Privacy Policy
Last updated: 19 May 2026
COMPANIN ("we", "us", "our") connects customers with verified companions for in-person and online social bookings. We take your privacy seriously and this policy explains what data we collect, why, and your rights.
1. Data we collect
| Category | Examples | Why |
|---|---|---|
| Account | Email, phone, password hash, full name | Sign-in, account recovery |
| Profile | Profile photo, bio, interests, city | Discovery & matching |
| KYC (companions only) | Government ID image, selfie, address | Identity verification |
| Booking | Date, duration, location text, chat messages | Fulfilling the service |
| Payment | Last 4 of card, billing country, Stripe customer ID | Charging via Stripe |
| Device | IP address, device type, browser, push token | Security, push notifications |
| Location | Approximate location, live location (when shared during a session) | Discovery, safety check-in |
We never collect or store full card numbers — Stripe handles that.
2. How we use your data
- Operate the platform (sign-in, bookings, payments, chat, video calls).
- Verify companion identity (KYC) before they accept bookings.
- Prevent fraud, abuse, and policy violations.
- Send transactional emails (booking confirmations, payment receipts).
- With your consent, send marketing & safety tips emails. You can opt out anytime.
- Comply with legal obligations (tax records, law enforcement requests).
3. Sharing
We share data only with:
- Stripe — payments & payouts. (Stripe privacy)
- Twilio — SMS verification codes. (Twilio privacy)
- Emergent Object Storage — KYC documents (encrypted at rest).
- Law enforcement — only when legally compelled, and we'll notify you unless prohibited.
We do not sell your data. Ever.
4. Your rights
Depending on your jurisdiction (GDPR / CCPA / DPDPA), you have the right to:
- Access — request a copy of your data.
- Correct — fix inaccurate data.
- Delete — close your account; we'll purge personal data within 30 days (some data must be retained for tax/legal reasons — see section 5).
- Portability — download your data in JSON.
- Object / restrict — opt out of marketing or contest processing.
Email privacy@companin.app to exercise any of the above. We respond within 30 days.
5. Retention
| Data | Kept for |
|---|---|
| Active account data | While the account is active |
| Bookings & chat | 2 years after the booking date (then anonymised) |
| Payment records | 7 years (legal requirement) |
| KYC documents | 5 years after account closure (anti-fraud) |
| Server logs | 90 days |
6. Security
- All traffic is HTTPS-encrypted.
- Passwords are bcrypt-hashed; we never see them in plaintext.
- KYC documents are encrypted at rest with per-object keys.
- Two-factor authentication is available for all accounts and required for admins.
- We run regular security reviews and accept responsible vulnerability reports at security@companin.app.
7. Children
COMPANIN is for adults only. We do not knowingly collect data from anyone under 18. If we learn we have, we delete it immediately.
8. Changes
We'll notify you of material changes by email and via an in-app banner at least 14 days before they take effect.
9. Contact
privacy@companin.app COMPANIN · Booking Platform