us and we will delete it.

9. Changes

We may update this policy from time to time. The “Last updated” date at the top will change. Continued use of the website or app after changes means you accept the updated policy.

10. Contact

For privacy questions or requests: