Privacy Policy
PRIVACY POLICY - ASKSOME.ONE
Last Updated: February 2026
================================================================================
1. INTRODUCTION
Welcome to AskSome.One. We are committed to protecting your privacy and ensuring you have a positive experience on our platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application (built on FlutterFlow), website, and related services.
By accessing and using the AskSome.One platform, you acknowledge that you have read, understood, and agree to be bound by the practices described in this Privacy Policy. If you do not agree with our privacy practices, please do not use our platform.
================================================================================
2. DEFINITIONS
"Account" means the user account registered by you on the AskSome.One platform.
"Adviser" means a User who offers and provides advice services to Seekers.
"Advice Request" means a request for advice posted by a Seeker, including details such as title, description, budget, and preferred time slots.
"Advice Session" means the scheduled audio/video call between a Seeker and an Adviser to provide the requested advice.
"Personal Data" or "Personal Information" means any information that relates to an identified individual or an identifiable individual, as defined under applicable privacy laws.
"Processing" means any operation performed on Personal Data, such as collection, recording, organization, storage, adaptation, disclosure, or deletion.
"Seeker" means a User who posts an Advice Request and purchases advice services.
"AskSome.One," "we," "our," or "us" means the operator of the AskSome.One platform.
"User" means any person who registers an Account on the Platform, including Seekers and Advisers.
================================================================================
3. INFORMATION WE COLLECT
3.1 PERSONAL DATA
We collect the following personal information from you when you create an Account or use our services:
- Name and Contact Information: Full name, email address, phone number (optional for Seekers, required for Advisers)
- Profile Information: Profile picture, bio/expertise (Advisers), calendar availability, timezone
- Identity Verification: Government-issued ID (Passport, Driver's License, or equivalent) for Advisers only, collected through secure third-party verification services including Stripe Identity
- Payment Information: Credit card details, payment method, billing address (processed securely through Stripe; we do not retain full card details)
3.2 ADVICE AND CONTENT DATA
- Seeker Data: Advice request titles, descriptions, subject matter details, specified budget, preferred time slots, location information relevant to the advice topic
- Adviser Data: Professional bio, expertise tags, experience summary, customer reviews and ratings, proposed fees, application letters, accepted time slots, previous ratings/feedback from other Seekers
- Application Data: Application letters, proposed fees, selected time slots, any supporting documentation
3.3 SESSION DATA
- Recordings and Transcripts: Complete audio and/or video recordings of all Advice Sessions, including auto-generated transcripts
- AI-Generated Content: AI summaries of sessions, key action points, recommendations, and analysis
- Metadata: Session start/end times, duration, platform quality metrics
3.4 TECHNICAL DATA
- Device Information: Device type, operating system, app version, unique device identifier
- Usage Data: Features accessed, pages viewed, clicks, session duration, timestamps
- Authentication Data: Login times, IP addresses, browser/client information
- Log Data: Server logs, error reports, crash reports
- Cookie/Tracking Data: Analytics cookies, session cookies (if applicable)
3.5 DERIVED AND AGGREGATED DATA
- AI Match Scores: Algorithmic scores generated by AI comparing Adviser profiles to Advice Requests
- AI Suggestions: Auto-complete suggestions, writing enhancements for descriptions
- Behavioral Data: Platform usage patterns, interaction histories (for platform improvement)
3.6 COMMUNICATION DATA
- Messages: Notification emails, system messages, dispute communications, support inquiries
- Feedback: Ratings, reviews, open text feedback provided after Advice Sessions
================================================================================
4. HOW WE USE YOUR INFORMATION
4.1 SERVICE PROVISION
- Registering and managing your Account
- Matching Seekers with suitable Advisers using AI-assisted algorithms
- Scheduling Advice Sessions
- Facilitating payments and payouts via Stripe Connect
- Delivering notifications (email, push notifications)
- Providing customer support
