Privacy Policy

1 Introduction

Welcome to Kado Booking ("we," "us," or "our"). We are committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application Kado Booking (the "App").

This policy is compliant with the California Online Privacy Protection Act (CalOPPA) and the General Data Protection Regulation (GDPR).

By using the App, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use the App.

2 Information We Collect

2.1 Personal Information

When you register for and use Kado Booking, we may collect the following personal information:

• Email address — collected through Google Sign-In authentication via Firebase
• Name / Username — used to display your name within the Profile Page
• Phone number — used to facilitate the booking feature and enable communication between parties
• Contact information — phone numbers may be used to make and manage bookings

2.2 Automatically Collected Information

We automatically collect certain information when you use the App:

• Analytics data — collected via Firebase Analytics for understanding app usage patterns and improving the user experience
• Crash reports — collected via Firebase Crashlytics for debugging and improving app stability
• Device information — such as device type, operating system version, and unique device identifiers, collected through Firebase services

2.3 Information We Do NOT Collect

For transparency, we want to clarify that we do not:

• Collect payment or financial information
• Use Facebook Pixel or similar third-party tracking pixels
• Collect information for advertising or retargeting purposes

3 How We Use Your Information

We use the information we collect for the following purposes:

• To provide and maintain the App — including creating and managing your account, processing bookings, and enabling core functionality
• To facilitate bookings — your contact details (phone numbers) are used to connect booking parties and enable communication related to appointments
• To authenticate users — we use Google Sign-In through Firebase Authentication to verify your identity
• To improve and debug the App — analytics and crash data help us identify bugs, improve performance, and enhance the user experience
• To communicate with you — only in response to your inquiries or requests (e.g., account deletion requests)

We do not use your information to send marketing emails, newsletters, or promotional content. We do not use your information for advertising or retargeting.

4 Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), we process your personal data based on the following legal grounds:

• Performance of a contract — processing is necessary to provide you with the booking services you have requested
• Consent — you provide consent when you sign in with Google and agree to this Privacy Policy
• Legitimate interests — we have a legitimate interest in improving our App's performance and stability through analytics and crash reporting, provided this does not override your fundamental rights

5 Cookies and Similar Technologies

We use the following technologies for essential App functionality:

• Cookies and/or web beacons — used for authentication and maintaining your login session
• Local storage — used to store session data and preferences locally on your device for account login functionality
• Sessions — used to maintain your authenticated state and provide a seamless user experience

These technologies are used strictly for account login and authentication purposes. We do not use cookies for advertising, tracking, or marketing.

6 Third-Party Services

We use the following third-party services:

• Google Sign-In (Firebase Authentication) — for user authentication. Google's privacy policy applies to the authentication process: https://policies.google.com/privacy
• Firebase Analytics — for understanding app usage patterns. Data is processed by Google in accordance with their privacy policy.
• Firebase Crashlytics — for crash reporting and debugging. Crash data is processed by Google in accordance with their privacy policy.

We do not use any advertising services, ad networks, or retargeting platforms.

7 Data Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to outside parties. Your information may be shared only in the following limited circumstances:

• With service providers — specifically Firebase (Google) for authentication, analytics, and crash reporting, as described in Section 6
• Within the booking system — contact information (such as phone numbers) may be shared between parties involved in a booking to facilitate the appointment
• Legal requirements — we may disclose your information if required to do so by law or in response to valid requests by public authorities

8 Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

When you request account deletion:

• Your account information and user-related app data will be permanently deleted within 7 business days
• Some data may be retained temporarily for legal or security purposes and will be removed within 30 days

For more information about account deletion, please visit our Account Deletion page.

9 Your Rights Under GDPR

If you are a resident of the European Economic Area (EEA), you have the following data protection rights:

• Right of access — you have the right to request copies of your personal data
• Right to rectification — you have the right to request that we correct any information you believe is inaccurate or incomplete
• Right to erasure — you have the right to request that we erase your personal data, under certain conditions
• Right to restrict processing — you have the right to request that we restrict the processing of your personal data, under certain conditions
• Right to data portability — you have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions
• Right to object — you have the right to object to our processing of your personal data, under certain conditions
• Right to withdraw consent — you have the right to withdraw your consent at any time where we relied on your consent to process your personal information

To exercise any of these rights, please contact us at info@kadobooking.com. We will respond to your request within 30 days.

10 CalOPPA Compliance

In accordance with the California Online Privacy Protection Act (CalOPPA), we agree to the following:

• Users can visit our App anonymously until they choose to sign in
• This Privacy Policy link is easily accessible on our website and within the App
• Our Privacy Policy clearly states the effective date and will be updated if any changes are made
• Users will be notified of any Privacy Policy changes on this page
• Users are able to change their personal information by contacting us via email

Do Not Track (DNT) Signals

We honor Do Not Track signals. When a Do Not Track browser mechanism is in place, we do not track users across third-party websites. We do not use tracking technologies for advertising purposes.

Third-Party Behavioral Tracking

We do not allow third-party behavioral tracking. We do not use any advertising pixels, retargeting services, or behavioral tracking tools.

11 Children's Privacy

Kado Booking is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected personal data from a child under 13, we will take steps to delete such information as soon as possible.

If you are a parent or guardian and you believe that your child has provided us with personal information, please contact us at info@kadobooking.com so that we can take the necessary actions.

12 Data Security

We take the security of your personal information seriously. We implement appropriate technical and organizational measures to protect your data, including:

• Using Google's secure authentication (Firebase Authentication) for user sign-in
• Encrypting data in transit using industry-standard protocols
• Leveraging Firebase's built-in security infrastructure
• Regular monitoring and updating of our security practices

However, please be aware that no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

13 International Data Transfers

Kado Booking is operated from Indonesia. If you are accessing the App from the European Economic Area (EEA) or other regions with laws governing data collection and use, please note that your information may be transferred to, stored, and processed in countries outside your country of residence, including Indonesia and the United States (through Firebase/Google services).

By using the App, you consent to the transfer of your information to countries that may have different data protection laws than your country.

14 Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with a revised "Effective Date" at the top. We encourage you to review this Privacy Policy periodically for any changes.

Continued use of the App after any changes constitutes your acceptance of the updated Privacy Policy.