Privacy Policy

KoloWorld is built around private savings circles, so privacy is at the centre of how we design the product. This policy explains what information we collect, why we collect it, who can see it, and the controls you have. We collect as little as we need to run the service and never sell your personal data.

• Account details — your name, display name, email address, country, and preferred currency.
• Optional profile details — avatar image, phone number, and identity verification documents if you choose to provide them.
• Group activity — the groups you create or join, contribution amounts, due dates, payout order, announcements, and disputes.
• Communications — messages you send to support or feedback you submit through the app.

• Device and log data — IP address, browser type, operating system, and timestamps so we can keep the service secure and debug problems.
• Push notification tokens — if you enable push notifications, your browser provides a token we use only to deliver the notifications you’ve agreed to receive.
• Cookies and local storage — used to keep you signed in, remember your preferences (such as theme), and support core app functionality. We do not use third-party advertising cookies.

• To provide and maintain the service.
• To authenticate you and keep your account secure.
• To show you and your group members the right information at the right time.
• To send transactional emails and notifications you’ve opted into (contribution reminders, payout alerts, group announcements).
• To detect, prevent, and respond to fraud, abuse, or violations of our Terms.
• To improve the product through aggregated, non-identifying analytics.

Other members of your groups can see your display name, avatar, contribution status, payout position, and any announcements you post. Sensitive details like your email address and phone number are not exposed to other members by default.

Group creators have additional visibility within their own groups (for example, confirming who has paid).

We do not sell your personal information. We share data only with service providers that help us run the platform (hosting, email delivery, push notification gateways, analytics) under contracts that limit how they may use it, or when required by law.

We send transactional messages — for example, sign-in verification, contribution reminders, and payout alerts. You can control most notification types from your profile settings or by using the unsubscribe link in any non-essential email. Critical account and security messages cannot be turned off while your account is active.

We keep your information for as long as your account is active or as needed to provide the service. When you delete your account, we remove personal information from active systems within a reasonable period, except where we’re required to keep records for legal, accounting, or fraud-prevention reasons. Group records that other members rely on (for example, contribution history) may be retained in anonymised form so the group can continue to operate.

• Access and update your profile information at any time from the profile screen.
• Delete your account from the Danger Zone in profile settings.
• Opt out of non-essential notifications from your settings or via unsubscribe links.
• Request a copy of your personal data or ask us to correct or delete it by emailing support.

Depending on where you live, you may have additional rights under local privacy laws (for example, GDPR, UK GDPR, NDPR, CCPA). We honour these rights wherever they apply.

We use industry-standard measures to protect your information, including encryption in transit (TLS), encrypted storage at the database layer, role-based access controls, and row-level security on group data. No system is perfectly secure, so we encourage you to use a strong, unique password and to enable any additional account protections we offer.

KoloWorld is not directed to children under the age of 18. We do not knowingly collect personal information from children. If you believe a child has created an account, please contact us and we will take appropriate action.

KoloWorld is operated from cloud infrastructure that may be located in countries other than your own. By using the service you consent to the transfer and processing of your information in those countries, subject to safeguards required by applicable law.

We may update this Privacy Policy from time to time. When we make material changes we will update the “Last updated” date and, where appropriate, notify you in the app. We encourage you to review this page periodically.

If you have questions, requests, or complaints about this policy or how we handle your data, contact us at privacy@koloworld.app.