4.2 PLATFORM IMPROVEMENT
- Analyzing user behavior to enhance features, usability, and user experience
- Conducting user research and A/B testing
- Debugging and fixing technical issues
- Improving matching algorithms and AI recommendations
- Aggregating anonymized data for analytics
4.3 AI FEATURES
- Generating writing suggestions and auto-complete for Advice Request descriptions
- Creating AI-assisted match scores to recommend Advisers to Seekers
- Generating AI summaries of Advice Sessions
- Detecting and preventing fraudulent activity
- Personalizing recommendations
4.4 VERIFICATION AND COMPLIANCE
- Verifying adviser identities (KYC/AML compliance)
- Screening Users against regulatory databases
- Detecting and preventing fraud, abuse, and unauthorized access
- Complying with legal and regulatory obligations
4.5 QUALITY CONTROL AND DISPUTE RESOLUTION
- Retaining recordings and transcripts to resolve disputes between Users
- Monitoring for code of conduct violations
- Improving quality through transcript review
- Providing evidence in legal proceedings if necessary
4.6 COMMUNICATION
- Sending transactional emails (booking confirmations, invoices, receipts)
- Sending system notifications (Advice Session reminders, payment confirmations)
- Sending marketing communications (new features, prompts to review, service updates) – Users may opt out
- Responding to support requests
4.7 AI MODEL TRAINING (LIMITED)
- Using anonymized, de-identified session transcripts and interactions to improve AI models
- Never using identifiable personal data in AI training without explicit opt-in
- Improving the accuracy and bias-reduction of AI features
================================================================================
5. DATA PROCESSING AND THIRD PARTIES
5.1 PROCESSORS AND SERVICE PROVIDERS
We may share your Personal Data with the following third-party service providers who process data on our behalf:
SUPABASE
- Backend database and authentication
- Processes: Account data, usage logs, profile information
- Location: EU (GDPR compliant)
FLUTTERFLOW
- Mobile and web application platform
- Processes: Session data, usage analytics
- Location: USA (Privacy Shield/standard contractual clauses)
STRIPE AND STRIPE CONNECT
- Payment processing and Adviser payouts
- Processes: Payment information, transaction data
- Location: USA (PCI DSS compliant)
STRIPE IDENTITY
- Adviser identity verification
- Processes: Government-issued ID images, verification results
- Location: USA
GOOGLE CLOUD / GEMINI API
- AI processing for summaries, match scores, suggestions
- Processes: Session transcripts, advice descriptions (anonymized where possible)
- Location: USA
- IMPORTANT: Data is NOT used to train public AI models; processing is confidential
EMAIL SERVICE PROVIDER (e.g., SendGrid/AWS SES)
- Transactional and notification emails
- Processes: Email addresses, notification content
- Location: USA
ANALYTICS SERVICES (e.g., Mixpanel/Google Analytics)
- Platform analytics and user behavior analysis
- Processes: Anonymized usage data, pseudonymized identifiers
- Location: USA
5.2 NON-PERSONAL DATA SHARING
We may share aggregated, anonymized, or de-identified data with:
- Business partners for research and improvement
- Regulatory bodies and law enforcement when required by law
- Academic researchers studying online marketplaces (with anonymization)
5.3 DATA CONTROLLERS
AskSome.One acts as a data controller for Personal Data collected directly from Users. When data is shared with third parties, we ensure contractual commitments require them to use data only as directed and to maintain appropriate security.
================================================================================
6. DATA STORAGE, SECURITY, AND RETENTION
6.1 STORAGE LOCATION
- Primary Storage: Supabase (EU servers for GDPR compliance; USA backup)
- Recordings: Cloud storage with encryption at rest and in transit
- Backups: Encrypted backups maintained in multiple geographic locations
6.2 SECURITY MEASURES
AskSome.One implements the following security measures:
- Encryption: SSL/TLS for data in transit; AES-256 encryption for data at rest
- Access Control: Role-based access controls; only authorized personnel can access Personal Data
- Authentication: Multi-factor authentication for Adviser accounts and admin accounts
- Secure APIs: Supabase RLS (Row-Level Security) policies restrict data access
- Regular Audits: Third-party security audits and penetration testing
- Data Minimization: We collect only data reasonably necessary for stated purposes
Limitations: While we implement industry-standard security, no system is 100% secure. We cannot guarantee absolute security of your data.
