PEARL App
Privacy Policy
This Privacy Policy explains how PEARL APP SRL collects, uses, shares, protects, and retains personal data in PEARL App.
PEARL APP SRL
- CUI
- 42833600
- Registration number
- J40/8733/2020
- EUID
- ROONRC.J40/8733/2020
- Jurisdiction
- Romania
- Registered office
- G-Ral Vasile Milea nr. 13, Bucuresti Sectorul 6, Bucuresti
- VAT status
- Not VAT registered
1. Controller and contact details
PEARL App is operated by PEARL APP SRL, CUI 42833600, registered under J40/8733/2020, EUID ROONRC.J40/8733/2020, under Romanian jurisdiction.
Registered office: G-Ral Vasile Milea nr. 13, Bucuresti Sectorul 6, Bucuresti. PEARL APP SRL is not VAT registered.
Use Reports for content concerns, Feedback for opinions about PEARL App, and Tickets for issues, support requests, privacy/account/accessibility/moderation follow-up, or other requests that need a response.
Users may also write to office@pearlapp.eu.
PEARL APP SRL has not appointed a DPO at this time. English is the controlling language for this Privacy Policy; Romanian is provided as a public translation.
2. Personal data categories
- Account and authentication data: email address, names, Firebase UID, verification and security signals.
- Eligibility data: date of birth, used to check the minimum account age of 16.
- Profile and listing data: public profile details, listing identity, descriptions, schedules, contact details, services, courses, gallery and business information.
- User content and communications: posts, articles, questions, reviews, comments, reports, tickets, feedback, chats, notifications, and support messages.
- Pearly assistant data: authenticated Pearly chat transcripts, route context, answer source ids, safe profile/listing context, and masked unanswered prompts used to improve public guidance.
- Payment and subscription data: Stripe customer, checkout, payment, invoice, subscription, voucher, and entitlement records where Top Listing is used.
- Technical data: device/browser details, logs, security events, language, routing, cookie/consent preferences, and landing/page visit counts.
3. Purposes and legal bases
- Contract performance: creating accounts, providing platform features, listings, communication, support, services with payment, and user-requested actions.
- Eligibility: checking that account users meet the minimum age requirement of 16.
- Legal obligations: tax, accounting, consumer, data protection, DSA, authority request, and security obligations.
- Legitimate interests: platform security, abuse prevention, moderation, audit logs, product integrity, fraud prevention, and service improvement where rights are not overridden.
- Consent: optional cookies or other processing where consent is required. Marketing emails/newsletters are not implemented at this time.
- Legal claims: retaining and using necessary records to establish, exercise, or defend rights.
4. Processors, recipients, and transfers
PEARL App uses Firebase/Google Cloud infrastructure for authentication, app data, consent evidence, landing/visit counting, and platform operation. Stripe is used for Top Listing checkout, payment processing, and automatic invoices.
Some providers may process data outside the EEA. Where required, PEARL APP SRL must use an appropriate transfer mechanism, such as adequacy decisions or standard contractual clauses.
5. Retention
- Account deletion uses soft deletion first.
- Full deletion or anonymization is scheduled for 7 business days after request, subject to legal, security, payment, support, or moderation retention exceptions.
- Operational records are generally retained for 90 days unless a longer period is required for legal, payment, accounting, security, support, moderation, dispute, or fraud-prevention reasons.
- Pearly assistant transcripts and masked unanswered-prompt records are generally retained for 90 days.
- Public content may remain visible until deleted, moderated, anonymized, or removed according to platform rules and legal requirements.
- Payment, invoice, tax, and accounting records are retained according to applicable legal obligations.
- Report, moderation, and audit records are retained as needed for safety, DSA, legal claims, and platform integrity.
- Cookie/consent records and legal acceptance records are retained to prove choices and compliance.
6. Your data protection rights
- Users may ask about access, correction, deletion, restriction, objection, portability, or other privacy rights.
- Use Tickets or office@pearlapp.eu for privacy rights, account data, deletion, export, or privacy follow-up requests.
- Where processing is based on consent, you may withdraw consent without affecting earlier lawful processing.
- You may lodge a complaint with ANSPDCP, the Romanian data protection authority.
7. Security and account control
PEARL APP SRL uses reasonable technical and organizational measures to protect personal data, including access controls, Firebase security rules, session protection, moderation/audit controls, and operational monitoring where applicable.
No online service can guarantee absolute security. Users should protect passwords, devices, and account access and should report suspected unauthorized access through Tickets or office@pearlapp.eu promptly.
8. Cookies, children, and changes
- Strictly necessary storage is used for security and requested platform operation.
- Optional storage categories stay off unless the user accepts or customizes them.
- Cookie consent is separate from Terms and Privacy acknowledgement.
- PEARL App accounts are intended for users aged 16 or older. Date of birth may be used to check this requirement.
- Material privacy changes should be versioned, dated, and communicated through the platform where required.
