Privacy Policy
Effective Date: February 25, 2026
CRAFTINO - PRIVACY POLICY
Effective Date: February 25, 2026
Last Updated: February 25, 2026
Craftino ("Craftino," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy describes how we collect, use, disclose, store, and protect your personal information when you use the Craftino mobile application (the "App"), the website located at craftino.org (the "Website"), and all related services, features, and functionality (collectively, the "Service").
By downloading, installing, accessing, or using the Service, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and disclosure of your information as described herein. If you do not agree with this Privacy Policy, please do not access or use the Service.
This Privacy Policy should be read in conjunction with our Terms of Use (available at craftino.org/terms). Capitalized terms not defined in this Privacy Policy have the meanings given to them in the Terms of Use.
================================================================================
TABLE OF CONTENTS
================================================================================
1. Information We Collect
2. How We Collect Information
3. How We Use Your Information
4. Legal Basis for Processing (GDPR)
5. How We Share Your Information
6. Third-Party Services and SDKs
7. Data Storage and Security
8. Data Retention
9. Your Rights and Choices
10. Rights for European Economic Area (EEA) Residents (GDPR)
11. Rights for California Residents (CCPA/CPRA)
12. International Data Transfers
13. Children's Privacy
14. Push Notifications
15. Anonymous (Guest) Accounts
16. Account Deletion
17. Changes to This Privacy Policy
18. Contact Information
================================================================================
1. INFORMATION WE COLLECT
================================================================================
We collect the following categories of information when you use the Service:
1.1. Information You Provide Directly
(a) Account Information: When you create a registered account using Google Sign-In or Apple Sign-In, we may receive and store:
- Email address
- Display name
- Profile photo URL
(b) User-Generated Content: Information you create within the Service, including:
- Collection names and organization of saved crafts
- Content reports you submit (flagging inappropriate content)
(c) Communications: When you contact us at support@craftino.org, we collect the content of your communications, your email address, and any other information you choose to provide.
1.2. Information Collected Automatically
When you use the Service, we automatically collect certain information, including:
(a) Device and Technical Information:
- Device type, model, and operating system version
- Unique device identifiers
- App version
- Language and locale settings
- Timezone
(b) Firebase Authentication Data:
- Anonymous user ID (for guest accounts)
- Authenticated user ID (for registered accounts)
- Authentication provider information (Google or Apple)
(c) Usage Data and Activity Information:
- Craft viewing history (which Tutorials you view and when)
- Saved crafts (which Tutorials you save to your library)
- Collections you create and organize
- Completed steps within Tutorials
- Streak data (consecutive days of engagement)
- Badges earned
- Search queries
- App interaction events (screens visited, features used, buttons tapped)
- Session duration and frequency
(d) Push Notification Data:
- Firebase Cloud Messaging (FCM) token (a unique identifier for delivering push notifications to your device)
- Notification preferences and interaction data (whether notifications were received, opened, or dismissed)
(e) Subscription Data:
- Subscription status (free, trial, or premium)
- Subscription plan type (monthly or yearly)
- Subscription start and expiration dates
- Entitlement information
Note: We do NOT collect or store your payment card details. All payment processing is handled by Apple or Google through their respective in-app purchase systems.
1.3. Information We Do NOT Collect
We want to be transparent about what we do not collect:
(a) We do not collect precise geolocation data (GPS coordinates).
(b) We do not collect payment card numbers, bank account details, or other financial account information. All payments are processed by Apple or Google.
(c) We do not collect contacts, phone numbers, or address book data from your device.
(d) We do not collect health, biometric, or genetic data.
(e) We do not access your camera, microphone, or photos unless you explicitly initiate such action.
(f) We do not engage in cross-app tracking for advertising purposes.
================================================================================
2. HOW WE COLLECT INFORMATION
================================================================================
2.1. Directly from You: When you create an account, submit reports, contact support, or interact with features of the Service.
2.2. From Third-Party Authentication Providers: When you sign in using Google Sign-In or Apple Sign-In, we receive limited profile information from these providers as authorized by you during the sign-in process. You can control what information is shared through the settings of your Google or Apple account. When using Apple Sign-In, you may choose to use the "Hide My Email" feature, in which case Apple will provide us with a private relay email address rather than your actual email.
2.3. Automatically Through the App: Through Firebase Analytics, Firebase Authentication, Firebase Cloud Messaging, and RevenueCat SDKs integrated into the App, as described in Section 6.
