Connect.D Privacy Policy
# Connect.D Privacy Policy
**Last Updated: September 28, 2025**
**Effective Date: September 28, 2025**
---
## Table of Contents
1. [Introduction](#introduction)
2. [Information We Collect](#information-we-collect)
3. [How We Use Your Information](#how-we-use-your-information)
4. [Information Sharing and Disclosure](#information-sharing-and-disclosure)
5. [Data Storage and Security](#data-storage-and-security)
6. [Data Retention and Deletion](#data-retention-and-deletion)
7. [Your Privacy Rights](#your-privacy-rights)
8. [Third-Party Services and SDKs](#third-party-services-and-sdks)
9. [Children's Privacy](#childrens-privacy)
10. [International Data Transfers](#international-data-transfers)
11. [GDPR Compliance](#gdpr-compliance)
12. [California Privacy Rights (CCPA/CPRA)](#california-privacy-rights-ccpacpra)
13. [Apple App Store Compliance](#apple-app-store-compliance)
14. [Google Play Store Compliance](#google-play-store-compliance)
15. [Changes to This Privacy Policy](#changes-to-this-privacy-policy)
16. [Contact Us](#contact-us)
---
## Introduction
Connect.D ("we," "our," or "us") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Connect.D mobile application (the "App").
**Important Notice:** This Privacy Policy complies with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), Apple App Store requirements, Google Play Store requirements, and other applicable privacy laws.
By using our App, you agree to the collection and use of information in accordance with this Privacy Policy.
---
## Information We Collect
### 2.1 Information You Provide Directly
**Account Information:**
- Email address (for account creation and authentication)
- Name (for profile identification within groups)
- Password (encrypted and securely stored)
- Profile settings and preferences
**Customer Data:**
- Customer names, phone numbers, and contact information
- Customer preferences, characteristics, and notes
- Size information and product preferences
- Custom tags and categorization data
**Business Data:**
- Visit histories and service records
- Transaction amounts and service types
- Family member information linked to customers
- Product waitlist and request information
**Group Collaboration Data:**
- Group names and descriptions
- Invite codes and member relationships
- Real-time collaboration activities
- Notification preferences
### 2.2 Automatically Collected Information
**Device Information:**
- Device type, operating system, and version
- Unique device identifiers
- App version and build information
- Language and region settings
**Usage Analytics:**
- Feature usage patterns and frequency
- Session duration and app performance metrics
- Error reports and crash diagnostics
- User interaction patterns (anonymized)
**Technical Data:**
- IP address (for security and service provision)
- Network connection type
- Time zone and local time settings
### 2.3 Location Information
We do not collect precise location data. Any location-related features are handled locally on your device.
---
## How We Use Your Information
### 3.1 Primary Purposes
**Service Provision:**
- Providing core customer management functionality
- Enabling real-time group collaboration features
- Synchronizing data across group members
- Delivering push notifications for group activities
**Account Management:**
- Creating and maintaining user accounts
- Authenticating users and preventing unauthorized access
- Managing group memberships and permissions
- Processing invite codes and group joining
**Data Management:**
- Storing and organizing customer information
- Maintaining visit histories and service records
- Enabling data export and backup features
- Providing analytics and reporting tools
### 3.2 Secondary Purposes
**Improvement and Analytics:**
- Analyzing usage patterns to improve app functionality
- Identifying and fixing bugs and performance issues
- Developing new features based on user needs
- Conducting security monitoring and fraud prevention
**Communication:**
- Sending service-related notifications
- Providing customer support and technical assistance
- Informing users of important updates or changes
- Responding to user inquiries and feedback
### 3.3 Legal Basis for Processing (GDPR)
- **Contract Performance:** Processing necessary for providing the App services
- **Legitimate Interests:** Improving app functionality and security
- **Consent:** Where explicitly provided for optional features
- **Legal Obligation:** Compliance with applicable laws and regulations
---
## Information Sharing and Disclosure
### 4.1 Within Groups
Your data is shared with other members of your group to enable collaboration features:
- Customer information visible to all group members
- Visit histories and service records accessible to the group
- Real-time notifications about group activities
- Audit trails showing who made changes and when
### 4.2 Service Providers
We share information with trusted third-party service providers:
**Supabase (Database and Backend Services):**
- Provides secure data storage and real-time synchronization
- Processes authentication and user management
- Enables push notifications and real-time features
- Data processing governed by Supabase's privacy policy
**Authentication Services:**
- Secure user authentication and session management
- Password encryption and security verification
### 4.3 Legal Disclosure
We may disclose your information when required by law or to:
- Comply with legal processes, court orders, or government requests
- Protect our rights, property, or safety
- Prevent fraud, security threats, or illegal activities
- Enforce our Terms of Service or other agreements
### 4.4 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction, subject to the same privacy protections.
---
## Data Storage and Security
### 5.1 Security Measures
**Technical Safeguards:**
- End-to-end encryption for data transmission
- Secure database storage with access controls
- Regular security audits and vulnerability assessments
- Multi-factor authentication for administrative access
**Operational Security:**
- Employee background checks and training
- Limited access to personal data on a need-to-know basis
- Regular backup and disaster recovery procedures
- Incident response and breach notification protocols
### 5.2 Data Location
Your data is stored on secure servers provided by Supabase, which implements industry-standard security measures and compliance certifications including SOC 2 Type II.
---
## Data Retention and Deletion
### 6.1 Retention Periods
**Account Data:** Retained while your account is active
**Customer Data:** Retained as long as needed for business purposes or as required by law
**Usage Analytics:** Anonymized data may be retained for up to 3 years
**Legal Records:** Retained as required by applicable laws
### 6.2 Data Deletion
**User-Initiated Deletion:**
- You may delete individual customer records at any time
- Account deletion removes all associated personal data
- Group leaders can remove members and their contributed data
**Automatic Deletion:**
- Inactive accounts may be deleted after 2 years of inactivity
- Temporary data (logs, sessions) deleted according to retention schedules
**Right to Deletion:**
- You have the right to request deletion of your personal data
- We will comply with deletion requests within 30 days unless legally required to retain data
---
## Your Privacy Rights
### 7.1 Universal Rights
**Access:** Request a copy of your personal data
**Correction:** Update or correct inaccurate information
**Deletion:** Request removal of your personal data
**Portability:** Receive your data in a machine-readable format
**Objection:** Object to certain types of data processing
### 7.2 How to Exercise Rights
Contact us at myclick90@gmail.com with your request. We will respond within 30 days and may require identity verification.
**In-App Controls:**
- Edit or delete customer information directly in the app
- Manage notification preferences in settings
- Export data using built-in export features
- Delete your account through app settings
---
## Third-Party Services and SDKs
### 8.1 Integrated Services
**Supabase:**
- Purpose: Database, authentication, real-time features
- Data Shared: All app data as required for functionality
- Privacy Policy: [Supabase Privacy Policy](https://supabase.com/privacy)
**Flutter/Dart Framework:**
- Purpose: App development framework
- Data Processing: Local device processing only
- No data collection by framework itself
### 8.2 Third-Party Code Review
We regularly review all third-party code, libraries, and SDKs for:
- Data collection practices and compliance
- Security vulnerabilities and updates
- Adherence to our privacy standards
- Disclosure accuracy in app store listings
---
## Children's Privacy
Our App is not designed for or directed toward children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected information from a child under 13, we will take steps to delete such information promptly.
---
## International Data Transfers
### 10.1 Cross-Border Processing
Your data may be processed in countries other than your residence, including the United States. We ensure adequate protection through:
- Standard Contractual Clauses (SCCs) where applicable
- Adequacy decisions by relevant authorities
- Additional safeguards as required by law
### 10.2 EU-US Data Transfers
For EU users, we comply with applicable data protection frameworks and ensure appropriate safeguards for international transfers.
