Privacy Policy

We collect personal information that you voluntarily provide when you register on our website, express interest in our products or services, participate in activities on the site (such as forums, contests, or giveaways), or contact us.

When you visit our website, certain technical information is collected automatically. This does not typically identify you personally but may include:

We also collect information through cookies and similar tracking technologies as described in Section 4.

If you register using a social media account, please see Section 5 for details on what we receive from those providers.

All personal information you provide must be accurate and complete. Please notify us of any changes.

Under GDPR Article 6, every processing activity must rest on a specific legal basis. The table below maps each purpose to its basis and explains our legitimate interest where applicable.

Where we rely on legitimate interests, we have assessed that our interests are not overridden by your rights and freedoms, given the reasonable expectations of users of a professional endorsement platform. You have the right to object to processing based on legitimate interests at any time (see Section 10).

We share personal information only in the circumstances described below. We do not sell your personal data to third parties for their own marketing purposes.

We may also share data in the following specific circumstances:

• Business transfers — in connection with a merger, acquisition, or sale of company assets.
• Affiliates — with any subsidiaries or joint venture partners, who are required to honor this policy.
• Other users — content you post publicly on our platform (your profile, recommendations you receive) may be visible to all users and may be indexed by third parties. This is core to the service and is based on your consent at registration.

We use cookies and similar tracking technologies (such as web beacons and pixels) to collect and store information when you use our website. This includes both strictly necessary cookies required for the website to function, as well as other categories of cookies (such as analytics or preference cookies) where you have given your consent.

Our Cookie Policy is incorporated by reference into this Privacy Policy and forms part of it. It provides full details on the cookies we use, their purposes, the third parties involved, and how long they are stored.

You can review and manage your cookie preferences at any time on our Cookie Settings page. Note that disabling certain cookies may affect the functionality of the website.

Our website allows you to register and log in using third-party social media accounts (such as Facebook or Twitter/X). If you choose to do so, we will receive certain profile information from your social media provider. This may include your name, email address, profile picture, friends list, and any other information you have made public on that platform.

We use this information only for the purposes described in this policy. We do not control how your social media provider uses your data, and we encourage you to review their privacy policies and adjust your privacy settings on those platforms.

Our servers and all data are currently stored exclusively within Europe. Your personal information is processed and stored within the European Economic Area (EEA) and is not transferred to countries outside the EEA.

Because we store data in Europe, your information benefits from the protections provided by the General Data Protection Regulation (GDPR) and equivalent European data protection laws. We will notify you if this changes, and take all necessary safeguards before any international transfer of personal data takes place.

We require all third-party data processors we engage to provide equivalent protections under written data processing agreements. Details are available upon request at the contact details in Section 14.

We retain your personal information only for as long as is necessary for the purposes set out in this policy, or as required by applicable law. The table below gives specific retention periods for the main categories of data we hold.

When the applicable retention period expires, we will delete or irreversibly anonymize the data. Where immediate deletion is not technically possible (for example, data in encrypted backup archives), we will securely isolate it from any further processing until deletion is feasible.

We have implemented appropriate technical and organizational security measures designed to protect your personal information from unauthorized access, disclosure, alteration, or destruction. These include access controls, encryption, and regular security assessments.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the CNIL (Commission Nationale de l'Informatique et des Libertés) within 72 hours of becoming aware of it, as required by GDPR Article 33. Where the breach is likely to result in a high risk to you personally, we will also notify you directly without undue delay, as required by GDPR Article 34.

If you believe your personal information has been compromised, please contact us immediately at [email protected].

Our website is not directed at individuals under the age of 18. We do not knowingly solicit data from or market to children under 18.

By using our website, you represent that you are at least 18 years old, or that you are the parent or legal guardian of a minor and consent to that minor's use of the website.

If we become aware that we have inadvertently collected personal information from a minor under 18, we will deactivate the account and delete the data promptly. If you have concerns about data we may have collected from a minor, please contact us at [email protected].

Depending on your location, you may have the following rights regarding your personal data:

To exercise any of these rights, please contact us using the details in Section 14. We will respond to your request in accordance with applicable data protection law.

Where we rely on your consent to process personal data, you may withdraw that consent at any time without affecting the lawfulness of prior processing. To withdraw consent for marketing emails, click the unsubscribe link in any email or update your preferences in your account settings. To withdraw consent for non-essential cookies, visit our Cookie Settings page. For any other consent withdrawal, contact us at [email protected].

If you are based in France or the EEA and believe we are unlawfully processing your data, you have the right to lodge a complaint with your national data protection authority. In France, the competent authority is the CNIL (Commission Nationale de l'Informatique et des Libertés) — cnil.fr. A full list of EEA supervisory authorities is available at ec.europa.eu. If you are in Switzerland, please contact the FDPIC at edoeb.admin.ch.

Most web browsers, mobile operating systems, and applications include a Do-Not-Track ("DNT") signal. Because no uniform technical standard for recognizing DNT signals has been established, we do not currently respond to DNT signals.

If a legally recognized standard is adopted in the future, we will update this policy accordingly.

Yes. California residents have rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), as well as the "Shine the Light" law (Cal. Civ. Code § 1798.83).

Recomndme has not sold or shared personal information with third parties for cross-context behavioral advertising in the preceding 12 months. We may update this practice in the future, and we will notify you of any such change before it takes effect.

California residents have the right to: know what personal data we collect, use, and disclose; request deletion of their personal data; opt out of the sale or sharing of personal data; request correction of inaccurate data; and not face discrimination for exercising these rights.

Under the Shine the Light law, California residents may request, once per calendar year, information about personal data shared with third parties for direct marketing purposes. To make such a request, contact us using the details in Section 14.

Minors under 18 residing in California who have registered accounts may request removal of content they publicly posted. Contact us at [email protected] with your email address and a statement that you reside in California.

To verify your identity when you submit a privacy request, we may ask you to confirm information we already hold on file or contact you through a previously provided communication channel. We will delete any additional verification information as soon as the verification process is complete.

You may designate an authorized agent to submit requests on your behalf. We may deny requests from authorized agents who cannot provide proof of valid authorization.

To submit any California privacy request, contact us at [email protected] or visit your account settings. We will respond to opt-out requests within 15 business days.

We may update this privacy policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. The "Last updated" date at the top of this document indicates when the most recent revision was made.

If we make material changes, we will notify you by prominently posting a notice on our website or by sending you a direct notification, as required by applicable law. We encourage you to review this policy periodically.

If you have questions, comments, or concerns about this privacy policy or our data practices, please contact our Data Protection Officer:

Based on the laws of your country, you may have the right to access, correct, or request deletion of the personal information we hold about you.

To exercise these rights, visit your account settings, or contact us directly at [email protected].

We will handle all requests in accordance with applicable data protection law and respond within the timeframes required by law (generally 30 days for GDPR requests, 45 days for CCPA requests).

Recomndme is a platform for collecting and sharing professional recommendations. At present, we do not use automated decision-making or algorithmic profiling that produces legal or similarly significant effects on users. Your profile is assembled from information you and your recommenders provide directly — no automated scoring or ranking affects your profile visibility today.

If and when profiling features are introduced, you will always be able to opt out of automated processing that has a significant effect on you by contacting us at [email protected].