2.4. From App Store Platforms: We receive subscription and purchase status information from Apple and Google through RevenueCat.
================================================================================
3. HOW WE USE YOUR INFORMATION
================================================================================
We use the information we collect for the following purposes:
3.1. Providing and Operating the Service
- To create and manage your account (guest or registered)
- To authenticate your identity and maintain your session
- To display your profile information within the App
- To save and sync your crafts, collections, progress, streaks, and badges
- To provide search functionality for Tutorials
- To generate and deliver PDF downloads of Tutorials
- To manage your Premium Subscription status and entitlements
3.2. Personalization and Improvement
- To understand how you use the Service and identify trends and patterns
- To improve existing features and develop new features
- To personalize your experience and recommend relevant Tutorials
- To analyze app performance and fix bugs or technical issues
- To conduct internal analytics and research
3.3. Communications
- To send push notifications about new Tutorials, streak reminders, and special offers
- To respond to your support inquiries and communications
- To send service-related announcements (such as changes to these Terms or the Privacy Policy)
3.4. Safety and Compliance
- To detect, prevent, and address fraud, abuse, or security issues
- To enforce our Terms of Use and other policies
- To review content reports and take appropriate action
- To comply with legal obligations, legal processes, or government requests
================================================================================
4. LEGAL BASIS FOR PROCESSING (GDPR)
================================================================================
If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, we process your personal data on the following legal bases:
4.1. Performance of a Contract (Article 6(1)(b) GDPR): Processing necessary to provide you with the Service, manage your account, process your subscription, save your crafts and progress, and deliver the features you use. This includes:
- Account creation and authentication
- Storing your saved crafts, collections, streaks, and badges
- Managing your subscription status
- Providing search and PDF download functionality
4.2. Legitimate Interests (Article 6(1)(f) GDPR): Processing necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. This includes:
- Analyzing usage data to improve the Service
- Detecting and preventing fraud or abuse
- Ensuring the security and stability of the Service
- Conducting internal analytics and research
- Sending service-related communications (non-marketing)
4.3. Consent (Article 6(1)(a) GDPR): Processing based on your explicit consent, which you may withdraw at any time. This includes:
- Sending marketing push notifications
- Processing any data you voluntarily provide beyond what is necessary for the Service
4.4. Legal Obligation (Article 6(1)(c) GDPR): Processing necessary to comply with a legal obligation to which we are subject, such as responding to lawful government requests or maintaining records required by law.
================================================================================
5. HOW WE SHARE YOUR INFORMATION
================================================================================
We do not sell your personal information. We share your information only in the following circumstances:
5.1. Third-Party Service Providers. We share information with third-party service providers who perform services on our behalf, as described in Section 6. These providers are contractually obligated to use your information only for the purposes we specify and in accordance with this Privacy Policy.
5.2. App Store Platforms. Subscription and purchase-related information is shared with Apple and Google through their respective in-app purchase systems and with RevenueCat for subscription management.
5.3. Legal Compliance and Protection. We may disclose your information if required to do so by law or in response to valid legal processes (such as a court order, subpoena, or government request). We may also disclose your information to:
- Protect our rights, property, or safety, or the rights, property, or safety of our users or others.
- Enforce our Terms of Use or other agreements.
- Investigate potential violations of our policies.
5.4. Business Transfers. In the event of a merger, acquisition, reorganization, bankruptcy, or other similar event, your information may be transferred to the acquiring entity or successor. We will notify you of any such transfer and any choices you may have regarding your information.
5.5. With Your Consent. We may share your information with third parties when you give us explicit consent to do so.
5.6. Aggregated and De-Identified Data. We may share aggregated or de-identified data that cannot reasonably be used to identify you. Such data is not subject to the restrictions of this Privacy Policy.
================================================================================
6. THIRD-PARTY SERVICES AND SDKs
================================================================================
The Service integrates the following third-party services. Each of these services may collect and process certain data as described below:
6.1. Firebase (by Google)
(a) Firebase Authentication: Used to create and manage user accounts (both anonymous and registered). Collects authentication tokens, user IDs, and sign-in provider information.
Privacy Policy: https://firebase.google.com/support/privacy
(b) Firebase Cloud Firestore: Used as our cloud database to store your account information, saved crafts, collections, progress, streaks, badges, and other Service data.
Data Processing Terms: https://firebase.google.com/terms/data-processing-terms
(c) Firebase Analytics (Google Analytics for Firebase): Used to collect usage data and app interaction events to help us understand how the Service is used and to improve it. Collects device information, app usage events, session data, and anonymized demographic information.