6.3 DATA RETENTION
DURING ACTIVE ACCOUNT:
- Account data, profile information, and transaction history are retained for the duration your Account is active
AFTER ACCOUNT DELETION OR INACTIVE PERIOD:
- Anonymized Data: Non-identifying data may be retained indefinitely for analytics and improvement
- Recordings and Transcripts: Retained for 7 years to comply with dispute resolution, fraud prevention, and legal obligations
- Session Summaries: Retained for 7 years (AI summaries may be deleted after 1 year at User request)
- Billing/Payment Records: Retained for 7 years to comply with tax and financial regulations
- Legal Holds: Data may be retained longer if subject to legal action or regulatory investigation
INACTIVITY: Accounts inactive for 12+ months may have Personal Data deleted, except where retention is required by law.
================================================================================
7. EXPLICIT CONSENT FOR RECORDING AND PROCESSING
7.1 RECORDING CONSENT
By initiating or participating in an Advice Session, you explicitly consent to:
- Audio and/or video recording of the entire Advice Session
- Automatic transcription of the recording
- AI processing of the transcript to generate summaries and key points
- Retention of the recording and transcript for:
* Dispute resolution
* Quality control and fraud prevention
* AI model training (anonymized)
* Training and internal review
You acknowledge that recording serves the following purposes:
- Protecting both parties by creating an objective record of the session
- Enabling dispute resolution if disagreements arise
- Improving AI recommendations and platform quality
- Maintaining compliance with legal and safety standards
7.2 SESSION SUMMARY DISTRIBUTION
- Seekers receive an AI-generated summary of the session within 24 hours
- Advisers receive an AI-generated summary within 24 hours
- Both parties receive a link to the transcript (non-editable)
7.3 ARCHIVING AND DELETION REQUESTS
- Users may request deletion of session summaries (but not the recording/transcript, which must be retained for compliance)
- Users may archive completed sessions to hide them from the main dashboard while retaining the underlying data
- Full deletion of recordings requires legal justification and may not be granted if disputes are pending
================================================================================
8. YOUR PRIVACY RIGHTS
Depending on your location, you may have the following rights:
8.1 RIGHT TO ACCESS
You have the right to request a copy of Personal Data we hold about you, in a portable, machine-readable format.
8.2 RIGHT TO RECTIFICATION
You may request correction of inaccurate or incomplete Personal Data.
8.3 RIGHT TO ERASURE ("RIGHT TO BE FORGOTTEN")
You may request deletion of your Personal Data, except where:
- Data is necessary to provide services
- Deletion would interfere with legal obligations, disputes, or fraud prevention
- Recordings must be retained per Section 7
8.4 RIGHT TO RESTRICT PROCESSING
You may ask us to limit processing of your Personal Data, including limiting marketing communications.
8.5 RIGHT TO OBJECT
You may object to:
- Marketing communications (you can opt out anytime by clicking the unsubscribe link)
- Certain uses of data for analytics or profiling
8.6 RIGHT TO DATA PORTABILITY
You may request your Personal Data in a structured, portable format that you or another service provider can use.
8.7 RIGHTS RELATED TO AUTOMATED DECISION-MAKING
Our AI match scores and recommendations are based on automated processing. You have the right to:
- Request human review of automated decisions
- Opt out of AI-based recommendations (though this may limit platform functionality)
- Appeal AI-based verification decisions
8.8 EXERCISING YOUR RIGHTS
To exercise any of these rights, please contact us at [support email] with the subject line "Privacy Request: [Right Name]." We will respond within 30 days (or as required by applicable law).
For EU users: You also have the right to lodge a complaint with your local data protection authority.
================================================================================
9. COOKIES AND TRACKING TECHNOLOGIES
9.1 COOKIE USAGE
We use cookies to:
- Maintain your login session
- Remember your preferences
- Track analytics and usage patterns
- Detect fraud
9.2 TYPES OF COOKIES
- Session Cookies: Essential for login (deleted when you close your browser)
- Persistent Cookies: Remember preferences (up to 1 year)
- Third-party Cookies: Google Analytics, Stripe (for analytics and payment processing)
9.3 OPTING OUT
You may disable cookies in your browser settings, though this may limit platform functionality. Do Not Track (DNT) signals are not currently supported.
