Privacy Policy — Takidaki
Last updated: 24.03.2026 Version: 2.0
1. General Provisions
1.1. This Privacy Policy describes how Kivaro Tech OÜ (“we”, “us”, or “our”), owner and operator of the Takidaki service, collects, uses, and protects the personal data of users (“Users”) of:
1.2. By using the Website or the App, you agree to this Privacy Policy. If you do not agree, please discontinue use and delete the App.
1.3. We comply with:
2. Data We Collect
2.1. Data provided directly by you:
2.2. Data collected automatically:
2.3. Data from third-party sign-in providers:
| Provider | Data received | Purpose |
|---|---|---|
| Apple Sign In | Name, Email (or private relay) | Authentication |
| Google Sign In | Name, Email, Profile photo | Authentication |
| Meta (Facebook/Instagram) | public_profile, Email | Authentication + Giveaway participant data |
Meta Data Note: We request only public_profile and email from Meta. This data is used exclusively for user authentication and giveaway functionality. It is never shared with third parties or used for profiling.
2.4. Giveaway data (core feature):
3. Purpose of Data Processing
| Purpose | Legal basis |
|---|---|
| User authentication and account management | Contract performance |
| Providing randomizer and giveaway features | Contract performance |
| In-App Purchases and subscription management | Contract performance |
| Improving the App and fixing bugs | Legitimate interest |
| Sending notifications and updates | Consent |
| Security monitoring and fraud prevention | Legitimate interest / Legal obligation |
4. In-App Purchases & Subscriptions
4.1. All payments are processed exclusively through Apple In-App Purchase system. We do not collect or store your payment card data.
4.2. Subscription management and cancellation is done through iOS Settings → Apple ID → Subscriptions.
4.3. We receive from Apple only a confirmation of a successful transaction — no financial data.
5. Meta Platform Data — Special Provisions
5.1. Token Security: Access tokens received from Meta are stored securely using iOS Keychain and are never transmitted to third parties or stored in plaintext.
5.2. App Secret: The Meta App Secret is stored exclusively on our backend servers in encrypted environment variables. It is never included in the mobile app code or transmitted to client devices.
5.3. Data Minimisation: We request only the minimum necessary Meta permissions (public_profile, email). We do not request access to private messages, friends lists, or any other data beyond what is necessary for the service.
5.4. No profiling: Meta Platform Data is used exclusively for authentication and conducting giveaways. It is never used for advertising profiling or sold to third parties.
5.5. Incident Response: In the event of a security incident involving Meta Platform Data, we will notify Meta promptly in accordance with Meta Platform Policy.
6. Data Sharing
6.1. We do not sell or share your personal data with third parties except:
| Recipient | Purpose | Safeguard |
|---|---|---|
| Apple Inc. | App distribution, payments, crash reports | Apple’s Privacy Policy |
| Supabase Inc. | Database and backend hosting | DPA in place, EU-US data transfer compliance |
| Google LLC | Authentication (Google Sign In) | DPA in place |
| Meta Platforms Inc. | Authentication, API access | Meta Platform Policy |
7. Data Retention
7.1. We retain your data only as long as necessary:
7.2. Upon account deletion, all personal data is deleted or fully anonymized within 30 days, except where retention is required by law.
8. Your Rights
Under GDPR (EU users):
Under CCPA (California users):
To exercise your rights, contact us at: info@takidaki.com
9. Data Security
9.1. We implement industry-standard security measures:
9.2. All administrative personnel are bound by a Non-Disclosure Agreement (NDA). Access rights follow the Principle of Least Privilege — staff receive only the minimum access necessary for their tasks.
9.3. Access rights are revoked within 24 hours when a team member leaves the project.
9.4. In case of a data breach, we will notify affected users and relevant authorities within the timeframe required by applicable law (72 hours under GDPR).
9.5. To report a security vulnerability, contact us at: security@takidaki.com (we respond within 48 hours).
10. Children’s Privacy
10.1. The Takidaki App is not intended for children under 13 years of age (or under 16 in EU countries).
10.2. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
11. Cookies and Tracking (Website)
11.1. Our website uses cookies to enhance functionality and analyze traffic.
11.2. The iOS App does not use browser cookies. The App may use Apple’s App Tracking Transparency (ATT) framework if analytics tracking is enabled — you will be asked for permission before any tracking occurs.
11.3. You can manage tracking preferences at any time in iOS Settings → Privacy & Security → Tracking.
12. Changes to This Policy
12.1. We may update this Privacy Policy periodically. When we do, we will:
12.2. Continued use of the App after changes constitutes acceptance of the updated Policy.
13. Contact Information
Kivaro Tech OÜ
📧 General: info@takidaki.com
🔒 Security reports: security@takidaki.com
🌐 Website: https://takidaki.com
📍 Harju maakond, Tallinn, Kristiine linnaosa, Kotkapoja tn 2a-10, 10615, Estonia