Privacy Policy: https://policies.google.com/privacy
(d) Firebase Cloud Messaging (FCM): Used to deliver push notifications to your device. Collects and processes your FCM token and notification interaction data.
Privacy Policy: https://firebase.google.com/support/privacy
6.2. RevenueCat
Used for subscription management and billing coordination across Apple and Google platforms. Collects subscription status, purchase receipts, entitlements, and anonymous user identifiers.
Privacy Policy: https://www.revenuecat.com/privacy
6.3. Typesense
Used to power the search functionality within the App. Search queries you enter are processed by Typesense to return relevant Tutorial results. Typesense processes search query text and associated metadata.
Privacy Policy: https://typesense.org/privacy-policy/
6.4. Apple Sign-In
If you choose to sign in with Apple, Apple processes your authentication and may share your name and email address (or a private relay email) with us, depending on your preferences.
Privacy Policy: https://www.apple.com/legal/privacy/
6.5. Google Sign-In
If you choose to sign in with Google, Google processes your authentication and shares your name, email address, and profile photo URL with us.
Privacy Policy: https://policies.google.com/privacy
6.6. Apple App Store and Google Play Store
In-app purchases and subscriptions are processed through Apple's App Store (for iOS) and Google Play Store (for Android). These platforms process your payment information directly. We do not receive or store your payment card details.
Apple Privacy Policy: https://www.apple.com/legal/privacy/
Google Privacy Policy: https://policies.google.com/privacy
We encourage you to review the privacy policies of these third-party services to understand their data practices.
================================================================================
7. DATA STORAGE AND SECURITY
================================================================================
7.1. Data Storage. Your data is stored using Firebase Cloud Firestore, which is hosted on Google Cloud Platform servers. Data may be stored in data centers located in the United States and other countries where Google operates data centers.
7.2. Security Measures. We implement appropriate technical and organizational security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction. These measures include:
(a) Encryption of data in transit using TLS/SSL.
(b) Encryption of data at rest on Firebase/Google Cloud servers.
(c) Use of Firebase Security Rules to restrict data access based on authentication status and user identity.
(d) Regular review and updating of security practices.
(e) Secure authentication through Firebase Authentication with Google and Apple Sign-In providers.
7.3. No Guarantee. While we strive to use commercially reasonable means to protect your personal information, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee the absolute security of your information. You acknowledge and accept that you provide your information at your own risk.
7.4. Your Responsibilities. You are responsible for maintaining the security of your account by:
- Keeping your sign-in credentials (Google or Apple account) secure.
- Logging out of the App when using shared devices.
- Notifying us promptly at support@craftino.org if you suspect unauthorized access to your account.
================================================================================
8. DATA RETENTION
================================================================================
8.1. Active Accounts. We retain your personal information for as long as your account is active and as necessary to provide you with the Service. This includes maintaining your saved crafts, collections, progress, streaks, badges, and other account data for the duration of your use of the Service.
8.2. After Account Deletion. When you delete your account (see Section 16), we will delete or anonymize your personal data within thirty (30) days, except where we are required or permitted by law to retain certain information for a longer period (for example, for tax, legal reporting, or audit purposes).
8.3. Guest Accounts. Data associated with guest (anonymous) accounts is retained for as long as the account exists. Because guest accounts are tied to a specific device installation, the data may be effectively lost if you uninstall the App, clear the App's data, or reset your device. We may periodically delete inactive guest accounts and their associated data after an extended period of inactivity.
8.4. Aggregated Data. We may retain aggregated or de-identified data that cannot be used to identify you indefinitely, for analytical and statistical purposes.
8.5. Legal Requirements. Notwithstanding the above, we may retain certain information as required by applicable laws, regulations, or legal processes, or as necessary to enforce our Terms of Use, resolve disputes, or protect our legal rights.
================================================================================
9. YOUR RIGHTS AND CHOICES
================================================================================
Depending on your jurisdiction, you may have the following rights regarding your personal information:
9.1. Access. You have the right to request access to the personal information we hold about you, including a copy of such information in a commonly used electronic format.
9.2. Correction. You have the right to request that we correct any inaccurate or incomplete personal information we hold about you. You can update your display name and profile photo directly within the App settings.
9.3. Deletion. You have the right to request the deletion of your personal information. You can delete your account through the App (see Section 16) or by contacting us at support@craftino.org.