---
## GDPR Compliance
### 11.1 Legal Basis
We process your data based on:
- **Article 6(1)(b):** Contract performance
- **Article 6(1)(f):** Legitimate interests
- **Article 6(1)(a):** Consent (where applicable)
### 11.2 Data Subject Rights
EU users have enhanced rights including:
- Right to be informed
- Right of access and rectification
- Right to erasure ("right to be forgotten")
- Right to restrict or object to processing
- Right to data portability
- Rights related to automated decision-making
### 11.3 Data Protection Officer
For GDPR-related inquiries, contact our Data Protection Officer at myclick90@gmail.com.
---
## California Privacy Rights (CCPA/CPRA)
### 12.1 California Consumer Rights
California residents have the right to:
- Know what personal information is collected and how it's used
- Delete personal information held by businesses
- Opt-out of the sale of personal information
- Non-discrimination for exercising privacy rights
### 12.2 Information Disclosure
**Personal Information Categories Collected:**
- Identifiers (email, name)
- Commercial information (customer data, transactions)
- Internet activity (usage patterns, preferences)
- Professional information (business-related data)
**Sources:** Directly from users and automatically through app usage
**Business Purposes:** Service provision, improvement, and security
**Third-Party Sharing:** Service providers and legal requirements only
### 12.3 Sale of Personal Information
We do not sell personal information and have not sold personal information in the past 12 months.
---
## Apple App Store Compliance
### 13.1 App Privacy Details
Our App Privacy Details in the App Store accurately reflect all data collection practices, including:
- Contact information and identifiers
- User content and usage data
- Analytics and performance data
- Customer data entered by users
### 13.2 App Tracking Transparency (ATT)
We do not track users across apps or websites owned by other companies. If this changes, we will:
- Request explicit permission through ATT framework
- Allow users to opt-out at any time
- Respect user choices regarding tracking
### 13.3 Privacy Manifest
Our app includes a Privacy Manifest that declares:
- All data types collected
- Required reason APIs used
- Third-party SDKs and their data practices
---
## Google Play Store Compliance
### 14.1 Data Safety
Our Google Play Data Safety section accurately describes:
- All data types collected by the app
- How data is used and shared
- Security practices and encryption
- User control over data deletion
### 14.2 Sensitive Permissions
We only request permissions necessary for app functionality and clearly explain why each permission is needed.
### 14.3 Third-Party Code Disclosure
All third-party libraries and SDKs are declared in our Data Safety section with accurate descriptions of their data practices.
---
## Changes to This Privacy Policy
### 15.1 Notification of Changes
We may update this Privacy Policy periodically. When we make material changes:
- We will notify users through the app
- Update the "Last Updated" date
- Provide 30 days notice for significant changes
- Obtain new consent where required by law
### 15.2 Continued Use
Your continued use of the App after changes become effective constitutes acceptance of the updated Privacy Policy, unless additional consent is required.
---
## Contact Us
### 16.1 Privacy Inquiries
For questions about this Privacy Policy or our privacy practices:
**Email:** myclick90@gmail.com
**Subject Line:** Privacy Inquiry
**Response Time:** Within 30 days
### 16.2 Data Requests
To exercise your privacy rights or request data deletion:
**Email:** myclick90@gmail.com
**Include:** Full name, email address, and specific request
**Verification:** We may require identity verification for security
### 16.3 In-App Support
Access privacy settings and data controls through:
- App Settings > Privacy & Security
- Help & Support section
- Account Management features
---
**Data Protection Officer:** myclick90@gmail.com
**California Privacy Rights:** myclick90@gmail.com
**EU Representative:** myclick90@gmail.com
---
## Compliance Summary
This Privacy Policy ensures compliance with:
✅ **General Data Protection Regulation (GDPR)**
✅ **California Consumer Privacy Act (CCPA/CPRA)**
✅ **Apple App Store Requirements**
✅ **Google Play Store Data Safety Requirements**
✅ **Children's Online Privacy Protection Act (COPPA)**
✅ **Industry Security Standards**
---
**© 2025 Connect.D Development Team. All Rights Reserved.**
*This Privacy Policy was last reviewed and updated to ensure compliance with current privacy laws and platform requirements as of September 28, 2025.*
댓글
댓글 쓰기