1. Introduction
CHAAMO LTD (“CHAAMO”, “we”, “our”, or “us”) is committed to protecting your privacy and handling your personal data responsibly. This Privacy Policy (“Policy”) explains how we collect, use, store, and share personal data when you use our website, mobile application, and related services (“Services”). We comply with applicable privacy laws, including the UK GDPR, EU GDPR (where applicable), CCPA/CPRA, PIPEDA, LGPD, POPIA, and similar international standards. By using CHAAMO, you acknowledge that you have read and understood this Policy.

2. Personal Data We Collect

2.1 Categories of Personal Data
We collect the following types of personal data:
Account & Identity Data – Name, email address, username, date of birth, and login information (via Google Authentication) and account creation.
Payment & Transaction Data – Information relating to purchases, sales, and payment confirmations through PayPal, Apple, or Google.
Verification Data (if requested) – Photographic identification and proof of address.
Platform Usage Data – Device type, IP address, browser information, operating system, login timestamps, error logs, and in-app activity.
User-Generated Content – Listings, photos, descriptions, comments, and other content posted by users.

2.2 How We Collect Data
We collect data directly from you when you create an account or interact with our platform; automatically through device logs and essential cookies; and from third-party service providers such as PayPal, Google Auth, Supabase, and Sentry.

3. How We Use Your Personal Data
We use personal data to operate and maintain the CHAAMO platform; authenticate user accounts; enable payments and transactions; prevent fraud and ensure platform security; communicate with users; provide customer support; enforce our Terms of Service; comply with legal obligations; and improve our services. Where permitted by law, we may also use your email address to send marketing and promotional communications about our services, updates, or offers. You can opt out of receiving these marketing communications at any time by using the unsubscribe link in the emails. CHAAMO does not sell or rent your personal data to third parties. CHAAMO does not sell or rent your personal data to third parties.

4. Data Storage & Security

4.1 Hosting and Data Processing
We use the following third-party providers to securely store and process data:
Supabase – For database storage, authentication metadata, and image storage.
Fly.io – For backend hosting and service delivery.
Sentry – For error logging and crash reporting (minimal anonymised technical data only).
These providers implement industry-standard security measures, including encryption and access controls.

4.2 Retention
We retain personal data only for as long as necessary for operational, legal, or security purposes. When data is no longer required, it is securely deleted or anonymised.

5. Third-Party Data Sharing
We may share personal data with trusted service providers strictly as needed for platform functionality, including:
Google Authentication – Secure login and identity verification.
Supabase – Database and storage infrastructure.
Fly.io – Backend hosting.
Sentry – Error logging.
PayPal – Payment processing, disputes, and refunds.
Apple App Store and Google Play Store – In-app purchase and subscription handling.
Sendcloud – Shipping label generation and courier coordination.
XCover – Optional insurance for shipments.
We do not share data with advertisers. Data may be disclosed to regulatory or law enforcement agencies when required by law.

6. Your Rights
Depending on your jurisdiction, you may have rights to access your data, correct inaccurate data, request deletion, restrict or object to processing, request data portability, or withdraw consent. You may also opt out of marketing communications at any time. To exercise these rights, contact hello@chaamo.com.

7. Cookies & Tracking
CHAAMO uses essential cookies only, for purposes such as session management, account authentication, and fraud prevention. We do not use analytics cookies or advertising trackers. You may adjust cookie settings in your browser.

8. Children’s Privacy
CHAAMO is intended only for users aged 18 and over. We do not knowingly collect data from minors. If we discover that a minor has provided personal data, we will delete it promptly.

9. Data Breach Response
In the event of a data breach affecting personal data, CHAAMO will investigate, notify affected users where required by law, and take corrective steps to prevent recurrence.

10. Changes to This Policy
We may update this Policy to reflect changes in legal requirements or platform functionality. Material updates will be communicated via email or in-app notifications. The latest version will always be available on our website.

11. Contact Information
For privacy-related inquiries or data requests, contact:
CHAAMO LTD
287A Fleet Road
Hampshire
GU51 3BZ
England
Email: support@chaamo.com

Last Updated: 03/11/2025