🔒 Privacy & Cookies
Last updated: November 30, 2025
Quick Navigation:
Privacy Policy
1. Introduction
ONUNDI ("we," "us," or "our") is committed to protecting your personal data and respecting your privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our platform (the "Platform").
We process personal data in accordance with the General Data Protection Regulation (GDPR) and all other applicable data protection laws.
By using the Platform, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please discontinue use immediately.
2. Information We Collect
2.1 Information You Provide Directly
We collect the following information that you submit voluntarily:
- Account details (name, email address, password)
- Profile information (bio, role, skills, niche, location, photo)
- User-generated content (posts, projects, messages, portfolio items, reviews)
- Communication with us (support requests, feedback)
- Payment information (processed securely by Stripe — we do not store payment card details)
2.2 Information Collected Automatically
When accessing or using the Platform, we automatically collect:
- Device, browser, and operating system details
- Usage data (pages viewed, time spent, interactions)
- IP address and approximate geolocation
- Cookies, local storage, and similar technologies
We only collect what is necessary for functionality, security, performance, and compliance.
3. How We Use Your Information
Your information may be used for the following lawful purposes:
- Operating, maintaining, and improving the Platform
- Creating and managing your account
- Processing payments and transactions
- Enabling communication between users
- Sending notifications, updates, or marketing (where consented)
- Responding to inquiries and providing support
- Monitoring Platform integrity, detecting misuse, and preventing fraud
- Ensuring legal and regulatory compliance
- Enforcing our Terms of Service, resolving disputes, and protecting our rights
4. Legal Basis for Processing (GDPR)
We rely on one or more of the following legal bases:
- Contract – Processing necessary to provide the Platform and services
- Consent – For optional features such as marketing communications
- Legitimate Interests – For analytics, security, improvements, and administration
- Legal Obligation – Where processing is required under applicable laws
5. Information Sharing
We do not sell your personal data.
We may share your information only under the following controlled circumstances:
5.1 With Other Users
Profile information is publicly visible as part of Platform functionality. You choose what to display.
5.2 With Trusted Service Providers
We may share data with carefully selected third-party processors that support Platform operations, such as hosting, payment processors, analytics, and security systems. These providers act strictly under contractual data-processing agreements.
5.3 Legal, Regulatory, and Safety Requirements
We may disclose information only where required by applicable law, court order, or government or supervisory authority. We will challenge requests where legally permissible.
5.4 Business Transfers
If ONUNDI is involved in a merger, acquisition, restructuring, or asset sale, your information may be transferred under the same or stronger privacy protections.
5.5 With Your Explicit Consent
For any purpose not covered above, we will request your clear and informed consent.
6. Third-Party Services
We rely on reputable infrastructure and service providers, including:
- Firebase (Google) – authentication, database, hosting, analytics
- Stripe – payment processing
- Cloudflare – network security, CDN, and performance
These services operate independently and have their own privacy policies. We encourage you to review them, as we are not responsible for their practices.
7. Google Sign-In and Google User Data
When you sign in using Google, ONUNDI accesses limited Google account information, which may include:
- Your email address
- Your display name
- Your profile photo
- A unique Google account identifier
How We Use This Data:
We use this data strictly to:
- Authenticate your account
- Create and manage your user profile
- Display your chosen name and avatar
- Secure access to the Platform
What We Do NOT Access:
We do not access Gmail content, Google Drive files, contacts, calendars, or any other Google services.
Data Protection:
Google user data is stored securely and is not sold or shared with third parties for advertising or profiling purposes.
Limited Use Compliance:
Our use of Google user data complies with the Google API Services User Data Policy, including the Limited Use requirements. Access to Google user data is restricted solely to providing user-facing functionality within ONUNDI.
8. Data Retention
We retain your information only for as long as reasonably necessary to:
- Provide the Platform and associated services
- Comply with legal and regulatory requirements
- Resolve disputes and enforce agreements
If you delete your account, we will delete or anonymize your data within 30 days, unless a longer retention period is legally required.
9. Your Rights Under GDPR
You have the right to request:
- Access – A copy of your personal data
- Rectification – Correction of inaccurate information
- Erasure – Deletion of your data ("right to be forgotten")
- Restriction – Limitation of how your data is used
- Portability – Transfer of your data to another provider
- Objection – To certain types of processing
- Withdraw Consent – For consent-based processing at any time
To exercise these rights, contact us at support@onundi.com.
10. Cookies
We use essential and optional cookies for authentication, security, session management, user preferences, and basic analytics.
You may disable cookies via your browser settings; however, some features may not function correctly without them.
See our full Cookie Policy below for more details.
11. Data Security
We implement strong technical and organizational safeguards, including:
- Encrypted connections (HTTPS/TLS)
- Secure login and authentication controls
- Regular security reviews and monitoring
- Access control and role-based permissions
However, no method of online transmission or storage is 100% secure. We cannot guarantee absolute security, and you use the Platform at your own risk to the fullest extent permitted by law.
12. International Data Transfers
Your data may be transferred to and processed in countries outside your jurisdiction. Where such transfers occur, we implement legal safeguards, including:
- European Commission Standard Contractual Clauses
- Adequate protection assessments
- Contractual and technical measures to protect data
13. Children's Privacy
The Platform is not intended for individuals under 18 years old. We do not knowingly collect data from minors. If such data is discovered, it will be deleted promptly.
14. Limitation of Liability
To the maximum extent permitted by law:
- We are not liable for indirect, incidental, consequential, or punitive damages
- We are not responsible for user-generated content or interactions between users
- We do not guarantee uninterrupted or error-free operation
- We are not responsible for third-party failures, outages, or breaches (e.g., Firebase, Stripe, Cloudflare)
Your use of the Platform is entirely at your own discretion and risk.
15. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. Significant changes will be communicated via a notice on the Platform or email notification.
Continued use of the Platform constitutes acceptance of the updated policy.
16. Contact Us
If you have questions about this Privacy Policy or wish to exercise your rights, please contact us at:
Email: support@onundi.com
You have the right to lodge a complaint with your local data protection authority if you believe your rights have been violated.