1 Information We Collect
Account Registration
- First and last name
- Email address
- Password (stored as a hashed credential via Firebase Authentication)
- Phone number (optional)
Creator Profile
- Profile photograph (uploaded from your photo library)
- Biography / personal description
- Instagram and TikTok handles
- Creator type (Influencer or Content Creator)
- Portfolio images selected from your photo library
- City and general location
Collaboration & Activity Data
- Collaboration applications and their status
- Guest count for bookings
- Content posting status self-reported by the user
- Ratings and reviews submitted after completed collaborations
Communications
- Messages exchanged via the in-app messaging system between creators and businesses
Technical & Device Data (Automatic)
- Firebase-assigned user identifier (UID)
- FCM token and Apple APNs device token (push notifications only)
- Account creation and last activity timestamps
- Anonymized usage analytics via Firebase Analytics
- Crash reports via Firebase Crashlytics
Location Data (Optional)
Approximate device location is collected only when you grant permission and only while using the Map feature. Location data is processed on-device and is not stored on our servers.
2 Permissions We Request
| Permission | Why we need it |
|---|---|
| Photo Library | To upload your profile photo or portfolio images. You must explicitly initiate this action. No camera access is requested. |
| Location (While Using) | To display a map of nearby businesses. Coordinates are used only to center the map on-device and are never stored. |
| Push Notifications | To send alerts about application status, new messages, booking confirmations, and platform updates. Revocable anytime in iOS Settings. |
3 How We Use Your Information
- Account management: To create, authenticate, and maintain your account.
- Platform functionality: To match you with offers, manage applications, and facilitate communications.
- Push notifications: To send transactional alerts about your account activity.
- Profile display: To display your profile to businesses when you apply to their offers.
- Safety and trust: To enforce our Terms of Service and detect fraud.
- Service improvement: To analyze anonymized usage patterns and fix issues.
- Legal compliance: To meet our obligations under applicable law.
We do not use your data for behavioral advertising or sell it to third parties.
4 Data Sharing
We do not sell, rent, or trade your personal information. We share it only as follows:
- With Businesses: Your creator profile is shared when you submit a collaboration application, solely to evaluate your application.
- Firebase / Google LLC: Our infrastructure provider for Authentication, Firestore, Storage, FCM, Analytics, and Crashlytics. Governed by Google’s Privacy Policy.
- Internal admin team: Restricted access for moderation and support, bound by confidentiality obligations.
- Legal reasons: If required by law, court order, or to protect our rights or safety.
- Business transfer: In the event of a merger or acquisition, with prior notice to you.
5 Data Retention
We retain your data for as long as your account is active. If you delete your account:
- Profile data, application history, and messages are permanently deleted within 30 days.
- Push notification tokens (FCM / APNs) are deleted on sign-out or account deletion.
- Deleted data may persist in encrypted backups for up to 90 days before being permanently purged.
You can delete your account at any time via Profile → Settings → Delete Account.
6 Data Security
We implement appropriate technical and organizational measures, including:
- Encrypted data transmission (HTTPS / TLS)
- Encryption at rest via Firebase / Google Cloud infrastructure
- Passwords stored via secure hashing — we never access your plaintext password
- Production data access restricted to authorized personnel on a need-to-know basis
While we take reasonable precautions, no method of internet transmission is 100% secure.
7 Your Rights
- Access — Request a copy of the personal data we hold about you.
- Correction — Update your profile information at any time within the App.
- Deletion — Delete your account and all associated data via App settings.
- Portability — Request an export of your data in a machine-readable format.
- Objection / Restriction — Object to or restrict certain processing activities.
- Withdraw Consent — Revoke notification or location access at any time in iOS Settings.
GDPR (European Users): You may lodge a complaint with your local data protection authority. In France: CNIL. Full GDPR details: komando.app/legal/gdpr.
CCPA (California Residents): We do not sell your personal information. Contact us to request disclosure of data categories collected.
To exercise any right: privacy@komandoapp.com — we respond within 30 days.
8 Children's Privacy
Komando is not intended for users under the age of 16. We do not knowingly collect personal data from children under 16. If you believe a minor has provided us with personal data, contact us at privacy@komandoapp.com and we will delete it immediately.
9 Third-Party Links
The App may display links to third-party profiles (e.g., Instagram, TikTok). This Privacy Policy does not apply to third-party websites. We encourage you to review their respective privacy policies.
10 International Data Transfers
We are based in France. Firebase / Google infrastructure is primarily located in the United States. Transfers from the EEA are covered by Standard Contractual Clauses (SCCs) and Google’s Data Processing Agreement. Contact us for a copy of the applicable transfer mechanisms.
11 Changes to This Policy
We may update this Privacy Policy from time to time. We will update the "Last updated" date and, where required, notify you via in-app notification or email. Continued use of Komando after changes take effect constitutes acceptance of the revised policy.
12 Contact
For any privacy questions or to exercise your rights:
Email: privacy@komandoapp.com
Website: komando.app