Services at another level.

PEARL App

Privacy Policy

This draft Privacy Policy explains how PEARL APP SRL may collect, use, share, protect, and retain personal data in PEARL App.

Version
0.1-draft
Effective date
Pending legal approval
Last updated
2026-06-07
Language
EN
Draft - not lawyer-reviewedDraft notice: this Privacy Policy is a complete public draft based on PEARL compliance requirements. It is not yet lawyer-reviewed or final.
Language fallbackThis document is shown in English because the requested language is not supported yet.

PEARL APP SRL

CUI
42833600
Registration number
J40/8733/2020
EUID
ROONRC.J40/8733/2020
Jurisdiction
Romania
Registered office
Pending owner/legal confirmation

1. Controller and contact details

The controller for PEARL App is PEARL APP SRL, CUI 42833600, registered under J40/8733/2020, EUID ROONRC.J40/8733/2020, Romania.

The final registered office, privacy contact email, DPO or representative status, DSA contact point, and accessibility contact are pending owner/legal confirmation.

2. Personal data categories

  • Account and authentication data: email address, names, Firebase UID, verification and security signals.
  • Profile and listing data: public profile details, listing identity, descriptions, schedules, contact details, services, courses, gallery and business information.
  • User content and communications: posts, articles, questions, reviews, comments, reports, tickets, feedback, chats, notifications, and support messages.
  • Payment and subscription data: Stripe customer, checkout, payment, subscription, voucher, and entitlement records where paid services are used.
  • Technical data: device/browser details, logs, security events, language, routing, cookie/consent preferences, and analytics if enabled.
  • PEARL App currently does not collect user-facing AI prompt, AI avatar, generated-content, or automated-support interaction data.

3. Purposes and legal bases

  • Contract performance: creating accounts, providing platform features, listings, communication, support, paid services, and user-requested actions.
  • Legal obligations: tax, accounting, consumer, data protection, DSA, authority request, and security obligations.
  • Legitimate interests: platform security, abuse prevention, moderation, audit logs, product integrity, fraud prevention, and service improvement where rights are not overridden.
  • Consent: optional cookies, optional marketing, or other processing where consent is required.
  • Legal claims: retaining and using necessary records to establish, exercise, or defend rights.

4. Processors, recipients, and transfers

PEARL App uses Firebase/Google Cloud infrastructure and may use Stripe/Firebase Stripe Payments for paid platform features. Support, moderation, analytics, or messaging providers may be used if enabled and documented.

Master and other internal owner-only tooling are separate restricted environments and are not user-facing PEARL App features.

Some providers may process data outside the EEA. Where required, PEARL APP SRL must use an appropriate transfer mechanism, such as adequacy decisions or standard contractual clauses.

5. Retention

  • Account data is kept while the account is active and for a reasonable period needed for legal, security, fraud-prevention, or dispute purposes after deletion.
  • Public content may remain visible until deleted, moderated, anonymized, or removed according to platform rules and legal requirements.
  • Payment, invoice, tax, and accounting records are retained according to applicable legal obligations.
  • Report, moderation, and audit records are retained as needed for safety, DSA, legal claims, and platform integrity.
  • Cookie/consent records and legal acceptance records are retained to prove choices and compliance.

6. Your data protection rights

  • You may request access, rectification, erasure, restriction, portability, or objection, subject to legal limits.
  • Where processing is based on consent, you may withdraw consent without affecting earlier lawful processing.
  • PEARL App currently does not use user-facing automated decision-making or AI-assisted processing that creates legal or similarly significant effects.
  • You may lodge a complaint with ANSPDCP, the Romanian data protection authority.

7. Security and account control

PEARL APP SRL uses reasonable technical and organizational measures to protect personal data, including access controls, Firebase security rules, session protection, moderation/audit controls, and operational monitoring where applicable.

No online service can guarantee absolute security. Users should protect passwords, devices, and account access and should report suspected unauthorized access promptly.

8. Cookies, children, and changes

  • Cookie consent is separate from accepting this Privacy Policy and is governed by the Cookies page and future preference center.
  • PEARL App is not designed for children unless a specific feature states otherwise and has the required legal safeguards.
  • Material privacy changes should be versioned, dated, and communicated through the platform where required.