Last updated: 2026-02-15

Privacy Policy

This Privacy Policy explains how we collect, use, share, and protect personal data when you use the Divioma website and mobile application. It is intended to meet EU/EEA privacy requirements (GDPR) and the ePrivacy rules.

1. Who we are (Controller) and how to contact us

The controller of your personal data is Dmytro Vozhakov, based in Romania.

Email for general and privacy enquiries: support@divioma.com. For any formal correspondence, please contact via email first.

For regulators and supervisory authorities: legal@divioma.com.

If we appoint a data protection officer, we will publish their contact details here.

2. Scope

This policy applies to the Divioma website, mobile app, and related services.

3. What data we collect

Account and identity data (e.g., name, email, phone, role).

Profile and service data (e.g., bio, skills, photos, service categories, rates).

Order and transaction data (e.g., requests, offers, order details, status).

Communications and support (e.g., messages, attachments, support requests).

Ratings and reviews.

Location data (approximate and precise location when you enable it).

Device and usage data (e.g., device identifiers, IP address, logs, timestamps, app interactions).

Push notification tokens and preferences.

4. Where data comes from

Directly from you when you create an account or use the service.

From other users (e.g., messages, reviews).

From your device or browser (e.g., usage logs, cookies).

5. Why we use your data and legal bases

To provide the service, create and manage accounts, and facilitate orders — legal basis: contract (Article 6(1)(b) GDPR).

To operate, secure, and improve the service and prevent fraud — legal basis: legitimate interest (Article 6(1)(f) GDPR).

To send service-related communications — legal basis: contract or legitimate interest (Article 6(1)(b) or 6(1)(f) GDPR).

To send marketing communications only where we have your consent — legal basis: consent (Article 6(1)(a) GDPR).

To comply with legal obligations — legal basis: legal obligation (Article 6(1)(c) GDPR).

6. Sharing and third parties

We use the following processors and services, which may receive personal data: Supabase (database, authentication, and file storage), hosted in the US (see International transfers below); Firebase Cloud Messaging (Google) for push notifications; payment processors (e.g. Stripe) if you use paid features; infrastructure and hosting providers for the website and APIs.

We may disclose data to authorities where required by law or to protect rights and safety.

7. International transfers

Our main database and backend (Supabase) is hosted in the United States (region us-west-1). Personal data may therefore be transferred to a country outside the EU/EEA that is not subject to an adequacy decision.

We ensure appropriate safeguards: we use Standard Contractual Clauses (SCCs) approved by the European Commission under Article 46(2)(c) GDPR where applicable. You may request a copy of the safeguards by contacting us at support@divioma.com.

8. Retention

We retain personal data only for as long as necessary for the purposes described in this policy and to comply with legal, accounting, and reporting requirements. Account and service data are typically retained while your account is active and for a limited period after deletion where required by law.

We may anonymize or delete data when it is no longer needed.

9. Security

We implement appropriate technical and organizational measures to protect data, but no method of transmission or storage is 100% secure.

10. Your rights (EU/EEA)

You have the right to: access your data; have it rectified or erased; restrict or object to processing; receive your data in a portable format; withdraw consent at any time where processing is based on consent. To exercise these rights, contact us at support@divioma.com.

You may lodge a complaint with a supervisory authority in your country of residence.

11. Complaints about the service

You may submit a complaint through the Divioma app. We aim to review complaints within 7 days.

Where we identify a breach of our terms of use or misuse of the service, we reserve the right to remove content and/or suspend or block the relevant account.

12. Cookies and similar technologies

We use essential cookies or similar technologies for basic functionality (for example, language preferences).

If we add non-essential cookies (analytics/marketing) later, we will provide a cookie banner and obtain consent where required.

13. Children

The service is not intended for children under 16 (or the minimum age required in your country). If you believe a child provided data, contact us at support@divioma.com.

14. Changes

We may update this policy. We will post the new version and update the date above.