9.4. Data Portability. Where applicable, you have the right to receive your personal information in a structured, commonly used, and machine-readable format and to transmit that information to another controller.
9.5. Restriction of Processing. You have the right to request that we restrict the processing of your personal information under certain circumstances, such as when you contest the accuracy of your data or object to our processing.
9.6. Objection. You have the right to object to the processing of your personal information where we rely on legitimate interests as our legal basis, including objecting to direct marketing communications.
9.7. Withdrawal of Consent. Where we rely on your consent to process your personal information, you have the right to withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.
9.8. Non-Discrimination. We will not discriminate against you for exercising any of your privacy rights.
9.9. How to Exercise Your Rights. To exercise any of the rights described above, please contact us at support@craftino.org. We will respond to your request within the timeframe required by applicable law (generally within 30 days for GDPR and 45 days for CCPA). We may need to verify your identity before processing your request.
================================================================================
10. RIGHTS FOR EUROPEAN ECONOMIC AREA (EEA) RESIDENTS (GDPR)
================================================================================
If you are located in the European Economic Area, the United Kingdom, or Switzerland, the following additional provisions apply:
10.1. Data Controller. Craftino is the data controller responsible for processing your personal data as described in this Privacy Policy.
10.2. Data Protection Officer. For questions about data protection, you may contact us at support@craftino.org.
10.3. Your Additional Rights Under GDPR. In addition to the rights described in Section 9, you have the right to:
(a) Lodge a Complaint. You have the right to lodge a complaint with a supervisory authority in the EU/EEA member state where you reside, where you work, or where the alleged infringement took place, if you believe that our processing of your personal data violates the GDPR.
(b) Right to Erasure (Right to Be Forgotten). You may request that we erase your personal data without undue delay when:
- The data is no longer necessary for the purposes for which it was collected.
- You withdraw your consent (where consent is the legal basis).
- You object to processing and there are no overriding legitimate grounds.
- The data has been unlawfully processed.
(c) Right to Restrict Processing. You may request restriction of processing when:
- You contest the accuracy of your personal data.
- The processing is unlawful but you oppose erasure.
- We no longer need the data but you need it for legal claims.
- You have objected to processing pending verification of whether our legitimate grounds override yours.
(d) Right to Data Portability. You may request your personal data in a structured, commonly used, and machine-readable format where processing is based on consent or contract and is carried out by automated means.
10.4. Automated Decision-Making. We do not use your personal data for automated decision-making or profiling that produces legal effects concerning you or similarly significantly affects you.
10.5. Data Processing Agreements. We have entered into data processing agreements with our third-party service providers (including Google/Firebase and RevenueCat) that include standard contractual clauses or other appropriate safeguards for international data transfers.
================================================================================
11. RIGHTS FOR CALIFORNIA RESIDENTS (CCPA/CPRA)
================================================================================
If you are a California resident, the following additional provisions apply under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):
11.1. Categories of Personal Information Collected. In the preceding 12 months, we have collected the following categories of personal information as defined by the CCPA:
(a) Identifiers: Email address, display name, unique user ID, device identifiers, FCM token.
(b) Personal Information under Cal. Civ. Code Section 1798.80(e): Name and email address.
(c) Internet or Other Electronic Network Activity Information: App usage data, browsing/viewing history within the App, search queries, interaction with notifications.
(d) Inferences: Preferences and interests derived from your usage patterns and saved crafts.
11.2. Sources of Personal Information. We collect personal information from the following sources:
- Directly from you (account registration, support communications).
- From third-party authentication providers (Google Sign-In, Apple Sign-In).
- Automatically through the App (Firebase Analytics, Firebase Authentication, FCM).
11.3. Purposes for Collection. We collect personal information for the business and commercial purposes described in Section 3 of this Privacy Policy.
11.4. Categories of Third Parties with Whom We Share Personal Information. We share personal information with the following categories of third parties:
- Cloud service providers (Google/Firebase)
- Subscription management services (RevenueCat)
- Search infrastructure providers (Typesense)
- App store platforms (Apple, Google)
11.5. Sale and Sharing of Personal Information. We do NOT sell your personal information as defined by the CCPA. We do NOT share your personal information for cross-context behavioral advertising purposes.
11.6. Your Rights Under CCPA/CPRA. As a California resident, you have the following rights:
(a) Right to Know. You may request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources, the business purposes for collection, and the categories of third parties with whom we share your information.
