Privacy Policy

1. Introduction

Welcome to Helmet Vending Machine Manager ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This privacy policy will inform you about how we look after your personal data when you use our mobile application and tell you about your privacy rights.

2. Information We Collect

We collect several different types of information for various purposes to provide and improve our service to you:

2.1 Personal Data

• Account Information: Email address for authentication
• Business Information: Vending machine data, revenue data, transaction records
• Authentication Data: Login credentials, authentication tokens

3. How We Use Your Information

We use the collected data for various purposes:

• Account Management: To manage your account and provide customer support
• Communication: To send you notifications about your machines and transactions
• Security: To detect and prevent fraud and security issues
• Compliance: To comply with legal obligations

4. Data Storage and Security

We use Firebase (Google Cloud) as our backend service provider. Your data is stored on secure servers with industry-standard encryption:

• All data transmissions are encrypted using SSL/TLS
• Passwords are hashed and never stored in plain text
• Access to personal data is restricted to authorized personnel only
• Regular security audits and updates are performed

5. Data Sharing and Disclosure

We do not sell your personal data. We may share your information only in the following circumstances:

5.1 With Your Consent

When you explicitly authorize us to share information with third parties

5.2 Service Providers

• Firebase/Google Cloud: For database, authentication, and cloud functions
• Analytics Services: For app performance monitoring (anonymized data)

5.3 Legal Requirements

We may disclose your information if required by law or in response to valid requests by public authorities

5.4 Business Partners

With partners you explicitly connect with through the app's partner management feature

6. Your Privacy Rights

Depending on your location, you may have the following rights:

• Access: Request a copy of your personal data
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your personal data
• Portability: Request transfer of your data to another service
• Objection: Object to processing of your personal data
• Restriction: Request restriction of processing your data

To exercise these rights, please contact us at contact@cucihelmoto.com

7. Data Retention

We retain your personal data only for as long as necessary for the purposes set out in this privacy policy:

• Active Accounts: Data is retained while your account is active
• Deleted Accounts: Most data is deleted within 30 days of account deletion
• Legal Requirements: Some data may be retained longer to comply with legal obligations (e.g., transaction records for tax purposes)

8. International Data Transfers

Your information may be transferred to and maintained on servers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ. We ensure appropriate safeguards are in place for such transfers.

9. Cookies and Tracking Technologies

Our mobile application may use cookies and similar tracking technologies to enhance user experience and collect analytics data. You can control these through your device settings.

10. Third-Party Services

Our app integrates with third-party services that have their own privacy policies:

• Firebase/Google Cloud: Privacy Policy
• Google Maps: Privacy Policy

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

12. Contact Us

If you have any questions about this Privacy Policy, please contact us:

• Email: contact@cucihelmoto.com

13. GDPR Compliance (For EU Users)

If you are located in the European Economic Area (EEA), you have certain data protection rights under GDPR:

• The right to be informed about how your data is used
• The right of access to your personal data
• The right to rectification of inaccurate data
• The right to erasure ("right to be forgotten")
• The right to restrict processing
• The right to data portability
• The right to object to processing
• Rights related to automated decision making and profiling

14. California Privacy Rights (CCPA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to opt-out of the sale of personal information
• Right to deletion of personal information
• Right to non-discrimination for exercising privacy rights