Trustfone Support

Legal

Privacy Policy

Last updated: May 5, 2026

This Privacy Policy explains what personal data Trustfone collects, how we use it, who we share it with, and the rights you have over it. It applies to the Trustfone mobile app and related web properties.

1. Data we collect

  • Account data: name, phone number, email, avatar. Phone is verified via OTP.
  • Listing data: device details, photos, price, and location strings you provide.
  • Chat data: messages between buyers, sellers, and (when Safe Trading is active) admins.
  • Payment proof: top-up screenshots and transaction references — used only to verify your top-ups.
  • Device data: FCM token (for push notifications), coarse device model and OS version.
  • Usage data: pages viewed, features used, and crash reports — collected via Firebase Analytics and Crashlytics.

2. How we use it

  • To create and operate your account.
  • To match buyers with sellers and route messages.
  • To mediate Safe Trading requests when invoked.
  • To verify top-ups and credit your wallet.
  • To send notifications you’ve opted into.
  • To detect abuse and prevent fraud.

3. Who we share data with

  • Supabase — our database and auth provider; stores users, listings, chats, and credits.
  • Firebase / Google Cloud — push notifications, analytics, crash reporting.
  • SMS gateway — delivers phone OTPs (number only, no message content).
  • Trustfone admins — only when you opt into Safe Trading; the admin sees the active 3-way chat.

We do not sell your personal data. We do not share data with advertising networks.

4. Data retention

  • Account data is kept while your account is active. Delete your account from the profile screen to remove it.
  • Listings remain visible until you mark them sold, edit them, or they expire (30 days by default).
  • Chat messages are retained while the conversation exists between parties. Deleting your account also removes your messages.
  • Top-up screenshots are kept for 12 months for payment-dispute purposes, then deleted.

5. Your rights

  • Access — request a copy of the data we hold about you.
  • Correction — fix inaccurate data via the profile editor or by emailing us.
  • Deletion — delete your account in-app, or email privacy@trustfone.app.
  • Withdrawal of consent — disable analytics or push notifications in your device settings at any time.

6. Children

Trustfone is not directed to children under 18. We do not knowingly collect data from children. If you believe a child has registered, contact us and we will remove the account.

7. Security

Data is transmitted over HTTPS. Passwords are stored as bcrypt hashes by Supabase Auth. Top-up screenshots are stored in private buckets with admin-only read access.

8. Changes

We may update this Privacy Policy. Material changes will be announced in-app and on this page.

9. Contact

For privacy questions or data requests, email privacy@trustfone.app.