Have you know what Data shared and collected from Meesho: Online Shopping App
- Location (Approximate and precise location data for logistics and delivery)
- Personal Information (Name, email address, phone number, and physical addresses for shipping and billing)
- Financial Information (Payment details, credit card numbers, and transaction history shared with payment gateways)
- App Activity (Browsing behavior, search terms, and product interactions shared with analytics partners)
- Device and Other Identifiers (IP address, device ID, advertising IDs shared with marketing affiliates and third parties)
- Order Information (Order details shared with independent sellers, logistics partners like Valmo, and delivery agents)
- Technical Data (Browser type, operating system, and network provider data)
- First and Last Name
- Mobile Phone Number
- Email Address
- Shipping and Delivery Address
- Billing Address
- Payment Information (Credit/Debit card details, UPI IDs, bank account details for refunds)
- Device Information (Hardware model, operating system, time zone)
- Network Information (IP address, Internet Service Provider)
- Browsing Information (Web pages viewed, search terms, referring/exit pages)
- Interaction Data (Clicks, time spent on pages, and engagement with the app or website)
- Purchase History (Orders placed, cancelled, and returned)
- Location Data (Pin codes and GPS coordinates for delivery routing)
- Cookies, Web Beacons, Tags, and Pixels (For tracking and analytics)
- Customer Support Interactions (Chat logs, voice recordings via AI bots, and email correspondence)
- Seller Data (For business accounts: Inventory, sales metrics, and business registration details)
- Secure Payment Gateways (Integration with standard, secure online payment processors for encrypted transactions)
- Active Bug Bounty Program (Hosted on HackerOne to reward security researchers for finding vulnerabilities)
- Project Suraksha (An initiative that utilizes AI and manual reviews to detect and delist counterfeit or restricted products)
- Fraud Prevention Systems (Blocking suspicious user accounts and preventing millions of potentially fraudulent transactions)
- Legal Enforcement (Filing legal cases and seeking injunctions against deceptive websites and fraudsters misappropriating the brand)
- Mechanism for Data Deletion (Users can request the deletion of their personal data)
- Secure SSL/TLS Protocols (For encrypting data in transit between the app/website and servers)
- Processing and fulfilling e-commerce orders (arranging shipping and generating invoices)
- Communicating with customers regarding order statuses, refunds, and support queries
- Screening orders for potential risk, fraud, and policy violations
- Delivering targeted advertisements and marketing communications based on user preferences
- Generating analytics to understand how customers browse and interact with the platform
- Improving and optimizing the website, mobile app, and overall user experience
- Providing seller tools for inventory management, pricing optimization, and visibility
- Complying with applicable laws, regulations, and lawful requests from authorities
- Fraudulent Cash on Delivery (COD) Orders (Historically, miscreants have extracted user data from alternate sources to place fake, high-margin COD orders without the user's consent)
- Third-Party Tracking (Extensive use of cookies and tracking pixels for behavioral advertising on platforms like Facebook and Google)
- Counterfeit Products (Despite mitigation efforts, the marketplace model inherently carries risks of independent sellers listing counterfeit or low-quality goods)
- Data Sharing with Affiliates (Data is shared broadly within the corporate family and with numerous third-party service providers and logistics partners)
- Deceptive Imitation Websites (Scammers often create fake websites mimicking Meesho to phish for customer data and payment details)
- May 2024 (Alleged Breach): A threat actor claimed responsibility for a data breach affecting Meesho on a hacker forum, posting names, emails, and phone numbers. However, cybersecurity experts scrutinized the claim and discovered the data was likely recycled from a 2020 IndiaMART database leak, casting significant doubt on the authenticity of a new, direct breach of Meesho's systems.
- August 2021 (Data Leak Scams): Users reported receiving bogus Cash on Delivery (COD) orders they never placed, raising fears of a data leak. The company clarified that miscreants were likely extracting user data (names, phones, addresses) from external sources outside the Meesho platform to place unconsented orders and defraud customers.
🛡
All comments are automatically scanned for viruses and malware before being published to ensure community safety.