R
rcmd

Privacy Policy

Effective Date: 05.04.2026

1. Introduction

Welcome to rcmd. We value your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, and share your information when you use our mobile app and website at https://rcmd.app.

2. Information We Collect

We collect the following types of information:

  • Personal Information: We collect your email address, name, and username when you register. You may also provide a profile image and bio. If you sign in via Google or Apple, we receive your name and email from the provider.
  • User-Generated Content: Recommendations, comments, ratings, likes, dislikes, follows, and wishlists you create on the platform.
  • Device Information: With your permission, we may access your device camera (for barcode scanning and photos). On mobile, we collect push notification tokens to deliver notifications.
  • Analytics: We collect usage data such as product views, searches, feed impressions, barcode scans, and engagement metrics using our self-hosted analytics system and Firebase Crashlytics (crash reports on mobile). Each event is enriched with: an anonymized IP address (last octet for IPv4, last 80 bits for IPv6 zeroed before storage), an approximate country/region/city derived from your IP via Cloudflare, your device, operating system and browser type, your interface language, the screen you're on, the app version, and a per-install session identifier with a 30-minute idle timeout. We do not store your full IP address. Events are retained for one year and are deleted along with your account.
  • Tracking, Advertising and Cookies: We use Google Analytics, Google AdSense (web), and Google AdMob (mobile app) to analyze usage and display advertisements. Google and our advertising partners use cookies and similar tracking technologies to serve ads based on your prior visits. We also store a language preference cookie (plt_lang) for one year and your theme preference in local storage.
  • AI Processing: Product descriptions and user-generated text may be processed by OpenAI to generate text embeddings for personalized recommendations and to perform automated content moderation. Product images may be sent to Photoroom for background removal and enhancement.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • To Provide and Improve Our Services: To operate the app, personalize your experience (including personalized product recommendations), and develop new features.
  • To Communicate with You: To send push notifications and emails related to your account, recommendations, and platform activity. We do not send frequent or unsolicited marketing emails.
  • To Ensure Security: To protect the app and its users from unauthorized access, fraud, and other security risks.
  • Content Moderation: User-generated content (recommendations, comments) is automatically reviewed by AI to detect policy violations. Flagged content may be further reviewed by our team.
  • To Show Ads: We use Google AdSense (web) and AdMob (mobile) to display advertisements. Google uses cookies to serve ads based on your prior visits. You may opt out of personalized advertising by visiting https://www.google.com/settings/ads. For more information, see Google's partner sites policy.

4. Sharing Your Information

We do not sell your personal information. We may share your information with the following third parties:

  • OpenAI: Product descriptions and user-generated text are sent to OpenAI for text embedding generation and AI-based content moderation.
  • Photoroom: Product images may be sent to Photoroom for automated image enhancement.
  • Google: We use Google Analytics, AdSense, AdMob, and Firebase Crashlytics, which collect usage, advertising, and crash data as described in their respective privacy policies.
  • Authentication Providers: If you sign in via Google or Apple, your authentication data is exchanged with the respective provider.
  • Legal Requirements: If required by law, we may disclose your information to comply with legal obligations or to protect our rights.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new owner.

5. Your Rights

You have the following rights regarding your personal data:

  • Access and Correction: You can view and edit your personal information in your profile settings at any time.
  • Data Export: You can request an export of your personal data through the app.
  • Deletion: You can request the deletion of your account and personal data, including all analytics events tied to your account. This action is irreversible.
  • Opt-Out: You can opt out of analytics on the web at /analytics-opt-out. You can opt out of push notifications via your device settings and opt out of promotional communications at any time.

6. Data Retention

We retain your personal data for as long as your account is active. If you delete your account, we remove your personal information and anonymize your user-generated content. Aggregated analytics data (which cannot identify you) may be retained indefinitely.

7. Security

We take reasonable measures to protect your information from unauthorized access, loss, or misuse, including encrypted data transmission (TLS), secure password hashing, and role-based access controls. However, no system is completely secure, and we cannot guarantee the absolute security of your data.

8. Children's Privacy

Our app is not intended for children under the age of 13 (or 16 in the EU). We do not knowingly collect personal information from children. If we become aware that we have collected such information, we will take steps to delete it.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the effective date above. We encourage you to review this policy periodically.

10. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us by email at [email protected].

11. Compliance with Laws

This Privacy Policy is designed to comply with the GDPR (EU), CCPA/CPRA (California), and other applicable data protection regulations.

12. User-Generated Content

User-generated content (recommendations, comments, ratings) does not reflect the views of rcmd and may be moderated or removed if it violates our Terms of Service.

HomeScanProfile