PRIVACY POLICY

Introduction

Common Friend (referred to as "we," "our," or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application ("the App"). This policy applies to users in India, the United States, the United Kingdom, Canada, Australia, and the United Arab Emirates.

Types of Personal Data We Collect


We may collect and process the following types of personal data:
  • Name: To identify users and personalise interactions.
  • Mobile Number: Used as a unique identifier and for verification purposes.
  • Profile Picture (optional): For user identification and profile customization.
  • Contact Book Access: To determine common links and facilitate the verification of connections.

Purpose of Data Collection

We collect personal data for the following purposes:

  • Identification and Verification: To create and manage user accounts, verify connections, and enhance user experience.
  • Service Delivery: To provide and improve the App's functionality, including finding common connections and managing user interactions.
  • Communication: To send notifications, updates, and respond to user inquiries.

Consent

We obtain explicit and informed consent from users before collecting or processing their personal data. Consent is obtained through:

  • User Agreements: Acceptance of this Privacy Policy and Terms of Use.
  • In-App Prompts: Clear and specific requests for consent before accessing contact books or other personal information.

Data Subject Rights

Users have the following rights regarding their personal data:

  • Access: Request access to their personal data and history of approved links.
  • Rectification: Request corrections to inaccurate or incomplete data.
  • Deletion: Request deletion of their account and all associated data.
  • Inactivity: Option to become inactive, which limits participation in link approvals.
  • Muting: Option to mute a network member to avoid participation in link approvals from that member.

Data Transfer and International Compliance

We store and process data primarily within India. For data transfer outside India, we ensure compliance with relevant international regulations, including:

  • Standard Contractual Clauses (SCCs): For transfers to countries with strict data protection laws.
  • Adequacy Decisions: Compliance with the UK and EU regulations where applicable.

Do Not Sell

We do not sell personal data. Our revenue model is based on subscriptions and not on data sales.

Data Protection Officer (DPO)

Our CEO and Founder acts as the Data Protection Officer (DPO) to oversee compliance with data protection regulations.

Security Measures

We implement industry-standard security measures to protect personal data, including:

  • Encryption: SSL encryption for data transmission.
  • Access Controls: Limited access to personal data based on necessity.
  • Data Breach Notification: Prompt notification to users and authorities in case of a data breach.

Data Retention and Deletion

We retain personal data for as long as necessary to provide our services or as required by law. Data is automatically deleted after five years of inactivity or upon account deletion. Users can manually delete their data through the app.

Data Sharing with Third Parties

We do not share personal data with third parties except as required for service delivery or as legally mandated. We use third-party services like AWS for data storage and security.

Children’s Privacy

The App is not intended for users under 18. We do not knowingly collect data from minors.

Dispute Resolution

Any disputes related to this Privacy Policy will be resolved through the courts in Ahmedabad, Gujarat, India, or other jurisdictions as applicable.

Contact Us

For any questions about this Privacy Policy, please contact us at:

Contact Information

If you have any questions or concerns about this Privacy Policy, please contact us at: