Connective Privacy Policy

Revision dated 03.03.2026

1. General Provisions

This Privacy Policy describes what data we collect, how we use, store, and protect it when you use the Connective platform (hereinafter — "the Platform").

By using the Platform, you confirm your agreement with the terms of this Policy.

2. What Data We Collect

2.1. Data You Provide During Registration

When you create an account via Google OAuth or Sign in with Apple, we collect:

• Name (as indicated in your Google/Apple account)
• Email address
• Unique User Identifier (UID), generated automatically

We do not collect passwords, as authentication is handled through Supabase (with Google and Apple sign-in).

2.2. Profile Data

Depending on your role (Business or Creator), you may additionally provide:

• For Creators: profile photo, video portfolio, specialization description, niche categories (Beauty, Tech, Lifestyle, etc.), and optional links (e.g. website, Instagram, Telegram)
• For Businesses: company name, company logo, brand description, optional website and social links (e.g. Instagram), contact email, project details

2.3. Content and Materials

We collect and store:

• Video files that you upload as part of your portfolio or as deliverables in a Workroom
• Promotional videos created through Content as Currency (Connective Challenge)
• Messages and communications within Workrooms between businesses and creators
• Ratings and reviews that you leave after project completion
• In-app feedback (e.g. sentiment, topics, message) and, if you choose, screenshots you attach when submitting feedback through the app
• Reports you submit about other users or content (e.g. reason and optional details) for safety and moderation
• Block list — which users you have blocked, so we can enforce blocking (e.g. hide their content and prevent contact)

2.4. Automatically Collected Data

While using the Platform, we automatically collect:

• Device technical data: device type, operating system (iOS/Android), app version
• Usage data: login times, feature usage frequency, Workroom activity statistics
• Push tokens for sending notifications about project updates, new messages, and status changes

We do not use cookies, as Connective is a mobile application.

3. How We Use Your Data

We use collected data to:

• Provide Platform services: account creation, profile management, Workroom access, message exchange
• Matching and Discovery: show relevant projects to creators and relevant creators to businesses based on niches, ratings, and Match Score
• Content moderation: review videos submitted through Content as Currency for quality standards compliance
• Marketing and promotion: use approved Content as Currency videos to promote the Platform on social media, website, and other channels (in accordance with the license granted by the creator)
• Service improvement: analyze feature usage to optimize UX and performance; process in-app feedback (including optional screenshots) to improve the product
• Security and safety: detect and prevent fraud, spam, or Platform rules violations; process reports about users or content and enforce blocking; restrict or suspend accounts where appropriate
• User support: resolve inquiries, complaints, and technical issues

4. How We Store and Protect Your Data

4.1. Where Data Is Stored

• Authentication: Supabase Authentication (with Google and Apple as sign-in providers)
• Database: Supabase (PostgreSQL), located on Supabase cloud servers
• Files and videos: Supabase Storage using CDN for fast access

4.2. Security

We apply industry-standard security measures:

• Row Level Security (RLS) in Supabase — ensures that Workroom data is accessible only to participants of a specific project
• Signed URLs with limited validity for Workroom files — prevents unauthorized content access
• Data encryption during transmission (HTTPS/TLS)
• Data minimization — we collect only information necessary for Platform operation

4.3. Retention Period

• Account data is stored while you actively use the Platform or until account deletion
• Workroom content is stored throughout the project lifecycle and for 90 days after completion, after which it may be archived or deleted
• Content as Currency videos are stored permanently, as they are used for Platform marketing (in accordance with the granted license)
• Reports and in-app feedback may be retained as needed for moderation, safety, and legal compliance
• Block list is stored while your account exists and is removed when you delete your account

5. Sharing Data with Third Parties

We do not sell or rent your personal data.

We may share data only in the following cases:

5.1. Service Providers

We use third-party services for Platform operation:

• Supabase — authentication, database, file storage, real-time updates
• Expo Push Notifications — sending notifications

These providers have access to data only to the extent necessary to provide services and are obligated to maintain confidentiality.

5.2. Legal Requirements

We may disclose data if required by law, court decisions, or government agency requests.

5.3. Public Data

The following information is public and visible to other Platform users:

• Name and role (Business or Creator)
• Profile photo and, if you add them, website and social links (e.g. Instagram, Telegram)
• Creator portfolio
• Ratings, reviews, and completed project statistics (Reputation Capital)
• Content as Currency videos approved for publication

6. Your Rights

6.1. Right of Access

You can view and download a copy of your data through profile settings or contact us with a request.

6.2. Right to Rectification

You can change your profile data directly in the app.

6.3. Right to Deletion

You can delete your account through profile settings. After deletion:

• Your personal data will be deleted within 30 days
• Public ratings and reviews may remain anonymized to maintain reputation system integrity
• Content as Currency videos may remain in use in accordance with the granted license

6.4. Right to Restriction of Processing

You can restrict the processing of your data by contacting us through in-app support.

6.5. Right to Object

You can object to the use of your data for marketing purposes by disabling the corresponding settings in your profile.

7. Data Transfers Outside Ukraine/EU

As we use Supabase, your data may be stored on servers located outside Ukraine or the European Union (particularly in the USA).

We ensure that such transfers comply with GDPR requirements and other applicable data protection laws.

8. Children and Minors

The Platform is intended for users aged 18 and over. If you are between 16 and 18 years old, you may use the Platform only with parental or guardian consent.

We do not knowingly collect data from persons under 16 years of age. If you learn that a minor has provided us with data without consent, contact us and we will delete such data.

9. Changes to the Privacy Policy

We reserve the right to update this Policy. We will notify you of significant changes through the app or email.

The date of the last revision is indicated at the beginning of the document. Continued use of the Platform after changes are made constitutes your agreement with the updated Policy.

10. Contact

If you have questions about this Privacy Policy or the processing of your data, contact us through in-app support or via the contact options on our Contact page.

This document is part of the legal framework of Connective and operates in conjunction with the Platform's Terms and Conditions.