(b) Right to Delete. You may request that we delete the personal information we have collected about you, subject to certain exceptions provided by law.
(c) Right to Correct. You may request that we correct any inaccurate personal information we maintain about you.
(d) Right to Opt Out of Sale/Sharing. Although we do not sell or share personal information for cross-context behavioral advertising, you have the right to opt out if this changes in the future.
(e) Right to Limit Use of Sensitive Personal Information. You have the right to limit the use and disclosure of sensitive personal information to purposes necessary for providing the Service.
(f) Right to Non-Discrimination. We will not discriminate against you for exercising any of your CCPA/CPRA rights. We will not deny you the Service, charge different prices, provide a different quality of service, or suggest that you will receive different treatment for exercising your rights.
11.7. How to Exercise Your CCPA/CPRA Rights. To submit a request to know, delete, or correct, please contact us at:
- Email: support@craftino.org
- Website: craftino.org
We will verify your identity before processing your request. For registered accounts, we will verify your identity through your authenticated session or by confirming your email address. We will respond to verifiable consumer requests within 45 days. If we need additional time (up to an additional 45 days), we will notify you of the extension and the reason for it.
11.8. Authorized Agents. You may designate an authorized agent to submit requests on your behalf. We may require proof of the agent's authorization (such as a signed written authorization or power of attorney) and may separately verify your identity.
11.9. Financial Incentives. We do not offer financial incentives or price or service differences in exchange for the retention or sale of your personal information.
11.10. Retention Periods. We retain each category of personal information as described in Section 8 of this Privacy Policy.
================================================================================
12. INTERNATIONAL DATA TRANSFERS
================================================================================
12.1. Data Storage Location. Your personal information is stored on servers operated by Google (Firebase/Google Cloud Platform) which may be located in the United States and other countries. RevenueCat also processes subscription data on servers that may be located outside your country of residence.
12.2. Transfer Mechanisms. If you are located outside the United States, your personal data will be transferred to and processed in the United States and potentially other countries. We ensure that appropriate safeguards are in place for such transfers, including:
(a) Standard Contractual Clauses (SCCs) approved by the European Commission.
(b) Adequacy decisions by relevant authorities.
(c) Other legally recognized transfer mechanisms.
12.3. Your Consent to Transfer. By using the Service, you consent to the transfer of your personal information to the United States and other jurisdictions as described in this Privacy Policy. If you are located in the EEA, UK, or Switzerland, the legal bases and safeguards described in Sections 4 and 10 apply to such transfers.
================================================================================
13. CHILDREN'S PRIVACY
================================================================================
13.1. Age Restriction. The Service is not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are under 13, please do not use the Service or provide any personal information to us.
13.2. Parental Notification. If we learn that we have collected personal information from a child under 13 without verification of parental consent, we will take steps to delete that information as quickly as possible. If you believe we may have collected information from a child under 13, please contact us immediately at support@craftino.org.
13.3. Minors Aged 13-17. Minors between 13 and 17 years of age may use the Service with the consent and supervision of a parent or legal guardian. Parents or guardians are responsible for monitoring their minor's use of the Service.
13.4. COPPA Compliance. We comply with the Children's Online Privacy Protection Act (COPPA) and do not knowingly collect personal information from children under 13. In the event that we discover that a child under 13 has provided us with personal information, we will promptly delete such information from our systems.
================================================================================
14. PUSH NOTIFICATIONS
================================================================================
14.1. How Push Notifications Work. We use Firebase Cloud Messaging (FCM) to send push notifications to your device. When you install the App and allow notifications, your device is assigned a unique FCM token. This token is used to deliver notifications to your specific device.
14.2. Types of Push Notifications. We may send the following types of notifications:
(a) Service Notifications: Updates about new Tutorials, featured crafts, and new content available in the App.
(b) Engagement Notifications: Reminders about your streak, encouragement to continue crafting, and milestone celebrations (badges earned).
(c) Subscription Notifications: Information about your subscription status, trial expiration reminders, and special offers for Premium plans.
(d) Topic-Based Notifications: Notifications related to specific craft categories or topics you follow or that may interest you based on your activity.
14.3. Your Control Over Notifications. You have full control over push notifications:
(a) Device Settings: You can disable all push notifications from Craftino through your device settings:
- iOS: Settings > Notifications > Craftino > toggle off "Allow Notifications"
- Android: Settings > Apps > Craftino > Notifications > toggle off notifications
(b) Note: Disabling push notifications does not affect the collection of your FCM token. If you later re-enable notifications, you will begin receiving them again.