================================================================================
10. CHILDREN AND MINORS
AskSome.One is not intended for users under 18 years of age. We do not knowingly collect Personal Data from children under 18. If we discover we have collected data from a child, we will delete it immediately. Parents who believe their child's data has been collected should contact us immediately at [support email].
================================================================================
11. INTERNATIONAL DATA TRANSFERS
11.1 CROSS-BORDER TRANSFERS
Your Personal Data may be transferred to, stored in, or processed in countries outside your country of residence, including the United States, European Union, and others where our service providers operate.
11.2 ADEQUACY AND SAFEGUARDS
For transfers outside the EU, we rely on:
- EU adequacy decisions (e.g., for USA under Privacy Shield successor frameworks)
- Standard contractual clauses (with Supabase, Stripe, etc.)
- Your explicit consent
By using AskSome.One, you consent to such transfers.
================================================================================
12. COMPLIANCE WITH PRIVACY LAWS
12.1 APPLICABLE LAWS
AskSome.One complies with privacy laws in jurisdictions where we operate:
- Australia: Privacy Act 1988 (Australian Privacy Principles)
- European Union: GDPR (General Data Protection Regulation)
- USA: CCPA (California Consumer Privacy Act), applicable state laws
- Canada: PIPEDA (Personal Information Protection and Electronic Documents Act)
12.2 LOCAL VARIATIONS
Where privacy laws provide greater protections, those protections apply. Users in California, Europe, Canada, and other regulated jurisdictions have additional rights as outlined in sections above and in jurisdiction-specific notices.
================================================================================
13. THIRD-PARTY LINKS AND SERVICES
AskSome.One may contain links to third-party websites, services, and applications. This Privacy Policy applies only to our platform; we are not responsible for the privacy practices of third parties. We encourage you to review their privacy policies before providing your information.
================================================================================
14. CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. If changes are material, we will notify you via email at least 30 days before they take effect.
Your continued use of AskSome.One following the publication of updated Privacy Policy terms means you accept and agree to the changes.
================================================================================
15. CONTACT AND COMPLAINTS
15.1 PRIVACY QUESTIONS
If you have questions about this Privacy Policy or our privacy practices, please contact:
AskSome.One Support
Email: [contact@m.asksome.one]
Contact Form: [https://asksome.one/help#contact]
15.2 COMPLAINTS
If you believe we have violated your privacy rights or this Privacy Policy, you may:
1. Contact Us First: Submit a complaint via [contact@m.asksome.one] with details. We will investigate and respond within 30 days.
2. Regulatory Authority: You have the right to lodge a complaint with your local data protection authority:
- Australia: Office of the Australian Information Commissioner (OAIC)
- EU: Your local Data Protection Authority (DPA)
- USA (California): California Attorney General
- Canada: Office of the Privacy Commissioner of Canada
================================================================================
16. ADDITIONAL NOTICES FOR SPECIFIC REGIONS
16.1 EUROPEAN UNION (GDPR)
LEGAL BASIS FOR PROCESSING:
- Consent: Explicit consent for recordings and AI processing
- Contract Performance: Necessary to deliver services
- Legal Obligation: Compliance with financial, tax, and fraud prevention laws
- Legitimate Interests: Platform improvement, security, marketing (with opt-out)
Data Protection Officer: [If applicable, contact details]
16.2 CALIFORNIA (CCPA)
You have the right to:
- Know what Personal Data is collected
- Delete Personal Data (with exceptions)
- Opt-out of sale or sharing of data
- Non-discrimination for exercising CCPA rights
We do not "sell" your Personal Data in the traditional sense; however, we may share data with analytics and advertising partners in ways that may constitute a "sale" under California law.
16.3 AUSTRALIA
AskSome.One complies with the Australian Privacy Principles (APPs). Individuals may request access to their Personal Data and lodge a complaint with the Office of the Australian Information Commissioner (OAIC).
================================================================================
END OF PRIVACY POLICY