14.4. FCM Token. Your FCM token is collected and stored to facilitate push notification delivery. The token is refreshed periodically by Firebase and is not linked to your personal identity in a way that can be used by third parties to identify you. We use FCM tokens only for the purpose of delivering push notifications through the Service.
================================================================================
15. ANONYMOUS (GUEST) ACCOUNTS
================================================================================
15.1. Data Collection for Guest Users. When you use the Service as a guest (without signing in with Google or Apple), we still collect certain information:
(a) An anonymous Firebase Authentication user ID.
(b) Your FCM token for push notifications.
(c) Your timezone.
(d) Usage data, including craft viewing history, saved crafts, collections, completed steps, streaks, and badges.
(e) Firebase Analytics data (device information, app usage events).
15.2. What We Do NOT Collect for Guest Users. For guest accounts, we do NOT collect:
- Your email address
- Your name
- Your profile photo
15.3. Limitations of Guest Accounts. As described in our Terms of Use, guest account data is tied to your device and app installation. If you uninstall the App, clear app data, or reset your device, your guest account data may be permanently and irrecoverably lost.
15.4. Upgrading to a Registered Account. When you upgrade from a guest account to a registered account by signing in with Google or Apple, we will link your existing guest data with your new registered account. At that point, we will also begin collecting the additional information associated with registered accounts (email, display name, profile photo URL) as provided by your authentication provider.
================================================================================
16. ACCOUNT DELETION
================================================================================
16.1. How to Delete Your Account. You may request deletion of your account and associated personal data at any time through the following methods:
(a) In-App Deletion: Use the account deletion feature available within the App's settings.
(b) Email Request: Send a deletion request to support@craftino.org from the email address associated with your account.
16.2. What Happens When You Delete Your Account. Upon processing your account deletion request:
(a) Your account profile information (email, display name, profile photo URL) will be deleted.
(b) Your saved crafts, collections, progress data, streaks, and badges will be deleted.
(c) Your craft viewing history will be deleted.
(d) Your FCM token association will be removed.
(e) Your Firebase Authentication account will be deleted.
16.3. Important Considerations Before Deletion.
(a) Subscription Cancellation: Deleting your Craftino account does NOT automatically cancel your Premium Subscription. You must cancel your subscription separately through your device's account settings (Apple App Store or Google Play Store) before deleting your account. If you do not cancel your subscription, you may continue to be charged by Apple or Google.
(b) Irreversibility: Account deletion is permanent and cannot be undone. All your data, including saved crafts, collections, progress, streaks, and badges, will be permanently lost and cannot be recovered.
(c) Processing Time: We will process your deletion request within thirty (30) days of receipt. During the processing period, your account may be deactivated.
16.4. Data That May Be Retained After Deletion. Even after account deletion, we may retain certain information as required or permitted by law, including:
- Records of transactions for tax or accounting purposes.
- Information necessary to comply with legal obligations, resolve disputes, or enforce our agreements.
- Aggregated or de-identified data that cannot be used to identify you.
16.5. Guest Account Deletion. Because guest accounts do not have an email address or other personal identifiers beyond an anonymous Firebase user ID, guest accounts can be effectively deleted by uninstalling the App or clearing the App's data. If you need assistance with guest account data deletion, please contact us at support@craftino.org with your anonymous user ID (if available).
================================================================================
17. CHANGES TO THIS PRIVACY POLICY
================================================================================
17.1. We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will:
(a) Update the "Last Updated" date at the top of this Privacy Policy.
(b) Post the updated Privacy Policy on the Website and within the App.
(c) Where required by law, notify you of the changes through push notification, email, or a prominent notice within the App.
17.2. We encourage you to review this Privacy Policy periodically to stay informed about our data practices.
17.3. Your continued use of the Service after the effective date of any updated Privacy Policy constitutes your acceptance of the updated Privacy Policy. If you do not agree with any changes, you should stop using the Service and delete your account.
================================================================================
18. CONTACT INFORMATION
================================================================================
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Craftino
Email: support@craftino.org
Website: craftino.org
For data protection inquiries (GDPR), you may also contact us at the email address above. We will make every effort to respond to your inquiry within a reasonable timeframe.
If you are located in the EEA and are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority. A list of EEA data protection authorities is available at: https://edpb.europa.eu/about-edpb/about-edpb/members_en
================================================================================
Copyright 2026 Craftino. All rights reserved.